On user registration: email address verification and sending activation email.

This commit is contained in:
Philippe PITTOLI 2020-01-27 13:16:16 +01:00
parent 70eeadba56
commit 10472d5c0d
3 changed files with 42 additions and 16 deletions

View File

@ -12,9 +12,11 @@ targets:
authd:
main: src/main.cr
crystal: 0.27
crystal: 0.31
dependencies:
grok:
github: spinscale/grok.cr
passwd:
git: https://git.karchnu.fr/WeirdOS/passwd.cr
branch: master

View File

@ -417,9 +417,13 @@ module AuthD
end
end
def register(login : String, password : String, profile : JSON::Any?) : ::AuthD::User::Public?
send Request::Register.new login, password, profile
def register(login : String,
password : String,
email : String?,
phone : String?,
profile : JSON::Any?) : ::AuthD::User::Public?
send Request::Register.new login, password, email, phone, profile
response = Response.from_ipc read
case response

View File

@ -6,6 +6,8 @@ require "jwt"
require "ipc"
require "dodb"
require "grok"
require "./authd.cr"
extend AuthD
@ -62,6 +64,8 @@ class AuthD::Service
Response::Token.new token.to_s @jwt_key
when Request::AddUser
# No verification of the users' informations when an admin adds it.
# No mail address verification.
if request.shared_key != @jwt_key
return Response::Error.new "invalid authentication key"
end
@ -79,7 +83,7 @@ class AuthD::Service
uid = new_uid
user = User.new uid, request.login, password_hash
user.contact.email = request.email
user.contact.email = request.email unless request.email.nil?
user.contact.phone = request.phone unless request.phone.nil?
request.profile.try do |profile|
@ -88,18 +92,6 @@ class AuthD::Service
@users << user
# Once the user is created and stored, we try to contact him
# TODO: send a mail
unless Process.run("activation-mailer", [
"-l", user.login,
"-e", user.contact.email.not_nil!,
"-t", "Activation email",
"-f", "karchnu@localhost",
"-a", user.contact.activation_key.not_nil!
]).success?
return Response::Error.new "cannot contact the user"
end
Response::UserAdded.new user.to_public
when Request::ValidateUser
if request.shared_key != @jwt_key
@ -178,10 +170,27 @@ class AuthD::Service
return Response::Error.new "login already used"
end
if @require_email && request.email.nil?
return Response::Error.new "email required"
end
if ! request.email.nil?
# Test on the email address format.
grok = Grok.new [ "%{EMAILADDRESS:email}" ]
result = grok.parse request.email.not_nil!
email = result["email"]?
if email.nil?
return Response::Error.new "invalid email format"
end
end
uid = new_uid
password = hash_password request.password
user = User.new uid, request.login, password
user.contact.email = request.email unless request.email.nil?
user.contact.phone = request.phone unless request.phone.nil?
request.profile.try do |profile|
user.profile = profile
@ -189,6 +198,17 @@ class AuthD::Service
@users << user
# Once the user is created and stored, we try to contact him
unless Process.run("activation-mailer", [
"-l", user.login,
"-e", user.contact.email.not_nil!,
"-t", "Activation email",
"-f", "karchnu@localhost",
"-a", user.contact.activation_key.not_nil!
]).success?
return Response::Error.new "cannot contact the user (but still registered)"
end
Response::UserAdded.new user.to_public
when Request::UpdatePassword
user = @users_per_login.get? request.login