mirror of
https://github.com/openvk/openvk
synced 2025-01-10 18:10:03 +03:00
Email: Rename Confirmations to Verifications, fix var names and codestyle
This commit is contained in:
parent
1df0545061
commit
bd8e5318b6
3 changed files with 21 additions and 22 deletions
|
@ -5,15 +5,15 @@ use openvk\Web\Models\Entities\EmailVerification;
|
||||||
use openvk\Web\Models\Entities\User;
|
use openvk\Web\Models\Entities\User;
|
||||||
use Nette\Database\Table\ActiveRow;
|
use Nette\Database\Table\ActiveRow;
|
||||||
|
|
||||||
class Confirmations
|
class Verifications
|
||||||
{
|
{
|
||||||
private $context;
|
private $context;
|
||||||
private $confirmations;
|
private $verifications;
|
||||||
|
|
||||||
function __construct()
|
function __construct()
|
||||||
{
|
{
|
||||||
$this->context = DatabaseConnection::i()->getContext();
|
$this->context = DatabaseConnection::i()->getContext();
|
||||||
$this->confirmations = $this->context->table("email_verifications");
|
$this->verifications = $this->context->table("email_verifications");
|
||||||
}
|
}
|
||||||
|
|
||||||
function toEmailVerification(?ActiveRow $ar): ?EmailVerification
|
function toEmailVerification(?ActiveRow $ar): ?EmailVerification
|
||||||
|
@ -23,11 +23,11 @@ class Confirmations
|
||||||
|
|
||||||
function getByToken(string $token): ?EmailVerification
|
function getByToken(string $token): ?EmailVerification
|
||||||
{
|
{
|
||||||
return $this->toEmailVerification($this->confirmations->where("key", $token)->fetch());
|
return $this->toEmailVerification($this->verifications->where("key", $token)->fetch());
|
||||||
}
|
}
|
||||||
|
|
||||||
function getLatestByUser(User $user): ?EmailVerification
|
function getLatestByUser(User $user): ?EmailVerification
|
||||||
{
|
{
|
||||||
return $this->toEmailVerification($this->confirmations->where("profile", $user->getId())->order("timestamp DESC")->fetch());
|
return $this->toEmailVerification($this->verifications->where("profile", $user->getId())->order("timestamp DESC")->fetch());
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -7,7 +7,7 @@ use openvk\Web\Models\Entities\EmailVerification;
|
||||||
use openvk\Web\Models\Repositories\IPs;
|
use openvk\Web\Models\Repositories\IPs;
|
||||||
use openvk\Web\Models\Repositories\Users;
|
use openvk\Web\Models\Repositories\Users;
|
||||||
use openvk\Web\Models\Repositories\Restores;
|
use openvk\Web\Models\Repositories\Restores;
|
||||||
use openvk\Web\Models\Repositories\Confirmations;
|
use openvk\Web\Models\Repositories\Verifications;
|
||||||
use openvk\Web\Util\Validator;
|
use openvk\Web\Util\Validator;
|
||||||
use Chandler\Session\Session;
|
use Chandler\Session\Session;
|
||||||
use Chandler\Security\User as ChandlerUser;
|
use Chandler\Security\User as ChandlerUser;
|
||||||
|
@ -24,16 +24,16 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
private $db;
|
private $db;
|
||||||
private $users;
|
private $users;
|
||||||
private $restores;
|
private $restores;
|
||||||
private $confirmations;
|
private $verifications;
|
||||||
|
|
||||||
function __construct(Users $users, Restores $restores, Confirmations $confirmations)
|
function __construct(Users $users, Restores $restores, Verifications $verifications)
|
||||||
{
|
{
|
||||||
$this->authenticator = Authenticator::i();
|
$this->authenticator = Authenticator::i();
|
||||||
$this->db = DatabaseConnection::i()->getContext();
|
$this->db = DatabaseConnection::i()->getContext();
|
||||||
|
|
||||||
$this->users = $users;
|
$this->users = $users;
|
||||||
$this->restores = $restores;
|
$this->restores = $restores;
|
||||||
$this->confirmations = $confirmations;
|
$this->verifications = $verifications;
|
||||||
|
|
||||||
parent::__construct();
|
parent::__construct();
|
||||||
}
|
}
|
||||||
|
@ -110,12 +110,12 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
}
|
}
|
||||||
|
|
||||||
if (OPENVK_ROOT_CONF['openvk']['preferences']['security']['requireEmail']) {
|
if (OPENVK_ROOT_CONF['openvk']['preferences']['security']['requireEmail']) {
|
||||||
$verifObj = new EmailVerification;
|
$verification = new EmailVerification;
|
||||||
$verifObj->setProfile($user->getId());
|
$verification->setProfile($user->getId());
|
||||||
$verifObj->save();
|
$verification->save();
|
||||||
|
|
||||||
$params = [
|
$params = [
|
||||||
"key" => $verifObj->getKey(),
|
"key" => $verification->getKey(),
|
||||||
"name" => $user->getCanonicalName(),
|
"name" => $user->getCanonicalName(),
|
||||||
];
|
];
|
||||||
$this->sendmail($user->getEmail(), "verify-email", $params); #Vulnerability possible
|
$this->sendmail($user->getEmail(), "verify-email", $params); #Vulnerability possible
|
||||||
|
@ -282,16 +282,16 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
if(!$user || $user->isDeleted() || $user->isActivated())
|
if(!$user || $user->isDeleted() || $user->isActivated())
|
||||||
$this->flashFail("err", tr("error"), tr("email_error"));
|
$this->flashFail("err", tr("error"), tr("email_error"));
|
||||||
|
|
||||||
$request = $this->confirmations->getLatestByUser($user);
|
$request = $this->verifications->getLatestByUser($user);
|
||||||
if(!is_null($request) && $request->isNew())
|
if(!is_null($request) && $request->isNew())
|
||||||
$this->flashFail("err", tr("forbidden"), tr("email_rate_limit_error"));
|
$this->flashFail("err", tr("forbidden"), tr("email_rate_limit_error"));
|
||||||
|
|
||||||
$verifObj = new EmailVerification;
|
$verification = new EmailVerification;
|
||||||
$verifObj->setProfile($user->getId());
|
$verification->setProfile($user->getId());
|
||||||
$verifObj->save();
|
$verification->save();
|
||||||
|
|
||||||
$params = [
|
$params = [
|
||||||
"key" => $verifObj->getKey(),
|
"key" => $verification->getKey(),
|
||||||
"name" => $user->getCanonicalName(),
|
"name" => $user->getCanonicalName(),
|
||||||
];
|
];
|
||||||
$this->sendmail($user->getEmail(), "verify-email", $params); #Vulnerability possible
|
$this->sendmail($user->getEmail(), "verify-email", $params); #Vulnerability possible
|
||||||
|
@ -302,12 +302,11 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
|
|
||||||
function renderVerifyEmail(): void
|
function renderVerifyEmail(): void
|
||||||
{
|
{
|
||||||
$request = $this->confirmations->getByToken(str_replace(" ", "+", $this->queryParam("key")));
|
$request = $this->verifications->getByToken(str_replace(" ", "+", $this->queryParam("key")));
|
||||||
if(!$request || !$request->isStillValid()) {
|
if(!$request || !$request->isStillValid()) {
|
||||||
$this->flash("err", tr("token_manipulation_error"), tr("token_manipulation_error_comment"));
|
$this->flash("err", tr("token_manipulation_error"), tr("token_manipulation_error_comment"));
|
||||||
$this->redirect("/");
|
$this->redirect("/");
|
||||||
return;
|
} else {
|
||||||
}else{
|
|
||||||
$user = $request->getUser();
|
$user = $request->getUser();
|
||||||
$user->setActivated(1);
|
$user->setActivated(1);
|
||||||
$user->save();
|
$user->save();
|
||||||
|
|
|
@ -32,7 +32,7 @@ services:
|
||||||
- openvk\Web\Models\Repositories\Tickets
|
- openvk\Web\Models\Repositories\Tickets
|
||||||
- openvk\Web\Models\Repositories\Messages
|
- openvk\Web\Models\Repositories\Messages
|
||||||
- openvk\Web\Models\Repositories\Restores
|
- openvk\Web\Models\Repositories\Restores
|
||||||
- openvk\Web\Models\Repositories\Confirmations
|
- openvk\Web\Models\Repositories\Verifications
|
||||||
- openvk\Web\Models\Repositories\Notifications
|
- openvk\Web\Models\Repositories\Notifications
|
||||||
- openvk\Web\Models\Repositories\TicketComments
|
- openvk\Web\Models\Repositories\TicketComments
|
||||||
- openvk\Web\Models\Repositories\IPs
|
- openvk\Web\Models\Repositories\IPs
|
||||||
|
|
Loading…
Reference in a new issue