Email: Rename Confirmations to Verifications, fix var names and codestyle

This commit is contained in:
veselcraft 2022-01-31 15:35:35 +03:00
parent 1df0545061
commit bd8e5318b6
No known key found for this signature in database
GPG key ID: AED66BC1AC628A4E
3 changed files with 21 additions and 22 deletions

View file

@ -5,15 +5,15 @@ use openvk\Web\Models\Entities\EmailVerification;
use openvk\Web\Models\Entities\User;
use Nette\Database\Table\ActiveRow;
class Confirmations
class Verifications
{
private $context;
private $confirmations;
private $verifications;
function __construct()
{
$this->context = DatabaseConnection::i()->getContext();
$this->confirmations = $this->context->table("email_verifications");
$this->verifications = $this->context->table("email_verifications");
}
function toEmailVerification(?ActiveRow $ar): ?EmailVerification
@ -23,11 +23,11 @@ class Confirmations
function getByToken(string $token): ?EmailVerification
{
return $this->toEmailVerification($this->confirmations->where("key", $token)->fetch());
return $this->toEmailVerification($this->verifications->where("key", $token)->fetch());
}
function getLatestByUser(User $user): ?EmailVerification
{
return $this->toEmailVerification($this->confirmations->where("profile", $user->getId())->order("timestamp DESC")->fetch());
return $this->toEmailVerification($this->verifications->where("profile", $user->getId())->order("timestamp DESC")->fetch());
}
}

View file

@ -7,7 +7,7 @@ use openvk\Web\Models\Entities\EmailVerification;
use openvk\Web\Models\Repositories\IPs;
use openvk\Web\Models\Repositories\Users;
use openvk\Web\Models\Repositories\Restores;
use openvk\Web\Models\Repositories\Confirmations;
use openvk\Web\Models\Repositories\Verifications;
use openvk\Web\Util\Validator;
use Chandler\Session\Session;
use Chandler\Security\User as ChandlerUser;
@ -24,16 +24,16 @@ final class AuthPresenter extends OpenVKPresenter
private $db;
private $users;
private $restores;
private $confirmations;
private $verifications;
function __construct(Users $users, Restores $restores, Confirmations $confirmations)
function __construct(Users $users, Restores $restores, Verifications $verifications)
{
$this->authenticator = Authenticator::i();
$this->db = DatabaseConnection::i()->getContext();
$this->users = $users;
$this->restores = $restores;
$this->confirmations = $confirmations;
$this->verifications = $verifications;
parent::__construct();
}
@ -110,12 +110,12 @@ final class AuthPresenter extends OpenVKPresenter
}
if (OPENVK_ROOT_CONF['openvk']['preferences']['security']['requireEmail']) {
$verifObj = new EmailVerification;
$verifObj->setProfile($user->getId());
$verifObj->save();
$verification = new EmailVerification;
$verification->setProfile($user->getId());
$verification->save();
$params = [
"key" => $verifObj->getKey(),
"key" => $verification->getKey(),
"name" => $user->getCanonicalName(),
];
$this->sendmail($user->getEmail(), "verify-email", $params); #Vulnerability possible
@ -282,16 +282,16 @@ final class AuthPresenter extends OpenVKPresenter
if(!$user || $user->isDeleted() || $user->isActivated())
$this->flashFail("err", tr("error"), tr("email_error"));
$request = $this->confirmations->getLatestByUser($user);
$request = $this->verifications->getLatestByUser($user);
if(!is_null($request) && $request->isNew())
$this->flashFail("err", tr("forbidden"), tr("email_rate_limit_error"));
$verifObj = new EmailVerification;
$verifObj->setProfile($user->getId());
$verifObj->save();
$verification = new EmailVerification;
$verification->setProfile($user->getId());
$verification->save();
$params = [
"key" => $verifObj->getKey(),
"key" => $verification->getKey(),
"name" => $user->getCanonicalName(),
];
$this->sendmail($user->getEmail(), "verify-email", $params); #Vulnerability possible
@ -302,11 +302,10 @@ final class AuthPresenter extends OpenVKPresenter
function renderVerifyEmail(): void
{
$request = $this->confirmations->getByToken(str_replace(" ", "+", $this->queryParam("key")));
$request = $this->verifications->getByToken(str_replace(" ", "+", $this->queryParam("key")));
if(!$request || !$request->isStillValid()) {
$this->flash("err", tr("token_manipulation_error"), tr("token_manipulation_error_comment"));
$this->redirect("/");
return;
} else {
$user = $request->getUser();
$user->setActivated(1);

View file

@ -32,7 +32,7 @@ services:
- openvk\Web\Models\Repositories\Tickets
- openvk\Web\Models\Repositories\Messages
- openvk\Web\Models\Repositories\Restores
- openvk\Web\Models\Repositories\Confirmations
- openvk\Web\Models\Repositories\Verifications
- openvk\Web\Models\Repositories\Notifications
- openvk\Web\Models\Repositories\TicketComments
- openvk\Web\Models\Repositories\IPs