external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add support for backup email addresses

Browse source 
Support secondary email addresses that can be used to recover an account
in case access to the primary email address is lost. Reset keys for an
account are always sent to both the primary and the backup email
address.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Lukas Fleischer 2020-01-30 17:15:33 +01:00
parent e5a839bf0b
commit ee2aa9755f
9 changed files with 47 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
aurweb/scripts/notify.py
View file

@ -90,13 +90,17 @@ class Notification:
class ResetKeyNotification(Notification): class ResetKeyNotification(Notification):
def __init__(self, conn, uid): def __init__(self, conn, uid):
cur = conn.execute('SELECT UserName, Email, LangPreference, ' + cur = conn.execute('SELECT UserName, Email, BackupEmail, ' +
'ResetKey FROM Users WHERE ID = ?', [uid]) 'LangPreference, ResetKey ' +
self._username, self._to, self._lang, self._resetkey = cur.fetchone() 'FROM Users WHERE ID = ?', [uid])
self._username, self._to, self._backup, self._lang, self._resetkey = cur.fetchone()
super().__init__() super().__init__()
def get_recipients(self): def get_recipients(self):
return [(self._to, self._lang)] if self._backup:
return [(self._to, self._lang), (self._backup, self._lang)]
else:
return [(self._to, self._lang)]
def get_subject(self, lang): def get_subject(self, lang):
return self._l10n.translate('AUR Password Reset', lang) return self._l10n.translate('AUR Password Reset', lang)

1
schema/aur-schema.sql
View file

@ -23,6 +23,7 @@ CREATE TABLE Users (
Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0, Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0,
Username VARCHAR(32) NOT NULL, Username VARCHAR(32) NOT NULL,
Email VARCHAR(254) NOT NULL, Email VARCHAR(254) NOT NULL,
BackupEmail VARCHAR(254) NULL DEFAULT NULL,
HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0, HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0,
Passwd VARCHAR(255) NOT NULL, Passwd VARCHAR(255) NOT NULL,
Salt CHAR(32) NOT NULL DEFAULT '', Salt CHAR(32) NOT NULL DEFAULT '',

6
upgrading/4.9.0.txt
View file

@ -4,3 +4,9 @@
ALTER TABLE PackageRequests ADD COLUMN ClosedTS BIGINT UNSIGNED NULL DEFAULT NULL; ALTER TABLE PackageRequests ADD COLUMN ClosedTS BIGINT UNSIGNED NULL DEFAULT NULL;
ALTER TABLE PackageRequests ADD COLUMN ClosedUID INTEGER UNSIGNED NULL DEFAULT NULL; ALTER TABLE PackageRequests ADD COLUMN ClosedUID INTEGER UNSIGNED NULL DEFAULT NULL;
---- ----
2. Add a new column to store backup email addresses:
----
ALTER TABLE Users ADD COLUMN BackupEmail VARCHAR(254) NULL DEFAULT NULL;
----

3
web/html/account.php
View file

@ -33,6 +33,7 @@ if ($action == "UpdateAccount") {
in_request("T"), in_request("T"),
in_request("S"), in_request("S"),
in_request("E"), in_request("E"),
in_request("BE"),
in_request("H"), in_request("H"),
in_request("P"), in_request("P"),
in_request("C"), in_request("C"),
@ -97,6 +98,7 @@ if (isset($_COOKIE["AURSID"])) {
$row["AccountTypeID"], $row["AccountTypeID"],
$row["Suspended"], $row["Suspended"],
$row["Email"], $row["Email"],
$row["BackupEmail"],
$row["HideEmail"], $row["HideEmail"],
"", "",
"", "",
@ -159,6 +161,7 @@ if (isset($_COOKIE["AURSID"])) {
in_request("T"), in_request("T"),
in_request("S"), in_request("S"),
in_request("E"), in_request("E"),
in_request("BE"),
in_request("H"), in_request("H"),
in_request("P"), in_request("P"),
in_request("C"), in_request("C"),

2
web/html/login.php
View file

@ -26,7 +26,7 @@ html_header('AUR ' . __("Login"));
<ul class="errorlist"><li><?= $login_error ?></li></ul> <ul class="errorlist"><li><?= $login_error ?></li></ul>
<?php endif; ?> <?php endif; ?>
<p> <p>
<label for="id_username"><?= __('User name or email address') . ':'; ?></label> <label for="id_username"><?= __('User name or primary email address') . ':'; ?></label>
<input id="id_username" type="text" name="user" size="30" maxlength="<?= max(config_get_int('options', 'username_max_len'), 254); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" autofocus="autofocus" /> <input id="id_username" type="text" name="user" size="30" maxlength="<?= max(config_get_int('options', 'username_max_len'), 254); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" autofocus="autofocus" />
</p> </p>
<p> <p>

6
web/html/passreset.php
View file

@ -65,7 +65,7 @@ html_header(__("Password Reset"));
<form action="" method="post"> <form action="" method="post">
<table> <table>
<tr> <tr>
<td><?= __("Confirm your e-mail address:"); ?></td> <td><?= __("Confirm your user name or primary e-mail address:"); ?></td>
<td><input type="text" name="user" size="30" maxlength="64" /></td> <td><input type="text" name="user" size="30" maxlength="64" /></td>
</tr> </tr>
<tr> <tr>
@ -81,14 +81,14 @@ html_header(__("Password Reset"));
<input type="submit" class="button" value="<?= __('Continue') ?>" /> <input type="submit" class="button" value="<?= __('Continue') ?>" />
</form> </form>
<?php else: ?> <?php else: ?>
<p><?= __('If you have forgotten the e-mail address you used to register, please send a message to the %saur-general%s mailing list.', <p><?= __('If you have forgotten the user name and the primary e-mail address you used to register, please send a message to the %saur-general%s mailing list.',
'<a href="https://mailman.archlinux.org/mailman/listinfo/aur-general">', '<a href="https://mailman.archlinux.org/mailman/listinfo/aur-general">',
'</a>'); ?></p> '</a>'); ?></p>
<?php if ($error): ?> <?php if ($error): ?>
<ul class="errorlist"><li><?= $error ?></li></ul> <ul class="errorlist"><li><?= $error ?></li></ul>
<?php endif; ?> <?php endif; ?>
<form action="" method="post"> <form action="" method="post">
<p><?= __("Enter your user name or your e-mail address:"); ?> <p><?= __("Enter your user name or your primary e-mail address:"); ?>
<input type="text" name="user" size="30" maxlength="64" /></p> <input type="text" name="user" size="30" maxlength="64" /></p>
<input type="submit" class="button" value="<?= __('Continue') ?>" /> <input type="submit" class="button" value="<?= __('Continue') ?>" />
</form> </form>

4
web/html/register.php
View file

@ -23,6 +23,7 @@ if (in_request("Action") == "NewAccount") {
1, 1,
0, 0,
in_request("E"), in_request("E"),
in_request("BE"),
in_request("H"), in_request("H"),
'', '',
'', '',
@ -52,6 +53,7 @@ if (in_request("Action") == "NewAccount") {
1, 1,
0, 0,
in_request("E"), in_request("E"),
in_request("BE"),
in_request("H"), in_request("H"),
'', '',
'', '',
@ -75,7 +77,7 @@ if (in_request("Action") == "NewAccount") {
} }
} else { } else {
print '<p>' . __("Use this form to create an account.") . '</p>'; print '<p>' . __("Use this form to create an account.") . '</p>';
display_account_form("NewAccount", "", "", "", "", "", "", "", "", $LANG); display_account_form("NewAccount", "", "", "", "", "", "", "", "", "", $LANG);
} }
echo '</div>'; echo '</div>';

15
web/lib/acctfuncs.inc.php
View file

@ -46,6 +46,7 @@ function html_format_pgp_fingerprint($fingerprint) {
* @param string $T The account type of the displayed user * @param string $T The account type of the displayed user
* @param string $S Whether the displayed user has a suspended account * @param string $S Whether the displayed user has a suspended account
* @param string $E The e-mail address of the displayed user * @param string $E The e-mail address of the displayed user
* @param string $BE The backup e-mail address of the displayed user
* @param string $H Whether the e-mail address of the displayed user is hidden * @param string $H Whether the e-mail address of the displayed user is hidden
* @param string $P The password value of the displayed user * @param string $P The password value of the displayed user
* @param string $C The confirmed password value of the displayed user * @param string $C The confirmed password value of the displayed user
@ -67,7 +68,7 @@ function html_format_pgp_fingerprint($fingerprint) {
* *
* @return void * @return void
*/ */
function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="", function display_account_form($A,$U="",$T="",$S="",$E="",$BE="",$H="",$P="",$C="",$R="",
$L="",$TZ="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="",$captcha_salt="",$captcha="") { $L="",$TZ="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="",$captcha_salt="",$captcha="") {
global $SUPPORTED_LANGS; global $SUPPORTED_LANGS;
@ -95,6 +96,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R=""
* @param string $T The account type for the user * @param string $T The account type for the user
* @param string $S Whether or not the account is suspended * @param string $S Whether or not the account is suspended
* @param string $E The e-mail address for the user * @param string $E The e-mail address for the user
* @param string $BE The backup e-mail address for the user
* @param string $H Whether or not the e-mail address should be hidden * @param string $H Whether or not the e-mail address should be hidden
* @param string $P The password for the user * @param string $P The password for the user
* @param string $C The confirmed password for the user * @param string $C The confirmed password for the user
@ -117,7 +119,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R=""
* *
* @return array Boolean indicating success and message to be printed * @return array Boolean indicating success and message to be printed
*/ */
function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="", function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$BE="",$H="",$P="",$C="",
$R="",$L="",$TZ="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="",$passwd="",$captcha_salt="",$captcha="") { $R="",$L="",$TZ="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="",$passwd="",$captcha_salt="",$captcha="") {
global $SUPPORTED_LANGS; global $SUPPORTED_LANGS;
@ -175,6 +177,9 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C=""
if (!$error && !valid_email($E)) { if (!$error && !valid_email($E)) {
$error = __("The email address is invalid."); $error = __("The email address is invalid.");
} }
if (!$error && $BE && !valid_email($BE)) {
$error = __("The backup email address is invalid.");
}
if (!$error && !empty($HP) && !valid_homepage($HP)) { if (!$error && !empty($HP) && !valid_homepage($HP)) {
$error = __("The home page is invalid, please specify the full HTTP(s) URL."); $error = __("The home page is invalid, please specify the full HTTP(s) URL.");
@ -311,6 +316,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C=""
} }
$U = $dbh->quote($U); $U = $dbh->quote($U);
$E = $dbh->quote($E); $E = $dbh->quote($E);
$BE = $dbh->quote($BE);
$P = $dbh->quote($P); $P = $dbh->quote($P);
$R = $dbh->quote($R); $R = $dbh->quote($R);
$L = $dbh->quote($L); $L = $dbh->quote($L);
@ -319,9 +325,9 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C=""
$I = $dbh->quote($I); $I = $dbh->quote($I);
$K = $dbh->quote(str_replace(" ", "", $K)); $K = $dbh->quote(str_replace(" ", "", $K));
$q = "INSERT INTO Users (AccountTypeID, Suspended, "; $q = "INSERT INTO Users (AccountTypeID, Suspended, ";
$q.= "InactivityTS, Username, Email, Passwd , "; $q.= "InactivityTS, Username, Email, BackupEmail, Passwd , ";
$q.= "RealName, LangPreference, Timezone, Homepage, IRCNick, PGPKey) "; $q.= "RealName, LangPreference, Timezone, Homepage, IRCNick, PGPKey) ";
$q.= "VALUES (1, 0, 0, $U, $E, $P, $R, $L, $TZ, "; $q.= "VALUES (1, 0, 0, $U, $E, $BE, $P, $R, $L, $TZ, ";
$q.= "$HP, $I, $K)"; $q.= "$HP, $I, $K)";
$result = $dbh->exec($q); $result = $dbh->exec($q);
if (!$result) { if (!$result) {
@ -374,6 +380,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C=""
$q.= ", Suspended = 0"; $q.= ", Suspended = 0";
} }
$q.= ", Email = " . $dbh->quote($E); $q.= ", Email = " . $dbh->quote($E);
$q.= ", BackupEmail = " . $dbh->quote($BE);
if ($H) { if ($H) {
$q.= ", HideEmail = 1"; $q.= ", HideEmail = 1";
} else { } else {

12
web/template/account_edit_form.php
View file

@ -76,11 +76,21 @@
<label for="id_email"><?= __("Email Address") ?>:</label> <label for="id_email"><?= __("Email Address") ?>:</label>
<input type="text" size="30" maxlength="254" name="E" id="id_email" value="<?= htmlspecialchars($E,ENT_QUOTES) ?>" /> (<?= __("required") ?>) <input type="text" size="30" maxlength="254" name="E" id="id_email" value="<?= htmlspecialchars($E,ENT_QUOTES) ?>" /> (<?= __("required") ?>)
</p> </p>
<p> <p>
<em><?= __("Please ensure you correctly entered your email address, otherwise you will be locked out.") ?></em> <em><?= __("Please ensure you correctly entered your email address, otherwise you will be locked out.") ?></em>
</p> </p>
<p>
<label for="id_backup_email"><?= __("Backup Email Address") ?>:</label>
<input type="text" size="30" maxlength="254" name="BE" id="id_backup_email" value="<?= htmlspecialchars($BE, ENT_QUOTES) ?>" />
</p>
<p>
<em>
<?= __("Optionally provide a secondary email address that can be used to restore your account in case you lose access to your primary email address.") ?>
<?= __("Password reset links are always sent to both your primary and your backup email address.") ?>
</em>
</p>
<p> <p>
<label for="id_hide"><?= __("Hide Email Address") ?>:</label> <label for="id_hide"><?= __("Hide Email Address") ?>:</label>
<input type="checkbox" name="H" id="id_hide" <?= $H ? 'checked="checked"' : '' ?> /> <input type="checkbox" name="H" id="id_hide" <?= $H ? 'checked="checked"' : '' ?> />