diff options
| author | Christopher Speller <crspeller@gmail.com> | 2015-10-08 09:56:00 -0400 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2015-10-08 09:56:00 -0400 |
| commit | 7571d21f3200738199981c21b9466e0028d4fcbb (patch) | |
| tree | 0341429b34bb249e52092e4196b451167e2e324c /api/user.go | |
| parent | 2ebcb3f69dd9db52cdea476f0e543eaed3420efd (diff) | |
| parent | c84fe62ca199485dccefc37e00ca2bef45d47c6d (diff) | |
| download | chat-7571d21f3200738199981c21b9466e0028d4fcbb.tar.gz chat-7571d21f3200738199981c21b9466e0028d4fcbb.tar.bz2 chat-7571d21f3200738199981c21b9466e0028d4fcbb.zip | |
Merge pull request #931 from rgarmsen2295/plt-112
PLT-112 Improves email change verification process
Diffstat (limited to 'api/user.go')
| -rw-r--r-- | api/user.go | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/api/user.go b/api/user.go index 78f8768a4..34cbec151 100644 --- a/api/user.go +++ b/api/user.go @@ -887,7 +887,11 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { l4g.Error(tresult.Err.Message) } else { team := tresult.Data.(*model.Team) - fireAndForgetEmailChangeEmail(rusers[1].Email, team.DisplayName, c.GetTeamURLFromTeam(team), c.GetSiteURL()) + fireAndForgetEmailChangeEmail(rusers[1].Email, rusers[0].Email, team.DisplayName, c.GetTeamURLFromTeam(team), c.GetSiteURL()) + + if utils.Cfg.EmailSettings.RequireEmailVerification { + FireAndForgetEmailChangeVerifyEmail(rusers[0].Id, rusers[0].Email, team.Name, team.DisplayName, c.GetSiteURL(), c.GetTeamURLFromTeam(team)) + } } } @@ -1328,7 +1332,7 @@ func fireAndForgetPasswordChangeEmail(email, teamDisplayName, teamURL, siteURL, }() } -func fireAndForgetEmailChangeEmail(email, teamDisplayName, teamURL, siteURL string) { +func fireAndForgetEmailChangeEmail(oldEmail, newEmail, teamDisplayName, teamURL, siteURL string) { go func() { subjectPage := NewServerTemplatePage("email_change_subject") @@ -1338,14 +1342,34 @@ func fireAndForgetEmailChangeEmail(email, teamDisplayName, teamURL, siteURL stri bodyPage.Props["SiteURL"] = siteURL bodyPage.Props["TeamDisplayName"] = teamDisplayName bodyPage.Props["TeamURL"] = teamURL + bodyPage.Props["NewEmail"] = newEmail - if err := utils.SendMail(email, subjectPage.Render(), bodyPage.Render()); err != nil { - l4g.Error("Failed to send update password email successfully err=%v", err) + if err := utils.SendMail(oldEmail, subjectPage.Render(), bodyPage.Render()); err != nil { + l4g.Error("Failed to send email change notification email successfully err=%v", err) } }() } +func FireAndForgetEmailChangeVerifyEmail(userId, newUserEmail, teamName, teamDisplayName, siteURL, teamURL string) { + go func() { + + link := fmt.Sprintf("%s/verify_email?uid=%s&hid=%s&teamname=%s&email=%s", siteURL, userId, model.HashPassword(userId), teamName, newUserEmail) + + subjectPage := NewServerTemplatePage("email_change_verify_subject") + subjectPage.Props["SiteURL"] = siteURL + subjectPage.Props["TeamDisplayName"] = teamDisplayName + bodyPage := NewServerTemplatePage("email_change_verify_body") + bodyPage.Props["SiteURL"] = siteURL + bodyPage.Props["TeamDisplayName"] = teamDisplayName + bodyPage.Props["VerifyUrl"] = link + + if err := utils.SendMail(newUserEmail, subjectPage.Render(), bodyPage.Render()); err != nil { + l4g.Error("Failed to send email change verification email successfully err=%v", err) + } + }() +} + func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) |