From 817fa66ac4db9522488c1760417ca57cb1b56c20 Mon Sep 17 00:00:00 2001 From: Reed Garmsen Date: Mon, 5 Oct 2015 14:18:05 -0700 Subject: Added better verification when a user changes his or her email --- api/user.go | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'api/user.go') diff --git a/api/user.go b/api/user.go index 2d7dd9ab1..4baf4f81f 100644 --- a/api/user.go +++ b/api/user.go @@ -888,6 +888,10 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } else { team := tresult.Data.(*model.Team) fireAndForgetEmailChangeEmail(rusers[1].Email, team.DisplayName, c.GetTeamURLFromTeam(team), c.GetSiteURL()) + + if utils.Cfg.EmailSettings.RequireEmailVerification { + fireAndForgetEmailChangeVerifyEmail(rusers[0].Id, rusers[0].Email, team.Name, team.DisplayName, c.GetSiteURL(), c.GetTeamURLFromTeam(team)) + } } } @@ -1340,6 +1344,25 @@ func fireAndForgetEmailChangeEmail(email, teamDisplayName, teamURL, siteURL stri }() } +func fireAndForgetEmailChangeVerifyEmail(userId, newUserEmail, teamName, teamDisplayName, siteURL, teamURL string) { + go func() { + + link := fmt.Sprintf("%s/verify_email?uid=%s&hid=%s&teamname=%s&email=%s", siteURL, userId, model.HashPassword(userId), teamName, newUserEmail) + + subjectPage := NewServerTemplatePage("email_change_verify_subject") + subjectPage.Props["SiteURL"] = siteURL + subjectPage.Props["TeamDisplayName"] = teamDisplayName + bodyPage := NewServerTemplatePage("email_change_verify_body") + bodyPage.Props["SiteURL"] = siteURL + bodyPage.Props["TeamDisplayName"] = teamDisplayName + bodyPage.Props["VerifyUrl"] = link + + if err := utils.SendMail(newUserEmail, subjectPage.Render(), bodyPage.Render()); err != nil { + l4g.Error("Failed to send verification email successfully err=%v", err) + } + }() +} + func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) -- cgit v1.2.3-1-g7c22