From 817fa66ac4db9522488c1760417ca57cb1b56c20 Mon Sep 17 00:00:00 2001 From: Reed Garmsen Date: Mon, 5 Oct 2015 14:18:05 -0700 Subject: Added better verification when a user changes his or her email --- api/templates/email_change_verify_body.html | 2 +- api/templates/email_change_verify_subject.html | 2 +- api/user.go | 23 +++++++++++++++++++++++ 3 files changed, 25 insertions(+), 2 deletions(-) (limited to 'api') diff --git a/api/templates/email_change_verify_body.html b/api/templates/email_change_verify_body.html index 296a3d968..356f2454c 100644 --- a/api/templates/email_change_verify_body.html +++ b/api/templates/email_change_verify_body.html @@ -1,4 +1,4 @@ -{{define "verify_new_email_body"}} +{{define "email_change_verify_body"}} diff --git a/api/templates/email_change_verify_subject.html b/api/templates/email_change_verify_subject.html index f1cebd710..5e2ac1452 100644 --- a/api/templates/email_change_verify_subject.html +++ b/api/templates/email_change_verify_subject.html @@ -1 +1 @@ -{{define "verify_new_email_subject"}}[{{.ClientProps.SiteName}}] Verify new email address for {{.Props.TeamDisplayName}}{{end}} +{{define "email_change_verify_subject"}}[{{.ClientProps.SiteName}}] Verify new email address for {{.Props.TeamDisplayName}}{{end}} diff --git a/api/user.go b/api/user.go index 2d7dd9ab1..4baf4f81f 100644 --- a/api/user.go +++ b/api/user.go @@ -888,6 +888,10 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } else { team := tresult.Data.(*model.Team) fireAndForgetEmailChangeEmail(rusers[1].Email, team.DisplayName, c.GetTeamURLFromTeam(team), c.GetSiteURL()) + + if utils.Cfg.EmailSettings.RequireEmailVerification { + fireAndForgetEmailChangeVerifyEmail(rusers[0].Id, rusers[0].Email, team.Name, team.DisplayName, c.GetSiteURL(), c.GetTeamURLFromTeam(team)) + } } } @@ -1340,6 +1344,25 @@ func fireAndForgetEmailChangeEmail(email, teamDisplayName, teamURL, siteURL stri }() } +func fireAndForgetEmailChangeVerifyEmail(userId, newUserEmail, teamName, teamDisplayName, siteURL, teamURL string) { + go func() { + + link := fmt.Sprintf("%s/verify_email?uid=%s&hid=%s&teamname=%s&email=%s", siteURL, userId, model.HashPassword(userId), teamName, newUserEmail) + + subjectPage := NewServerTemplatePage("email_change_verify_subject") + subjectPage.Props["SiteURL"] = siteURL + subjectPage.Props["TeamDisplayName"] = teamDisplayName + bodyPage := NewServerTemplatePage("email_change_verify_body") + bodyPage.Props["SiteURL"] = siteURL + bodyPage.Props["TeamDisplayName"] = teamDisplayName + bodyPage.Props["VerifyUrl"] = link + + if err := utils.SendMail(newUserEmail, subjectPage.Render(), bodyPage.Render()); err != nil { + l4g.Error("Failed to send verification email successfully err=%v", err) + } + }() +} + func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) -- cgit v1.2.3-1-g7c22