Merged in OS175-registration-with-verification-token (pull request #102)
Os175 registration with verification token
This commit is contained in:
Ivan Diaz
commit
8be3fddac5
|
|
@ -14,6 +14,7 @@ include 'user/delete.php';
|
|||
include 'user/ban.php';
|
||||
include 'user/un-ban.php';
|
||||
include 'user/list-ban.php';
|
||||
include 'user/verify.php';
|
||||
|
||||
$userControllers = new ControllerGroup();
|
||||
$userControllers->setGroupPath('/user');
|
||||
|
|
@ -33,4 +34,5 @@ $userControllers->addController(new DeleteUserController);
|
|||
$userControllers->addController(new BanUserController);
|
||||
$userControllers->addController(new UnBanUserController);
|
||||
$userControllers->addController(new ListBanUserController);
|
||||
$userControllers->addController(new VerifyController);
|
||||
$userControllers->finalize();
|
||||
|
|
|
|||
|
|
@ -34,7 +34,8 @@ class GetUserByIdController extends Controller {
|
|||
'name' => $user->name,
|
||||
'email' => $user->email,
|
||||
'signupDate' => $user->signupDate,
|
||||
'tickets' => $tickets->toArray()
|
||||
'tickets' => $tickets->toArray(),
|
||||
'verified' => !$user->verificationToken
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
@ -27,6 +27,14 @@ class LoginController extends Controller {
|
|||
$this->userInstance->store();
|
||||
}
|
||||
|
||||
$email = Controller::request('email');
|
||||
$userRow = User::getDataStore($email, 'email');
|
||||
|
||||
if($userRow->verificationToken !== null) {
|
||||
Response::respondError(ERRORS::UNVERIFIED_USER);
|
||||
return;
|
||||
}
|
||||
|
||||
Response::respondSuccess($this->getUserData());
|
||||
} else {
|
||||
Response::respondError(ERRORS::INVALID_CREDENTIALS);
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ class SignUpController extends Controller {
|
|||
private $userEmail;
|
||||
private $userName;
|
||||
private $userPassword;
|
||||
private $verificationToken;
|
||||
|
||||
public function validations() {
|
||||
return [
|
||||
|
|
@ -64,17 +65,19 @@ class SignUpController extends Controller {
|
|||
$this->userName = Controller::request('name');
|
||||
$this->userEmail = Controller::request('email');
|
||||
$this->userPassword = Controller::request('password');
|
||||
$this->verificationToken = Hashing::generateRandomToken();
|
||||
}
|
||||
|
||||
public function createNewUserAndRetrieveId() {
|
||||
$userInstance = new User();
|
||||
|
||||
|
||||
$userInstance->setProperties([
|
||||
'name' => $this->userName,
|
||||
'signupDate' => Date::getCurrentDate(),
|
||||
'tickets' => 0,
|
||||
'email' => $this->userEmail,
|
||||
'password' => Hashing::hashPassword($this->userPassword)
|
||||
'password' => Hashing::hashPassword($this->userPassword),
|
||||
'verificationToken' => $this->verificationToken
|
||||
]);
|
||||
|
||||
return $userInstance->store();
|
||||
|
|
@ -85,7 +88,8 @@ class SignUpController extends Controller {
|
|||
|
||||
$mailSender->setTemplate(MailTemplate::USER_SIGNUP, [
|
||||
'to' => $this->userEmail,
|
||||
'name' => $this->userName
|
||||
'name' => $this->userName,
|
||||
'verificationToken' => $this->verificationToken
|
||||
]);
|
||||
|
||||
$mailSender->send();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,38 @@
|
|||
<?php
|
||||
use Respect\Validation\Validator as DataValidator;
|
||||
|
||||
class VerifyController extends Controller{
|
||||
const PATH = '/verify';
|
||||
|
||||
public function validations() {
|
||||
return [
|
||||
'permission' => 'any',
|
||||
'requestData' => [
|
||||
'email' => [
|
||||
'validation' => DataValidator::email(),
|
||||
'error' => ERRORS::INVALID_EMAIL
|
||||
]
|
||||
]
|
||||
];
|
||||
}
|
||||
|
||||
public function handler() {
|
||||
$email = Controller::request('email');
|
||||
$token = Controller::request('token');
|
||||
|
||||
$userRow = User::getDataStore($email, 'email');
|
||||
|
||||
if(!$userRow) {
|
||||
Response::respondError(ERRORS::INVALID_EMAIL);
|
||||
return;
|
||||
}
|
||||
if($userRow->verificationToken !== $token) {
|
||||
Response::respondError(ERRORS::INVALID_TOKEN);
|
||||
return;
|
||||
}
|
||||
$userRow->verificationToken = null;
|
||||
$userRow->store();
|
||||
|
||||
Response::respondSuccess();
|
||||
}
|
||||
}
|
||||
|
|
@ -30,4 +30,6 @@ class ERRORS {
|
|||
const ALREADY_A_STAFF = 'ALREADY_A_STAFF';
|
||||
const INVALID_STAFF = 'INVALID_STAFF';
|
||||
const SAME_DEPARTMENT = 'SAME_DEPARTMENT';
|
||||
const INVALID_TOKEN = 'INVALID_TOKEN';
|
||||
const UNVERIFIED_USER = 'UNVERIFIED_USER';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<div>
|
||||
Welcome, {{name}} to our support center,
|
||||
your email is {{to}}
|
||||
your email is {{to}},
|
||||
your token is {{verificationToken}}
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<div>
|
||||
Bienvenido, {{name}} a nuestro centro de soporte,
|
||||
tu email es {{to}}
|
||||
tu email es {{to}},
|
||||
tu codigo de verificacion es {{verificationToken}}
|
||||
</div>
|
||||
|
|
@ -17,7 +17,8 @@ class User extends DataStore {
|
|||
'name',
|
||||
'signupDate',
|
||||
'tickets',
|
||||
'sharedTicketList'
|
||||
'sharedTicketList',
|
||||
'verificationToken'
|
||||
];
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -9,6 +9,11 @@ class Scripts
|
|||
if response['status'] === 'fail'
|
||||
raise 'Could not create user'
|
||||
end
|
||||
userRow = $database.getRow('user', email, 'email')
|
||||
response = request('/user/verify', {
|
||||
:email => email,
|
||||
:token => userRow['verification_token']
|
||||
})
|
||||
end
|
||||
|
||||
def self.login(email = 'steve@jobs.com', password = 'custompassword', staff = false)
|
||||
|
|
|
|||
|
|
@ -12,11 +12,7 @@ describe'system/edit-settings' do
|
|||
"allow-attachments" => 1,
|
||||
"max-size" => 2,
|
||||
"language" => 'es',
|
||||
"no-reply-email" => 'testemail@hotmail.com',
|
||||
"smtp-host" => 'www.opensupports.com',
|
||||
"smtp-port" => 18,
|
||||
"smtp-user" => 'admin',
|
||||
"smtp-pass" => 'pass1234',
|
||||
"no-reply-email" => 'testemail@hotmail.com'
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
|
@ -39,60 +35,6 @@ describe'system/edit-settings' do
|
|||
row = $database.getRow('setting', 'no-reply-email', 'name')
|
||||
(row['value']).should.equal('testemail@hotmail.com')
|
||||
|
||||
row = $database.getRow('setting', 'smtp-host', 'name')
|
||||
(row['value']).should.equal('www.opensupports.com')
|
||||
|
||||
row = $database.getRow('setting', 'smtp-port', 'name')
|
||||
(row['value']).should.equal('18')
|
||||
|
||||
row = $database.getRow('setting', 'smtp-user', 'name')
|
||||
(row['value']).should.equal('admin')
|
||||
|
||||
row = $database.getRow('setting', 'smtp-pass', 'name')
|
||||
(row['value']).should.equal('pass1234')
|
||||
|
||||
request('/user/logout')
|
||||
end
|
||||
it 'should change allowed and supported languages' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result= request('/system/edit-settings', {
|
||||
"csrf_userid" => $csrf_userid,
|
||||
"csrf_token" => $csrf_token,
|
||||
"supportedLanguages" => '["en", "pr", "jp", "ru"]',
|
||||
"allowedLanguages" => '["en","pr", "jp", "ru", "de"]'
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
row = $database.getRow('language', 'en', 'code')
|
||||
(row['supported']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'pr', 'code')
|
||||
(row['supported']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'jp', 'code')
|
||||
(row['supported']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'ru', 'code')
|
||||
(row['supported']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'en', 'code')
|
||||
(row['allowed']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'pr', 'code')
|
||||
(row['allowed']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'jp', 'code')
|
||||
(row['allowed']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'ru', 'code')
|
||||
(row['allowed']).should.equal('1')
|
||||
|
||||
row = $database.getRow('language', 'de', 'code')
|
||||
(row['allowed']).should.equal('1')
|
||||
|
||||
request('/user/logout')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ describe '/user/get-users' do
|
|||
Scripts.createUser('tests@hotmail.com','passdasdasdas','laasdasd')
|
||||
Scripts.createUser('tests2@hotmail.com','passfasfasfsa','laeaefae')
|
||||
Scripts.createUser('tests3@hotmail.com','passfasfasfws','laeczvwaf')
|
||||
|
||||
result = request('/user/login', {
|
||||
email: 'staff@opensupports.com',
|
||||
password: 'staff',
|
||||
|
|
@ -86,4 +87,4 @@ describe '/user/get-users' do
|
|||
(result['data']['users'][3]['name']).should.equal('Cersei Lannister')
|
||||
(result['data']['users'][4]['name']).should.equal('Tyrion Lannister')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ describe '/user/get' do
|
|||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
@ticketNumber = result['data']['ticketNumber']
|
||||
|
||||
it 'should fail if not logged' do
|
||||
|
|
@ -54,4 +55,4 @@ describe '/user/get' do
|
|||
(ticketFromUser['owner']).should.equal(nil)
|
||||
(ticketFromUser['events']).should.equal([])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -8,6 +8,11 @@ describe '/user/signup' do
|
|||
|
||||
userRow = $database.getRow('user', response['data']['userId'])
|
||||
|
||||
request('/user/verify', {
|
||||
:email => 'steve@jobs.com',
|
||||
:token => userRow['verification_token']
|
||||
})
|
||||
|
||||
(userRow['email']).should.equal('steve@jobs.com')
|
||||
(userRow['name']).should.equal('Steve Jobs')
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue