From 56ae674c9cb36d903145d1d099c76a86b48980f8 Mon Sep 17 00:00:00 2001 From: Krombel Date: Sat, 3 Mar 2018 11:45:57 +0100 Subject: [PATCH 1/3] add HowToInstall to README; add folder internal --- README.md | 15 +++++++++++++++ {public => internal}/login.php | 0 2 files changed, 15 insertions(+) rename {public => internal}/login.php (100%) diff --git a/README.md b/README.md index 65b3e54..b613d0f 100644 --- a/README.md +++ b/README.md @@ -13,3 +13,18 @@ This is done in several steps: - provides that credentials to [matrix-synapse-rest-auth](https://github.com/kamax-io/matrix-synapse-rest-auth#integrate) which has to be configured to query login.php 2nd step: Implement the other apis to integrade [mxisd](https://github.com/kamax-io/mxisd/blob/master/docs/backends/rest.md) + +## How to install + +- Copy `config.sample.php` to `config.php` and configure the bot as you can find there +- Configure your webserver to publish the folder `public` and configure. + The folder `internal` contains files that can be accessed by mxisd or matrix-synapse-rest-auth +- To integrate with matrix-synapse-rest-auth: + - `/_matrix-internal/identity/v1/check_credentials` should map to `internal/login.php` +- To integrate with mxisd: Have a look at [the docs](https://github.com/kamax-io/mxisd/blob/master/docs/backends/rest.md) and apply as follows: +| Key | file which handles that | Description | +|--------------------------------|-------------------------|------------------------------------------------------| +| rest.endpoints.auth | internal/login.php | Validate credentials and get user profile | +| rest.endpoints.directory | to follow | Search for users by arbitrary input | +| rest.endpoints.identity.single | to follow | Endpoint to query a single 3PID | +| rest.endpoints.identity.bulk | to follow | Endpoint to query a list of 3PID | diff --git a/public/login.php b/internal/login.php similarity index 100% rename from public/login.php rename to internal/login.php From 78ae932d85a003d41d838d8f95d71858ea77b146 Mon Sep 17 00:00:00 2001 From: Krombel Date: Sat, 3 Mar 2018 12:16:58 +0100 Subject: [PATCH 2/3] mv register.php index.php --- public/{register.php => index.php} | 6 +++--- public/verify.php | 4 ++-- public/verify_admin.php | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) rename public/{register.php => index.php} (96%) diff --git a/public/register.php b/public/index.php similarity index 96% rename from public/register.php rename to public/index.php index eda0435..5da06d1 100644 --- a/public/register.php +++ b/public/index.php @@ -76,13 +76,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { print(""); print("

Erfolgreich

"); print("

Bitte überprüfe deine E-Mails um deine E-Mail-Adresse zu bestätigen.

"); - print("Zur Registrierungsseite"); + print("Zur Registrierungsseite"); } catch (Exception $e) { print("" . $language["REGISTRATION_REQUEST_FAILED"] . ""); print(""); print("

" . $language["REGISTRATION_REQUEST_FAILED"] . "

"); print("

" . $e->getMessage() . "

"); - print("Zur Registrierungsseite"); + print("Zur Registrierungsseite"); } } else { $_SESSION["token"] = bin2hex(random_bytes(16)); @@ -114,7 +114,7 @@ body{

Bitte für registrieren2-Schritt-Registrierung

-
+
diff --git a/public/verify.php b/public/verify.php index b00a7cc..6dac9fd 100644 --- a/public/verify.php +++ b/public/verify.php @@ -64,13 +64,13 @@ try { print(""); print("

" . $language["VERIFICATION_SUCEEDED"] . "

"); print("

" . $language["VERIFICATION_SUCCESS_BODY"] . "

"); - print("Zur Registrierungsseite"); + print("Zur Registrierungsseite"); } catch (Exception $e) { print("" . $language["VERIFICATION_FAILED"] . ""); print(""); print("

" . $language["VERIFICATION_FAILED"] . "

"); print("

" . $e->getMessage() . "

"); - print("Zur Registrierungsseite"); + print("Zur Registrierungsseite"); } ?> diff --git a/public/verify_admin.php b/public/verify_admin.php index eadec3a..c62fa6d 100644 --- a/public/verify_admin.php +++ b/public/verify_admin.php @@ -161,7 +161,7 @@ background: rgba(255, 255, 255, 0.8); print(""); print("

" . $language["REGISTRATION_FAILED"] . "

"); print("

" . $e->getMessage() . "

"); - print("Zur Registrierungsseite"); + print("Zur Registrierungsseite"); } ?> From 9d2af26681de3f3f48cfff38c16545c7bb95e369 Mon Sep 17 00:00:00 2001 From: Krombel Date: Sat, 3 Mar 2018 12:49:12 +0100 Subject: [PATCH 3/3] fixes --- cron.php | 4 ++-- database.php | 16 ++++++++-------- public/verify_admin.php | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/cron.php b/cron.php index 384ce0f..d0eb444 100644 --- a/cron.php +++ b/cron.php @@ -25,7 +25,7 @@ foreach ($mx_db->query($sql) as $row) { $homeserver, $row["first_name"] . " " . $row["last_name"], $row["email"], - $row["verify_url"]); + $verify_url); if ($success) { $mx_db->setRegistrationStateById(RegisterState::PendingEmailVerify, $row["id"]); @@ -58,7 +58,7 @@ foreach ($mx_db->query($sql) as $row) { case RegisterState::PendingRegistration: // Registration got accepted but registration failed - $password = addUser($row["first_name"], $row["last_name"], $row["username"], $row["email"]); + $password = $mx_db->addUser($row["first_name"], $row["last_name"], $row["username"], $row["email"]); if ($password != NULL) { // send registration_success $res = send_mail_registration_success($homeserver, $first_name . " " . $last_name, $email, $username, $password, $howToURL); diff --git a/database.php b/database.php index 3181328..c568b2a 100644 --- a/database.php +++ b/database.php @@ -116,7 +116,7 @@ class mxDatabase function userPendingRegistrations($username) { $sql = "SELECT COUNT(*) FROM registrations WHERE username = '" . $username . "' AND NOT state = " . RegisterState::RegistrationDeclined . " LIMIT 1;"; - $res = $db->query($sql); + $res = $this->db->query($sql); if ($res->fetchColumn() > 0) { return true; } @@ -143,7 +143,7 @@ class mxDatabase * @return ["verify_token"] */ function addRegistration($first_name, $last_name, $username, $note, $email) { - if ($this->userPendingRegistrations()) { + if ($this->userPendingRegistrations($username)) { require_once "language.php"; throw new Exception($language["USERNAME_PENDING_REGISTRATION"]); } @@ -155,7 +155,7 @@ class mxDatabase $verify_token = bin2hex(random_bytes(16)); $admin_token = bin2hex(random_bytes(16)); - $db->exec('INSERT INTO registrations + $this->db->exec('INSERT INTO registrations (first_name, last_name, username, note, email, verify_token, admin_token) VALUES ("' . $first_name.'","' . $last_name . '","' . $username . '","' . $note . '","' . $email.'","' .$verify_token.'","' .$admin_token.'")'); @@ -174,7 +174,7 @@ class mxDatabase function getUserForApproval($admin_token) { $sql = "SELECT COUNT(*) FROM registrations WHERE admin_token = '" . $admin_token . "'" . " AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;"; - $res = $db->query($sql); + $res = $this->db->query($sql); $first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL; if ($res->fetchColumn() > 0) { @@ -199,14 +199,14 @@ class mxDatabase function getUserForVerify($verify_token) { $sql = "SELECT COUNT(*) FROM registrations WHERE verify_token = '" . $verify_token . "'" . " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;"; - $res = $db->query($sql); + $res = $this->db->query($sql); $first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL; if ($res->fetchColumn() > 0) { $sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations " - . " WHERE verify_token = '" . $token . "'" + . " WHERE verify_token = '" . $verify_token . "'" . " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;"; - foreach ($db->query($sql) as $row) { + foreach ($this->db->query($sql) as $row) { // will only be executed once return $row; } @@ -249,7 +249,7 @@ class mxDatabase function addUser($first_name, $last_name, $username, $email) { // generate a password with 10 characters $password = bin2hex(openssl_random_pseudo_bytes(5)); - $password_hash = password_hash($passwort, PASSWORD_BCRYPT, ["cost"=>12]); + $password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost"=>12]); $sql = "INSERT INTO logins (firstname, lastname, localpart, password_hash, email) VALUES " . '("' . $first_name.'","' . $last_name . '","' . $username . '","' diff --git a/public/verify_admin.php b/public/verify_admin.php index c62fa6d..d8ac122 100644 --- a/public/verify_admin.php +++ b/public/verify_admin.php @@ -59,7 +59,7 @@ try { $mxConn = new MatrixConnection($homeserver, $access_token); // generate a password with 8 characters - $password = addUser($first_name, $last_name, $username, $email); + $password = $mx_db->addUser($first_name, $last_name, $username, $email); if ($password != NULL) { // send registration_success $res = send_mail_registration_success($homeserver, $first_name . " " . $last_name, $email, $username, $password, $howToURL);