From f808615f22e2ca4c9a42981b8f5e220950fb2688 Mon Sep 17 00:00:00 2001 From: Krombel Date: Sun, 15 Apr 2018 21:20:01 +0200 Subject: [PATCH] start implementing multiple modes for operation - synapse: Only trigger register calls and do not store anything for longterm - local: Provide an identity store and register to the own backend --- config.sample.php | 6 +++ database.php | 2 +- internal/directory_search.php | 2 +- internal/identity_bulk.php | 2 +- internal/identity_single.php | 2 +- internal/login.php | 2 +- public/index.php | 80 ++++++++++++++++++++++------------- public/verify.php | 7 ++- public/verify_admin.php | 11 ++++- 9 files changed, 75 insertions(+), 39 deletions(-) diff --git a/config.sample.php b/config.sample.php index 12152c8..717c35e 100644 --- a/config.sample.php +++ b/config.sample.php @@ -11,7 +11,13 @@ $config = [ "webroot" => "https://myregisterdomain.net/", // optional: Do you have a place where howTo's are located? If not leave this value out "howToURL" => "https://my-url-for-storing-howTos.net", + // set the mode of operation. Basically this defines where the data is stored: + // - synapse (using the register endpoint - so no further auth config necessary + // - local (recommended; using a table in the database to store credentials; + // synapse has to be configured to use that) + "operationMode" => "local", // When you want to collect the password on registration set this to true + // only evaluated when operationMode = local "getPasswordOnRegistration" => false, // to define where the data should be stored: "databaseURI" => "sqlite:" . dirname(__FILE__) . "/db_file.sqlite", diff --git a/database.php b/database.php index d654c66..fef634c 100644 --- a/database.php +++ b/database.php @@ -241,7 +241,7 @@ class mxDatabase { $res = $this->db->query($sql); if ($res->fetchColumn() > 0) { - $sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations " + $sql = "SELECT first_name, last_name, note, email, username, admin_token FROM registrations " . " WHERE verify_token = '" . $verify_token . "'" . " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;"; foreach ($this->db->query($sql) as $row) { diff --git a/internal/directory_search.php b/internal/directory_search.php index d6419cd..2149a82 100644 --- a/internal/directory_search.php +++ b/internal/directory_search.php @@ -46,5 +46,5 @@ try { error_log("failed with error: " . $e->getMessage()); $response["error"] = $e->getMessage(); } -print (json_encode($response, JSON_PRETTY_PRINT) . "\n"); +print (json_encode($response, JSON_PRETTY_PRINT)); ?> diff --git a/internal/identity_bulk.php b/internal/identity_bulk.php index 120871e..8c87e12 100644 --- a/internal/identity_bulk.php +++ b/internal/identity_bulk.php @@ -66,5 +66,5 @@ try { error_log("ídentity_bulk failed with error: " . $e->getMessage()); $response["error"] = $e->getMessage(); } -print (json_encode($response, JSON_PRETTY_PRINT) . "\n"); +print (json_encode($response, JSON_PRETTY_PRINT)); ?> diff --git a/internal/identity_single.php b/internal/identity_single.php index 8a317d9..fde3dd8 100644 --- a/internal/identity_single.php +++ b/internal/identity_single.php @@ -61,5 +61,5 @@ try { "error" => $e->getMessage() ]; } -print (json_encode($response, JSON_PRETTY_PRINT) . "\n"); +print (json_encode($response, JSON_PRETTY_PRINT)); ?> diff --git a/internal/login.php b/internal/login.php index 57d7685..9f44dbe 100644 --- a/internal/login.php +++ b/internal/login.php @@ -108,5 +108,5 @@ try { error_log("Auth failed with error: " . $e->getMessage()); $response["auth"]["error"] = $e->getMessage(); } -print (json_encode($response, JSON_PRETTY_PRINT) . "\n"); +print (json_encode($response, JSON_PRETTY_PRINT)); ?> diff --git a/public/index.php b/public/index.php index 735a24e..ede9a46 100644 --- a/public/index.php +++ b/public/index.php @@ -13,12 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -require_once "../language.php"; -if (!file_exists("../config.php")) { - print($language["NO_CONFIGURATION"]); - exit(); -} -require_once "../config.php"; // enforce admin via https if (!isset($_SERVER['HTTPS'])) { @@ -26,6 +20,25 @@ if (!isset($_SERVER['HTTPS'])) { exit(); } +require_once "../language.php"; +if (!file_exists("../config.php")) { + print($language["NO_CONFIGURATION"]); + exit(); +} +require_once "../config.php"; + +// this values will not be used when using the register operation type +$storeFirstLastName = false; +if (isset($config["operationMode"]) && $config["operationMode"] === "local") { + $storeFirstLastName = true; +} + +// currently the case to store the password on our own is the only supported one +$storePassword = false; +if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"] && + isset($config["operationMode"]) && $config["operationMode"] === "synapse") { + $storePassword = true; +} session_start(); if ($_SERVER["REQUEST_METHOD"] == "POST") { @@ -53,17 +66,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { if (!isset($_POST["email"]) || !filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) { throw new Exception("EMAIL_INVALID_FORMAT"); } - if (isset($_POST["first_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) { - throw new Exception("FIRSTNAME_INVALID_FORMAT"); - } - if (isset($_POST["last_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) { - throw new Exception("SIRNAME_INVALID_FORMAT"); - } + if ($storeFirstLastName) { + // only require first_name and last_name when we will evaluate them + if (!isset($_POST["first_name"]) || ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) { + throw new Exception("FIRSTNAME_INVALID_FORMAT"); + } + if (!isset($_POST["last_name"]) || ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) { + throw new Exception("SIRNAME_INVALID_FORMAT"); + } + $first_name = filter_var($_POST["first_name"], FILTER_SANITIZE_STRING); + $last_name = filter_var($_POST["last_name"], FILTER_SANITIZE_STRING); + } else { + $first_name = $last_name = ""; + } - $first_name = filter_var($_POST["first_name"], FILTER_SANITIZE_STRING); - $last_name = filter_var($_POST["last_name"], FILTER_SANITIZE_STRING); $username = filter_var($_POST["username"], FILTER_SANITIZE_STRING); - if (isset($_POST["password"])) { + if ($storePassword && isset($_POST["password"])) { $password = filter_var($_POST["password"], FILTER_SANITIZE_STRING); } $note = filter_var($_POST["note"], FILTER_SANITIZE_STRING); @@ -82,7 +100,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { require_once "../mail_templates.php"; $success = send_mail_pending_verification( $config["homeserver"], - $first_name . " " . $last_name, + $storeFirstLastName ? $first_name . " " . $last_name : $username, $email, $verify_url); @@ -137,6 +155,7 @@ body{
+
@@ -151,6 +170,7 @@ body{
+
@@ -164,7 +184,7 @@ body{
- +
@@ -177,7 +197,7 @@ body{
- + "> @@ -194,6 +214,14 @@ body{
- - - + + diff --git a/public/verify.php b/public/verify.php index b426dc8..b46b900 100644 --- a/public/verify.php +++ b/public/verify.php @@ -46,6 +46,7 @@ try { } $first_name = $user["first_name"]; $last_name = $user["last_name"]; + $username = $user["username"]; $note = $user["note"]; $email = $user["email"]; $admin_token = $user["admin_token"]; @@ -54,10 +55,12 @@ try { $adminUrl = $config["webroot"] . "/verify_admin.php?t=" . $admin_token; $mxConn = new MatrixConnection($config["homeserver"], $config["access_token"]); $mxMsg = new MatrixMessage(); - $mxMsg->set_body($first_name . ' ' . $last_name . "möchte sich registrieren und hat folgende Notiz hinterlassen:\r\n" + $mxMsg->set_body((strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username) + . " möchte sich registrieren und hat folgende Notiz hinterlassen:\r\n" . $note . "\r\n" . "Zum Bearbeiten hier klicken:\r\n" . $adminUrl); - $mxMsg->set_formatted_body($first_name . ' ' . $last_name . " möchte sich registrieren und hat folgende Notiz hinterlassen:
" + $mxMsg->set_formatted_body((strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username) + . " möchte sich registrieren und hat folgende Notiz hinterlassen:
" . $note . "
" . "Zum Bearbeiten hier klicken"); $mxMsg->set_type("m.text"); diff --git a/public/verify_admin.php b/public/verify_admin.php index 00ecbd5..6235ed7 100644 --- a/public/verify_admin.php +++ b/public/verify_admin.php @@ -95,7 +95,12 @@ try { print("

" . $language["ADMIN_REGISTER_ACCEPTED_BODY"] . "

"); } elseif ($action == RegisterState::RegistrationDeclined) { $mx_db->setRegistrationStateAdmin(RegisterState::RegistrationDeclined, $token); - send_mail_registration_decline($config["homeserver"], $first_name . " " . $last_name, $email, $decline_reason); + send_mail_registration_decline( + $config["homeserver"], + strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username, + $email, + $decline_reason + ); print("" . $language["ADMIN_VERIFY_SITE_TITLE"] . ""); print(""); print("

" . $language["ADMIN_VERIFY_SITE_TITLE"] . "

"); @@ -131,6 +136,8 @@ background: rgba(255, 255, 255, 0.8);
+
@@ -145,7 +152,7 @@ background: rgba(255, 255, 255, 0.8);
- +