Merge branch '#14-recover-username-from-email' into 'main'
feat: new route to reminder users of their username via email. Closes #14 See merge request compsoc1/skynet/ldap/backend!14
This commit is contained in:
commit
edb511b094
3 changed files with 127 additions and 1 deletions
|
@ -81,6 +81,14 @@ Invalid Auth:
|
||||||
|
|
||||||
Generic responses which is used unless otherwise specified above.
|
Generic responses which is used unless otherwise specified above.
|
||||||
|
|
||||||
|
### POST /ldap/recover/username
|
||||||
|
Sends an email to the user of the address reminding them of their username (if there is an account associated with said username).
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"email" : "email looking for remidner"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
### POST /ldap/recover/password
|
### POST /ldap/recover/password
|
||||||
|
|
||||||
```json
|
```json
|
||||||
|
|
|
@ -30,6 +30,7 @@ async fn main() -> tide::Result<()> {
|
||||||
// for folks who forget password/username
|
// for folks who forget password/username
|
||||||
app.at("/ldap/recover/password").post(account_recover::password::reset);
|
app.at("/ldap/recover/password").post(account_recover::password::reset);
|
||||||
app.at("/ldap/recover/password/auth").post(account_recover::password::auth);
|
app.at("/ldap/recover/password/auth").post(account_recover::password::auth);
|
||||||
|
app.at("/ldap/recover/username").post(account_recover::username::submit);
|
||||||
|
|
||||||
app.listen(host_port).await?;
|
app.listen(host_port).await?;
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
|
@ -109,7 +109,7 @@ pub mod password {
|
||||||
Ok(json!({"result": "success", "success": "Password set"}).into())
|
Ok(json!({"result": "success", "success": "Password set"}).into())
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn db_get_user(pool: &Pool<Sqlite>, user_in: &Option<String>, mail_in: &Option<String>) -> Option<Accounts> {
|
pub async fn db_get_user(pool: &Pool<Sqlite>, user_in: &Option<String>, mail_in: &Option<String>) -> Option<Accounts> {
|
||||||
let user = match user_in {
|
let user = match user_in {
|
||||||
None => "",
|
None => "",
|
||||||
Some(x) => x,
|
Some(x) => x,
|
||||||
|
@ -305,3 +305,120 @@ pub mod password {
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub mod username {
|
||||||
|
use super::password::db_get_user;
|
||||||
|
use super::*;
|
||||||
|
|
||||||
|
// far simpler, accept email, send notification via email
|
||||||
|
|
||||||
|
#[derive(Debug, Deserialize)]
|
||||||
|
struct UsernameReminder {
|
||||||
|
email: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
pub async fn submit(mut req: Request<State>) -> tide::Result {
|
||||||
|
let UsernameReminder {
|
||||||
|
email,
|
||||||
|
} = req.body_json().await?;
|
||||||
|
|
||||||
|
// check that any mail is not using @skynet.ie
|
||||||
|
|
||||||
|
if email.trim().ends_with("@skynet.ie") {
|
||||||
|
// all responses from this are a success
|
||||||
|
return Ok(json!({"result": "error", "error": "Skynet email not permitted."}).into());
|
||||||
|
}
|
||||||
|
|
||||||
|
let config = &req.state().config;
|
||||||
|
let db = &req.state().db;
|
||||||
|
|
||||||
|
// considering the local db is updated hourly (or less) use that instead of teh ldap for lookups
|
||||||
|
let user_details = match db_get_user(db, &None, &Some(email)).await {
|
||||||
|
None => {
|
||||||
|
return Ok(json!({"result": "success"}).into());
|
||||||
|
}
|
||||||
|
Some(x) => x,
|
||||||
|
};
|
||||||
|
|
||||||
|
// user does not have a different email address set
|
||||||
|
if user_details.mail.trim().ends_with("@skynet.ie") {
|
||||||
|
// not returning an error here as there is no need to let the person requesting what email the user has
|
||||||
|
return Ok(json!({"result": "success"}).into());
|
||||||
|
}
|
||||||
|
|
||||||
|
send_mail(config, &user_details).ok();
|
||||||
|
|
||||||
|
Ok(json!({"result": "success"}).into())
|
||||||
|
}
|
||||||
|
|
||||||
|
fn send_mail(config: &Config, record: &Accounts) -> Result<Response, Error> {
|
||||||
|
let recipient = &record.user;
|
||||||
|
let mail = &record.mail;
|
||||||
|
let discord = "https://discord.skynet.ie";
|
||||||
|
let sender = format!("UL Computer Society <{}>", &config.mail_user);
|
||||||
|
|
||||||
|
// Create the html we want to send.
|
||||||
|
let html = html! {
|
||||||
|
head {
|
||||||
|
title { "Hello from Skynet!" }
|
||||||
|
style type="text/css" {
|
||||||
|
"h2, h4 { font-family: Arial, Helvetica, sans-serif; }"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
div style="display: flex; flex-direction: column; align-items: center;" {
|
||||||
|
h2 { "Hello from Skynet!" }
|
||||||
|
// Substitute in the name of our recipient.
|
||||||
|
p { "Hi there," }
|
||||||
|
p {
|
||||||
|
"You requested a username reminder: " (recipient)
|
||||||
|
}
|
||||||
|
p {
|
||||||
|
"If did not request this please ignore."
|
||||||
|
}
|
||||||
|
p {
|
||||||
|
"UL Computer Society"
|
||||||
|
br;
|
||||||
|
"Skynet Team"
|
||||||
|
br;
|
||||||
|
a href=(discord) { (discord) }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
let body_text = format!(
|
||||||
|
r#"
|
||||||
|
Hi there,
|
||||||
|
|
||||||
|
You requested a username reminder: {recipient}
|
||||||
|
|
||||||
|
If did not request this please ignore.
|
||||||
|
|
||||||
|
UL Computer Society
|
||||||
|
Skynet Team
|
||||||
|
{discord}
|
||||||
|
"#
|
||||||
|
);
|
||||||
|
|
||||||
|
// Build the message.
|
||||||
|
let email = Message::builder()
|
||||||
|
.from(sender.parse().unwrap())
|
||||||
|
.to(mail.parse().unwrap())
|
||||||
|
.subject("Skynet: Username Reminder")
|
||||||
|
.multipart(
|
||||||
|
// This is composed of two parts.
|
||||||
|
// also helps not trip spam settings (uneven number of url's
|
||||||
|
MultiPart::alternative()
|
||||||
|
.singlepart(SinglePart::builder().header(header::ContentType::TEXT_PLAIN).body(body_text))
|
||||||
|
.singlepart(SinglePart::builder().header(header::ContentType::TEXT_HTML).body(html.into_string())),
|
||||||
|
)
|
||||||
|
.expect("failed to build email");
|
||||||
|
|
||||||
|
let creds = Credentials::new(config.mail_user.clone(), config.mail_pass.clone());
|
||||||
|
|
||||||
|
// Open a remote connection to gmail using STARTTLS
|
||||||
|
let mailer = SmtpTransport::starttls_relay(&config.mail_smtp).unwrap().credentials(creds).build();
|
||||||
|
|
||||||
|
// Send the email
|
||||||
|
mailer.send(&email)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue