CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-28 19:20:25 +12:00
Code Issues Projects Releases Wiki Activity

Breaking changes in BETA

Browse source 
redirect param is now confirmation
This commit is contained in:
eldadfux 2019-09-21 12:18:44 +03:00
parent 9a74477ef1
commit ac244b5efa
1 changed files with 20 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
app/controllers/auth.php
View file

@ -30,12 +30,12 @@ $utopia->post('/v1/auth/register')
->label('abuse-limit', 10)
->param('email', '', function () {return new Email();}, 'Account email')
->param('password', '', function () {return new Password();}, 'User password')
->param('redirect', '', function () use ($clients) {return new Host($clients);}, 'Confirmation page to redirect user after confirm token has been sent to user email')
->param('success', null, function () use ($clients) {return new Host($clients);}, 'Redirect when registration succeed')
->param('failure', null, function () use ($clients) {return new Host($clients);}, 'Redirect when registration failed')
->param('confirmation', '', function () use ($clients) {return new Host($clients);}, 'Confirmation URL to redirect user after confirm token has been sent to user email')
->param('success', null, function () use ($clients) {return new Host($clients);}, 'Redirect when registration succeed', true)
->param('failure', null, function () use ($clients) {return new Host($clients);}, 'Redirect when registration failed', true)
->param('name', '', function () {return new Text(100);}, 'User name', true)
->action(
function ($email, $password, $redirect, $success, $failure, $name) use ($request, $response, $register, $audit, $projectDB, $project, $webhook) {
function ($email, $password, $confirmation, $success, $failure, $name) use ($request, $response, $register, $audit, $projectDB, $project, $webhook) {
if('console' === $project->getUid()) {
$whitlistEmails = $project->getAttribute('authWhitelistEmails');
$whitlistIPs = $project->getAttribute('authWhitelistIPs');
@ -132,16 +132,16 @@ $utopia->post('/v1/auth/register')
// Send email address confirmation email
$redirect = Template::parseURL($redirect);
$redirect['query'] = Template::mergeQuery(((isset($redirect['query'])) ? $redirect['query'] : ''), ['userId' => $user->getUid(), 'token' => $confirmSecret]);
$redirect = Template::unParseURL($redirect);
$confirmation = Template::parseURL($confirmation);
$confirmation['query'] = Template::mergeQuery(((isset($confirmation['query'])) ? $confirmation['query'] : ''), ['userId' => $user->getUid(), 'token' => $confirmSecret]);
$confirmation = Template::unParseURL($confirmation);
$body = new Template(__DIR__.'/../config/locale/templates/'.Locale::getText('auth.emails.confirm.body'));
$body
->setParam('{{direction}}', Locale::getText('settings.direction'))
->setParam('{{project}}', $project->getAttribute('name', ['[APP-NAME]']))
->setParam('{{name}}', $name)
->setParam('{{redirect}}', $redirect)
->setParam('{{redirect}}', $confirmation)
;
$mail = $register->get('smtp'); /* @var $mail \PHPMailer\PHPMailer\PHPMailer */
@ -244,9 +244,9 @@ $utopia->post('/v1/auth/register/confirm/resend')
->label('sdk.description', "This endpoint allows the user to request your app to resend him his email confirmation message. The redirect arguments acts the same way as in /auth/register endpoint.\n\nPlease notice that in order to avoid a [Redirect Attacks](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URL's are the once from domains you have set when added your platforms in the console interface.")
->label('abuse-limit', 10)
->label('abuse-key', 'url:{url},userId:{param-userId}')
->param('redirect', '', function () use ($clients) {return new Host($clients);}, 'Confirmation page to redirect user to your app after confirm token has been sent to user email.')
->param('confirmation', '', function () use ($clients) {return new Host($clients);}, 'Confirmation page to redirect user to your app after confirm token has been sent to user email.')
->action(
function ($redirect) use ($response, $request, $projectDB, $user, $register, $project) {
function ($confirmation) use ($response, $request, $projectDB, $user, $register, $project) {
if ($user->getAttribute('confirm', false)) {
throw new Exception('Email address is already confirmed', 400);
}
@ -269,16 +269,16 @@ $utopia->post('/v1/auth/register/confirm/resend')
throw new Exception('Failed saving user to DB', 500);
}
$redirect = Template::parseURL($redirect);
$redirect['query'] = Template::mergeQuery(((isset($redirect['query'])) ? $redirect['query'] : ''), ['userId' => $user->getUid(), 'token' => $secret]);
$redirect = Template::unParseURL($redirect);
$confirmation = Template::parseURL($confirmation);
$confirmation['query'] = Template::mergeQuery(((isset($confirmation['query'])) ? $confirmation['query'] : ''), ['userId' => $user->getUid(), 'token' => $secret]);
$confirmation = Template::unParseURL($confirmation);
$body = new Template(__DIR__.'/../config/locale/templates/'.Locale::getText('auth.emails.confirm.body'));
$body
->setParam('{{direction}}', Locale::getText('settings.direction'))
->setParam('{{project}}', $project->getAttribute('name', ['[APP-NAME]']))
->setParam('{{name}}', $user->getAttribute('name'))
->setParam('{{redirect}}', $redirect)
->setParam('{{redirect}}', $confirmation)
;
$mail = $register->get('smtp'); /* @var $mail \PHPMailer\PHPMailer\PHPMailer */
@ -458,9 +458,9 @@ $utopia->post('/v1/auth/recovery')
->label('abuse-limit', 10)
->label('abuse-key', 'url:{url},email:{param-email}')
->param('email', '', function () {return new Email();}, 'User account email address.')
->param('redirect', '', function () use ($clients) {return new Host($clients);}, 'Reset page in your app to redirect user after reset token has been sent to user email.')
->param('confirmation', '', function () use ($clients) {return new Host($clients);}, 'Reset page URL in your app to redirect user after reset token has been sent to user email.')
->action(
function ($email, $redirect) use ($request, $response, $projectDB, $register, $audit, $project) {
function ($email, $confirmation) use ($request, $response, $projectDB, $register, $audit, $project) {
$profile = $projectDB->getCollection([ // Get user by email address
'limit' => 1,
'first' => true,
@ -494,16 +494,16 @@ $utopia->post('/v1/auth/recovery')
throw new Exception('Failed to save user to DB', 500);
}
$redirect = Template::parseURL($redirect);
$redirect['query'] = Template::mergeQuery(((isset($redirect['query'])) ? $redirect['query'] : ''), ['userId' => $profile->getUid(), 'token' => $secret]);
$redirect = Template::unParseURL($redirect);
$confirmation = Template::parseURL($confirmation);
$confirmation['query'] = Template::mergeQuery(((isset($confirmation['query'])) ? $confirmation['query'] : ''), ['userId' => $profile->getUid(), 'token' => $secret]);
$confirmation = Template::unParseURL($confirmation);
$body = new Template(__DIR__.'/../config/locale/templates/'.Locale::getText('auth.emails.recovery.body'));
$body
->setParam('{{direction}}', Locale::getText('settings.direction'))
->setParam('{{project}}', $project->getAttribute('name', ['[APP-NAME]']))
->setParam('{{name}}', $profile->getAttribute('name'))
->setParam('{{redirect}}', $redirect)
->setParam('{{redirect}}', $confirmation)
;
$mail = $register->get('smtp'); /* @var $mail \PHPMailer\PHPMailer\PHPMailer */