diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-08-28 00:07:23 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-09-09 19:23:04 +0200 |
| commit | 0dee717c94468afeb139d9e8d9322b5fd26974b6 (patch) | |
| tree | 3a286343cca070b5c3c4473078cebb909af4b7a2 /apps/provisioning_api/lib | |
| parent | a20de15b4388e4d57b0fb26eaeca98cd6ba817f8 (diff) | |
| download | nextcloud-server-0dee717c94468afeb139d9e8d9322b5fd26974b6.tar.gz nextcloud-server-0dee717c94468afeb139d9e8d9322b5fd26974b6.zip | |
Confirm mails only per POST
- this is to avoid automatic confirmation by certain softwares that open
links
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'apps/provisioning_api/lib')
| -rw-r--r-- | apps/provisioning_api/lib/Controller/VerificationController.php | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/apps/provisioning_api/lib/Controller/VerificationController.php b/apps/provisioning_api/lib/Controller/VerificationController.php index b248d3e8285..c4ddd1e644d 100644 --- a/apps/provisioning_api/lib/Controller/VerificationController.php +++ b/apps/provisioning_api/lib/Controller/VerificationController.php @@ -74,6 +74,27 @@ class VerificationController extends Controller { /** * @NoCSRFRequired + * @NoAdminRequired + * @NoSubAdminRequired + */ + public function showVerifyMail(string $token, string $userId, string $key) { + if ($this->userSession->getUser()->getUID() !== $userId) { + // not a public page, hence getUser() must return an IUser + throw new InvalidArgumentException('Logged in user is not mail address owner'); + } + $email = $this->crypto->decrypt($key); + + return new TemplateResponse( + 'core', 'confirmation', [ + 'title' => $this->l10n->t('Email confirmation'), + 'message' => $this->l10n->t('To enable the email address %s please click the button below.', [$email]), + 'action' => $this->l10n->t('Confirm'), + ], TemplateResponse::RENDER_AS_GUEST); + } + + /** + * @NoAdminRequired + * @NoSubAdminRequired */ public function verifyMail(string $token, string $userId, string $key) { try { @@ -95,6 +116,7 @@ class VerificationController extends Controller { } $emailProperty->setLocallyVerified(IAccountManager::VERIFIED); $this->accountManager->updateAccount($userAccount); + $this->verificationToken->delete($token, $user, 'verifyMail' . $ref); } catch (InvalidTokenException $e) { $error = $e->getCode() === InvalidTokenException::TOKEN_EXPIRED ? $this->l10n->t('Could not verify mail because the token is expired.') @@ -109,13 +131,13 @@ class VerificationController extends Controller { return new TemplateResponse( 'core', 'error', [ 'errors' => [['error' => $error]] - ], 'guest'); + ], TemplateResponse::RENDER_AS_GUEST); } return new TemplateResponse( 'core', 'success', [ 'title' => $this->l10n->t('Email confirmation successful'), 'message' => $this->l10n->t('Email confirmation successful'), - ], 'guest'); + ], TemplateResponse::RENDER_AS_GUEST); } } |