crypto = $crypto; } /** * @NoSubAdminRequired */ #[NoAdminRequired] #[NoCSRFRequired] public function showVerifyMail(string $token, string $userId, string $key): TemplateResponse { if ($this->userSession->getUser()->getUID() !== $userId) { // not a public page, hence getUser() must return an IUser throw new InvalidArgumentException('Logged in account is not mail address owner'); } $email = $this->crypto->decrypt($key); return new TemplateResponse( 'core', 'confirmation', [ 'title' => $this->l10n->t('Email confirmation'), 'message' => $this->l10n->t('To enable the email address %s please click the button below.', [$email]), 'action' => $this->l10n->t('Confirm'), ], TemplateResponse::RENDER_AS_GUEST); } /** * @NoSubAdminRequired */ #[NoAdminRequired] #[BruteForceProtection(action: 'emailVerification')] public function verifyMail(string $token, string $userId, string $key): TemplateResponse { $throttle = false; try { if ($this->userSession->getUser()->getUID() !== $userId) { throw new InvalidArgumentException('Logged in account is not mail address owner'); } $email = $this->crypto->decrypt($key); $ref = \substr(hash('sha256', $email), 0, 8); $user = $this->userManager->get($userId); $this->verificationToken->check($token, $user, 'verifyMail' . $ref, $email); $userAccount = $this->accountManager->getAccount($user); $emailProperty = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL) ->getPropertyByValue($email); if ($emailProperty === null) { throw new InvalidArgumentException($this->l10n->t('Email was already removed from account and cannot be confirmed anymore.')); } $emailProperty->setLocallyVerified(IAccountManager::VERIFIED); $this->accountManager->updateAccount($userAccount); $this->verificationToken->delete($token, $user, 'verifyMail' . $ref); } catch (InvalidTokenException $e) { if ($e->getCode() === InvalidTokenException::TOKEN_EXPIRED) { $error = $this->l10n->t('Could not verify mail because the token is expired.'); } else { $throttle = true; $error = $this->l10n->t('Could not verify mail because the token is invalid.'); } } catch (InvalidArgumentException $e) { $error = $e->getMessage(); } catch (\Exception $e) { $error = $this->l10n->t('An unexpected error occurred. Please contact your admin.'); } if (isset($error)) { $response = new TemplateResponse( 'core', 'error', [ 'errors' => [['error' => $error]] ], TemplateResponse::RENDER_AS_GUEST); if ($throttle) { $response->throttle(); } return $response; } return new TemplateResponse( 'core', 'success', [ 'title' => $this->l10n->t('Email confirmation successful'), 'message' => $this->l10n->t('Email confirmation successful'), ], TemplateResponse::RENDER_AS_GUEST); } } href='#n7'>7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130