mirror of
https://github.com/LBPUnion/ProjectLighthouse.git
synced 2025-05-04 18:02:28 +00:00
f6a7fe6283
* Initial work for user settings page * Finish user setting and slot setting pages * Don't show slot upload date on home page and fix team pick redirection * Fix upload image button alignment on mobile * Fix image upload on iPhone * Remove unused css and add selected button color * Fix login email check and bump ChromeDriver to 105 * Remove duplicated code and allow users to leave fields empty * Add unpublish button on level settings and move settings button position * Don't show edit button on mini card * Self review bug fixes and users can no longer use an in-use email
94 lines
No EOL
3.3 KiB
C#
94 lines
No EOL
3.3 KiB
C#
#nullable enable
|
|
using System.Diagnostics.CodeAnalysis;
|
|
using LBPUnion.ProjectLighthouse.Configuration;
|
|
using LBPUnion.ProjectLighthouse.Helpers;
|
|
using LBPUnion.ProjectLighthouse.Localization.StringLists;
|
|
using LBPUnion.ProjectLighthouse.Logging;
|
|
using LBPUnion.ProjectLighthouse.PlayerData;
|
|
using LBPUnion.ProjectLighthouse.PlayerData.Profiles;
|
|
using LBPUnion.ProjectLighthouse.PlayerData.Profiles.Email;
|
|
using LBPUnion.ProjectLighthouse.Servers.Website.Pages.Layouts;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
|
|
namespace LBPUnion.ProjectLighthouse.Servers.Website.Pages;
|
|
|
|
public class SetEmailForm : BaseLayout
|
|
{
|
|
public SetEmailForm(Database database) : base(database)
|
|
{}
|
|
|
|
public EmailSetToken? EmailToken;
|
|
|
|
public string? Error { get; private set; }
|
|
|
|
public async Task<IActionResult> OnGet(string? token = null)
|
|
{
|
|
if (!ServerConfiguration.Instance.Mail.MailEnabled) return this.NotFound();
|
|
if (token == null) return this.Redirect("/login");
|
|
|
|
EmailSetToken? emailToken = await this.Database.EmailSetTokens.FirstOrDefaultAsync(t => t.EmailToken == token);
|
|
if (emailToken == null) return this.Redirect("/login");
|
|
|
|
this.EmailToken = emailToken;
|
|
|
|
return this.Page();
|
|
}
|
|
|
|
[SuppressMessage("ReSharper", "SpecifyStringComparison")]
|
|
public async Task<IActionResult> OnPost(string emailAddress, string token)
|
|
{
|
|
if (!ServerConfiguration.Instance.Mail.MailEnabled) return this.NotFound();
|
|
|
|
EmailSetToken? emailToken = await this.Database.EmailSetTokens.Include(t => t.User).FirstOrDefaultAsync(t => t.EmailToken == token);
|
|
if (emailToken == null) return this.Redirect("/login");
|
|
|
|
if (await this.Database.Users.AnyAsync(u => u.EmailAddress != null && u.EmailAddress.ToLower() == emailAddress.ToLower()))
|
|
{
|
|
this.Error = this.Translate(ErrorStrings.EmailTaken);
|
|
this.EmailToken = emailToken;
|
|
return this.Page();
|
|
}
|
|
|
|
emailToken.User.EmailAddress = emailAddress;
|
|
this.Database.EmailSetTokens.Remove(emailToken);
|
|
|
|
User user = emailToken.User;
|
|
|
|
EmailVerificationToken emailVerifyToken = new()
|
|
{
|
|
UserId = user.UserId,
|
|
User = user,
|
|
EmailToken = CryptoHelper.GenerateAuthToken(),
|
|
ExpiresAt = DateTime.Now + TimeSpan.FromHours(6),
|
|
};
|
|
|
|
this.Database.EmailVerificationTokens.Add(emailVerifyToken);
|
|
|
|
// The user just set their email address. Now, let's grant them a token to proceed with verifying the email.
|
|
// TODO: insecure
|
|
WebToken webToken = new()
|
|
{
|
|
UserId = user.UserId,
|
|
UserToken = CryptoHelper.GenerateAuthToken(),
|
|
ExpiresAt = DateTime.Now + TimeSpan.FromDays(7),
|
|
};
|
|
|
|
this.Response.Cookies.Append
|
|
(
|
|
"LighthouseToken",
|
|
webToken.UserToken,
|
|
new CookieOptions
|
|
{
|
|
Expires = DateTimeOffset.Now.AddDays(7),
|
|
}
|
|
);
|
|
|
|
Logger.Success($"User {user.Username} (id: {user.UserId}) successfully logged in on web after setting an email address", LogArea.Login);
|
|
|
|
this.Database.WebTokens.Add(webToken);
|
|
await this.Database.SaveChangesAsync();
|
|
|
|
return this.Redirect("/login/sendVerificationEmail");
|
|
}
|
|
} |