Beispiel #1
0
func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
	if !utils.Cfg.ServiceSettings.AllowEmailSignUp {
		c.Err = model.NewAppError("signupTeam", "User sign-up with email is disabled.", "")
		c.Err.StatusCode = http.StatusNotImplemented
		return
	}

	user := model.UserFromJson(r.Body)

	if user == nil {
		c.SetInvalidParam("createUser", "user")
		return
	}

	if !model.IsUsernameValid(user.Username) {
		c.Err = model.NewAppError("createUser", "That username is invalid", "might be using a resrved username")
		return
	}

	user.EmailVerified = false

	var team *model.Team

	if result := <-Srv.Store.Team().Get(user.TeamId); result.Err != nil {
		c.Err = result.Err
		return
	} else {
		team = result.Data.(*model.Team)
	}

	hash := r.URL.Query().Get("h")

	if IsVerifyHashRequired(user, team, hash) {
		data := r.URL.Query().Get("d")
		props := model.MapFromJson(strings.NewReader(data))

		if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.ServiceSettings.InviteSalt)) {
			c.Err = model.NewAppError("createUser", "The signup link does not appear to be valid", "")
			return
		}

		t, err := strconv.ParseInt(props["time"], 10, 64)
		if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours
			c.Err = model.NewAppError("createUser", "The signup link has expired", "")
			return
		}

		if user.TeamId != props["id"] {
			c.Err = model.NewAppError("createUser", "Invalid team name", data)
			return
		}

		user.Email = props["email"]
		user.EmailVerified = true
	}

	if len(user.AuthData) > 0 && len(user.AuthService) > 0 {
		user.EmailVerified = true
	}

	ruser := CreateUser(c, team, user)
	if c.Err != nil {
		return
	}

	w.Write([]byte(ruser.ToJson()))

}
Beispiel #2
0
func createUser(c *Context, w http.ResponseWriter, r *http.Request) {

	user := model.UserFromJson(r.Body)

	if user == nil {
		c.SetInvalidParam("createUser", "user")
		return
	}

	if !model.IsUsernameValid(user.Username) {
		c.Err = model.NewAppError("createUser", "That username is invalid", "might be using a resrved username")
		return
	}

	user.EmailVerified = false

	var team *model.Team

	if result := <-Srv.Store.Team().Get(user.TeamId); result.Err != nil {
		c.Err = result.Err
		return
	} else {
		team = result.Data.(*model.Team)
	}

	hash := r.URL.Query().Get("h")

	shouldVerifyHash := true

	if team.Type == model.TEAM_INVITE && len(team.AllowedDomains) > 0 && len(hash) == 0 {
		domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(team.AllowedDomains, "@", " ", -1), ",", " ", -1))))

		matched := false
		for _, d := range domains {
			if strings.HasSuffix(user.Email, "@"+d) {
				matched = true
				break
			}
		}

		if matched {
			shouldVerifyHash = false
		} else {
			c.Err = model.NewAppError("createUser", "The signup link does not appear to be valid", "allowed domains failed")
			return
		}
	}

	if team.Type == model.TEAM_OPEN {
		shouldVerifyHash = false
	}

	if len(hash) > 0 {
		shouldVerifyHash = true
	}

	if shouldVerifyHash {
		data := r.URL.Query().Get("d")
		props := model.MapFromJson(strings.NewReader(data))

		if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.ServiceSettings.InviteSalt)) {
			c.Err = model.NewAppError("createUser", "The signup link does not appear to be valid", "")
			return
		}

		t, err := strconv.ParseInt(props["time"], 10, 64)
		if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours
			c.Err = model.NewAppError("createUser", "The signup link has expired", "")
			return
		}

		if user.TeamId != props["id"] {
			c.Err = model.NewAppError("createUser", "Invalid team name", data)
			return
		}

		user.Email = props["email"]
		user.EmailVerified = true
	}

	ruser := CreateUser(c, team, user)
	if c.Err != nil {
		return
	}

	w.Write([]byte(ruser.ToJson()))

}