dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a686481323
lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm
Xavier Guimard 095c0cc8d7 Register/Demo (#595)
2017-01-14 19:31:48 +00:00

508 lines
16 KiB
Perl
Raw Blame History

package Lemonldap::NG::Portal::Plugins::Register;
use strict;
use Encode;
use Mouse;
use POSIX qw(strftime);
use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADMAILTOKEN
PE_CAPTCHAEMPTY
PE_CAPTCHAERROR
PE_MALFORMEDUSER
PE_MAILCONFIRMATION_ALREADY_SENT
PE_MAILCONFIRMOK
PE_MAILERROR
PE_MAILOK
PE_OK
PE_REGISTERALREADYEXISTS
PE_REGISTERFIRSTACCESS
PE_REGISTERFORMEMPTY
);
our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Main::Plugin',
'Lemonldap::NG::Portal::Lib::SMTP';
# INITIALIZATION
sub init {
my ($self) = @_;
$self->addUnauthRoute( register => 'register', [ 'POST', 'GET' ] );
if ( $self->conf->{captcha_register_enabled} ) {
# TODO: load captcha plugin
}
$self->registerModule(
$self->p->loadPlugin( '::Register::' . $self->conf->{registerDB} ) )
or return 0;
# TODO: load module if != $self->p->authentication
return 1;
}
# PROPERTIES
has captchaModule => ( is => 'rw' );
# TODO
has registerModule => ( is => 'rw' );
has registerUrl => (
is => 'rw',
default => sub {
my $p = $_[0]->conf->{portal};
$p =~ s#/*$##;
return "$p/register";
}
);
# RUNNIG METHODS
sub register {
my ( $self, $req ) = @_;
$req->error( $self->_register($req) );
my ( $tpl, $prms ) = $self->display($req);
return $self->p->sendHtml( $req, $tpl, params => $prms );
}
sub _register {
my ( $self, $req ) = @_;
unless ( $req->param('mail') || $req->param('register_token') ) {
return PE_REGISTERFIRSTACCESS if ( $req->method =~ /GET/ );
return PE_REGISTERFORMEMPTY;
}
$req->datas->{register_token} = $req->param('register_token');
# If a register token is present, find the corresponding info
if ( $req->datas->{register_token} ) {
$self->lmLog(
"Token given for register: " . $req->datas->{register_token},
'debug' );
# Get the corresponding session
my $registerSessionObj =
$self->p->getApacheSession( $req->datas->{register_token} );
if ( $registerSessionObj && $registerSessionObj->data ) {
foreach (qw(mail firstname lastname ipAddr)) {
$req->datas->{registerInfo}->{$_} =
$registerSessionObj->data->{$_};
}
$self->lmLog(
"User associated to token: "
. $req->datas->{registerInfo}->{mail},
'debug'
);
}
return PE_BADMAILTOKEN unless ( $req->datas->{registerInfo}->{mail} );
}
else {
# Use submitted value
$req->datas->{registerInfo}->{mail} = $req->param('mail');
$req->datas->{registerInfo}->{firstname} = $req->param('firstname');
$req->datas->{registerInfo}->{lastname} = $req->param('lastname');
$req->datas->{registerInfo}->{ipAddr} = $req->address;
# Captcha for register form
# Only if register session does not already exist
# TODO captcha
if ( $self->conf->{captcha_register_enabled}
&& $req->datas->{registerInfo}->{mail}
&& !$self->getRegisterSession( $req->datas->{registerInfo}->{mail} )
)
{
$req->datas->{captcha_user_code} = $req->param('captcha_user_code');
$req->datas->{captcha_check_code} = $req->param('captcha_code');
unless ( $self->{captcha_user_code} && $self->{captcha_check_code} )
{
$self->lmLog( "Captcha not filled", 'warn' );
return PE_CAPTCHAEMPTY;
}
$self->lmLog(
"Captcha data received: "
. $req->datas->{captcha_user_code} . " and "
. $req->datas->{captcha_check_code},
'debug'
);
# Check captcha
my $captcha_result = $self->captchaModule->checkCaptcha(
$req->datas->{captcha_user_code},
$req->datas->{captcha_check_code}
);
if ( $captcha_result != 1 ) {
if ( $captcha_result == -3
or $captcha_result == -2 )
{
$self->lmLog( "Captcha failed: wrong code", 'warn' );
return PE_CAPTCHAERROR;
}
elsif ( $captcha_result == 0 ) {
$self->lmLog(
"Captcha failed: code not checked (file error)",
'warn' );
return PE_CAPTCHAERROR;
}
elsif ( $captcha_result == -1 ) {
$self->lmLog( "Captcha failed: code has expired", 'warn' );
return PE_CAPTCHAERROR;
}
}
$self->lmLog( "Captcha code verified", 'debug' );
}
}
# Check mail
return PE_MALFORMEDUSER
unless ( $req->datas->{registerInfo}->{mail} =~
/$self->{conf}->{userControl}/o );
# Search for user using UserDB module
# If the user already exists, register is forbidden
$req->datas->{mail} = $req->{registerInfo}->{mail};
if ( $self->p->_userDB->getUser($req) == PE_OK ) {
$self->lmLog(
"Register: refuse mail $req->{mail} because already exists in UserDB",
'error'
);
return PE_REGISTERALREADYEXISTS;
}
my $register_session =
$self->getRegisterSession( $req->datas->{registerInfo}->{mail} );
$req->datas->{mail_already_sent} =
( $register_session and !$req->id ) ? 1 : 0;
# Skip this step if confirmation was already sent
unless ( $req->datas->{register_token} or $register_session ) {
# Create a new session
my $registerSessionObj = $self->p->getApacheSession();
# Set _utime for session autoremove
# Use default session timeout and register session timeout to compute it
my $time = time();
my $timeout = $self->conf->{timeout};
my $registerTimeout = $self->conf->{registerTimeout} || $timeout;
my $infos = {};
$infos->{_utime} = $time + ( $registerTimeout - $timeout );
# Store expiration timestamp for further use
$infos->{registerSessionTimeoutTimestamp} = $time + $registerTimeout;
$req->datas->{registerInfo}->{registerSessionTimeoutTimestamp} =
$time + $registerTimeout;
# Store start timestamp for further use
$infos->{registerSessionStartTimestamp} = $time;
$req->datas->{registerInfo}->{registerSessionStartTimestamp} = $time;
# Store infos
$infos->{mail} = $req->datas->{registerInfo}->{mail};
$infos->{firstname} = $req->datas->{registerInfo}->{firstname};
$infos->{lastname} = $req->datas->{registerInfo}->{lastname};
$infos->{ipAddr} = $req->datas->{registerInfo}->{ipAddr};
# Store type
$infos->{_type} = "register";
# Update session
$registerSessionObj->update($infos);
$register_session = $registerSessionObj->id;
}
# Send confirmation mail
# Skip this step if user clicked on the confirmation link
unless ( $req->datas->{register_token} ) {
# Check if confirmation mail has already been sent
$self->lmLog( 'No register_token', 'debug' );
$self->lmLog(
'mail '
. ( $req->datas->{mail_already_sent} ? 'already' : 'not' )
. ' sent',
'debug'
);
# Read session to get creation and expiration dates
$req->id($register_session) unless $req->id;
$self->lmLog( "Register session found: $register_session", 'debug' );
my $registerSessionObj =
$self->p->getApacheSession( $register_session, 1 );
$req->datas->{registerInfo}->{registerSessionTimeoutTimestamp} =
$registerSessionObj->data->{registerSessionTimeoutTimestamp};
$req->datas->{registerInfo}->{registerSessionStartTimestamp} =
$registerSessionObj->data->{registerSessionStartTimestamp};
# Mail session expiration date
my $expTimestamp =
$req->datas->{registerInfo}->{registerSessionTimeoutTimestamp};
$self->lmLog( "Register expiration timestamp: $expTimestamp", 'debug' );
$req->datas->{expMailDate} =
strftime( "%d/%m/%Y", localtime $expTimestamp );
$req->datas->{expMailTime} =
strftime( "%H:%M", localtime $expTimestamp );
# Mail session start date
my $startTimestamp =
$req->datas->{registerInfo}->{registerSessionStartTimestamp};
$self->lmLog( "Register start timestamp: $startTimestamp", 'debug' );
$req->datas->{startMailDate} =
strftime( "%d/%m/%Y", localtime $startTimestamp );
$req->datas->{startMailTime} =
strftime( "%H:%M", localtime $startTimestamp );
# Ask if user want another confirmation email
if ( $req->datas->{mail_already_sent}
and !$req->param('resendconfirmation') )
{
return PE_MAILCONFIRMATION_ALREADY_SENT;
}
# Build confirmation url
my $url = $self->registerUrl . "?register_token=" . $req->{id};
$url .= '&skin=' . $self->p->getSkin($req);
$url .= '&'
. $self->conf->{authChoiceParam} . '='
. $req->datas->{_authChoice}
if ( $req->datas->{_authChoice} );
# Build mail content
my $subject = $self->conf->{registerConfirmSubject};
my $body;
my $html = 1;
# Use HTML template
my $tplfile =
$self->conf->{templateDir} . '/'
. $self->conf->{portalSkin}
. '/mail_register_confirm.tpl';
$tplfile =
$self->conf->{templateDir} . '/common/mail_register_confirm.tpl'
unless ( -e $tplfile );
my $template = HTML::Template->new( filename => $tplfile, );
$body = $template->output();
# Replace variables in body
$body =~ s/\$expMailDate/$req->datas->{expMailDate}/g;
$body =~ s/\$expMailTime/$req->datas->{expMailTime}/g;
$body =~ s/\$url/$url/g;
$body =~ s/\$(\w+)/decode("utf8",$req->datas->{registerInfo}->{$1})/ge;
# Send mail
return PE_MAILERROR
unless $self->send_mail( $req->datas->{registerInfo}->{mail},
$subject, $body, $html );
$self->lmLog( 'Register message sent', 'debug' );
return PE_MAILCONFIRMOK;
}
# Generate a complex password
my $password = $self->gen_password( $self->conf->{randomPasswordRegexp} );
$self->lmLog( "Generated password: " . $password, 'debug' );
$req->datas->{registerInfo}->{password} = $password;
$req->datas->{forceReset} = 1;
# Find a login
my $result = $self->registerModule->computeLogin($req);
unless ( $result == PE_OK ) {
$self->lmLog(
"Could not compute login for "
. $req->datas->{registerInfo}->{mail},
'error'
);
return $result;
}
# Create user
$self->lmLog( 'Create new user ' . $req->datas->{registerInfo}->{login},
'debug' );
$result = $self->registerModule->createUser($req);
unless ( $result == PE_OK ) {
$self->lmLog(
"Could not create user " . $req->datas->{registerInfo}->{login},
'error' );
return $result;
}
# Register token can be used only one time, delete the session if all is ok
# Get the corresponding session
my $registerSessionObj =
$self->p->getApacheSession( $req->datas->{register_token} );
if ($registerSessionObj) {
$self->lmLog(
"Delete register session " . $req->datas->{register_token},
'debug' );
$registerSessionObj->remove;
}
else {
$self->lmLog( "Register session not found", 'warn' );
}
my $subject = $self->conf->{registerDoneSubject};
my $body;
my $html = 1;
# Use HTML template
my $tplfile =
$self->conf->{templateDir} . '/'
. $self->conf->{portalSkin}
. "/mail_register_done.tpl";
$tplfile = $self->conf->{templateDir} . "/common/mail_register_done.tpl"
unless ( -e $tplfile );
my $template = HTML::Template->new( filename => $tplfile, );
$body = $template->output();
# Replace variables in body
$body =~ s/\$(\w+)/decode("utf8",$req->datas->{registerInfo}->{$1})/ge;
# Send mail
return PE_MAILERROR
unless $self->send_mail( $req->datas->{registerInfo}->{mail},
$subject, $body, $html );
return PE_MAILOK;
}
sub display {
my ( $self, $req ) = @_;
my %templateParams = (
PORTAL_URL => $self->conf->{portal},
SKIN_PATH => '/static',
SKIN => $self->conf->{portalSkin},
SKIN_BG => $self->conf->{portalSkinBackground},
AUTH_ERROR => $req->error,
AUTH_ERROR_TYPE => $req->error_type,
CHOICE_PARAM => $self->conf->{authChoiceParam},
CHOICE_VALUE => $req->datas->{_authChoice},
EXPMAILDATE => $req->datas->{expMailDate},
EXPMAILTIME => $req->datas->{expMailTime},
STARTMAILDATE => $req->datas->{startMailDate},
STARTMAILTIME => $req->datas->{startMailTime},
MAILALREADYSENT => $req->datas->{mail_already_sent},
MAIL => $self->p->checkXSSAttack( 'mail',
$req->datas->{registerInfo}->{mail} ) ? ""
: $req->datas->{registerInfo}->{mail},
FIRSTNAME => $self->p->checkXSSAttack( 'firstname',
$req->datas->{registerInfo}->{firstname} ) ? ""
: $req->datas->{registerInfo}->{firstname},
LASTNAME => $self->p->checkXSSAttack( 'lastname',
$req->datas->{registerInfo}->{lastname} ) ? ""
: $req->datas->{registerInfo}->{lastname},
REGISTER_TOKEN => $self->p->checkXSSAttack( 'register_token',
$req->datas->{register_token} ) ? ""
: $req->datas->{register_token},
);
# Display form the first time
if (
(
$req->error == PE_REGISTERFORMEMPTY
or $req->error == PE_REGISTERFIRSTACCESS
or $req->error == PE_REGISTERALREADYEXISTS
or $req->error == PE_CAPTCHAERROR
or $req->error == PE_CAPTCHAEMPTY
)
and !$req->param('mail_token')
)
{
%templateParams = (
%templateParams,
DISPLAY_FORM => 1,
DISPLAY_RESEND_FORM => 0,
DISPLAY_CONFIRMMAILSENT => 0,
DISPLAY_MAILSENT => 0,
DISPLAY_PASSWORD_FORM => 0,
);
}
# Display captcha if it's enabled
if ( $self->conf->{captcha_register_enabled} ) {
%templateParams = (
%templateParams,
CAPTCHA_IMG => $self->captcha_img,
CAPTCHA_CODE => $self->captcha_code,
CAPTCHA_SIZE => $self->captcha_size
);
}
# Display mail confirmation resent form
if ( $req->{error} == PE_MAILCONFIRMATION_ALREADY_SENT ) {
%templateParams = (
%templateParams,
DISPLAY_FORM => 0,
DISPLAY_RESEND_FORM => 1,
DISPLAY_CONFIRMMAILSENT => 0,
DISPLAY_MAILSENT => 0,
DISPLAY_PASSWORD_FORM => 0,
);
}
# Display confirmation mail sent
if ( $req->{error} == PE_MAILCONFIRMOK ) {
%templateParams = (
%templateParams,
DISPLAY_FORM => 0,
DISPLAY_RESEND_FORM => 0,
DISPLAY_CONFIRMMAILSENT => 1,
DISPLAY_MAILSENT => 0,
DISPLAY_PASSWORD_FORM => 0,
);
}
# Display mail sent
if ( $req->{error} == PE_MAILOK ) {
%templateParams = (
%templateParams,
DISPLAY_FORM => 0,
DISPLAY_RESEND_FORM => 0,
DISPLAY_CONFIRMMAILSENT => 0,
DISPLAY_MAILSENT => 1,
DISPLAY_PASSWORD_FORM => 0,
);
}
# Display password change form
if ( $req->param('mail_token')
and $req->{error} != PE_MAILERROR
and $req->{error} != PE_BADMAILTOKEN
and $req->{error} != PE_MAILOK )
{
%templateParams = (
%templateParams,
DISPLAY_FORM => 0,
DISPLAY_RESEND_FORM => 0,
DISPLAY_CONFIRMMAILSENT => 0,
DISPLAY_MAILSENT => 0,
DISPLAY_PASSWORD_FORM => 1,
);
}
return ( 'register', \%templateParams );
}
1;
Reference in New Issue View Git Blame Copy Permalink