IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Implement POST /users/email/verify/send endpoint for APIv4 (#5825)

Browse Source
This commit is contained in:
Joram Wilander
2017-03-24 16:42:05 -04:00
committed by Corey Hulen
parent a2f78d01bd
commit 11b7aa859c
3 changed files with 74 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
api4/user.go
View File

@@ -35,7 +35,8 @@ func InitUser() {
BaseRoutes.User.Handle("/password", ApiSessionRequired(updatePassword)).Methods("PUT")
BaseRoutes.Users.Handle("/password/reset", ApiHandler(resetPassword)).Methods("POST")
BaseRoutes.Users.Handle("/password/reset/send", ApiHandler(sendPasswordReset)).Methods("POST")
BaseRoutes.User.Handle("/email/verify", ApiHandler(verify)).Methods("POST")
BaseRoutes.Users.Handle("/email/verify", ApiHandler(verifyUserEmail)).Methods("POST")
BaseRoutes.Users.Handle("/email/verify/send", ApiHandler(sendVerificationEmail)).Methods("POST")
BaseRoutes.Users.Handle("/login", ApiHandler(login)).Methods("POST")
BaseRoutes.Users.Handle("/logout", ApiHandler(logout)).Methods("POST")
@@ -797,18 +798,18 @@ func getUserAudits(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
func verify(c *Context, w http.ResponseWriter, r *http.Request) {
func verifyUserEmail(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
userId := props["uid"]
userId := props["user_id"]
if len(userId) != 26 {
c.SetInvalidParam("uid")
c.SetInvalidParam("user_id")
return
}
hashedId := props["hid"]
hashedId := props["hash_id"]
if len(hashedId) == 0 {
c.SetInvalidParam("hid")
c.SetInvalidParam("hash_id")
return
}
@@ -823,7 +824,32 @@ func verify(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
c.Err = model.NewLocAppError("verifyEmail", "api.user.verify_email.bad_link.app_error", nil, "")
c.Err = model.NewLocAppError("verifyUserEmail", "api.user.verify_email.bad_link.app_error", nil, "")
c.Err.StatusCode = http.StatusBadRequest
return
}
func sendVerificationEmail(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
email := props["email"]
if len(email) == 0 {
c.SetInvalidParam("email")
return
}
user, err := app.GetUserForLogin(email, false)
if err != nil {
// Don't want to leak whether the email is valid or not
ReturnStatusOK(w)
return
}
if _, err := app.GetStatus(user.Id); err != nil {
go app.SendVerifyEmail(user.Id, user.Email, user.Locale, c.GetSiteURL())
} else {
go app.SendEmailChangeVerifyEmail(user.Id, user.Email, user.Locale, c.GetSiteURL())
}
ReturnStatusOK(w)
}

31
api4/user_test.go
View File

@@ -1303,7 +1303,7 @@ func TestGetUserAudits(t *testing.T) {
CheckNoError(t, resp)
}
func TestVerify(t *testing.T) {
func TestVerifyUserEmail(t *testing.T) {
th := Setup().InitBasic()
defer TearDown()
Client := th.Client
@@ -1320,15 +1320,34 @@ func TestVerify(t *testing.T) {
_, resp = Client.VerifyUserEmail(ruser.Id, hashId)
CheckBadRequestStatus(t, resp)
// Comment per request from Joram, he will investigate why it fail with a wrong status
// hashId = ruser.Id+GenerateTestId()
// _, resp = Client.VerifyUserEmail("", hashId)
// CheckBadRequestStatus(t, resp)
_, resp = Client.VerifyUserEmail(ruser.Id, "")
CheckBadRequestStatus(t, resp)
}
func TestSendVerificationEmail(t *testing.T) {
th := Setup().InitBasic()
defer TearDown()
Client := th.Client
pass, resp := Client.SendVerificationEmail(th.BasicUser.Email)
CheckNoError(t, resp)
if !pass {
t.Fatal("should have passed")
}
_, resp = Client.SendVerificationEmail("")
CheckBadRequestStatus(t, resp)
// Even non-existent emails should return 200 OK
_, resp = Client.SendVerificationEmail(GenerateTestEmail())
CheckNoError(t, resp)
Client.Logout()
_, resp = Client.SendVerificationEmail(th.BasicUser.Email)
CheckNoError(t, resp)
}
func TestSetProfileImage(t *testing.T) {
th := Setup().InitBasic().InitSystemAdmin()
defer TearDown()