use crate::{captcha_as_wav_base64, Perform};
use actix_web::web::Data;
-use anyhow::Context;
use bcrypt::verify;
use captcha::{gen, Difficulty};
use chrono::Duration;
use lemmy_api_common::{
blocking,
+ check_registration_application,
get_local_user_view_from_jwt,
is_admin,
password_length_check,
person::*,
+ send_email_verification_success,
+ send_password_reset_email,
+ send_verification_email,
};
-use lemmy_db_queries::{
+use lemmy_db_schema::{
diesel_option_overwrite,
diesel_option_overwrite_to_url,
from_opt_str_to_opt_enum,
- source::{
- comment::Comment_,
- community::Community_,
- local_user::LocalUser_,
- password_reset_request::PasswordResetRequest_,
- person::Person_,
- person_mention::PersonMention_,
- post::Post_,
- private_message::PrivateMessage_,
- },
- Blockable,
- Crud,
- SortType,
-};
-use lemmy_db_schema::{
naive_now,
source::{
comment::Comment,
community::Community,
+ email_verification::EmailVerification,
local_user::{LocalUser, LocalUserForm},
moderator::*,
password_reset_request::*,
private_message::PrivateMessage,
site::*,
},
+ traits::{Blockable, Crud},
+ SortType,
};
use lemmy_db_views::{
comment_report_view::CommentReportView,
};
use lemmy_utils::{
claims::Claims,
- email::send_email,
- location_info,
- utils::{generate_random_string, is_valid_display_name, is_valid_matrix_id, naive_from_unix},
- ApiError,
+ utils::{is_valid_display_name, is_valid_matrix_id, naive_from_unix},
ConnectionId,
LemmyError,
};
impl Perform for Login {
type Response = LoginResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
LocalUserView::find_by_email_or_name(conn, &username_or_email)
})
.await?
- .map_err(|e| ApiError::err("couldnt_find_that_username_or_email", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_find_that_username_or_email"))?;
// Verify the password
let valid: bool = verify(
)
.unwrap_or(false);
if !valid {
- return Err(ApiError::err_plain("password_incorrect").into());
+ return Err(LemmyError::from_message("password_incorrect"));
}
+ let site = blocking(context.pool(), Site::read_simple).await??;
+ if site.require_email_verification && !local_user_view.local_user.email_verified {
+ return Err(LemmyError::from_message("email_not_verified"));
+ }
+
+ check_registration_application(&site, &local_user_view, context.pool()).await?;
+
// Return the jwt
Ok(LoginResponse {
- jwt: Claims::jwt(
- local_user_view.local_user.id.0,
- &context.secret().jwt_secret,
- &context.settings().hostname,
- )?,
+ jwt: Some(
+ Claims::jwt(
+ local_user_view.local_user.id.0,
+ &context.secret().jwt_secret,
+ &context.settings().hostname,
+ )?
+ .into(),
+ ),
+ verify_email_sent: false,
+ registration_created: false,
})
}
}
impl Perform for GetCaptcha {
type Response = GetCaptchaResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
impl Perform for SaveUserSettings {
type Response = LoginResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
let avatar = diesel_option_overwrite_to_url(&data.avatar)?;
let banner = diesel_option_overwrite_to_url(&data.banner)?;
- let email = diesel_option_overwrite(&data.email);
let bio = diesel_option_overwrite(&data.bio);
let display_name = diesel_option_overwrite(&data.display_name);
let matrix_user_id = diesel_option_overwrite(&data.matrix_user_id);
let bot_account = data.bot_account;
+ let email_deref = data.email.as_deref().map(|e| e.to_owned());
+ let email = diesel_option_overwrite(&email_deref);
+
+ if let Some(Some(email)) = &email {
+ let previous_email = local_user_view.local_user.email.unwrap_or_default();
+ // Only send the verification email if there was an email change
+ if previous_email.ne(email) {
+ send_verification_email(
+ local_user_view.local_user.id,
+ email,
+ &local_user_view.person.name,
+ context.pool(),
+ &context.settings(),
+ )
+ .await?;
+ }
+ }
+
+ // When the site requires email, make sure email is not Some(None). IE, an overwrite to a None value
+ if let Some(email) = &email {
+ let site_fut = blocking(context.pool(), Site::read_simple);
+ if email.is_none() && site_fut.await??.require_email_verification {
+ return Err(LemmyError::from_message("email_required"));
+ }
+ }
if let Some(Some(bio)) = &bio {
if bio.chars().count() > 300 {
- return Err(ApiError::err_plain("bio_length_overflow").into());
+ return Err(LemmyError::from_message("bio_length_overflow"));
}
}
display_name.trim(),
context.settings().actor_name_max_length,
) {
- return Err(ApiError::err_plain("invalid_username").into());
+ return Err(LemmyError::from_message("invalid_username"));
}
}
if let Some(Some(matrix_user_id)) = &matrix_user_id {
if !is_valid_matrix_id(matrix_user_id) {
- return Err(ApiError::err_plain("invalid_matrix_id").into());
+ return Err(LemmyError::from_message("invalid_matrix_id"));
}
}
let default_listing_type = data.default_listing_type;
let default_sort_type = data.default_sort_type;
let password_encrypted = local_user_view.local_user.password_encrypted;
+ let public_key = local_user_view.person.public_key;
let person_form = PersonForm {
name: local_user_view.person.name,
local: None,
admin: None,
private_key: None,
- public_key: None,
+ public_key,
last_refreshed_at: None,
shared_inbox_url: None,
matrix_user_id,
bot_account,
+ ban_expires: None,
};
blocking(context.pool(), move |conn| {
Person::update(conn, person_id, &person_form)
})
.await?
- .map_err(|e| ApiError::err("user_already_exists", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("user_already_exists"))?;
let local_user_form = LocalUserForm {
- person_id,
+ person_id: Some(person_id),
email,
- password_encrypted,
+ password_encrypted: Some(password_encrypted),
show_nsfw: data.show_nsfw,
show_bot_accounts: data.show_bot_accounts,
show_scores: data.show_scores,
show_read_posts: data.show_read_posts,
show_new_post_notifs: data.show_new_post_notifs,
send_notifications_to_email: data.send_notifications_to_email,
+ email_verified: None,
+ accepted_application: None,
};
let local_user_res = blocking(context.pool(), move |conn| {
"user_already_exists"
};
- return Err(ApiError::err(err_type, e).into());
+ return Err(LemmyError::from(e).with_message(err_type));
}
};
// Return the jwt
Ok(LoginResponse {
- jwt: Claims::jwt(
- updated_local_user.id.0,
- &context.secret().jwt_secret,
- &context.settings().hostname,
- )?,
+ jwt: Some(
+ Claims::jwt(
+ updated_local_user.id.0,
+ &context.secret().jwt_secret,
+ &context.settings().hostname,
+ )?
+ .into(),
+ ),
+ verify_email_sent: false,
+ registration_created: false,
})
}
}
impl Perform for ChangePassword {
type Response = LoginResponse;
+ #[tracing::instrument(skip(self, context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
) -> Result<LoginResponse, LemmyError> {
let data: &ChangePassword = self;
let local_user_view =
- get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
+ get_local_user_view_from_jwt(data.auth.as_ref(), context.pool(), context.secret()).await?;
password_length_check(&data.new_password)?;
// Make sure passwords match
if data.new_password != data.new_password_verify {
- return Err(ApiError::err_plain("passwords_dont_match").into());
+ return Err(LemmyError::from_message("passwords_dont_match"));
}
// Check the old password
)
.unwrap_or(false);
if !valid {
- return Err(ApiError::err_plain("password_incorrect").into());
+ return Err(LemmyError::from_message("password_incorrect"));
}
let local_user_id = local_user_view.local_user.id;
// Return the jwt
Ok(LoginResponse {
- jwt: Claims::jwt(
- updated_local_user.id.0,
- &context.secret().jwt_secret,
- &context.settings().hostname,
- )?,
+ jwt: Some(
+ Claims::jwt(
+ updated_local_user.id.0,
+ &context.secret().jwt_secret,
+ &context.settings().hostname,
+ )?
+ .into(),
+ ),
+ verify_email_sent: false,
+ registration_created: false,
})
}
}
impl Perform for AddAdmin {
type Response = AddAdminResponse;
+ #[tracing::instrument(skip(context, websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
Person::add_admin(conn, added_person_id, added)
})
.await?
- .map_err(|e| ApiError::err("couldnt_update_user", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_user"))?;
// Mod tables
let form = ModAddForm {
blocking(context.pool(), move |conn| ModAdd::create(conn, &form)).await??;
- let site_creator_id = blocking(context.pool(), move |conn| {
- Site::read(conn, 1).map(|s| s.creator_id)
- })
- .await??;
-
- let mut admins = blocking(context.pool(), PersonViewSafe::admins).await??;
- let creator_index = admins
- .iter()
- .position(|r| r.person.id == site_creator_id)
- .context(location_info!())?;
- let creator_person = admins.remove(creator_index);
- admins.insert(0, creator_person);
+ let admins = blocking(context.pool(), PersonViewSafe::admins).await??;
let res = AddAdminResponse { admins };
impl Perform for BanPerson {
type Response = BanPersonResponse;
+ #[tracing::instrument(skip(context, websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
let ban = data.ban;
let banned_person_id = data.person_id;
- let ban_person = move |conn: &'_ _| Person::ban_person(conn, banned_person_id, ban);
+ let expires = data.expires.map(naive_from_unix);
+
+ let ban_person = move |conn: &'_ _| Person::ban_person(conn, banned_person_id, ban, expires);
blocking(context.pool(), ban_person)
.await?
- .map_err(|e| ApiError::err("couldnt_update_user", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_user"))?;
// Remove their data if that's desired
if data.remove_data.unwrap_or(false) {
}
// Mod tables
- let expires = data.expires.map(naive_from_unix);
-
let form = ModBanForm {
mod_person_id: local_user_view.person.id,
other_person_id: data.person_id,
}
}
+#[async_trait::async_trait(?Send)]
+impl Perform for GetBannedPersons {
+ type Response = BannedPersonsResponse;
+
+ async fn perform(
+ &self,
+ context: &Data<LemmyContext>,
+ _websocket_id: Option<ConnectionId>,
+ ) -> Result<Self::Response, LemmyError> {
+ let data: &GetBannedPersons = self;
+ let local_user_view =
+ get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
+
+ // Make sure user is an admin
+ is_admin(&local_user_view)?;
+
+ let banned = blocking(context.pool(), PersonViewSafe::banned).await??;
+
+ let res = Self::Response { banned };
+
+ Ok(res)
+ }
+}
+
#[async_trait::async_trait(?Send)]
impl Perform for BlockPerson {
type Response = BlockPersonResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
// Don't let a person block themselves
if target_id == person_id {
- return Err(ApiError::err_plain("cant_block_yourself").into());
+ return Err(LemmyError::from_message("cant_block_yourself"));
}
let person_block_form = PersonBlockForm {
let block = move |conn: &'_ _| PersonBlock::block(conn, &person_block_form);
blocking(context.pool(), block)
.await?
- .map_err(|e| ApiError::err("person_block_already_exists", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("person_block_already_exists"))?;
} else {
let unblock = move |conn: &'_ _| PersonBlock::unblock(conn, &person_block_form);
blocking(context.pool(), unblock)
.await?
- .map_err(|e| ApiError::err("person_block_already_exists", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("person_block_already_exists"))?;
}
// TODO does any federated stuff need to be done here?
impl Perform for GetReplies {
type Response = GetRepliesResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
impl Perform for GetPersonMentions {
type Response = GetPersonMentionsResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
impl Perform for MarkPersonMentionAsRead {
type Response = PersonMentionResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
.await??;
if local_user_view.person.id != read_person_mention.recipient_id {
- return Err(ApiError::err_plain("couldnt_update_comment").into());
+ return Err(LemmyError::from_message("couldnt_update_comment"));
}
let person_mention_id = read_person_mention.id;
move |conn: &'_ _| PersonMention::update_read(conn, person_mention_id, read);
blocking(context.pool(), update_mention)
.await?
- .map_err(|e| ApiError::err("couldnt_update_comment", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_comment"))?;
let person_mention_id = read_person_mention.id;
let person_id = local_user_view.person.id;
impl Perform for MarkAllAsRead {
type Response = GetRepliesResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
let mark_as_read = move |conn: &'_ _| Comment::update_read(conn, reply_id, true);
blocking(context.pool(), mark_as_read)
.await?
- .map_err(|e| ApiError::err("couldnt_update_comment", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_comment"))?;
}
// Mark all user mentions as read
move |conn: &'_ _| PersonMention::mark_all_as_read(conn, person_id);
blocking(context.pool(), update_person_mentions)
.await?
- .map_err(|e| ApiError::err("couldnt_update_comment", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_comment"))?;
// Mark all private_messages as read
let update_pm = move |conn: &'_ _| PrivateMessage::mark_all_as_read(conn, person_id);
blocking(context.pool(), update_pm)
.await?
- .map_err(|e| ApiError::err("couldnt_update_private_message", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_private_message"))?;
Ok(GetRepliesResponse { replies: vec![] })
}
impl Perform for PasswordReset {
type Response = PasswordResetResponse;
+ #[tracing::instrument(skip(self, context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
LocalUserView::find_by_email(conn, &email)
})
.await?
- .map_err(|e| ApiError::err("couldnt_find_that_username_or_email", e))?;
-
- // Generate a random token
- let token = generate_random_string();
-
- // Insert the row
- let token2 = token.clone();
- let local_user_id = local_user_view.local_user.id;
- blocking(context.pool(), move |conn| {
- PasswordResetRequest::create_token(conn, local_user_id, &token2)
- })
- .await??;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_find_that_username_or_email"))?;
// Email the pure token to the user.
- // TODO no i18n support here.
- let email = &local_user_view.local_user.email.expect("email");
- let subject = &format!("Password reset for {}", local_user_view.person.name);
- let protocol_and_hostname = &context.settings().get_protocol_and_hostname();
- let html = &format!("<h1>Password Reset Request for {}</h1><br><a href={}/password_change/{}>Click here to reset your password</a>", local_user_view.person.name, protocol_and_hostname, &token);
- send_email(
- subject,
- email,
- &local_user_view.person.name,
- html,
- &context.settings(),
- )
- .map_err(|e| ApiError::err("email_send_failed", e))?;
-
+ send_password_reset_email(&local_user_view, context.pool(), &context.settings()).await?;
Ok(PasswordResetResponse {})
}
}
impl Perform for PasswordChange {
type Response = LoginResponse;
+ #[tracing::instrument(skip(self, context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
// Make sure passwords match
if data.password != data.password_verify {
- return Err(ApiError::err_plain("passwords_dont_match").into());
+ return Err(LemmyError::from_message("passwords_dont_match"));
}
// Update the user with the new password
LocalUser::update_password(conn, local_user_id, &password)
})
.await?
- .map_err(|e| ApiError::err("couldnt_update_user", e))?;
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("couldnt_update_user"))?;
// Return the jwt
Ok(LoginResponse {
- jwt: Claims::jwt(
- updated_local_user.id.0,
- &context.secret().jwt_secret,
- &context.settings().hostname,
- )?,
+ jwt: Some(
+ Claims::jwt(
+ updated_local_user.id.0,
+ &context.secret().jwt_secret,
+ &context.settings().hostname,
+ )?
+ .into(),
+ ),
+ verify_email_sent: false,
+ registration_created: false,
})
}
}
impl Perform for GetReportCount {
type Response = GetReportCountResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
impl Perform for GetUnreadCount {
type Response = GetUnreadCountResponse;
+ #[tracing::instrument(skip(context, _websocket_id))]
async fn perform(
&self,
context: &Data<LemmyContext>,
Ok(res)
}
}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for VerifyEmail {
+ type Response = VerifyEmailResponse;
+
+ async fn perform(
+ &self,
+ context: &Data<LemmyContext>,
+ _websocket_id: Option<usize>,
+ ) -> Result<Self::Response, LemmyError> {
+ let token = self.token.clone();
+ let verification = blocking(context.pool(), move |conn| {
+ EmailVerification::read_for_token(conn, &token)
+ })
+ .await?
+ .map_err(LemmyError::from)
+ .map_err(|e| e.with_message("token_not_found"))?;
+
+ let form = LocalUserForm {
+ // necessary in case this is a new signup
+ email_verified: Some(true),
+ // necessary in case email of an existing user was changed
+ email: Some(Some(verification.email)),
+ ..LocalUserForm::default()
+ };
+ let local_user_id = verification.local_user_id;
+ blocking(context.pool(), move |conn| {
+ LocalUser::update(conn, local_user_id, &form)
+ })
+ .await??;
+
+ let local_user_view = blocking(context.pool(), move |conn| {
+ LocalUserView::read(conn, local_user_id)
+ })
+ .await??;
+
+ send_email_verification_success(&local_user_view, &context.settings())?;
+
+ blocking(context.pool(), move |conn| {
+ EmailVerification::delete_old_tokens_for_local_user(conn, local_user_id)
+ })
+ .await??;
+
+ Ok(VerifyEmailResponse {})
+ }
+}