From ba221a11354b9c6c89b1e34c00866c1d57a41b0c Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Mon, 10 Sep 2018 10:58:50 +0100 Subject: [PATCH 01/16] WIP: add email-based account merge flow to ShareLaTeX --- .../coffee/Features/Email/EmailBuilder.coffee | 8 +++++ .../coffee/main/account-merge-checker.coffee | 30 ++++++++++++++++++- 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/services/web/app/coffee/Features/Email/EmailBuilder.coffee b/services/web/app/coffee/Features/Email/EmailBuilder.coffee index e2e8311286..249a342668 100644 --- a/services/web/app/coffee/Features/Email/EmailBuilder.coffee +++ b/services/web/app/coffee/Features/Email/EmailBuilder.coffee @@ -40,6 +40,14 @@ The #{settings.appName} Team - #{settings.siteUrl} templates = {} +templates.accountMergeToOverleafAddress = CTAEmailTemplate({ + subject: () -> "Confirm Account Merge - #{settings.appName}" + title: () -> "Confirm Account Merge" + message: () -> "To merge your ShareLaTeX and Overleaf accounts, click the link below." + ctaText: () -> "Confirm Account Merge" + ctaURL: (opts) -> opts.tokenLinkUrl +}) + templates.registered = CTAEmailTemplate({ subject: () -> "Activate your #{settings.appName} Account" message: (opts) -> """ diff --git a/services/web/public/coffee/main/account-merge-checker.coffee b/services/web/public/coffee/main/account-merge-checker.coffee index caeb3011ca..98c6b265cd 100644 --- a/services/web/public/coffee/main/account-merge-checker.coffee +++ b/services/web/public/coffee/main/account-merge-checker.coffee @@ -1,5 +1,33 @@ define [ "base" ], (App) -> - App.controller "AccountMergeCheckerController", ($scope) -> + + # For account-merge-module + App.controller "SharelatexAccountMergeCheckerController", ($scope, $http) -> + $scope.hasOlAccount = null + $scope.olEmail = "" + $scope.errorCode = null + $scope.success = null + console.log ">>>> here" + + $scope.submitEmail = () -> + return if !$scope.olEmail + data = { + overleafEmail: $scope.olEmail + _csrf: window.csrfToken + } + console.log ">>>> sending email", data + $scope.errorCode = null + $http.post("/account-merge/email/overleaf", data) + .then (resp) -> + console.log ">>>> success", resp + $scope.errorCode = null + $scope.success = true + .catch (resp) -> + console.log ">>>> error", resp + $scope.errorCode = resp?.data?.errorCode || 'default_error' + $scope.success = false + + # For integration-module + App.controller "OverleafAccountMergeCheckerController", ($scope) -> $scope.hasOlAccount = null From 958c7a19b6460ae2e39a1a80d1543bb354d13b73 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Mon, 10 Sep 2018 11:41:03 +0100 Subject: [PATCH 02/16] Add a skeleton of a callback endpoint for merging accounts via email --- .../AccountMergeEmailController.coffee | 5 +++++ services/web/app/coffee/router.coffee | 3 +++ services/web/app/views/account_merge/finish.pug | 15 +++++++++++++++ 3 files changed, 23 insertions(+) create mode 100644 services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee create mode 100644 services/web/app/views/account_merge/finish.pug diff --git a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee new file mode 100644 index 0000000000..354b983d6e --- /dev/null +++ b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee @@ -0,0 +1,5 @@ + +module.exports = AccountMergeEmailController = + + confirmMergeFromEmail: (req, res, next) -> + return res.render('account_merge/finish', {}) diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee index b196c56870..2f5bff9ab0 100644 --- a/services/web/app/coffee/router.coffee +++ b/services/web/app/coffee/router.coffee @@ -50,6 +50,7 @@ TokenAccessController = require('./Features/TokenAccess/TokenAccessController') Features = require('./infrastructure/Features') LinkedFilesRouter = require './Features/LinkedFiles/LinkedFilesRouter' TemplatesRouter = require './Features/Templates/TemplatesRouter' +AccountMergeEmailController = require './Features/AccountMerge/AccountMergeEmailController' logger = require("logger-sharelatex") _ = require("underscore") @@ -68,6 +69,8 @@ module.exports = class Router webRouter.get '/logout', UserController.logout webRouter.get '/restricted', AuthorizationMiddlewear.restricted + webRouter.get '/account-merge/email/confirm', AccountMergeEmailController.confirmMergeFromEmail + if Features.hasFeature('registration') webRouter.get '/register', UserPagesController.registerPage AuthenticationController.addEndpointToLoginWhitelist '/register' diff --git a/services/web/app/views/account_merge/finish.pug b/services/web/app/views/account_merge/finish.pug new file mode 100644 index 0000000000..ef6d0a1428 --- /dev/null +++ b/services/web/app/views/account_merge/finish.pug @@ -0,0 +1,15 @@ +extends ../layout + +block content + .content.content-alt + .container + .row + .col-md-12.col-lg-10.col-lg-offset-1 + .card + .page-header + h1 Account Merge Complete + + div.container-fluid + .row + .col-md-12 + p Test From 6cfe68db26eeae71c736c620c3128be8c68c5be2 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Tue, 11 Sep 2018 09:54:13 +0100 Subject: [PATCH 03/16] Roughly working account-merge-by-email callback endpoint --- .../AccountMergeEmailController.coffee | 41 ++++++++++++++++++- .../web/app/views/account_merge/finish.pug | 4 +- .../coffee/main/account-merge-checker.coffee | 4 -- 3 files changed, 43 insertions(+), 6 deletions(-) diff --git a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee index 354b983d6e..d49e409141 100644 --- a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee +++ b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee @@ -1,5 +1,44 @@ +UserGetter = require '../User/UserGetter' +UserUpdater = require '../User/UserUpdater' +OneTimeTokenHandler = require '../Security/OneTimeTokenHandler' +logger = require 'logger-sharelatex' +Settings = require 'settings-sharelatex' + module.exports = AccountMergeEmailController = confirmMergeFromEmail: (req, res, next) -> - return res.render('account_merge/finish', {}) + token = req.query.token + if !token + return res.status(400).send() + OneTimeTokenHandler.getValueFromTokenAndExpire 'account-merge-email-to-ol', token, (err, data) -> + return next(err) if err? + if !data + return res.status(404).send() + if data.origin != 'sl' + logger.log {}, "Only sharelatex origin supported" + # TODO: better error handling + return res.status(501).send() + { sl_id, v1_id, final_email } = data + UserGetter.getUser sl_id, {_id: 1, overleaf: 1}, (err, user) -> + return next(err) if err? + if !user? + logger.err {userId: sl_id}, 'SL user not found for account-merge' + # TODO: better error handling + return res.status(400).send() + if user?.overleaf?.id? + logger.err {userId: sl_id}, 'SL user is already linked to overleaf' + return res.status(400).send() + logger.log {sl_id, v1_id, final_email, origin: data.origin}, + "[AccountMergeEmailController] about to merge sharelatex and overleaf-v1 accounts" + UserUpdater.updateUser sl_id, { + '$set': { + 'overleaf.id': v1_id, + email: final_email + } + }, (err) -> + return next(err) if err? + res.render 'account_merge/finish', { + finalEmail: final_email, + continueUrl: "#{Settings.accountMerge.sharelatexHost}/user/login_to_ol_v2" + } diff --git a/services/web/app/views/account_merge/finish.pug b/services/web/app/views/account_merge/finish.pug index ef6d0a1428..17dbbcb73f 100644 --- a/services/web/app/views/account_merge/finish.pug +++ b/services/web/app/views/account_merge/finish.pug @@ -12,4 +12,6 @@ block content div.container-fluid .row .col-md-12 - p Test + p New email is #{finalEmail} + p + a.btn.btn-lg.btn-success(href=continueUrl) Continue diff --git a/services/web/public/coffee/main/account-merge-checker.coffee b/services/web/public/coffee/main/account-merge-checker.coffee index 98c6b265cd..59853abe4e 100644 --- a/services/web/public/coffee/main/account-merge-checker.coffee +++ b/services/web/public/coffee/main/account-merge-checker.coffee @@ -8,7 +8,6 @@ define [ $scope.olEmail = "" $scope.errorCode = null $scope.success = null - console.log ">>>> here" $scope.submitEmail = () -> return if !$scope.olEmail @@ -16,15 +15,12 @@ define [ overleafEmail: $scope.olEmail _csrf: window.csrfToken } - console.log ">>>> sending email", data $scope.errorCode = null $http.post("/account-merge/email/overleaf", data) .then (resp) -> - console.log ">>>> success", resp $scope.errorCode = null $scope.success = true .catch (resp) -> - console.log ">>>> error", resp $scope.errorCode = resp?.data?.errorCode || 'default_error' $scope.success = false From efb6018246b7c063ca12e80e9ceb2a6a1eba80e1 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Tue, 11 Sep 2018 10:31:27 +0100 Subject: [PATCH 04/16] Add a rate-limit to the email-confirm endpoint --- services/web/app/coffee/router.coffee | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee index 2f5bff9ab0..5bfc6b9e32 100644 --- a/services/web/app/coffee/router.coffee +++ b/services/web/app/coffee/router.coffee @@ -69,7 +69,6 @@ module.exports = class Router webRouter.get '/logout', UserController.logout webRouter.get '/restricted', AuthorizationMiddlewear.restricted - webRouter.get '/account-merge/email/confirm', AccountMergeEmailController.confirmMergeFromEmail if Features.hasFeature('registration') webRouter.get '/register', UserPagesController.registerPage @@ -345,6 +344,15 @@ module.exports = class Router webRouter.post '/admin/messages', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.createMessage webRouter.post '/admin/messages/clear', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.clearMessages + webRouter.get '/account-merge/email/confirm', + RateLimiterMiddlewear.rateLimit({ + endpointName: "account-merge-email-confirm", + ipOnly: true, + maxRequests: 10 + timeInterval: 60 + }), + AccountMergeEmailController.confirmMergeFromEmail + privateApiRouter.get '/perfTest', (req,res)-> res.send("hello") From 5e17dfd1cb20c782205c5f29243c8fdf983ed6d6 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Tue, 11 Sep 2018 10:31:40 +0100 Subject: [PATCH 05/16] Also add the final email to the array of emails on the account --- .../Features/AccountMerge/AccountMergeEmailController.coffee | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee index d49e409141..f56457e087 100644 --- a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee +++ b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee @@ -35,6 +35,11 @@ module.exports = AccountMergeEmailController = '$set': { 'overleaf.id': v1_id, email: final_email + }, + '$push': { + emails: { + email: final_email, createdAt: new Date() + } } }, (err) -> return next(err) if err? From b0e4b12714f8c364417d093f53bddcbdf792beef Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Tue, 11 Sep 2018 11:32:04 +0100 Subject: [PATCH 06/16] Finish off the copy of the account-merge-finish page --- services/web/app/views/account_merge/finish.pug | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/services/web/app/views/account_merge/finish.pug b/services/web/app/views/account_merge/finish.pug index 17dbbcb73f..dff11557b4 100644 --- a/services/web/app/views/account_merge/finish.pug +++ b/services/web/app/views/account_merge/finish.pug @@ -4,7 +4,7 @@ block content .content.content-alt .container .row - .col-md-12.col-lg-10.col-lg-offset-1 + .col-md-8.col-md-offset-2.col-lg-6.col-lg-offset-3 .card .page-header h1 Account Merge Complete @@ -12,6 +12,16 @@ block content div.container-fluid .row .col-md-12 - p New email is #{finalEmail} p - a.btn.btn-lg.btn-success(href=continueUrl) Continue + | Your ShareLaTeX and Overleaf v1 accounts are now linked, and you are ready to + | get started with Overleaf v2. + | From now on, you will log in with your credentials from Overleaf v1 (#[em #{finalEmail}]) + + p + | Click the button below to resume the process of logging in to Overleaf v2 + | with your merged account: + + p.text-center + a.btn.btn-lg.btn-success(href=continueUrl) Continue Logging In + br + a.btn-small(href="/login") or go to the login page From 54a5c563fb8552db48f92d3b60ba7f65b95ec2ce Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Wed, 12 Sep 2018 11:08:48 +0100 Subject: [PATCH 07/16] Address feedback --- .../AccountMergeEmailController.coffee | 17 ++--------------- .../app/coffee/Features/User/UserUpdater.coffee | 17 +++++++++++++++++ services/web/app/views/account_merge/finish.pug | 3 ++- 3 files changed, 21 insertions(+), 16 deletions(-) diff --git a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee index f56457e087..7f0872f059 100644 --- a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee +++ b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee @@ -17,33 +17,20 @@ module.exports = AccountMergeEmailController = return res.status(404).send() if data.origin != 'sl' logger.log {}, "Only sharelatex origin supported" - # TODO: better error handling return res.status(501).send() { sl_id, v1_id, final_email } = data UserGetter.getUser sl_id, {_id: 1, overleaf: 1}, (err, user) -> return next(err) if err? if !user? logger.err {userId: sl_id}, 'SL user not found for account-merge' - # TODO: better error handling return res.status(400).send() if user?.overleaf?.id? logger.err {userId: sl_id}, 'SL user is already linked to overleaf' return res.status(400).send() logger.log {sl_id, v1_id, final_email, origin: data.origin}, "[AccountMergeEmailController] about to merge sharelatex and overleaf-v1 accounts" - UserUpdater.updateUser sl_id, { - '$set': { - 'overleaf.id': v1_id, - email: final_email - }, - '$push': { - emails: { - email: final_email, createdAt: new Date() - } - } - }, (err) -> + UserUpdater.mergeSharelatexAndV1Accounts sl_id, v1_id, final_email, (err) -> return next(err) if err? res.render 'account_merge/finish', { - finalEmail: final_email, - continueUrl: "#{Settings.accountMerge.sharelatexHost}/user/login_to_ol_v2" + finalEmail: final_email } diff --git a/services/web/app/coffee/Features/User/UserUpdater.coffee b/services/web/app/coffee/Features/User/UserUpdater.coffee index c8f35eba10..c214cd95cc 100644 --- a/services/web/app/coffee/Features/User/UserUpdater.coffee +++ b/services/web/app/coffee/Features/User/UserUpdater.coffee @@ -185,11 +185,28 @@ module.exports = UserUpdater = return callback(new Errors.NotFoundError('user id and email do no match')) FeaturesUpdater.refreshFeatures userId, true, callback + mergeSharelatexAndV1Accounts: (sl_id, v1_id, final_email, callback) -> + UserGetter.getUser {'overleaf.id': v1_id}, {_id: 1}, (err, otherUser) => + if otherUser? + return callback(new Error('v1_id matches an existing user overleaf.id, cannot merge accounts')) + @updateUser sl_id, { + '$set': { + 'overleaf.id': v1_id, + email: final_email + }, + '$push': { + emails: { + email: final_email, createdAt: new Date() + } + } + }, callback + [ 'updateUser' 'changeEmailAddress' 'setDefaultEmailAddress' 'addEmailAddress' 'removeEmailAddress' + 'mergeSharelatexAndV1Accounts' ].map (method) -> metrics.timeAsyncMethod(UserUpdater, method, 'mongo.UserUpdater', logger) diff --git a/services/web/app/views/account_merge/finish.pug b/services/web/app/views/account_merge/finish.pug index dff11557b4..db5982f467 100644 --- a/services/web/app/views/account_merge/finish.pug +++ b/services/web/app/views/account_merge/finish.pug @@ -22,6 +22,7 @@ block content | with your merged account: p.text-center - a.btn.btn-lg.btn-success(href=continueUrl) Continue Logging In + a.btn.btn-lg.btn-success(href=settings.accountMerge.sharelatexHost+'/user/login_to_ol_v2') + | Continue Logging In br a.btn-small(href="/login") or go to the login page From 843f1c6b350d622c13e37481e038976e7b707ea8 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 13 Sep 2018 09:26:16 +0100 Subject: [PATCH 08/16] Move AccountMergeEmailController to integration module --- .../AccountMergeEmailController.coffee | 66 +++++++++---------- services/web/app/coffee/router.coffee | 10 --- 2 files changed, 33 insertions(+), 43 deletions(-) diff --git a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee index 7f0872f059..c63dda6958 100644 --- a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee +++ b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee @@ -1,36 +1,36 @@ -UserGetter = require '../User/UserGetter' -UserUpdater = require '../User/UserUpdater' -OneTimeTokenHandler = require '../Security/OneTimeTokenHandler' -logger = require 'logger-sharelatex' -Settings = require 'settings-sharelatex' +# UserGetter = require '../User/UserGetter' +# UserUpdater = require '../User/UserUpdater' +# OneTimeTokenHandler = require '../Security/OneTimeTokenHandler' +# logger = require 'logger-sharelatex' +# Settings = require 'settings-sharelatex' -module.exports = AccountMergeEmailController = +# module.exports = AccountMergeEmailController = - confirmMergeFromEmail: (req, res, next) -> - token = req.query.token - if !token - return res.status(400).send() - OneTimeTokenHandler.getValueFromTokenAndExpire 'account-merge-email-to-ol', token, (err, data) -> - return next(err) if err? - if !data - return res.status(404).send() - if data.origin != 'sl' - logger.log {}, "Only sharelatex origin supported" - return res.status(501).send() - { sl_id, v1_id, final_email } = data - UserGetter.getUser sl_id, {_id: 1, overleaf: 1}, (err, user) -> - return next(err) if err? - if !user? - logger.err {userId: sl_id}, 'SL user not found for account-merge' - return res.status(400).send() - if user?.overleaf?.id? - logger.err {userId: sl_id}, 'SL user is already linked to overleaf' - return res.status(400).send() - logger.log {sl_id, v1_id, final_email, origin: data.origin}, - "[AccountMergeEmailController] about to merge sharelatex and overleaf-v1 accounts" - UserUpdater.mergeSharelatexAndV1Accounts sl_id, v1_id, final_email, (err) -> - return next(err) if err? - res.render 'account_merge/finish', { - finalEmail: final_email - } +# confirmMergeFromEmail: (req, res, next) -> +# token = req.query.token +# if !token +# return res.status(400).send() +# OneTimeTokenHandler.getValueFromTokenAndExpire 'account-merge-email-to-ol', token, (err, data) -> +# return next(err) if err? +# if !data +# return res.status(404).send() +# if data.origin != 'sl' +# logger.log {}, "Only sharelatex origin supported" +# return res.status(501).send() +# { sl_id, v1_id, final_email } = data +# UserGetter.getUser sl_id, {_id: 1, overleaf: 1}, (err, user) -> +# return next(err) if err? +# if !user? +# logger.err {userId: sl_id}, 'SL user not found for account-merge' +# return res.status(400).send() +# if user?.overleaf?.id? +# logger.err {userId: sl_id}, 'SL user is already linked to overleaf' +# return res.status(400).send() +# logger.log {sl_id, v1_id, final_email, origin: data.origin}, +# "[AccountMergeEmailController] about to merge sharelatex and overleaf-v1 accounts" +# UserUpdater.mergeSharelatexAndV1Accounts sl_id, v1_id, final_email, (err) -> +# return next(err) if err? +# res.render 'account_merge/finish', { +# finalEmail: final_email +# } diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee index 5bfc6b9e32..b02db419e4 100644 --- a/services/web/app/coffee/router.coffee +++ b/services/web/app/coffee/router.coffee @@ -50,7 +50,6 @@ TokenAccessController = require('./Features/TokenAccess/TokenAccessController') Features = require('./infrastructure/Features') LinkedFilesRouter = require './Features/LinkedFiles/LinkedFilesRouter' TemplatesRouter = require './Features/Templates/TemplatesRouter' -AccountMergeEmailController = require './Features/AccountMerge/AccountMergeEmailController' logger = require("logger-sharelatex") _ = require("underscore") @@ -344,15 +343,6 @@ module.exports = class Router webRouter.post '/admin/messages', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.createMessage webRouter.post '/admin/messages/clear', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.clearMessages - webRouter.get '/account-merge/email/confirm', - RateLimiterMiddlewear.rateLimit({ - endpointName: "account-merge-email-confirm", - ipOnly: true, - maxRequests: 10 - timeInterval: 60 - }), - AccountMergeEmailController.confirmMergeFromEmail - privateApiRouter.get '/perfTest', (req,res)-> res.send("hello") From 677b3c759d60d7d7777cf20611d82d1d6660179a Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 13 Sep 2018 09:33:44 +0100 Subject: [PATCH 09/16] Remove old controller --- .../AccountMergeEmailController.coffee | 36 ------------------- 1 file changed, 36 deletions(-) delete mode 100644 services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee diff --git a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee b/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee deleted file mode 100644 index c63dda6958..0000000000 --- a/services/web/app/coffee/Features/AccountMerge/AccountMergeEmailController.coffee +++ /dev/null @@ -1,36 +0,0 @@ -# UserGetter = require '../User/UserGetter' -# UserUpdater = require '../User/UserUpdater' -# OneTimeTokenHandler = require '../Security/OneTimeTokenHandler' -# logger = require 'logger-sharelatex' -# Settings = require 'settings-sharelatex' - - -# module.exports = AccountMergeEmailController = - -# confirmMergeFromEmail: (req, res, next) -> -# token = req.query.token -# if !token -# return res.status(400).send() -# OneTimeTokenHandler.getValueFromTokenAndExpire 'account-merge-email-to-ol', token, (err, data) -> -# return next(err) if err? -# if !data -# return res.status(404).send() -# if data.origin != 'sl' -# logger.log {}, "Only sharelatex origin supported" -# return res.status(501).send() -# { sl_id, v1_id, final_email } = data -# UserGetter.getUser sl_id, {_id: 1, overleaf: 1}, (err, user) -> -# return next(err) if err? -# if !user? -# logger.err {userId: sl_id}, 'SL user not found for account-merge' -# return res.status(400).send() -# if user?.overleaf?.id? -# logger.err {userId: sl_id}, 'SL user is already linked to overleaf' -# return res.status(400).send() -# logger.log {sl_id, v1_id, final_email, origin: data.origin}, -# "[AccountMergeEmailController] about to merge sharelatex and overleaf-v1 accounts" -# UserUpdater.mergeSharelatexAndV1Accounts sl_id, v1_id, final_email, (err) -> -# return next(err) if err? -# res.render 'account_merge/finish', { -# finalEmail: final_email -# } From d0be98e89c7ea86bca83505cc768f7a657074d9d Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 13 Sep 2018 15:42:25 +0100 Subject: [PATCH 10/16] Move the account-merge-finish page to the integration module --- .../web/app/views/account_merge/finish.pug | 28 ------------------- 1 file changed, 28 deletions(-) delete mode 100644 services/web/app/views/account_merge/finish.pug diff --git a/services/web/app/views/account_merge/finish.pug b/services/web/app/views/account_merge/finish.pug deleted file mode 100644 index db5982f467..0000000000 --- a/services/web/app/views/account_merge/finish.pug +++ /dev/null @@ -1,28 +0,0 @@ -extends ../layout - -block content - .content.content-alt - .container - .row - .col-md-8.col-md-offset-2.col-lg-6.col-lg-offset-3 - .card - .page-header - h1 Account Merge Complete - - div.container-fluid - .row - .col-md-12 - p - | Your ShareLaTeX and Overleaf v1 accounts are now linked, and you are ready to - | get started with Overleaf v2. - | From now on, you will log in with your credentials from Overleaf v1 (#[em #{finalEmail}]) - - p - | Click the button below to resume the process of logging in to Overleaf v2 - | with your merged account: - - p.text-center - a.btn.btn-lg.btn-success(href=settings.accountMerge.sharelatexHost+'/user/login_to_ol_v2') - | Continue Logging In - br - a.btn-small(href="/login") or go to the login page From fc0a4298f1fdc255ba24e8f3e66354e314588a6d Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 13 Sep 2018 16:16:22 +0100 Subject: [PATCH 11/16] Move scripts related to account-merge checker to relevant modules --- .../coffee/main/account-merge-checker.coffee | 29 ------------------- 1 file changed, 29 deletions(-) delete mode 100644 services/web/public/coffee/main/account-merge-checker.coffee diff --git a/services/web/public/coffee/main/account-merge-checker.coffee b/services/web/public/coffee/main/account-merge-checker.coffee deleted file mode 100644 index 59853abe4e..0000000000 --- a/services/web/public/coffee/main/account-merge-checker.coffee +++ /dev/null @@ -1,29 +0,0 @@ -define [ - "base" -], (App) -> - - # For account-merge-module - App.controller "SharelatexAccountMergeCheckerController", ($scope, $http) -> - $scope.hasOlAccount = null - $scope.olEmail = "" - $scope.errorCode = null - $scope.success = null - - $scope.submitEmail = () -> - return if !$scope.olEmail - data = { - overleafEmail: $scope.olEmail - _csrf: window.csrfToken - } - $scope.errorCode = null - $http.post("/account-merge/email/overleaf", data) - .then (resp) -> - $scope.errorCode = null - $scope.success = true - .catch (resp) -> - $scope.errorCode = resp?.data?.errorCode || 'default_error' - $scope.success = false - - # For integration-module - App.controller "OverleafAccountMergeCheckerController", ($scope) -> - $scope.hasOlAccount = null From fcfcbdb4c554a5df41edd7675a631f492a5f7ed8 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Fri, 14 Sep 2018 09:54:14 +0100 Subject: [PATCH 12/16] Remove dead code --- .../app/coffee/Features/User/UserUpdater.coffee | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/services/web/app/coffee/Features/User/UserUpdater.coffee b/services/web/app/coffee/Features/User/UserUpdater.coffee index c214cd95cc..c8f35eba10 100644 --- a/services/web/app/coffee/Features/User/UserUpdater.coffee +++ b/services/web/app/coffee/Features/User/UserUpdater.coffee @@ -185,28 +185,11 @@ module.exports = UserUpdater = return callback(new Errors.NotFoundError('user id and email do no match')) FeaturesUpdater.refreshFeatures userId, true, callback - mergeSharelatexAndV1Accounts: (sl_id, v1_id, final_email, callback) -> - UserGetter.getUser {'overleaf.id': v1_id}, {_id: 1}, (err, otherUser) => - if otherUser? - return callback(new Error('v1_id matches an existing user overleaf.id, cannot merge accounts')) - @updateUser sl_id, { - '$set': { - 'overleaf.id': v1_id, - email: final_email - }, - '$push': { - emails: { - email: final_email, createdAt: new Date() - } - } - }, callback - [ 'updateUser' 'changeEmailAddress' 'setDefaultEmailAddress' 'addEmailAddress' 'removeEmailAddress' - 'mergeSharelatexAndV1Accounts' ].map (method) -> metrics.timeAsyncMethod(UserUpdater, method, 'mongo.UserUpdater', logger) From c9e34180490bb0085005972f0e4ebc01fe75a073 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 13 Sep 2018 11:45:31 +0100 Subject: [PATCH 13/16] Working overleaf-side of account-merge --- services/web/app/coffee/Features/Email/EmailBuilder.coffee | 2 ++ 1 file changed, 2 insertions(+) diff --git a/services/web/app/coffee/Features/Email/EmailBuilder.coffee b/services/web/app/coffee/Features/Email/EmailBuilder.coffee index 249a342668..4d8ef160a1 100644 --- a/services/web/app/coffee/Features/Email/EmailBuilder.coffee +++ b/services/web/app/coffee/Features/Email/EmailBuilder.coffee @@ -48,6 +48,8 @@ templates.accountMergeToOverleafAddress = CTAEmailTemplate({ ctaURL: (opts) -> opts.tokenLinkUrl }) +templates.accountMergeToSharelatexAddress = templates.accountMergeToOverleafAddress + templates.registered = CTAEmailTemplate({ subject: () -> "Activate your #{settings.appName} Account" message: (opts) -> """ From c95d925d567f5b67b49414d0e8ad122b31a26ae0 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 13 Sep 2018 12:31:59 +0100 Subject: [PATCH 14/16] When regenerating session, don't copy the `__tmp` key --- .../Features/Authentication/AuthenticationController.coffee | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee index f8d90756b2..d301ddabbc 100644 --- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee +++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee @@ -44,7 +44,7 @@ module.exports = AuthenticationController = return callback(err) req.sessionStore.generate(req) for key, value of oldSession - req.session[key] = value + req.session[key] = value unless key == '__tmp' # copy to the old `session.user` location, for backward-comptability req.session.user = req.session.passport.user req.session.save (err) -> From 2ec7747b60cdee26c90c2df0abcb6373f71a0c22 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Fri, 14 Sep 2018 15:44:38 +0100 Subject: [PATCH 15/16] Add a help link to the account-merge email in case of error --- services/web/app/coffee/Features/Email/EmailBuilder.coffee | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/services/web/app/coffee/Features/Email/EmailBuilder.coffee b/services/web/app/coffee/Features/Email/EmailBuilder.coffee index 4d8ef160a1..12198c2001 100644 --- a/services/web/app/coffee/Features/Email/EmailBuilder.coffee +++ b/services/web/app/coffee/Features/Email/EmailBuilder.coffee @@ -43,7 +43,12 @@ templates = {} templates.accountMergeToOverleafAddress = CTAEmailTemplate({ subject: () -> "Confirm Account Merge - #{settings.appName}" title: () -> "Confirm Account Merge" - message: () -> "To merge your ShareLaTeX and Overleaf accounts, click the link below." + message: () -> + """ + To merge your ShareLaTeX and Overleaf accounts, click the link below. + If you think you have received this message in error, + please contact us at https://www.overleaf.com/contact + """ ctaText: () -> "Confirm Account Merge" ctaURL: (opts) -> opts.tokenLinkUrl }) From e1c3689aec2c63f609de08546e7640ec29380990 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Tue, 18 Sep 2018 13:50:25 +0100 Subject: [PATCH 16/16] Update the email-merge email template --- services/web/app/coffee/Features/Email/EmailBuilder.coffee | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/services/web/app/coffee/Features/Email/EmailBuilder.coffee b/services/web/app/coffee/Features/Email/EmailBuilder.coffee index 12198c2001..3326f8522b 100644 --- a/services/web/app/coffee/Features/Email/EmailBuilder.coffee +++ b/services/web/app/coffee/Features/Email/EmailBuilder.coffee @@ -45,12 +45,14 @@ templates.accountMergeToOverleafAddress = CTAEmailTemplate({ title: () -> "Confirm Account Merge" message: () -> """ - To merge your ShareLaTeX and Overleaf accounts, click the link below. + To merge your ShareLaTeX and Overleaf accounts, click the button below. If you think you have received this message in error, please contact us at https://www.overleaf.com/contact """ ctaText: () -> "Confirm Account Merge" ctaURL: (opts) -> opts.tokenLinkUrl + secondaryMessage: (opts) -> + "If the button does not appear, open this link in your browser: #{opts.tokenLinkUrl}" }) templates.accountMergeToSharelatexAddress = templates.accountMergeToOverleafAddress