mirror of
https://github.com/overleaf/overleaf.git
synced 2024-10-31 21:21:03 -04:00
bbf3132a16
Send security alert email when primary email changed GitOrigin-RevId: a01f38a2478dc280261b9a43ef1a01751d4601fb
210 lines
5.6 KiB
JavaScript
210 lines
5.6 KiB
JavaScript
const AuthenticationController = require('../Authentication/AuthenticationController')
|
|
const UserGetter = require('./UserGetter')
|
|
const UserUpdater = require('./UserUpdater')
|
|
const EmailHandler = require('../Email/EmailHandler')
|
|
const EmailHelper = require('../Helpers/EmailHelper')
|
|
const UserAuditLogHandler = require('./UserAuditLogHandler')
|
|
const UserEmailsConfirmationHandler = require('./UserEmailsConfirmationHandler')
|
|
const { endorseAffiliation } = require('../Institutions/InstitutionsAPI')
|
|
const Errors = require('../Errors/Errors')
|
|
const HttpErrorHandler = require('../Errors/HttpErrorHandler')
|
|
const { expressify } = require('../../util/promises')
|
|
|
|
async function add(req, res, next) {
|
|
const userId = AuthenticationController.getLoggedInUserId(req)
|
|
const email = EmailHelper.parseEmail(req.body.email)
|
|
if (!email) {
|
|
return res.sendStatus(422)
|
|
}
|
|
const user = await UserGetter.promises.getUser(userId, { email: 1 })
|
|
|
|
const affiliationOptions = {
|
|
university: req.body.university,
|
|
role: req.body.role,
|
|
department: req.body.department
|
|
}
|
|
|
|
await UserAuditLogHandler.promises.addEntry(
|
|
user._id,
|
|
'add-email',
|
|
user._id,
|
|
req.ip,
|
|
{
|
|
newSecondaryEmail: email
|
|
}
|
|
)
|
|
|
|
try {
|
|
await UserUpdater.promises.addEmailAddress(
|
|
userId,
|
|
email,
|
|
affiliationOptions
|
|
)
|
|
} catch (error) {
|
|
return UserEmailsController._handleEmailError(error, req, res, next)
|
|
}
|
|
|
|
const emailOptions = {
|
|
to: user.email,
|
|
actionDescribed: `a secondary email address has been added to your account ${
|
|
user.email
|
|
}`,
|
|
message: [
|
|
`<span style="display:inline-block;padding: 0 20px;width:100%;">Added: <br/><b>${email}</b></span>`
|
|
],
|
|
action: 'secondary email address added'
|
|
}
|
|
await EmailHandler.promises.sendEmail('securityAlert', emailOptions)
|
|
await UserEmailsConfirmationHandler.promises.sendConfirmationEmail(
|
|
userId,
|
|
email
|
|
)
|
|
|
|
res.sendStatus(204)
|
|
}
|
|
|
|
function resendConfirmation(req, res, next) {
|
|
const userId = AuthenticationController.getLoggedInUserId(req)
|
|
const email = EmailHelper.parseEmail(req.body.email)
|
|
if (!email) {
|
|
return res.sendStatus(422)
|
|
}
|
|
UserGetter.getUserByAnyEmail(email, { _id: 1 }, function(error, user) {
|
|
if (error) {
|
|
return next(error)
|
|
}
|
|
if (!user || user._id.toString() !== userId) {
|
|
return res.sendStatus(422)
|
|
}
|
|
UserEmailsConfirmationHandler.sendConfirmationEmail(userId, email, function(
|
|
error
|
|
) {
|
|
if (error) {
|
|
return next(error)
|
|
}
|
|
res.sendStatus(200)
|
|
})
|
|
})
|
|
}
|
|
|
|
const UserEmailsController = {
|
|
list(req, res, next) {
|
|
const userId = AuthenticationController.getLoggedInUserId(req)
|
|
UserGetter.getUserFullEmails(userId, function(error, fullEmails) {
|
|
if (error) {
|
|
return next(error)
|
|
}
|
|
res.json(fullEmails)
|
|
})
|
|
},
|
|
|
|
add: expressify(add),
|
|
|
|
remove(req, res, next) {
|
|
const userId = AuthenticationController.getLoggedInUserId(req)
|
|
const email = EmailHelper.parseEmail(req.body.email)
|
|
if (!email) {
|
|
return res.sendStatus(422)
|
|
}
|
|
|
|
UserUpdater.removeEmailAddress(userId, email, function(error) {
|
|
if (error) {
|
|
return next(error)
|
|
}
|
|
res.sendStatus(200)
|
|
})
|
|
},
|
|
|
|
setDefault(req, res, next) {
|
|
const userId = AuthenticationController.getLoggedInUserId(req)
|
|
const email = EmailHelper.parseEmail(req.body.email)
|
|
if (!email) {
|
|
return res.sendStatus(422)
|
|
}
|
|
const auditLog = {
|
|
initiatorId: userId,
|
|
ipAddress: req.ip
|
|
}
|
|
UserUpdater.setDefaultEmailAddress(
|
|
userId,
|
|
email,
|
|
false,
|
|
auditLog,
|
|
true,
|
|
err => {
|
|
if (err) {
|
|
return UserEmailsController._handleEmailError(err, req, res, next)
|
|
}
|
|
AuthenticationController.setInSessionUser(req, { email: email })
|
|
res.sendStatus(200)
|
|
}
|
|
)
|
|
},
|
|
|
|
endorse(req, res, next) {
|
|
const userId = AuthenticationController.getLoggedInUserId(req)
|
|
const email = EmailHelper.parseEmail(req.body.email)
|
|
if (!email) {
|
|
return res.sendStatus(422)
|
|
}
|
|
|
|
endorseAffiliation(
|
|
userId,
|
|
email,
|
|
req.body.role,
|
|
req.body.department,
|
|
function(error) {
|
|
if (error) {
|
|
return next(error)
|
|
}
|
|
res.sendStatus(204)
|
|
}
|
|
)
|
|
},
|
|
|
|
resendConfirmation,
|
|
|
|
showConfirm(req, res, next) {
|
|
res.render('user/confirm_email', {
|
|
token: req.query.token,
|
|
title: 'confirm_email'
|
|
})
|
|
},
|
|
|
|
confirm(req, res, next) {
|
|
const { token } = req.body
|
|
if (!token) {
|
|
return res.status(422).json({
|
|
message: req.i18n.translate('confirmation_link_broken')
|
|
})
|
|
}
|
|
UserEmailsConfirmationHandler.confirmEmailFromToken(token, function(error) {
|
|
if (error) {
|
|
if (error instanceof Errors.NotFoundError) {
|
|
res.status(404).json({
|
|
message: req.i18n.translate('confirmation_token_invalid')
|
|
})
|
|
} else {
|
|
next(error)
|
|
}
|
|
} else {
|
|
res.sendStatus(200)
|
|
}
|
|
})
|
|
},
|
|
|
|
_handleEmailError(error, req, res, next) {
|
|
if (error instanceof Errors.UnconfirmedEmailError) {
|
|
return HttpErrorHandler.conflict(req, res, 'email must be confirmed')
|
|
} else if (error instanceof Errors.EmailExistsError) {
|
|
const message = req.i18n.translate('email_already_registered')
|
|
return HttpErrorHandler.conflict(req, res, message)
|
|
} else if (error.message === '422: Email does not belong to university') {
|
|
const message = req.i18n.translate('email_does_not_belong_to_university')
|
|
return HttpErrorHandler.conflict(req, res, message)
|
|
}
|
|
next(error)
|
|
}
|
|
}
|
|
|
|
module.exports = UserEmailsController
|