Mirrors/lemmy
2
0
Fork 0
mirror of https://github.com/LemmyNet/lemmy synced 2024-11-10 06:54:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Require verified email to reset password

Browse source
This commit is contained in:
Felix Ableitner 2024-02-29 12:13:51 +01:00
parent ab4deaa49a
commit d5f9de01eb
3 changed files with 21 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
crates/api/src/local_user/login.rs
View file

@ -1,4 +1,4 @@
use crate::check_totp_2fa_valid; use crate::{check_totp_2fa_valid, local_user::check_email_verified};
use actix_web::{ use actix_web::{
web::{Data, Json}, web::{Data, Json},
HttpRequest, HttpRequest,
@ -43,15 +43,7 @@ pub async fn login(
Err(LemmyErrorType::IncorrectLogin)? Err(LemmyErrorType::IncorrectLogin)?
} }
check_user_valid(&local_user_view.person)?; check_user_valid(&local_user_view.person)?;
check_email_verified(&local_user_view, &site_view)?;
// Check if the user's email is verified if email verification is turned on
// However, skip checking verification if the user is an admin
if !local_user_view.local_user.admin
&& site_view.local_site.require_email_verification
&& !local_user_view.local_user.email_verified
{
Err(LemmyErrorType::EmailNotVerified)?
}
check_registration_application(&local_user_view, &site_view.local_site, &mut context.pool()) check_registration_application(&local_user_view, &site_view.local_site, &mut context.pool())
.await?; .await?;

15
crates/api/src/local_user/mod.rs
View file

@ -1,3 +1,6 @@
use lemmy_db_views::structs::{LocalUserView, SiteView};
use lemmy_utils::{error::LemmyResult, LemmyErrorType};
pub mod add_admin; pub mod add_admin;
pub mod ban_person; pub mod ban_person;
pub mod block; pub mod block;
@ -16,3 +19,15 @@ pub mod save_settings;
pub mod update_totp; pub mod update_totp;
pub mod validate_auth; pub mod validate_auth;
pub mod verify_email; pub mod verify_email;
/// Check if the user's email is verified if email verification is turned on
/// However, skip checking verification if the user is an admin
fn check_email_verified(local_user_view: &LocalUserView, site_view: &SiteView) -> LemmyResult<()> {
if !local_user_view.local_user.admin
&& site_view.local_site.require_email_verification
&& !local_user_view.local_user.email_verified
{
Err(LemmyErrorType::EmailNotVerified)?
}
Ok(())
}

5
crates/api/src/local_user/reset_password.rs
View file

@ -1,3 +1,4 @@
use crate::local_user::check_email_verified;
use actix_web::web::{Data, Json}; use actix_web::web::{Data, Json};
use lemmy_api_common::{ use lemmy_api_common::{
context::LemmyContext, context::LemmyContext,
@ -6,7 +7,7 @@ use lemmy_api_common::{
SuccessResponse, SuccessResponse,
}; };
use lemmy_db_schema::source::password_reset_request::PasswordResetRequest; use lemmy_db_schema::source::password_reset_request::PasswordResetRequest;
use lemmy_db_views::structs::LocalUserView; use lemmy_db_views::structs::{LocalUserView, SiteView};
use lemmy_utils::error::{LemmyErrorExt, LemmyErrorType, LemmyResult}; use lemmy_utils::error::{LemmyErrorExt, LemmyErrorType, LemmyResult};
#[tracing::instrument(skip(context))] #[tracing::instrument(skip(context))]
@ -29,6 +30,8 @@ pub async fn reset_password(
if recent_resets_count >= 3 { if recent_resets_count >= 3 {
Err(LemmyErrorType::PasswordResetLimitReached)? Err(LemmyErrorType::PasswordResetLimitReached)?
} }
let site_view = SiteView::read_local(&mut context.pool()).await?;
check_email_verified(&local_user_view, &site_view)?;
// Email the pure token to the user. // Email the pure token to the user.
send_password_reset_email(&local_user_view, &mut context.pool(), context.settings()).await?; send_password_reset_email(&local_user_view, &mut context.pool(), context.settings()).await?;