mirror of
https://github.com/derf/travelynx
synced 2024-12-11 13:33:00 +00:00
prepare registration support
This commit is contained in:
parent
8adca327fd
commit
5b523ff2f0
2 changed files with 127 additions and 5 deletions
98
index.pl
98
index.pl
|
@ -5,7 +5,9 @@ use Mojolicious::Plugin::Authentication;
|
|||
use Cache::File;
|
||||
use DateTime;
|
||||
use DBI;
|
||||
use Encode qw(decode);
|
||||
use Encode qw(decode encode);
|
||||
use Email::Sender::Simple qw(sendmail);
|
||||
use Email::Simple;
|
||||
use Geo::Distance;
|
||||
use List::Util qw(first);
|
||||
use List::MoreUtils qw(after_incl before_incl);
|
||||
|
@ -554,6 +556,18 @@ helper 'get_user_id' => sub {
|
|||
}
|
||||
};
|
||||
|
||||
helper 'check_if_user_name_exists' => sub {
|
||||
my ( $self, $user_name ) = @_;
|
||||
|
||||
$self->app->get_userid_query->execute($user_name);
|
||||
my $rows = $self->app->get_userid_query->fetchall_arrayref;
|
||||
|
||||
if ( @{$rows} ) {
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
};
|
||||
|
||||
helper 'get_user_travels' => sub {
|
||||
my ( $self, $limit ) = @_;
|
||||
|
||||
|
@ -945,6 +959,88 @@ get '/x/register' => sub {
|
|||
$self->render('register');
|
||||
};
|
||||
|
||||
post '/x/register' => sub {
|
||||
my ($self) = @_;
|
||||
my $user = $self->req->param('user');
|
||||
my $email = $self->req->param('email');
|
||||
my $password = $self->req->param('password');
|
||||
my $password2 = $self->req->param('password2');
|
||||
my $ip = $self->req->headers->header('X-Forwarded-For');
|
||||
my $ua = $self->req->headers->user_agent;
|
||||
my $date = DateTime->now( time_zone => 'Europe/Berlin' )
|
||||
->strftime('%d.%m.%Y %H:%M:%S %z');
|
||||
|
||||
# In case Mojolicious is not running behind a reverse proxy
|
||||
$ip
|
||||
//= sprintf( '%s:%s', $self->tx->remote_address, $self->tx->remote_port );
|
||||
|
||||
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
|
||||
$self->render(
|
||||
'register',
|
||||
invalid => 'csrf',
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
if ( not length($user) ) {
|
||||
$self->render( 'register', invalid => 'user_empty' );
|
||||
return;
|
||||
}
|
||||
|
||||
if ( $user !~ m{ ^ [0-9a-zA-Z_-]+ $ }x ) {
|
||||
$self->render( 'register', invalid => 'user_format' );
|
||||
return;
|
||||
}
|
||||
|
||||
if ( $self->check_if_user_name_exists($user) ) {
|
||||
$self->render( 'register', invalid => 'user_collision' );
|
||||
return;
|
||||
}
|
||||
|
||||
if ( $password ne $password2 ) {
|
||||
$self->render( 'register', invalid => 'password_notequal' );
|
||||
return;
|
||||
}
|
||||
|
||||
if ( length($password) < 8 ) {
|
||||
$self->render( 'register', invalid => 'password_short' );
|
||||
return;
|
||||
}
|
||||
|
||||
my $body = "Hallo, ${user}!\n\n";
|
||||
$body .= "Mit deiner E-Mail-Adresse (${email}) wurde ein Account auf\n";
|
||||
$body .= "travelynx.finalrewind.org angelegt.\n\n";
|
||||
$body
|
||||
.= "Falls die Registrierung von dir ausging, kannst du den Account unter\n";
|
||||
$body .= "https://travelynx.finalrewind.org/x/TODO freischalten.\n\n";
|
||||
$body
|
||||
.= "Falls nicht, ignoriere diese Mail bitte. Nach 48 Stunden wird deine\n";
|
||||
$body
|
||||
.= "Mail-Adresse erneut zur Registrierung freigeschaltet. Falls auch diese fehlschlägt,\n";
|
||||
$body
|
||||
.= "werden wir sie dauerhaft sperren und keine Mails mehr dorthin schicken.\n\n";
|
||||
$body .= "Daten zur Registrierung:\n";
|
||||
$body .= " * Datum: ${date}\n";
|
||||
$body .= " * Verwendete IP: ${ip}\n";
|
||||
$body .= " * Verwendeter Browser gemäß User Agent: ${ua}\n\n\n";
|
||||
$body .= "Impressum: https://travelynx.finalrewind.org/x/impressum\n";
|
||||
|
||||
# TODO create user object
|
||||
|
||||
my $reg_mail = Email::Simple->create(
|
||||
header => [
|
||||
To => $email,
|
||||
From => 'Travelynx <travelynx@finalrewind.org>',
|
||||
Subject => 'Registrierung auf travelynx.finalrewind.org',
|
||||
'Content-Type' => 'text/plain; charset=UTF-8',
|
||||
],
|
||||
body => encode( 'utf-8', $body ),
|
||||
);
|
||||
sendmail($reg_mail);
|
||||
|
||||
$self->render( 'login', from => 'register' );
|
||||
};
|
||||
|
||||
get '/*station' => sub {
|
||||
my ($self) = @_;
|
||||
my $station = $self->stash('station');
|
||||
|
|
|
@ -1,24 +1,50 @@
|
|||
% if (my $invalid = stash('invalid')) {
|
||||
<div class="row">
|
||||
<div class="col s12">
|
||||
<div class="card red darken-4">
|
||||
<div class="card-content white-text">
|
||||
% if ($invalid eq 'csrf') {
|
||||
<span class="card-title">Ungültiger CSRF-Token</span>
|
||||
<p>Sind Cookies aktiviert? Ansonsten könnte es sich um einen
|
||||
Fall von <a
|
||||
href="https://de.wikipedia.org/wiki/Cross-Site-Request-Forgery">CSRF</a>
|
||||
handeln.</p>
|
||||
% }
|
||||
% elsif ($invalid eq 'credentials') {
|
||||
<span class="card-title">Ungültige Logindaten</span>
|
||||
<p>Falscher Account oder falsches Passwort.</p>
|
||||
% }
|
||||
% else {
|
||||
<span class="card-title">Unbekannter Fehler</span>
|
||||
<p>„<%= $invalid %>“</p>
|
||||
% }
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
% }
|
||||
<div class="row">
|
||||
%= form_for '/x/register' => (class => 'col s12', method => 'POST') => begin
|
||||
%= csrf_field
|
||||
<div class="row">
|
||||
<div class="input-field col l6 m12 s12">
|
||||
<i class="material-icons prefix">account_circle</i>
|
||||
<input id="account" type="text" class="validate">
|
||||
<input name="user" id="account" type="text" class="validate">
|
||||
<label for="account">Name</label>
|
||||
</div>
|
||||
<div class="input-field col l6 m12 s12">
|
||||
<i class="material-icons prefix">email</i>
|
||||
<input id="email" type="email" class="validate">
|
||||
<input name="email" id="email" type="email" class="validate">
|
||||
<label for="email">Mail-Adresse</label>
|
||||
</div>
|
||||
<div class="input-field col l6 m12 s12">
|
||||
<i class="material-icons prefix">lock</i>
|
||||
<input id="password" type="password" class="validate">
|
||||
<input name="password" id="password" type="password" class="validate">
|
||||
<label for="password">Passwort</label>
|
||||
</div>
|
||||
<div class="input-field col l6 m12 s12">
|
||||
<i class="material-icons prefix">lock</i>
|
||||
<input id="password2" type="password" class="validate">
|
||||
<input name="password2" id="password2" type="password" class="validate">
|
||||
<label for="password2">Passwort wiederholen</label>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in a new issue