Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-26 05:50:29 +01:00
verify email on registration via invite link
if `SIGNUPS_VERIFY` is enabled new users that have been invited have their onboarding flow interrupted because they have to first verify their mail address before they can join an organization. we can skip the extra verication of the email address when signing up because a valid invitation token already means that the email address is working and we don't allow invited users to signup with a different address. unfortunately, this is not possible with emergency access invitations at the moment as they are handled differently.
Dieser Commit ist enthalten in:
Stefan Melmuk
Ursprung
ff7e22c08a
Commit
64ae5d4f81
1 geänderte Dateien mit 7 neuen und 2 gelöschten Zeilen
|
|
@ -98,8 +98,10 @@ async fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> JsonResult {
|
||||||
let password_hint = clean_password_hint(&data.MasterPasswordHint);
|
let password_hint = clean_password_hint(&data.MasterPasswordHint);
|
||||||
enforce_password_hint_setting(&password_hint)?;
|
enforce_password_hint_setting(&password_hint)?;
|
||||||
|
|
||||||
|
let mut verified_by_invite = false;
|
||||||
|
|
||||||
let mut user = match User::find_by_mail(&email, &conn).await {
|
let mut user = match User::find_by_mail(&email, &conn).await {
|
||||||
Some(user) => {
|
Some(mut user) => {
|
||||||
if !user.password_hash.is_empty() {
|
if !user.password_hash.is_empty() {
|
||||||
err!("Registration not allowed or user already exists")
|
err!("Registration not allowed or user already exists")
|
||||||
}
|
}
|
||||||
|
|
@ -107,6 +109,9 @@ async fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> JsonResult {
|
||||||
if let Some(token) = data.Token {
|
if let Some(token) = data.Token {
|
||||||
let claims = decode_invite(&token)?;
|
let claims = decode_invite(&token)?;
|
||||||
if claims.email == email {
|
if claims.email == email {
|
||||||
|
// Verify the email address when signing up via a valid invite token
|
||||||
|
verified_by_invite = true;
|
||||||
|
user.verified_at = Some(Utc::now().naive_utc());
|
||||||
user
|
user
|
||||||
} else {
|
} else {
|
||||||
err!("Registration email does not match invite email")
|
err!("Registration email does not match invite email")
|
||||||
|
|
@ -163,7 +168,7 @@ async fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> JsonResult {
|
||||||
}
|
}
|
||||||
|
|
||||||
if CONFIG.mail_enabled() {
|
if CONFIG.mail_enabled() {
|
||||||
if CONFIG.signups_verify() {
|
if CONFIG.signups_verify() && !verified_by_invite {
|
||||||
if let Err(e) = mail::send_welcome_must_verify(&user.email, &user.uuid).await {
|
if let Err(e) = mail::send_welcome_must_verify(&user.email, &user.uuid).await {
|
||||||
error!("Error sending welcome email: {:#?}", e);
|
error!("Error sending welcome email: {:#?}", e);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Laden …
In neuem Issue referenzieren