mirrors/oneuptime
1
0
Fork 0
mirror of https://github.com/OneUptime/oneuptime synced 2024-11-21 14:49:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

harden invite emails

Browse Source
This commit is contained in:
Simon Larsen 2023-09-27 09:24:43 +01:00
parent 3dd150692a
commit 14d22e5f12
No known key found for this signature in database
GPG Key ID: AB45983AA9C81CDE
4 changed files with 31 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Accounts/src/Utils/Login.ts
View File

@ -21,7 +21,7 @@ export default abstract class LoginUtil {
UserUtil.setAccessToken(token);
UserUtil.setEmail(user.email as Email);
UserUtil.setUserId(user.id as ObjectID);
UserUtil.setName(user.name as Name);
UserUtil.setName(user.name || new Name(''));
UserUtil.setIsMasterAdmin(user.isMasterAdmin as boolean);
Analytics.userAuth(user.email!);

17
CommonServer/Services/TeamMemberService.ts
View File

@ -16,7 +16,7 @@ import QueryHelper from '../Types/Database/QueryHelper';
import LIMIT_MAX from 'Common/Types/Database/LimitMax';
import ProjectService from './ProjectService';
import { IsBillingEnabled } from '../EnvironmentConfig';
import { DashboardRoute } from 'Common/ServiceRoute';
import { AccountsRoute } from 'Common/ServiceRoute';
import DatabaseConfig from '../DatabaseConfig';
import BillingService from './BillingService';
import SubscriptionPlan from 'Common/Types/Billing/SubscriptionPlan';
@ -78,7 +78,10 @@ export class TeamMemberService extends DatabaseService<TeamMember> {
isRoot: true,
});
let isNewUser: boolean = false;
if (!user) {
isNewUser = true;
user = await UserService.createByEmail(email, {
isRoot: true,
});
@ -106,11 +109,17 @@ export class TeamMemberService extends DatabaseService<TeamMember> {
toEmail: email,
templateType: EmailTemplateType.InviteMember,
vars: {
dashboardUrl: new URL(
signInLink: URL.fromString(new URL(
httpProtocol,
host,
DashboardRoute
).toString(),
AccountsRoute
).toString()).toString(),
registerLink: URL.fromString(new URL(
httpProtocol,
host,
AccountsRoute
).toString()).addRoute("/register").addQueryParam("email", email.toString()).toString(),
isNewUser: isNewUser.toString(),
projectName: project.name!,
homeUrl: new URL(httpProtocol, host).toString(),
},

4
Identity/API/Authentication.ts
View File

@ -230,7 +230,7 @@ router.post(
},
});
if (alreadySavedUser) {
if (alreadySavedUser && alreadySavedUser.password) {
const token: string = ObjectID.generate().toString();
await UserService.updateOneBy({
query: {
@ -274,7 +274,7 @@ router.post(
req,
res,
new BadDataException(
`No user is registered with ${user.email?.toString()}`
`No user is registered with ${user.email?.toString()}. Please sign up for a new account.`
)
);
} catch (err) {

18
Notification/Templates/InviteMember.hbs
View File

@ -4,12 +4,24 @@
{{> EmailTitle title=(concat "You have been invited to " projectName) }}
{{> InfoBlock info="Please click on the 'Go to dashboard' button below to see all your invitations and manage them."}}
{{#ifCond isNewUser "true"}}
{{> InfoBlock info="Please sign up to a new account to accept this invitation"}}
{{> ButtonBlock buttonUrl=dashboardUrl buttonText="Go to Dashboard"}}
{{> ButtonBlock buttonUrl=registerLink buttonText="Sign up to a new account"}}
{{> InfoBlock info="You can also copy and paste this link:"}}
{{> InfoBlock info=dashboardUrl}}
{{> InfoBlock info=registerLink}}
{{/ifCond}}
{{#ifCond isNewUser "false"}}
{{> InfoBlock info="Please sign in to your account to see all your invitations and manage them."}}
{{> ButtonBlock buttonUrl=signInLink buttonText="Sign in to OneUptime"}}
{{> InfoBlock info="You can also copy and paste this link:"}}
{{> InfoBlock info=signInLink}}
{{/ifCond}}
{{> InfoBlock info="If you have not signed up to OneUptime so far. You'll be redirected to the account sign up page to sign up first."}}