Squashed 'cgilite/' changes from e5e180a..2f3c712

author Paul Hänsch <paul@plutz.net>

Wed, 11 May 2022 18:49:43 +0000 (20:49 +0200)

committer Paul Hänsch <paul@plutz.net>

Wed, 11 May 2022 18:49:43 +0000 (20:49 +0200)
author Paul Hänsch <paul@plutz.net>
Wed, 11 May 2022 18:49:43 +0000 (20:49 +0200)
committer Paul Hänsch <paul@plutz.net>
Wed, 11 May 2022 18:49:43 +0000 (20:49 +0200)
diff --git a/users.sh b/users.sh

index 873edf05ffbb72fa9729ff1eb7792c39ac2a86c3..44a5e136c9b9ba1189d55880009e799c9468668b 100755 (executable)
--- a/users.sh
+++ b/users.sh
@@ -6,11 +6,15 @@ include_users="$0"
  . "${_EXEC}/cgilite/session.sh"
  . "${_EXEC}/cgilite/storage.sh"
  
-USER_REGISTRATION="${USER_REGISTRATION:-true}"
-USER_REQUIREEMAIL="${USER_REQUIREEMAIL:-true}"
+SENDMAIL=${SENDMAIL-sendmail}
+
+USER_REGISTRATION="${USER_REGISTRATION-true}"
+USER_REQUIREEMAIL="${USER_REQUIREEMAIL-true}"
+USER_ACCOUNTPAGE="${USER_ACCOUNTPAGE}"
+
+MAILFROM="${MAILDOMAIN-noreply@${HTTP_HOST%:*}}"
  
  HTTP_HOST="$(HEADER Host)"
-MAILFROM="${MAILDOMAIN:-noreply@${HTTP_HOST%:*}}"
  
  # == FILE FORMAT ==
  # UID  UNAME   STATUS  EMAIL   PWSALT  PWHASH  EXPIRE  DEVICES FUTUREUSE
@@ -230,7 +234,7 @@ user_register(){
      elif new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"; then
        debug "Sending Activation Link:" \
              "https://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
-      sendmail -t -f "$MAILFROM" <<-EOF
+      "$SENDMAIL" -t -f "$MAILFROM" <<-EOF
         From: ${MAILFROM}
         To: ${email}
         Subject: Your account registration at ${HTTP_HOST%:*}
@@ -269,7 +273,11 @@ user_register(){
        SESSION_COOKIE new
        SESSION_BIND user_id "$uid"
  
-      REDIRECT "${_BASE}${PATH_INFO}#USER_REGISTER_CONFIRM"
+      if [ "$USER_ACCOUNTPAGE" ]; then
+        REDIRECT "${USER_ACCOUNTPAGE}"
+      else
+        REDIRECT "${_BASE}${PATH_INFO}#USER_REGISTER_CONFIRM"
+      fi
      else
        REDIRECT "${_BASE}${PATH_INFO}#ERROR_USER_NOLOCK"
      fi
@@ -287,8 +295,8 @@ user_invite(){
      REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"
    elif new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"; then
      debug "Sending Invitation Link:" \
-          "https://${HTTP_HOST}${BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
-    sendmail -t -f "$MAILFROM" <<-EOF
+          "https://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
+    "$SENDMAIL" -t -f "$MAILFROM" <<-EOF
         From: ${MAILFROM}
         To: ${email}
         Subject: You have been invited to ${HTTP_HOST%:*}
@@ -343,7 +351,11 @@ user_confirm(){
    elif update_user "$USER_ID" uname="$uname" status=active password="$pw"; then
      SESSION_COOKIE new
      SESSION_BIND user_id "$USER_ID"
-    REDIRECT "${_BASE}${PATH_INFO}?user_register=confirm#USER_REGISTER_CONFIRM"
+    if [ "$USER_ACCOUNTPAGE" ]; then
+      REDIRECT "${USER_ACCOUNTPAGE}"
+    else
+      REDIRECT "${_BASE}${PATH_INFO}?user_register=confirm#USER_REGISTER_CONFIRM"
+    fi
    else
      REDIRECT "${_BASE}${PATH_INFO}#ERROR_USER_NOLOCK"
    fi
@@ -452,7 +464,9 @@ w_user_confirm(){
         [form #user_confirm method=POST
           [input type=hidden name=uid value="${uid}"]
           [input type=hidden name=signature value="${signature}"]
-         [input disabled=disabled value="$(HTML "$EMAIL")"]
+         $([ "$EMAIL" != '\' ] && printf \
+           '[input disabled=disabled value="%s" placeholder="Email"]' "$(UNSTRING "$EMAIL" |HTML)"
+         )
            [input name=uname placeholder="Choose Username" tooltip="Your username may contain any character but the @ sign. It must be at least 3 characters long, and it must start with a letter." pattern="^\[a-zA-Z\]\[a-zA-Z0-9 -~\]{2,127}$" autocomplete=off]
           [input type=password name=pw placeholder="Choose Passphrase" pattern=".{6,}"]
           [input type=password name=pwconfirm placeholder="Confirm Passphrase" pattern=".{6,}"]
@@ -478,7 +492,7 @@ w_user_confirm(){
  w_user_invite(){
    if [ "$(GET user_confirm)" ]; then
      w_user_confirm
-  elif [ "$USER_ID" ]; then
+  elif [ "$USER_ID" -a "$SENDMAIL" ]; then
      cat <<-EOF
         [form #user_invite method=POST
           [input placeholder="Email Recipient" name=email autocomplete=off]
@@ -486,6 +500,15 @@ w_user_invite(){
           [submit "action" "user_invite" Send Invitation]
         ]
         EOF
+  elif [ "$USER_ID" ]; then
+    uid="$(timeid)"
+    new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"
+    cat <<-EOF
+        [p An anonymous user account has been set up. Send the following link to the intended user, so they may claim their account. The link will remain valid for 24 hours.]
+        [p . $(HTML "https://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")" |debug)]
+
+        [p [a href="#" . Set up another account]]
+       EOF
    else
      cat <<-EOF
         [div #user_invite .notallowed
author	Paul Hänsch <paul@plutz.net>
	Wed, 11 May 2022 18:49:43 +0000 (20:49 +0200)
committer	Paul Hänsch <paul@plutz.net>
	Wed, 11 May 2022 18:49:43 +0000 (20:49 +0200)