&& read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE <<-EOF
$(grep "^${user_id} " "$user_db")
EOF
- if [ "$STATUS" = active -a "$EXPIRE" -gt "$_DATE" ]; then
+ [ "$STATUS" -a "$EXPIRE" ] \
+ && if [ "$STATUS" = active -a "$EXPIRE" -gt "$_DATE" ]; then
USER_ID="$UID"
USER_NAME="$(UNSTRING "$UNAME")"
USER_EMAIL="$(UNSTRING "$EMAIL")"
}
user_checkname(){
- { [ $# -gt 0 ] && printf %s "$*" || cat } \
+ { [ $# -gt 0 ] && printf %s "$*" || cat; } \
| sed -nE '
:X; $!{N;bX;}
s;[ \t\r\n]+; ;g;
}
user_checkemail(){
- { [ $# -gt 0 ] && printf %s "$*" || cat } \
+ { [ $# -gt 0 ] && printf %s "$*" || cat; } \
| sed -nE '
# W3C recommended email regex
# https://html.spec.whatwg.org/multipage/input.html#email-state-(type=email)
user_nameexist(){
local uname="$(STRING "$1")"
local UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE
- while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
+ [ -f "$user_db" -a -r "$user_db" ] \
+ && while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
[ "$EXPIRE" -gt "$_DATE" -a "$UNAME" = "$uname" ] && return 0
done <"$user_db"
return 1
user_emailexist(){
local email="$(STRING "$1")"
local UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE
- while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
+ [ -f "$user_db" -a -r "$user_db" ] \
+ && while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
[ "$EXPIRE" -gt "$_DATE" -a "$EMAIL" = "$email" ] && return 0
done <"$user_db"
return 1
user_pwhash(){
local salt="$1" secret="$2" hash
hash="$(printf '%s\n%s\n' "$secret" "$salt" |sha256sum)"
- printf '%s\n' "${hash% *}"
+ printf '%s\n' "${hash%% *}"
}
user_register(){
RELEASE "$user_db"
sendmail -t -f "$MAILFROM" <<-EOF
From: ${MAILFROM}
- To: "${email}"
+ To: ${email}
Subject: Your account registration at ${HTTP_HOST%:*}
Someone tried to sign up for a user account using this email address.
You can activate your account using this link:
- https://${HTTP_HOST%:*}/${_BASE}/?user_confirm=${uid}+$(session_mac "$uid")
+ https://${HTTP_HOST%:*}/${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")
This registration link will expire after 24 hours.
REDIRECT "${_BASE}${PATH_INFO}#ERROR_USER_NOLOCK"
fi
- elif [ "$USER_REQUIREEMAIL" != true ] then
+ elif [ "$USER_REQUIREEMAIL" != true ]; then
if [ ! "$uname" ]; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_UNAME_INVALID"
elif user_nameexist "$uname"; then
local UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE
local uname="$(POST uname |STRING)" pw="$(POST pw)"
- while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
+ [ -f "$user_db" -a -r "$user_db" ] \
+ && while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
if [ "$UNAME" = "$uname" -o "$EMAIL" = "$uname" ]; then
if [ "$STATUS" = active -a "$EXPIRE" -gt "$_DATE" -a "$PWHASH" = "$(user_pwhash "$PWSALT" "$pw")" ]; then
SESSION_COOKIE new
# destroy cookie, destroy session
# keep device cookie
new_session
- SET_COOKIE 0 session=""
- SET_COOKIE 0 user_id=""
+ SESSION_COOKIE new
+ SET_COOKIE 0 user_id="" Path="/${_BASE#/}" SameSite=Strict HttpOnly
REDIRECT "${_BASE}${PATH_INFO}#USER_LOGGED_OUT"
}
user_update(){
# passphrase, email
+ :
}
user_recover(){
# send recover link
+ :
}
user_disable(){
+ :
}
user_init
esac
w_user_register(){
- if [ "$USER_REGISTRATION" != true ]; then
+ if [ "$(GET user_confirm)" ]; then
+ w_user_confirm
+ elif [ "$USER_REGISTRATION" != true ]; then
cat <<-EOF
[div #user_register .disabled
User Registration is disabled.
cat <<-EOF
[form #user_register .registername method=POST
[input name=uname placeholder="Choose Username" tooltip="Your username may contain any character but the @ sign. It must be at least 3 characters long, and it must start with a letter." pattern="^\[a-zA-Z\]\[a-zA-Z0-9 -~\]{2,127}$" autocomplete=off]
- [input type=pw placeholder="Choose Passphrase" pattern=".{4,}"]
- [input type=pwconfirm placeholder="Confirm Passphrase" pattern=".{4,}"]
+ [input type=password name=pw placeholder="Choose Passphrase" pattern=".{6,}"]
+ [input type=password name=pwconfirm placeholder="Confirm Passphrase" pattern=".{6,}"]
[submit "action" "user_register" Sign Up]
]
EOF
[input type=hidden name=signature value="${signature}"]
[input disabled=disabled value="$(HTML "$EMAIL")"]
[input name=uname placeholder="Choose Username" tooltip="Your username may contain any character but the @ sign. It must be at least 3 characters long, and it must start with a letter." pattern="^\[a-zA-Z\]\[a-zA-Z0-9 -~\]{2,127}$" autocomplete=off]
- [input type=pw placeholder="Choose Passphrase" pattern=".{4,}"]
- [input type=pwconfirm placeholder="Confirm Passphrase" pattern=".{4,}"]
+ [input type=password name=pw placeholder="Choose Passphrase" pattern=".{6,}"]
+ [input type=password name=pwconfirm placeholder="Confirm Passphrase" pattern=".{6,}"]
[submit "action" "user_confirm" Finish Registration]
]
EOF
elif [ "$USER_ID" ]; then
cat <<-EOF
[form #user_login .logout method=POST
- [p You are currently logged in as "${USER_NAME}"]
+ [p Logged in as [span . $(HTML ${USER_NAME})]]
[submit "action" "user_logout" Logout]
]
EOF