variable expiration times, clickable invitation links

diff --git a/users.sh b/users.sh
index ca986cd6f737a00c78915379bfe83c3f14eba6d5..6a6833e96c592043669006bbeec91b628a70667e 100755 (executable)
--- a/users.sh
+++ b/users.sh
@@ -12,6 +12,9 @@ USER_REGISTRATION="${USER_REGISTRATION-true}"
 USER_REQUIREEMAIL="${USER_REQUIREEMAIL-true}"
 USER_ACCOUNTPAGE="${USER_ACCOUNTPAGE}"
 
 USER_REQUIREEMAIL="${USER_REQUIREEMAIL-true}"
 USER_ACCOUNTPAGE="${USER_ACCOUNTPAGE}"
 

+USER_ACCOUNTEXPIRE="${USER_ACCOUNTEXPIRE:-$((86400 * 730))}"
+USER_CONFIRMEXPIRE="${USER_CONFIRMEXPIRE:-86400}"
+

 MAILFROM="${MAILDOMAIN-noreply@${HTTP_HOST%:*}}"
 
 HTTP_HOST="$(HEADER Host)"
 MAILFROM="${MAILDOMAIN-noreply@${HTTP_HOST%:*}}"
 
 HTTP_HOST="$(HEADER Host)"


@@ -89,7 +92,7 @@ update_user() {
              "${status:-${status-${STATUS}}${status+\\}}" \
              "${email:-${email-${EMAIL}}${email+\\}}" \
              "${pwsalt:-${PWSALT}}" "${pwhash:-${PWHASH}}" \
              "${status:-${status-${STATUS}}${status+\\}}" \
              "${email:-${email-${EMAIL}}${email+\\}}" \
              "${pwsalt:-${PWSALT}}" "${pwhash:-${PWHASH}}" \

-             "${expire:-$((_DATE + 86400 * 730))}" \
+             "${expire:-$((_DATE + USER_ACCOUNTEXPIRE))}" \

              "$(STRING "${devices-$(UNSTRING "$DEVICES")}")" \
              "${FUTUREUSE:-\\}"
     elif [ "$STATUS" = pending -a ! "$EXPIRE" -ge "$_DATE" ]; then
              "$(STRING "${devices-$(UNSTRING "$DEVICES")}")" \
              "${FUTUREUSE:-\\}"
     elif [ "$STATUS" = pending -a ! "$EXPIRE" -ge "$_DATE" ]; then


@@ -118,7 +121,7 @@ new_user(){
       return 1
     fi
     printf '%s \\      %s      \\      \\      \\      %i      \\      \\\n' \
       return 1
     fi
     printf '%s \\      %s      \\      \\      \\      %i      \\      \\\n' \

-           "$user" "pending" "$(( $_DATE + 86400 ))" >>"$user_db"
+           "$user" "pending" "$(( _DATE + USER_CONFIRMEXPIRE ))" >>"$user_db"

   else
     return 1
   fi
   else
     return 1
   fi


@@ -233,7 +236,7 @@ user_register(){
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_INVALID"
     elif user_emailexist "$email"; then
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_INVALID"
     elif user_emailexist "$email"; then
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"

-    elif new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"; then
+    elif new_user "$uid" status=pending email="$email" expire="$((_DATE + USER_CONFIRMEXPIRE))"; then

       debug "Sending Activation Link:" \
             "${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
       "$SENDMAIL" -t -f "$MAILFROM" <<-EOF
       debug "Sending Activation Link:" \
             "${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
       "$SENDMAIL" -t -f "$MAILFROM" <<-EOF


@@ -247,7 +250,7 @@ user_register(){
 
            ${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")
 
 
            ${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")
 

-       This registration link will expire after 24 hours.
+       This registration link will expire after $((USER_CONFIRMEXPIRE / 3600)) hours.

 
        If you did not request an account at ${HTTP_HOST%:*}, then someone else
        probably entered your email address by accident. In this case you shoud
 
        If you did not request an account at ${HTTP_HOST%:*}, then someone else
        probably entered your email address by accident. In this case you shoud


@@ -271,7 +274,7 @@ user_register(){
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_PW_EMPTYTOOSHORT"
     elif [ "$pw" != "$pwconfirm" ]; then
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_PW_MISMATCH"
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_PW_EMPTYTOOSHORT"
     elif [ "$pw" != "$pwconfirm" ]; then
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_PW_MISMATCH"

-    elif new_user "$uid" uname="$uname" status=active email="$email" password="$pw" expire="$((_DATE + 86400 * 730))"; then
+    elif new_user "$uid" uname="$uname" status=active email="$email" password="$pw" expire="$((_DATE + USER_ACCOUNTEXPIRE))"; then

       SESSION_COOKIE new
       SESSION_BIND user_id "$uid"
 
       SESSION_COOKIE new
       SESSION_BIND user_id "$uid"
 


@@ -295,7 +298,7 @@ user_invite(){
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_INVALID"
   elif user_emailexist "$email"; then
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_INVALID"
   elif user_emailexist "$email"; then
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"

-  elif new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"; then
+  elif new_user "$uid" status=pending email="$email" expire="$((_DATE + USER_CONFIRMEXPIRE))"; then

     debug "Sending Invitation Link:" \
           "${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
     "$SENDMAIL" -t -f "$MAILFROM" <<-EOF
     debug "Sending Invitation Link:" \
           "${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
     "$SENDMAIL" -t -f "$MAILFROM" <<-EOF


@@ -311,7 +314,7 @@ user_invite(){
 
            ${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")
 
 
            ${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")
 

-       This registration link will expire after 24 hours.
+       This registration link will expire after $((USER_CONFIRMEXPIRE / 3600)) hours.

 
        If you do not know what this is about, then someone else probably
        entered your email address by accident. In this case you shoud
 
        If you do not know what this is about, then someone else probably
        entered your email address by accident. In this case you shoud


@@ -542,6 +545,8 @@ w_user_confirm(){
 }
 
 w_user_invite(){
 }
 
 w_user_invite(){

+  local uid invlink
+

   if [ "$(GET user_confirm)" ]; then
     w_user_confirm
   elif [ "$USER_ID" -a "$SENDMAIL" ]; then
   if [ "$(GET user_confirm)" ]; then
     w_user_confirm
   elif [ "$USER_ID" -a "$SENDMAIL" ]; then


@@ -554,12 +559,16 @@ w_user_invite(){
        EOF
   elif [ "$USER_ID" ]; then
     uid="$(timeid)"
        EOF
   elif [ "$USER_ID" ]; then
     uid="$(timeid)"

-    new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"
+    new_user "$uid" status=pending expire="$((_DATE + USER_CONFIRMEXPIRE))"
+    invlink="${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
+    debug "New Invitation Link: $invlink"

     cat <<-EOF
     cat <<-EOF

-        [p An anonymous user account has been set up. Send the following link to the intended user, so they may claim their account. The link will remain valid for 24 hours.]
-        [p . $(HTML "${SCHEMA}://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")" |debug)]
+       [div #user_invite .link
+          [p An anonymous user account has been set up. Send the following link to the intended user, so they may claim their account. The link will remain valid for $((USER_CONFIRMEXPIRE / 3600)) hours.]
+          [a href="$(HTML "$invlink")" . $(HTML "$invlink")]

 
 

-        [p [a href="#" . Set up another account]]
+          [p [a href="#" . Set up another account]]
+       ]

        EOF
   else
     cat <<-EOF
        EOF
   else
     cat <<-EOF