From: Paul Hänsch <paul@plutz.net>
Date: Wed, 11 May 2022 18:48:51 +0000 (+0200)
Subject: allow invitation without email, allow setting user page url
X-Git-Url: https://git.plutz.net/?p=cgilite;a=commitdiff_plain;h=2f3c712c3c6800a74898bce98dcad781d5b460b6

allow invitation without email, allow setting user page url
---

diff --git a/users.sh b/users.sh
index 873edf0..44a5e13 100755
--- a/users.sh
+++ b/users.sh
@@ -6,11 +6,15 @@ include_users="$0"
 . "${_EXEC}/cgilite/session.sh"
 . "${_EXEC}/cgilite/storage.sh"
 
-USER_REGISTRATION="${USER_REGISTRATION:-true}"
-USER_REQUIREEMAIL="${USER_REQUIREEMAIL:-true}"
+SENDMAIL=${SENDMAIL-sendmail}
+
+USER_REGISTRATION="${USER_REGISTRATION-true}"
+USER_REQUIREEMAIL="${USER_REQUIREEMAIL-true}"
+USER_ACCOUNTPAGE="${USER_ACCOUNTPAGE}"
+
+MAILFROM="${MAILDOMAIN-noreply@${HTTP_HOST%:*}}"
 
 HTTP_HOST="$(HEADER Host)"
-MAILFROM="${MAILDOMAIN:-noreply@${HTTP_HOST%:*}}"
 
 # == FILE FORMAT ==
 # UID	UNAME	STATUS	EMAIL	PWSALT	PWHASH	EXPIRE	DEVICES FUTUREUSE
@@ -230,7 +234,7 @@ user_register(){
     elif new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"; then
       debug "Sending Activation Link:" \
             "https://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
-      sendmail -t -f "$MAILFROM" <<-EOF
+      "$SENDMAIL" -t -f "$MAILFROM" <<-EOF
 	From: ${MAILFROM}
 	To: ${email}
 	Subject: Your account registration at ${HTTP_HOST%:*}
@@ -269,7 +273,11 @@ user_register(){
       SESSION_COOKIE new
       SESSION_BIND user_id "$uid"
 
-      REDIRECT "${_BASE}${PATH_INFO}#USER_REGISTER_CONFIRM"
+      if [ "$USER_ACCOUNTPAGE" ]; then
+        REDIRECT "${USER_ACCOUNTPAGE}"
+      else
+        REDIRECT "${_BASE}${PATH_INFO}#USER_REGISTER_CONFIRM"
+      fi
     else
       REDIRECT "${_BASE}${PATH_INFO}#ERROR_USER_NOLOCK"
     fi
@@ -287,8 +295,8 @@ user_invite(){
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"
   elif new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"; then
     debug "Sending Invitation Link:" \
-          "https://${HTTP_HOST}${BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
-    sendmail -t -f "$MAILFROM" <<-EOF
+          "https://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")"
+    "$SENDMAIL" -t -f "$MAILFROM" <<-EOF
 	From: ${MAILFROM}
 	To: ${email}
 	Subject: You have been invited to ${HTTP_HOST%:*}
@@ -343,7 +351,11 @@ user_confirm(){
   elif update_user "$USER_ID" uname="$uname" status=active password="$pw"; then
     SESSION_COOKIE new
     SESSION_BIND user_id "$USER_ID"
-    REDIRECT "${_BASE}${PATH_INFO}?user_register=confirm#USER_REGISTER_CONFIRM"
+    if [ "$USER_ACCOUNTPAGE" ]; then
+      REDIRECT "${USER_ACCOUNTPAGE}"
+    else
+      REDIRECT "${_BASE}${PATH_INFO}?user_register=confirm#USER_REGISTER_CONFIRM"
+    fi
   else
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_USER_NOLOCK"
   fi
@@ -452,7 +464,9 @@ w_user_confirm(){
 	[form #user_confirm method=POST
 	  [input type=hidden name=uid value="${uid}"]
 	  [input type=hidden name=signature value="${signature}"]
-	  [input disabled=disabled value="$(HTML "$EMAIL")"]
+	  $([ "$EMAIL" != '\' ] && printf \
+	    '[input disabled=disabled value="%s" placeholder="Email"]' "$(UNSTRING "$EMAIL" |HTML)"
+	  )
           [input name=uname placeholder="Choose Username" tooltip="Your username may contain any character but the @ sign. It must be at least 3 characters long, and it must start with a letter." pattern="^\[a-zA-Z\]\[a-zA-Z0-9 -~\]{2,127}$" autocomplete=off]
 	  [input type=password name=pw placeholder="Choose Passphrase" pattern=".{6,}"]
 	  [input type=password name=pwconfirm placeholder="Confirm Passphrase" pattern=".{6,}"]
@@ -478,7 +492,7 @@ w_user_confirm(){
 w_user_invite(){
   if [ "$(GET user_confirm)" ]; then
     w_user_confirm
-  elif [ "$USER_ID" ]; then
+  elif [ "$USER_ID" -a "$SENDMAIL" ]; then
     cat <<-EOF
 	[form #user_invite method=POST
 	  [input placeholder="Email Recipient" name=email autocomplete=off]
@@ -486,6 +500,15 @@ w_user_invite(){
 	  [submit "action" "user_invite" Send Invitation]
 	]
 	EOF
+  elif [ "$USER_ID" ]; then
+    uid="$(timeid)"
+    new_user "$uid" status=pending email="$email" expire="$((_DATE + 86400))"
+    cat <<-EOF
+        [p An anonymous user account has been set up. Send the following link to the intended user, so they may claim their account. The link will remain valid for 24 hours.]
+        [p . $(HTML "https://${HTTP_HOST}${_BASE}${PATH_INFO}?user_confirm=${uid}+$(session_mac "$uid")" |debug)]
+
+        [p [a href="#" . Set up another account]]
+	EOF
   else
     cat <<-EOF
 	[div #user_invite .notallowed