Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clean up code and switch to mfaEnabled/Disabled

Browse Source
This commit is contained in:
Bradley Schofield
2024-08-12 13:07:30 +09:00
parent dcb19c3f80
commit 7f45078ff5
3 changed files with 127 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/api/account.php
+111 -197
View File
@@ -166,6 +166,101 @@ $createSession = function (string $userId, string $secret, Request $request, Res
$response->dynamic($session, Response::MODEL_SESSION);
};
$sendMFAAlert = function (Document $project, Document $user, Locale $locale, Mail $queueForMails, string $type, string $redirect) {
$subject = $locale->getText("emails.{$type}.subject");
$customTemplate = $project->getAttribute('templates', [])["email.{$type}-" . $locale->default] ?? [];
// Appwrite Theming for Console
if ($project->getInternalId() === 'console') {
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-base-styled.tpl');
$body = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-mfa-altered.tpl');
$body
->setParam('{{buttonText}}', $locale->getText("emails.{$type}.buttonText"))
->setParam('{{redirect}}', 'http://' . App::getEnv('_APP_DOMAIN') . '/console/account')
->setParam('{{body}}', $locale->getText("emails.{$type}.body"), escapeHtml: false)
->setParam('{{project}}', $project->getAttribute('name'))
->setParam('{{user}}', $user->getAttribute('name'));
$message->setParam('{{body}}', $body->render(), escapeHtml: false);
} else {
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-inner-base.tpl');
$message->setParam('{{body}}', $locale->getText("emails.{$type}.body"), escapeHtml: false);
}
$message
->setParam('{{hello}}', $locale->getText("emails.{$type}.hello"))
->setParam('{{footer}}', $locale->getText("emails.{$type}.footer"))
->setParam('{{thanks}}', $locale->getText("emails.{$type}.thanks"))
->setParam('{{signature}}', $locale->getText("emails.{$type}.signature"));
$body = $message->render();
$smtp = $project->getAttribute('smtp', []);
$smtpEnabled = $smtp['enabled'] ?? false;
$senderEmail = System::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM);
$senderName = System::getEnv('_APP_SYSTEM_EMAIL_NAME', APP_NAME . ' Server');
$replyTo = "";
if ($smtpEnabled) {
if (!empty($smtp['senderEmail'])) {
$senderEmail = $smtp['senderEmail'];
}
if (!empty($smtp['senderName'])) {
$senderName = $smtp['senderName'];
}
if (!empty($smtp['replyTo'])) {
$replyTo = $smtp['replyTo'];
}
$queueForMails
->setSmtpHost($smtp['host'] ?? '')
->setSmtpPort($smtp['port'] ?? '')
->setSmtpUsername($smtp['username'] ?? '')
->setSmtpPassword($smtp['password'] ?? '')
->setSmtpSecure($smtp['secure'] ?? '');
if (!empty($customTemplate)) {
if (!empty($customTemplate['senderEmail'])) {
$senderEmail = $customTemplate['senderEmail'];
}
if (!empty($customTemplate['senderName'])) {
$senderName = $customTemplate['senderName'];
}
if (!empty($customTemplate['replyTo'])) {
$replyTo = $customTemplate['replyTo'];
}
$body = $customTemplate['message'] ?? '';
$subject = $customTemplate['subject'] ?? $subject;
}
$queueForMails
->setSmtpReplyTo($replyTo)
->setSmtpSenderEmail($senderEmail)
->setSmtpSenderName($senderName);
}
$emailVariables = [
'owner' => $user->getAttribute('name'),
'direction' => $locale->getText('settings.direction'),
'user' => $user->getAttribute('name'),
'project' => $project->getAttribute('name'),
'redirect' => $redirect
];
$queueForMails
->setSubject($subject)
->setBody($body)
->setRecipient($user->getAttribute('email'))
->setName($user->getAttribute('name'))
->setVariables($emailVariables)
->trigger()
;
};
App::post('/v1/account')
->desc('Create account')
->groups(['api', 'account', 'auth'])
@@ -3505,12 +3600,25 @@ App::patch('/v1/account/mfa')
->label('sdk.offline.key', 'current')
->param('mfa', null, new Boolean(), 'Enable or disable MFA.')
->inject('requestTimestamp')
->inject('request')
->inject('response')
->inject('user')
->inject('project')
->inject('session')
->inject('locale')
->inject('dbForProject')
->inject('queueForEvents')
->action(function (bool $mfa, ?\DateTime $requestTimestamp, Response $response, Document $user, Document $session, Database $dbForProject, Event $queueForEvents) {
->inject('queueForMails')
->action(function (bool $mfa, ?\DateTime $requestTimestamp, Request $request, Response $response, Document $user, Document $project, Document $session, Locale $locale, Database $dbForProject, Event $queueForEvents, Mail $queueForMails) use ($sendMFAAlert) {
// If MFA Changes then we need to send a email
if ($mfa !== $user->getAttribute('mfa')) {
$domain = $request->getHostname();
$protocol = $request->getProtocol();
$redirect = $protocol . '://' . $domain . '/console/account';
$sendMFAAlert($project, $user, $locale, $queueForMails, $mfa ? 'mfaEnabled' : 'mfaDisabled', $redirect);
}
$user->setAttribute('mfa', $mfa);
@@ -3667,11 +3775,7 @@ App::put('/v1/account/mfa/authenticators/:type')
->inject('session')
->inject('dbForProject')
->inject('queueForEvents')
->inject('project')
->inject('locale')
->inject('queueForMails')
->action(function (string $type, string $otp, Response $response, Document $user, Document $session, Database $dbForProject, Event $queueForEvents, Document $project, Locale $locale, Mail $queueForMails) {
->action(function (string $type, string $otp, Response $response, Document $user, Document $session, Database $dbForProject, Event $queueForEvents) {
$authenticator = (match ($type) {
Type::TOTP => TOTP::getAuthenticatorFromUser($user),
default => null
@@ -3706,99 +3810,6 @@ App::put('/v1/account/mfa/authenticators/:type')
$session->setAttribute('factors', $factors);
$dbForProject->updateDocument('sessions', $session->getId(), $session);
// Send email to user informing that MFA is enabled
$subject = $locale->getText("emails.mfaCreated.subject");
$customTemplate = $project->getAttribute('templates', [])['email.mfaCreated-' . $locale->default] ?? [];
// Appwrite theming for console
if ($project->getInternalId() === 'console') {
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-base-styled.tpl');
$body = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-mfa-altered.tpl');
$body
->setParam('{{buttonText}}', $locale->getText("emails.mfaCreated.buttonText"))
->setParam('{{redirect}}', 'http://' . App::getEnv('_APP_DOMAIN') . '/console/account')
->setParam('{{body}}', $locale->getText("emails.mfaCreated.body"), escapeHtml: false)
->setParam('{{project}}', $project->getAttribute('name'))
->setParam('{{user}}', $user->getAttribute('name'));
$message->setParam('{{body}}', $body->render(), escapeHtml: false);
} else {
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-inner-base.tpl');
$message->setParam('{{body}}', $locale->getText("emails.mfaCreated.body"), escapeHtml: false);
}
$message
->setParam('{{hello}}', $locale->getText("emails.mfaCreated.hello"))
->setParam('{{footer}}', $locale->getText("emails.mfaCreated.footer"))
->setParam('{{thanks}}', $locale->getText("emails.mfaCreated.thanks"))
->setParam('{{signature}}', $locale->getText("emails.mfaCreated.signature"));
$body = $message->render();
$smtp = $project->getAttribute('smtp', []);
$smtpEnabled = $smtp['enabled'] ?? false;
$senderEmail = System::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM);
$senderName = System::getEnv('_APP_SYSTEM_EMAIL_NAME', APP_NAME . ' Server');
$replyTo = "";
if ($smtpEnabled) {
if (!empty($smtp['senderEmail'])) {
$senderEmail = $smtp['senderEmail'];
}
if (!empty($smtp['senderName'])) {
$senderName = $smtp['senderName'];
}
if (!empty($smtp['replyTo'])) {
$replyTo = $smtp['replyTo'];
}
$queueForMails
->setSmtpHost($smtp['host'] ?? '')
->setSmtpPort($smtp['port'] ?? '')
->setSmtpUsername($smtp['username'] ?? '')
->setSmtpPassword($smtp['password'] ?? '')
->setSmtpSecure($smtp['secure'] ?? '');
if (!empty($customTemplate)) {
if (!empty($customTemplate['senderEmail'])) {
$senderEmail = $customTemplate['senderEmail'];
}
if (!empty($customTemplate['senderName'])) {
$senderName = $customTemplate['senderName'];
}
if (!empty($customTemplate['replyTo'])) {
$replyTo = $customTemplate['replyTo'];
}
$body = $customTemplate['message'] ?? '';
$subject = $customTemplate['subject'] ?? $subject;
}
$queueForMails
->setSmtpReplyTo($replyTo)
->setSmtpSenderEmail($senderEmail)
->setSmtpSenderName($senderName);
}
$emailVariables = [
'owner' => $user->getAttribute('name'),
'direction' => $locale->getText('settings.direction'),
'user' => $user->getAttribute('name'),
'project' => $project->getAttribute('name')
];
$queueForMails
->setSubject($subject)
->setBody($body)
->setRecipient($user->getAttribute('email'))
->setName($user->getAttribute('name'))
->setVariables($emailVariables)
->trigger()
;
$queueForEvents->setParam('userId', $user->getId());
$response->dynamic($user, Response::MODEL_ACCOUNT);
@@ -3937,11 +3948,7 @@ App::delete('/v1/account/mfa/authenticators/:type')
->inject('user')
->inject('dbForProject')
->inject('queueForEvents')
->inject('project')
->inject('locale')
->inject('queueForMails')
->action(function (string $type, string $otp, Response $response, Document $user, Database $dbForProject, Event $queueForEvents, Document $project, Locale $locale, Mail $queueForMails) {
->action(function (string $type, string $otp, Response $response, Document $user, Database $dbForProject, Event $queueForEvents) {
$authenticator = (match ($type) {
Type::TOTP => TOTP::getAuthenticatorFromUser($user),
default => null
@@ -3975,99 +3982,6 @@ App::delete('/v1/account/mfa/authenticators/:type')
$dbForProject->deleteDocument('authenticators', $authenticator->getId());
$dbForProject->purgeCachedDocument('users', $user->getId());
// Send email to user informing that MFA is disabled
$subject = $locale->getText("emails.mfaRemoved.subject");
$customTemplate = $project->getAttribute('templates', [])['email.mfaRemoved-' . $locale->default] ?? [];
// Appwrite theming for console
if ($project->getInternalId() === 'console') {
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-base-styled.tpl');
$body = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-mfa-altered.tpl');
$body
->setParam('{{buttonText}}', $locale->getText("emails.mfaRemoved.buttonText"))
->setParam('{{redirect}}', 'http://' . App::getEnv('_APP_DOMAIN') . '/console/account')
->setParam('{{body}}', $locale->getText("emails.mfaRemoved.body"), escapeHtml: false)
->setParam('{{project}}', $project->getAttribute('name'))
->setParam('{{user}}', $user->getAttribute('name'));
$message->setParam('{{body}}', $body->render(), escapeHtml: false);
} else {
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-inner-base.tpl');
$message->setParam('{{body}}', $locale->getText("emails.mfaRemoved.body"), escapeHtml: false);
}
$message
->setParam('{{hello}}', $locale->getText("emails.mfaRemoved.hello"))
->setParam('{{footer}}', $locale->getText("emails.mfaRemoved.footer"))
->setParam('{{thanks}}', $locale->getText("emails.mfaRemoved.thanks"))
->setParam('{{signature}}', $locale->getText("emails.mfaRemoved.signature"));
$body = $message->render();
$smtp = $project->getAttribute('smtp', []);
$smtpEnabled = $smtp['enabled'] ?? false;
$senderEmail = System::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM);
$senderName = System::getEnv('_APP_SYSTEM_EMAIL_NAME', APP_NAME . ' Server');
$replyTo = "";
if ($smtpEnabled) {
if (!empty($smtp['senderEmail'])) {
$senderEmail = $smtp['senderEmail'];
}
if (!empty($smtp['senderName'])) {
$senderName = $smtp['senderName'];
}
if (!empty($smtp['replyTo'])) {
$replyTo = $smtp['replyTo'];
}
$queueForMails
->setSmtpHost($smtp['host'] ?? '')
->setSmtpPort($smtp['port'] ?? '')
->setSmtpUsername($smtp['username'] ?? '')
->setSmtpPassword($smtp['password'] ?? '')
->setSmtpSecure($smtp['secure'] ?? '');
if (!empty($customTemplate)) {
if (!empty($customTemplate['senderEmail'])) {
$senderEmail = $customTemplate['senderEmail'];
}
if (!empty($customTemplate['senderName'])) {
$senderName = $customTemplate['senderName'];
}
if (!empty($customTemplate['replyTo'])) {
$replyTo = $customTemplate['replyTo'];
}
$body = $customTemplate['message'] ?? '';
$subject = $customTemplate['subject'] ?? $subject;
}
$queueForMails
->setSmtpReplyTo($replyTo)
->setSmtpSenderEmail($senderEmail)
->setSmtpSenderName($senderName);
}
$emailVariables = [
'owner' => $user->getAttribute('name'),
'direction' => $locale->getText('settings.direction'),
'user' => $user->getAttribute('name'),
'project' => $project->getAttribute('name')
];
$queueForMails
->setSubject($subject)
->setBody($body)
->setRecipient($user->getAttribute('email'))
->setName($user->getAttribute('name'))
->setVariables($emailVariables)
->trigger()
;
$queueForEvents->setParam('userId', $user->getId());
$response->noContent();