[#923] External User registration refactoring, password randomization.

This commit is contained in:
Ivan Tashkinov 2019-03-18 18:09:53 +03:00
parent 26b6354095
commit 8d21859717
2 changed files with 18 additions and 34 deletions

View file

@ -209,35 +209,6 @@ def reset_password(user, data) do
update_and_set_cache(password_update_changeset(user, data))
end
# TODO: FIXME (WIP):
def external_registration_changeset(struct, params \\ %{}) do
info_change = User.Info.confirmation_changeset(%User.Info{}, :confirmed)
changeset =
struct
|> cast(params, [:email, :nickname, :name, :bio])
|> unique_constraint(:email)
|> unique_constraint(:nickname)
|> validate_exclusion(:nickname, Pleroma.Config.get([Pleroma.User, :restricted_nicknames]))
|> validate_format(:email, @email_regex)
|> validate_length(:bio, max: 1000)
|> put_change(:info, info_change)
if changeset.valid? do
nickname = changeset.changes[:nickname]
ap_id = (nickname && User.ap_id(%User{nickname: nickname})) || nil
followers = User.ap_followers(%User{nickname: ap_id})
changeset
|> put_change(:ap_id, ap_id)
|> unique_constraint(:ap_id)
|> put_change(:following, [followers])
|> put_change(:follower_address, followers)
else
changeset
end
end
def register_changeset(struct, params \\ %{}, opts \\ []) do
confirmation_status =
if opts[:confirmed] || !Pleroma.Config.get([:instance, :account_activation_required]) do
@ -251,7 +222,7 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
changeset =
struct
|> cast(params, [:bio, :email, :name, :nickname, :password, :password_confirmation])
|> validate_required([:email, :name, :nickname, :password, :password_confirmation])
|> validate_required([:name, :nickname, :password, :password_confirmation])
|> validate_confirmation(:password)
|> unique_constraint(:email)
|> unique_constraint(:nickname)
@ -262,6 +233,13 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
|> validate_length(:name, min: 1, max: 100)
|> put_change(:info, info_change)
changeset =
if opts[:external] do
changeset
else
validate_required(changeset, [:email])
end
if changeset.valid? do
hashed = Pbkdf2.hashpwsalt(changeset.changes[:password])
ap_id = User.ap_id(%User{nickname: changeset.changes[:nickname]})

View file

@ -54,20 +54,26 @@ def get_by_external_registration(
# Note: generating a random numeric suffix to nickname in case this nickname is already taken
nickname =
if nickname && User.get_by_nickname(nickname) do
"#{nickname}_#{:os.system_time()}"
"#{nickname}#{:os.system_time()}"
else
nickname
end
random_password = :crypto.strong_rand_bytes(64) |> Base.encode64()
with {:ok, new_user} <-
User.external_registration_changeset(
User.register_changeset(
%User{},
%{
name: info.name,
bio: info.description,
email: email,
nickname: nickname
}
nickname: nickname,
password: random_password,
password_confirmation: random_password
},
external: true,
confirmed: true
)
|> Repo.insert(),
{:ok, _} <-