gosora/common/email.go
Azareal e22ddfec40 Added support for password resets.
Sha256 hashes are now stored in the SFile structures, this will come of use later.
Rows should be properly closed in DefaultTopicStore.BulkGetMap.
All errors should be properly reported now in DefaultTopicStore.BulkGetMap.
Rows should be properly closed in DefaultUserStore.BulkGetMap.
All errors should be properly reported now in DefaultUserStore.BulkGetMap.
Don't have an account on the login page should now be linkified.
Renamed tempra-simple to tempra_simple to avoid breaking the template transpiler.
Fixed up bits and pieces of login.html on every theme.
Removed an old commented code chunk from template_init.go
widget_wol widgets should now get minified.
bindToAlerts() should now unbind the alert items before attempting to bind to them.
Tweaked the SendValidationEmail phrase.
Removed a layer of indentation from DefaultAuth.ValidateMFAToken and added the ErrNoMFAToken error for when MFA isn't setup on the specified account.
Email validation now uses a constant time compare to mitigate certain classes of timing attacks.

Added the /accounts/password-reset/ route.
Added the /accounts/password-reset/submit/ route.
Added the /accounts/password-reset/token/ route.
Added the /accounts/password-reset/token/submit/ route.
Added the password_resets table.

Added the password_reset_email_fail phrase.
Added the password_reset phrase.
Added the password_reset_token phrase.
Added the password_reset_email_sent phrase.
Added the password_reset_token_token_verified phrase.
Added the login_forgot_password phrase.
Added the password_reset_head phrase.
Added the password_reset_username phrase.
Added the password_reset_button phrase.
Added the password_reset_subject phrase.
Added the password_reset_body phrase.
Added the password_reset_token_head phrase.
Added the password_reset_token_password phrase.
Added the password_reset_token_confirm_password phrase.
Added the password_reset_mfa_token phrase.
Added the password_reset_token_button phrase.

You will need to run the updater or patcher for this commit.
2019-03-11 18:47:45 +10:00

119 lines
2.7 KiB
Go

package common
import (
"crypto/tls"
"fmt"
"net/mail"
"net/smtp"
)
type Email struct {
UserID int
Email string
Validated bool
Primary bool
Token string
}
func SendValidationEmail(username string, email string, token string) error {
var schema = "http"
if Site.EnableSsl {
schema += "s"
}
// TODO: Move these to the phrase system
subject := "Validate Your Email - " + Site.Name
msg := "Dear " + username + ", to complete your registration on our forums, we need you to validate your email, so that we can confirm that this email actually belongs to you.\n\nClick on the following link to do so. " + schema + "://" + Site.URL + "/user/edit/token/" + token + "\n\nIf you haven't created an account here, then please feel free to ignore this email.\nWe're sorry for the inconvenience this may have caused."
return SendEmail(email, subject, msg)
}
// TODO: Refactor this
func SendEmail(email string, subject string, msg string) (err error) {
// This hook is useful for plugin_sendmail or for testing tools. Possibly to hook it into some sort of mail server?
ret, hasHook := GetHookTable().VhookNeedHook("email_send_intercept", email, subject, msg)
if hasHook {
return ret.(error)
}
from := mail.Address{"", Site.Email}
to := mail.Address{"", email}
headers := make(map[string]string)
headers["From"] = from.String()
headers["To"] = to.String()
headers["Subject"] = subject
body := ""
for k, v := range headers {
body += fmt.Sprintf("%s: %s\r\n", k, v)
}
body += "\r\n" + msg
var c *smtp.Client
if Config.SMTPEnableTLS {
tlsconfig := &tls.Config{
InsecureSkipVerify: true,
ServerName: Config.SMTPServer,
}
conn, err := tls.Dial("tcp", Config.SMTPServer+":"+Config.SMTPPort, tlsconfig)
if err != nil {
LogWarning(err)
return err
}
c, err = smtp.NewClient(conn, Config.SMTPServer)
if err != nil {
LogWarning(err)
return err
}
} else {
c, err = smtp.Dial(Config.SMTPServer + ":" + Config.SMTPPort)
if err != nil {
LogWarning(err)
return err
}
}
if Config.SMTPUsername != "" {
auth := smtp.PlainAuth("", Config.SMTPUsername, Config.SMTPPassword, Config.SMTPServer)
err = c.Auth(auth)
if err != nil {
LogWarning(err)
return err
}
}
err = c.Mail(from.Address)
if err != nil {
LogWarning(err)
return err
}
err = c.Rcpt(to.Address)
if err != nil {
LogWarning(err)
return err
}
w, err := c.Data()
if err != nil {
LogWarning(err)
return err
}
_, err = w.Write([]byte(body))
if err != nil {
LogWarning(err)
return err
}
err = w.Close()
if err != nil {
LogWarning(err)
return err
}
err = c.Quit()
if err != nil {
LogWarning(err)
return err
}
return nil
}