Girish Ramakrishnan
55
src/users.js
55
src/users.js
@@ -29,6 +29,8 @@ exports = module.exports = {
|
||||
|
||||
sendPasswordResetByIdentifier: sendPasswordResetByIdentifier,
|
||||
|
||||
setupAccount,
|
||||
|
||||
count: count,
|
||||
|
||||
AP_MAIL: 'mail',
|
||||
@@ -63,6 +65,7 @@ let assert = require('assert'),
|
||||
safe = require('safetydance'),
|
||||
settings = require('./settings.js'),
|
||||
speakeasy = require('speakeasy'),
|
||||
tokens = require('./tokens.js'),
|
||||
userdb = require('./userdb.js'),
|
||||
uuid = require('uuid'),
|
||||
validator = require('validator'),
|
||||
@@ -566,11 +569,12 @@ function getOwner(callback) {
|
||||
});
|
||||
}
|
||||
|
||||
function inviteLink(user) {
|
||||
function inviteLink(user, directoryConfig) {
|
||||
let link = `${settings.adminOrigin()}/setupaccount.html?resetToken=${user.resetToken}&email=${encodeURIComponent(user.email)}`;
|
||||
|
||||
if (user.username) link += `&username=${encodeURIComponent(user.username)}`;
|
||||
if (user.displayName) link += `&displayName=${encodeURIComponent(user.displayName)}`;
|
||||
if (directoryConfig.lockUserProfiles) link += '&profileLocked=true';
|
||||
|
||||
return link;
|
||||
}
|
||||
@@ -583,11 +587,16 @@ function createInvite(user, callback) {
|
||||
|
||||
const resetToken = hat(256), resetTokenCreationTime = new Date();
|
||||
|
||||
userdb.update(user.id, { resetToken, resetTokenCreationTime }, function (error) {
|
||||
settings.getDirectoryConfig(function (error, directoryConfig) {
|
||||
if (error) return callback(error);
|
||||
|
||||
user.resetToken = resetToken;
|
||||
callback(null, { resetToken, inviteLink: inviteLink(user) });
|
||||
userdb.update(user.id, { resetToken, resetTokenCreationTime }, function (error) {
|
||||
if (error) return callback(error);
|
||||
|
||||
user.resetToken = resetToken;
|
||||
|
||||
callback(null, { resetToken, inviteLink: inviteLink(user, directoryConfig) });
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
@@ -599,9 +608,43 @@ function sendInvite(user, options, callback) {
|
||||
if (user.source) return callback(new BoxError(BoxError.CONFLICT, 'User is from an external directory'));
|
||||
if (!user.resetToken) return callback(new BoxError(BoxError.CONFLICT, 'Must generate resetToken to send invitation'));
|
||||
|
||||
mailer.sendInvite(user, options.invitor || null, inviteLink(user));
|
||||
settings.getDirectoryConfig(function (error, directoryConfig) {
|
||||
if (error) return callback(error);
|
||||
|
||||
callback(null);
|
||||
mailer.sendInvite(user, options.invitor || null, inviteLink(user, directoryConfig));
|
||||
|
||||
callback(null);
|
||||
});
|
||||
}
|
||||
|
||||
function setupAccount(user, data, auditSource, callback) {
|
||||
assert.strictEqual(typeof user, 'object');
|
||||
assert.strictEqual(typeof data, 'object');
|
||||
assert(auditSource && typeof auditSource === 'object');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
settings.getDirectoryConfig(function (error, directoryConfig) {
|
||||
if (error) return callback(error);
|
||||
|
||||
const updateFunc = (done) => {
|
||||
if (directoryConfig.lockUserProfiles) return done();
|
||||
update(user, _.pick(data, 'username', 'displayName'), auditSource, done);
|
||||
};
|
||||
|
||||
updateFunc(function (error) {
|
||||
if (error) return callback(error);
|
||||
|
||||
setPassword(user, data.password, function (error) { // setPassword clears the resetToken
|
||||
if (error) return callback(error);
|
||||
|
||||
tokens.add(tokens.ID_WEBADMIN, user.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) {
|
||||
if (error) return callback(error);
|
||||
|
||||
callback(null, result.accessToken);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function setTwoFactorAuthenticationSecret(userId, callback) {
|
||||
|
||||
Reference in New Issue
Block a user