2013-02-06 03:16:51 +08:00
|
|
|
class EmailToken < ActiveRecord::Base
|
|
|
|
belongs_to :user
|
|
|
|
|
2014-10-04 11:07:20 +08:00
|
|
|
validates :token, :user_id, :email, presence: true
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2013-03-01 02:54:12 +08:00
|
|
|
before_validation(on: :create) do
|
2013-02-06 03:16:51 +08:00
|
|
|
self.token = EmailToken.generate_token
|
2014-07-14 22:16:24 +08:00
|
|
|
self.email = self.email.downcase if self.email
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
after_create do
|
|
|
|
# Expire the previous tokens
|
2016-05-03 05:15:32 +08:00
|
|
|
EmailToken.where(user_id: self.user_id)
|
2017-07-28 09:20:09 +08:00
|
|
|
.where("id != ?", self.id)
|
|
|
|
.update_all(expired: true)
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def self.token_length
|
|
|
|
16
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.valid_after
|
2014-07-02 07:08:25 +08:00
|
|
|
SiteSetting.email_token_valid_hours.hours.ago
|
2014-03-05 03:03:04 +08:00
|
|
|
end
|
|
|
|
|
2013-02-23 00:49:48 +08:00
|
|
|
def self.unconfirmed
|
|
|
|
where(confirmed: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.active
|
2013-02-23 04:19:44 +08:00
|
|
|
where(expired: false).where('created_at > ?', valid_after)
|
2013-02-23 00:49:48 +08:00
|
|
|
end
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
def self.generate_token
|
|
|
|
SecureRandom.hex(EmailToken.token_length)
|
|
|
|
end
|
|
|
|
|
2014-08-26 03:30:52 +08:00
|
|
|
def self.valid_token_format?(token)
|
2017-07-28 09:20:09 +08:00
|
|
|
token.present? && token =~ /\h{#{token.length / 2}}/i
|
2014-08-26 03:30:52 +08:00
|
|
|
end
|
|
|
|
|
2016-03-08 03:40:11 +08:00
|
|
|
def self.atomic_confirm(token)
|
|
|
|
failure = { success: false }
|
|
|
|
return failure unless valid_token_format?(token)
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2016-01-05 00:48:54 +08:00
|
|
|
email_token = confirmable(token)
|
2016-03-08 03:40:11 +08:00
|
|
|
return failure if email_token.blank?
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
user = email_token.user
|
2016-03-08 03:40:11 +08:00
|
|
|
failure[:user] = user
|
2016-12-19 14:15:20 +08:00
|
|
|
row_count = EmailToken.where(confirmed: false, id: email_token.id, expired: false).update_all 'confirmed = true'
|
2016-05-03 05:15:32 +08:00
|
|
|
|
2016-03-08 03:40:11 +08:00
|
|
|
if row_count == 1
|
2016-05-03 05:15:32 +08:00
|
|
|
{ success: true, user: user, email_token: email_token }
|
|
|
|
else
|
|
|
|
failure
|
2016-03-08 03:40:11 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.confirm(token)
|
2013-02-06 03:16:51 +08:00
|
|
|
User.transaction do
|
2016-03-08 03:40:11 +08:00
|
|
|
result = atomic_confirm(token)
|
|
|
|
user = result[:user]
|
|
|
|
if result[:success]
|
2013-02-06 03:16:51 +08:00
|
|
|
# If we are activating the user, send the welcome message
|
|
|
|
user.send_welcome_message = !user.active?
|
|
|
|
user.active = true
|
2016-03-08 03:40:11 +08:00
|
|
|
user.email = result[:email_token].email
|
2013-02-06 03:16:51 +08:00
|
|
|
user.save!
|
2017-06-15 01:20:18 +08:00
|
|
|
user.set_automatic_groups
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
2016-01-05 00:48:54 +08:00
|
|
|
|
2016-03-08 03:40:11 +08:00
|
|
|
if user
|
2017-04-27 02:47:36 +08:00
|
|
|
return User.find_by_email(user.email) if Invite.redeem_from_email(user.email).present?
|
2016-03-08 03:40:11 +08:00
|
|
|
user
|
|
|
|
end
|
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
rescue ActiveRecord::RecordInvalid
|
|
|
|
# If the user's email is already taken, just return nil (failure)
|
|
|
|
end
|
2016-01-05 00:48:54 +08:00
|
|
|
|
|
|
|
def self.confirmable(token)
|
2016-05-03 05:15:32 +08:00
|
|
|
EmailToken.where(token: token)
|
2017-07-28 09:20:09 +08:00
|
|
|
.where(expired: false, confirmed: false)
|
|
|
|
.where("created_at >= ?", EmailToken.valid_after)
|
|
|
|
.includes(:user)
|
|
|
|
.first
|
2016-01-05 00:48:54 +08:00
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
2013-05-24 10:48:32 +08:00
|
|
|
|
|
|
|
# == Schema Information
|
|
|
|
#
|
|
|
|
# Table name: email_tokens
|
|
|
|
#
|
|
|
|
# id :integer not null, primary key
|
|
|
|
# user_id :integer not null
|
2019-01-12 03:29:56 +08:00
|
|
|
# email :string not null
|
|
|
|
# token :string not null
|
2013-05-24 10:48:32 +08:00
|
|
|
# confirmed :boolean default(FALSE), not null
|
|
|
|
# expired :boolean default(FALSE), not null
|
2014-08-27 13:19:25 +08:00
|
|
|
# created_at :datetime not null
|
|
|
|
# updated_at :datetime not null
|
2013-05-24 10:48:32 +08:00
|
|
|
#
|
|
|
|
# Indexes
|
|
|
|
#
|
2014-08-23 01:01:44 +08:00
|
|
|
# index_email_tokens_on_token (token) UNIQUE
|
|
|
|
# index_email_tokens_on_user_id (user_id)
|
2013-05-24 10:48:32 +08:00
|
|
|
#
|