Commit 3e355098 authored by o@immerda.ch's avatar o@immerda.ch
Browse files

new signup flow that allows to delete token on signup

parent 5e2fdd03
......@@ -3,3 +3,4 @@
# You can use CoffeeScript in this file: http://coffeescript.org/
//= require zxcvbn
//= require pwstrength
//= require signup_helpers
function toggleTrees() {
q = document.getElementById('keep_recovery_token_question');
if (document.getElementById('enable_trees').checked)
q.style.display = 'block';
else
q.style.display = 'none';
}
function loadToggleTrees() {
document.getElementById('enable_trees').addEventListener("change", toggleTrees);
toggleTrees();
}
window.addEventListener("load", loadToggleTrees)
......@@ -26,6 +26,16 @@ class ApplicationController < ActionController::Base
end
helper_method :trees_enabled?
def recovery_token
session[:trees_recovery_token]
end
helper_method :recovery_token
def recovery_token_present?
session[:trees_token_present]
end
helper_method :recovery_token_present?
def admin?
@is_admin ||= Admin::Enabled && Admin::Admins.include?(current_user)
end
......
......@@ -99,11 +99,12 @@ module ApiBackend
post(["trees_recovery_token_delete"], {"email"=> user, "password" => pw})
end
def self.create_new_mailbox(email, pw, trees_enabled, new_email_token)
def self.create_new_mailbox(email, pw, trees_enabled, new_email_token, keep_recovery_token)
post(["create_new_mailbox"], {"email" => email,
"password" => pw,
"trees_enabled" => trees_enabled,
"new_email_token" => new_email_token,
"keep_recovery_token" => keep_recovery_token,
})
end
end
class SignupController < ApplicationController
def authorize
@token = nil
token = params[:token]
if token
check_token = ApiBackend::new_email_token_valid?(token)
if check_token && check_token['result'] == 'success'
return true
@token = token
end
end
redirect_to '/login'
end
def new
@token = params[:token]
@email = params[:email]
if ("#{@email}" != '') && !(@email =~ /@/)
@email = "#{@email}@immerda.ch"
end
@new_pw = params[:new]
@enable_trees = params[:enable_trees] || false
if @token
@domains ||= ApiBackend::list_domains
@email = params[:email]
@new_pw = params[:new]
@enable_trees = params[:enable_trees]
@recovery_email = params[:recovery_email]
@domain = params[:domain]
@keep_recovery_token = params[:keep_recovery_token]
if request.post?
check = ApiBackend::valid_new_email?(@email)
if !check || check['result'] != 'success'
if check && check['msg'] == 'invalid_domain'
flash[:notice] = :invalid_domain
else
flash[:notice] = :invalid_email
end
return
if request.post? && !@domain
@enable_trees = true
end
if check['exists']
flash[:notice] = :account_exists_already
return
end
if request.post? && @domain && @email && @email != ""
full_email = "#{@email}@#{@domain}"
check = ApiBackend::valid_new_email?(full_email)
if !check || check['result'] != 'success'
if check && check['msg'] == 'invalid_domain'
flash[:notice] = :invalid_domain
else
flash[:notice] = :invalid_email
end
return
end
if !password_policy?(params[:new])
return
end
if params['new'] != params['confirm']
flash[:notice] = :password_change_mismatch
return
end
if check['exists']
flash[:notice] = :account_exists_already
return
end
res = ApiBackend::create_new_mailbox(@email, @new_pw, @enable_trees, @token)
if res && res['result'] == 'success'
flash[:notice] = :signup_success
redirect_to '/login'
return
else
flash[:notice] = :signup_failed
if !password_policy?(params[:new])
return
end
if params['new'] != params['confirm']
flash[:notice] = :password_change_mismatch
return
end
if !@keep_recovery_token
flash[:notice] = :decide_recovery_token
return
end
res = ApiBackend::create_new_mailbox(
full_email, @new_pw, @enable_trees, @token,
@keep_recovery_token == 'yes')
if res && res['result'] == 'success'
flash.delete(:notice)
if @keep_recovery_token == 'no'
@trees_recovery_token = res['trees_recovery_token']
end
@account_successfully_created = true
else
flash[:notice] = :signup_failed
end
end
end
end
......
class TreesController < ApplicationController
def redirect
if trees_enabled?
if session[:trees_token_present] &&
!session[:trees_recovery_token]
if recovery_token_present? && !recovery_token
redirect_to '/trees_token/request'
else
redirect_to '/trees_token'
......
class TreesTokenController < ApplicationController
def recovery_token
session[:trees_recovery_token]
end
helper_method :recovery_token
def fetch
if !recovery_token && params['pass']
res = ApiBackend::trees_token(current_user, params['pass'])
......
......@@ -7,9 +7,11 @@
<li><%= link_to (t :app_passwords) , app_passwords_path %>
<br /><%= t(:app_passwords_short_help) %>
</li>
<% if recovery_token_present? %>
<li><%= link_to (t :recovery_token) , trees_path %>
<br /><%= t(:trees_token_short_help) %>
</li>
<% end %>
<% else %>
<li><%= link_to (t :trees_settings) , trees_path %> (beta)
<br /><%= t(:enable_trees_short_help) %>
......
<h3><%= t :new_account %></h3>
<%= form_tag("/signup", method: "post") do %>
<table>
<tr><td>
<%= label_tag(:email, (t :email)) %>
</td><td>
<%= text_field_tag(:email, '', value: @email || '@', autofill: 'off') %>
</td><td>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:new, (t :new_pw)) %>
</td><td>
<%= password_field_tag(:new, "", value: @new_pw, autofill: 'off') %>
</td><td>
<div id="new_ok">&nbsp;</div>
</td><td>
<div id="pwscore" style="text-align:center;width:30px;margin:0 10px 10px;padding:1px;">&nbsp;</div>
</td></tr>
<tr><td>
<%= label_tag(:confirm, (t :confirm_pw)) %>
</td><td>
<%= password_field_tag(:confirm) %>
</td><td>
<div id='confirm_ok'>
</td><td>
</td></tr>
</table>
<% if !@token || @token == "" %>
<%= form_tag("/signup", method: "post") do %>
<%= label_tag(:token, (t :token)) %>
<%= text_field_tag(:token) %>
<%= submit_tag(t :submit) %>
<% end %>
<% elsif @account_successfully_created %>
<p>
<input type="checkbox" id="enable_trees" name="enable_trees" value="true"
<%= if @enable_trees then 'checked="checked"' else '' end %>/>
<b><%= t :encrypt_mailbox %></b>
<br/>
<%= t :encrypt_mailbox_help %>
<b> <%= t(:hello) %> <%= @email %>@<%= @domain %> </b>
<br />
<br />
<%= t(:new_account_intro1) %>
</p>
<% if @trees_recovery_token %>
<p>
<%= t(:new_account_intro_token) %>
<br />
<br />
<b>Token</b> <div class="recovery-token"><%= @trees_recovery_token %></div>
</p>
<p>
<%= t(:app_passwords_short_help) %>
</p>
<br />
<br />
<% end %>
<p>
<%= hidden_field_tag(:token, '', value: @token) %>
<%= submit_tag(t :create) %>
<%= t(:new_account_intro2) %>
</p>
<p>
<ul class="menu">
<li><%= link_to t(:main_title), index_path %></li>
<li><a href="https://immerda.ch">immerda.ch</a></li>
<li><a href="https://webmail.immerda.ch">Webmail</a></li>
</ul>
</p>
<% else %>
<%= form_tag("/signup", method: "post") do %>
<table>
<tr><td>
<%= label_tag(:email, (t :email)) %>
</td><td>
<%= text_field_tag(:email, '', value: @email || 'ig', autofill: 'off') %>
@
<%= select_tag :domain, options_for_select(@domains.map{|d| d['domain']}) %>
</td><td>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:new, (t :new_pw)) %>
</td><td>
<%= password_field_tag(:new, "", value: @new_pw, autofill: 'off') %>
</td><td>
<div id="new_ok">&nbsp;</div>
</td><td>
<div id="pwscore" style="text-align:center;width:30px;margin:0 10px 10px;padding:1px;">&nbsp;</div>
</td></tr>
<tr><td>
<%= label_tag(:confirm, (t :confirm_pw)) %>
</td><td>
<%= password_field_tag(:confirm) %>
</td><td>
<div id='confirm_ok'>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:recovery_email, (t :recovery_email)) %>
</td><td>
<%= text_field_tag(:recovery_email, '', value: @recovery_email) %>
</td><td>
</td><td>
</td></tr>
</table>
<%= t :recovery_email_help %>
<br />
<br />
<p>
<input type="checkbox" id="enable_trees" name="enable_trees" value="true"
<%= if @enable_trees then 'checked="checked"' else '' end %>/>
<b><%= t :encrypt_mailbox %></b>
<br/>
<%= t :encrypt_mailbox_help %>
<br />
<div id="keep_recovery_token_question">
<br />
<%= t :keep_recovery_token_help %>
<br />
<input type="radio" id="keep_recovery_token_no" name="keep_recovery_token" value="no"
<%= if @keep_recovery_token == 'no' then 'checked="checked"' else '' end %>
/>
<%= t(:init_delete_token) %>
<br />
<input type="radio" id="keep_recovery_token_yes" name="keep_recovery_token" value="yes"
<%= if @keep_recovery_token == 'yes' then 'checked="checked"' else '' end %>
/>
<%= t(:init_keep_token) %>
</div>
</p>
<p>
<%= hidden_field_tag(:token, '', value: @token) %>
<%= submit_tag(t :create) %>
</p>
<% end %>
<% end %>
......@@ -53,3 +53,11 @@ de:
recovery_token_hint: "Wir empfehlen dir dein Sicherheits token sicher abzulegen und unsere Kopie zu löschen"
signup_success: "Konto erfolgreich erstellt"
main_title: "Immerda Konto Verwaltung"
new_account_intro1: "Dein Konto ist erstellt! Hier ein paar infos"
new_account_intro_token: "Deine Mails sind mit deinem Passwort verschlüsselt. Wenn du es vergisst, brauchst du diesen Token, damit wir dein Passwort zurücksetzen können. Ansonsten können deine Mails nicht mehr gelesen werden. Kopiere das Token jetzt und bewahre es sicher auf, es kann später nicht mehr angezeigt werden!"
new_account_intro2: "Wir empfehlen dir im Webmail einen GPG Schlüssel zu erstellen. Die Anleitung findest du in unserem Willkommens Email, das du nun erhalten hast."
recovery_email: "Patin"
recovery_email_help: "Deine Patin kann für dich ein neues Passwort bestellen. Es muss eine Immerda email Adresse sein. Du das Feld leer lassen, oder später ändern."
keep_recovery_token_help: "Beim Passwortverlust brauchst du ein Token, um deine Mailbox wiederherzustellen."
init_keep_token: "Ich kann jetzt gerade das Token nicht sicher aufbewahren und werde es später abholen."
init_delete_token: "Ich bewahre das Token selber auf."
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment