zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-25 01:32:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

Send email notifications for email and password changes

Browse source
This commit is contained in:
Kyle Drake 2017-02-04 11:31:48 -08:00
parent 80b31c29cb
commit 28000fc73c
4 changed files with 46 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
app/settings.rb
View file

@ -188,6 +188,12 @@ post '/settings/change_password' do
if parent_site.errors.empty? if parent_site.errors.empty?
parent_site.save_changes parent_site.save_changes
parent_site.send_email(
subject: "[Neocities] Your password has been changed",
body: Tilt.new('./views/templates/email/password_changed.erb', pretty: true).render(self)
)
flash[:success] = 'Successfully changed password.' flash[:success] = 'Successfully changed password.'
redirect "/settings#password" redirect "/settings#password"
else else
@ -210,6 +216,7 @@ post '/settings/change_email' do
redirect redirect_url redirect redirect_url
end end
previous_email = parent_site.email
parent_site.email = params[:email] parent_site.email = params[:email]
parent_site.email_confirmation_token = SecureRandom.hex 3 parent_site.email_confirmation_token = SecureRandom.hex 3
parent_site.email_confirmed = false parent_site.email_confirmed = false
@ -218,6 +225,12 @@ post '/settings/change_email' do
if parent_site.valid? if parent_site.valid?
parent_site.save_changes parent_site.save_changes
send_confirmation_email send_confirmation_email
parent_site.send_email(
subject: "[Neocities] Your email address has been changed",
body: Tilt.new('./views/templates/email/email_changed.erb', pretty: true).render(self, site: parent_site, previous_email: previous_email)
)
if !parent_site.supporter? if !parent_site.supporter?
session[:fromsettings] = true session[:fromsettings] = true
redirect "/site/#{parent_site.email}/confirm_email" redirect "/site/#{parent_site.email}/confirm_email"

16
tests/acceptance/settings/account_tests.rb
View file

@ -13,6 +13,7 @@ describe 'site/settings' do
end end
it 'should change email' do it 'should change email' do
original_email = @site.email
@site.password_reset_token = 'shouldgoaway' @site.password_reset_token = 'shouldgoaway'
@site.save @site.save
@new_email = "#{SecureRandom.uuid.gsub('-', '')}@exampleedsdfdsf.com" @new_email = "#{SecureRandom.uuid.gsub('-', '')}@exampleedsdfdsf.com"
@ -29,12 +30,18 @@ describe 'site/settings' do
@site.reload @site.reload
@site.email.must_equal @new_email @site.email.must_equal @new_email
@site.password_reset_token.must_equal nil @site.password_reset_token.must_equal nil
EmailWorker.jobs.length.must_equal 1
args = EmailWorker.jobs.first['args'].first EmailWorker.jobs.length.must_equal 2
args = EmailWorker.jobs.select {|job| job['args'].first['subject'] =~ /confirm your email address/i}.first['args'].first
args['to'].must_equal @new_email args['to'].must_equal @new_email
args['subject'].must_match /confirm your email address/i args['subject'].must_match /confirm your email address/i
args['body'].must_match /hello #{@site.username}/i args['body'].must_match /hello #{@site.username}/i
args['body'].must_match /#{@site.email_confirmation_token}/ args['body'].must_match /#{@site.email_confirmation_token}/
args = EmailWorker.jobs.select {|job| job['args'].first['subject'] =~ /your email address.+changed/i}.first['args'].first
args['body'].must_match /previous email.+#{original_email}/
args['body'].must_match /new email.+#{@site.email}/
end end
it 'should fail for invalid email address' do it 'should fail for invalid email address' do
@ -123,6 +130,7 @@ describe 'site/settings' do
include Capybara::DSL include Capybara::DSL
before do before do
EmailWorker.jobs.clear
@site = Fabricate :site, password: 'derpie' @site = Fabricate :site, password: 'derpie'
page.set_rack_session id: @site.id page.set_rack_session id: @site.id
visit '/settings' visit '/settings'
@ -138,6 +146,8 @@ describe 'site/settings' do
@site.reload @site.reload
@site.valid_password?('derpie').must_equal false @site.valid_password?('derpie').must_equal false
@site.valid_password?('derpie2').must_equal true @site.valid_password?('derpie2').must_equal true
EmailWorker.jobs.select {|job| job['args'].first['subject'] =~ /password has been changed/i}.length.must_equal 1
end end
it 'should not change for invalid current password' do it 'should not change for invalid current password' do
@ -150,6 +160,8 @@ describe 'site/settings' do
@site.reload @site.reload
@site.valid_password?('derpie').must_equal true @site.valid_password?('derpie').must_equal true
@site.valid_password?('derpie2').must_equal false @site.valid_password?('derpie2').must_equal false
EmailWorker.jobs.length.must_equal 0
end end
end end
end end

11
views/templates/email/email_changed.erb Normal file
View file

@ -0,0 +1,11 @@
Hello,
We're writing to let you know that your Neocities email has been changed. If you made this change, you can safely ignore this email.
Your previous email address: <%= previous_email %>
Your new email address: <%= site.email %>
If you did NOT make this email change, this could be an indication that your site has been hacked! Please contact Neocities support if you think this is the case.
Regards,
The Neocities Team

8
views/templates/email/password_changed.erb Normal file
View file

@ -0,0 +1,8 @@
Hello,
We're writing to let you know that your Neocities password has been changed. If you made this change, you can safely ignore this email.
If you did NOT make this password change, this could be an indication that your site has been hacked! Please contact Neocities support if you think this is the case.
Regards,
The Neocities Team