diff options
author | enahum <nahumhbl@gmail.com> | 2016-04-08 18:04:23 -0300 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2016-04-08 14:04:23 -0700 |
commit | df77179eccffbb77f684abde45cac743f5d0b414 (patch) | |
tree | 524312a7033c11a4daeb9fa2b4aa2283765bdd9d | |
parent | 77ee1ce7fee698847e211dc15d4673300901aa48 (diff) | |
download | chat-df77179eccffbb77f684abde45cac743f5d0b414.tar.gz chat-df77179eccffbb77f684abde45cac743f5d0b414.tar.bz2 chat-df77179eccffbb77f684abde45cac743f5d0b414.zip |
Fix email verification process (#2664)
- Fix email verification URL in login view
- Fix URL in email being sent for verification
- Add Email Verification on password reset
- Fix display of email in reset password
- Fix URL en team_signup_password_page
- Fix typo in webapp en loc
- Add missing es locs
- Removed extra es, fr and pt locs
-rw-r--r-- | api/user.go | 2 | ||||
-rw-r--r-- | i18n/en.json | 8 | ||||
-rw-r--r-- | i18n/es.json | 6 | ||||
-rw-r--r-- | store/sql_user_store.go | 2 | ||||
-rw-r--r-- | webapp/components/login/login.jsx | 2 | ||||
-rw-r--r-- | webapp/components/password_reset_send_link.jsx | 4 | ||||
-rw-r--r-- | webapp/components/signup_team_complete/components/team_signup_password_page.jsx | 2 | ||||
-rw-r--r-- | webapp/i18n/en.json | 22 | ||||
-rw-r--r-- | webapp/i18n/es.json | 23 | ||||
-rw-r--r-- | webapp/i18n/fr.json | 8 | ||||
-rw-r--r-- | webapp/i18n/pt.json | 8 |
11 files changed, 41 insertions, 46 deletions
diff --git a/api/user.go b/api/user.go index ab13cbb68..76eeaa441 100644 --- a/api/user.go +++ b/api/user.go @@ -1836,7 +1836,7 @@ func sendEmailChangeEmailAndForget(c *Context, oldEmail, newEmail, teamDisplayNa func SendEmailChangeVerifyEmailAndForget(c *Context, userId, newUserEmail, teamName, teamDisplayName, siteURL, teamURL string) { go func() { - link := fmt.Sprintf("%s/verify_email?uid=%s&hid=%s&teamname=%s&email=%s", siteURL, userId, model.HashPassword(userId), teamName, newUserEmail) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&teamname=%s&email=%s", siteURL, userId, model.HashPassword(userId), teamName, newUserEmail) subjectPage := utils.NewHTMLTemplate("email_change_verify_subject", c.Locale) subjectPage.Props["Subject"] = c.T("api.templates.email_change_verify_subject", diff --git a/i18n/en.json b/i18n/en.json index 5d154001c..17f1ba7c8 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -2208,6 +2208,10 @@ "translation": "Invalid thumbnail width for file settings. Must be a positive number." }, { + "id": "model.config.is_valid.ldap_security.app_error", + "translation": "Invalid connection security for LDAP settings. Must be '', 'TLS', or 'STARTTLS'" + }, + { "id": "model.config.is_valid.listen_address.app_error", "translation": "Invalid listen address for service settings Must be set." }, @@ -2244,10 +2248,6 @@ "translation": "Invalid maximum open connection for SQL settings. Must be a positive number." }, { - "id": "model.config.is_valid.ldap_security.app_error", - "translation": "Invalid connection security for LDAP settings. Must be '', 'TLS', or 'STARTTLS'" - }, - { "id": "model.file_info.get.gif.app_error", "translation": "Could not decode gif." }, diff --git a/i18n/es.json b/i18n/es.json index c66e621aa..f5e98c5c7 100644 --- a/i18n/es.json +++ b/i18n/es.json @@ -2208,6 +2208,10 @@ "translation": "El ancho para la imagen de miniatura es inválido en la configuración de archivos. Debe ser un número positivo." }, { + "id": "model.config.is_valid.ldap_security.app_error", + "translation": "Conexión segura inválida en la configuración de LDAP. Debe ser '', 'TLS', o 'STARTTLS'" + }, + { "id": "model.config.is_valid.listen_address.app_error", "translation": "Dirección dónde se escuchará el servicio en la configuracón del servicio debe ser asignada." }, @@ -3827,4 +3831,4 @@ "id": "web.watcher_fail.error", "translation": "Falla al agregar el directorio a ser vigilado %v" } -]
\ No newline at end of file +] diff --git a/store/sql_user_store.go b/store/sql_user_store.go index 957921b9e..767892056 100644 --- a/store/sql_user_store.go +++ b/store/sql_user_store.go @@ -281,7 +281,7 @@ func (us SqlUserStore) UpdatePassword(userId, hashedPassword string) StoreChanne updateAt := model.GetMillis() - if _, err := us.GetMaster().Exec("UPDATE Users SET Password = :Password, LastPasswordUpdate = :LastPasswordUpdate, UpdateAt = :UpdateAt, AuthData = '', AuthService = '', FailedAttempts = 0 WHERE Id = :UserId", map[string]interface{}{"Password": hashedPassword, "LastPasswordUpdate": updateAt, "UpdateAt": updateAt, "UserId": userId}); err != nil { + if _, err := us.GetMaster().Exec("UPDATE Users SET Password = :Password, LastPasswordUpdate = :LastPasswordUpdate, UpdateAt = :UpdateAt, AuthData = '', AuthService = '', EmailVerified = 1, FailedAttempts = 0 WHERE Id = :UserId", map[string]interface{}{"Password": hashedPassword, "LastPasswordUpdate": updateAt, "UpdateAt": updateAt, "UserId": userId}); err != nil { result.Err = model.NewLocAppError("SqlUserStore.UpdatePassword", "store.sql_user.update_password.app_error", nil, "id="+userId+", "+err.Error()) } else { result.Data = userId diff --git a/webapp/components/login/login.jsx b/webapp/components/login/login.jsx index e867af47a..ed7495b13 100644 --- a/webapp/components/login/login.jsx +++ b/webapp/components/login/login.jsx @@ -90,7 +90,7 @@ export default class Login extends React.Component { }, (err) => { if (err.id === 'api.user.login.not_verified.app_error') { - browserHistory.push('/verify_email?teamname=' + encodeURIComponent(name) + '&email=' + encodeURIComponent(loginId)); + browserHistory.push('/should_verify_email?teamname=' + encodeURIComponent(team) + '&email=' + encodeURIComponent(loginId)); return; } this.setState({serverEmailError: err.message}); diff --git a/webapp/components/password_reset_send_link.jsx b/webapp/components/password_reset_send_link.jsx index a42b8935c..e3ab8949e 100644 --- a/webapp/components/password_reset_send_link.jsx +++ b/webapp/components/password_reset_send_link.jsx @@ -55,7 +55,9 @@ class PasswordResetSendLink extends React.Component { <FormattedHTMLMessage id='password_send.link' defaultMessage='<p>A password reset link has been sent to <b>{email}</b></p>' - email={email} + values={{ + email + }} /> <FormattedMessage id={'password_send.checkInbox'} diff --git a/webapp/components/signup_team_complete/components/team_signup_password_page.jsx b/webapp/components/signup_team_complete/components/team_signup_password_page.jsx index fbe8ab683..7b8b49e0c 100644 --- a/webapp/components/signup_team_complete/components/team_signup_password_page.jsx +++ b/webapp/components/signup_team_complete/components/team_signup_password_page.jsx @@ -81,7 +81,7 @@ class TeamSignupPasswordPage extends React.Component { }, (err) => { if (err.id === 'api.user.login.not_verified.app_error') { - browserHistory.push('/verify_email?email=' + encodeURIComponent(teamSignup.team.email) + '&teamname=' + encodeURIComponent(teamSignup.team.name)); + browserHistory.push('/should_verify_email?email=' + encodeURIComponent(teamSignup.team.email) + '&teamname=' + encodeURIComponent(teamSignup.team.name)); } else { this.setState({serverError: err.message}); $('#finish-button').button('reset'); diff --git a/webapp/i18n/en.json b/webapp/i18n/en.json index fd8f44c36..75280c5e6 100644 --- a/webapp/i18n/en.json +++ b/webapp/i18n/en.json @@ -111,12 +111,6 @@ "admin.compliance_table.timestamp": "Timestamp", "admin.compliance_table.type": "Type", "admin.compliance_table.userId": "Requested By", - "admin.email.allowEmailSignInDescription": "When true, Mattermost allows users to sign in using their email and password.", - "admin.email.allowEmailSignInTitle": "Allow Sign In With Email: ", - "admin.email.allowSignupDescription": "When true, Mattermost allows team creation and account signup using email and password. This value should be false only when you want to limit signup to a single-sign-on service like OAuth or LDAP.", - "admin.email.allowSignupTitle": "Allow Sign Up With Email: ", - "admin.email.allowUsernameSignInDescription": "When true, Mattermost allows users to sign in using their username and password. This setting is typically only used when email verification is disabled.", - "admin.email.allowUsernameSignInTitle": "Allow Sign In With Username: ", "admin.connectionSecurityNone": "None", "admin.connectionSecurityNoneDescription": "Mattermost will connect over an unsecure connection.", "admin.connectionSecurityStart": "STARTTLS", @@ -125,6 +119,12 @@ "admin.connectionSecurityTitle": "Connection Security:", "admin.connectionSecurityTls": "TLS", "admin.connectionSecurityTlsDescription": "Encrypts the communication between Mattermost and your server.", + "admin.email.allowEmailSignInDescription": "When true, Mattermost allows users to sign in using their email and password.", + "admin.email.allowEmailSignInTitle": "Allow Sign In With Email: ", + "admin.email.allowSignupDescription": "When true, Mattermost allows team creation and account signup using email and password. This value should be false only when you want to limit signup to a single-sign-on service like OAuth or LDAP.", + "admin.email.allowSignupTitle": "Allow Sign Up With Email: ", + "admin.email.allowUsernameSignInDescription": "When true, Mattermost allows users to sign in using their username and password. This setting is typically only used when email verification is disabled.", + "admin.email.allowUsernameSignInTitle": "Allow Sign In With Username: ", "admin.email.emailFail": "Connection unsuccessful: {error}", "admin.email.emailSettings": "Email Settings", "admin.email.emailSuccess": "No errors were reported while sending an email. Please check your inbox to make sure.", @@ -272,21 +272,21 @@ "admin.ldap.queryDesc": "The timeout value for queries to the LDAP server. Increase if you are getting timeout errors caused by a slow LDAP server.", "admin.ldap.queryEx": "Ex \"60\"", "admin.ldap.queryTitle": "Query Timeout (seconds):", - "admin.ldap.skipCertificateVerification": "Skip Vertificate Verification", - "admin.ldap.skipCertificateVerificationDesc": "Skips the certificate verificaiton step for TLS or STARTTLS connections. Not recommented for production enviroments where TLS is required. For testing only.", "admin.ldap.save": "Save", "admin.ldap.saving": "Saving Config...", "admin.ldap.serverDesc": "The domain or IP address of LDAP server.", "admin.ldap.serverEx": "Ex \"10.0.0.23\"", "admin.ldap.serverTitle": "LDAP Server:", + "admin.ldap.skipCertificateVerification": "Skip Vertificate Verification", + "admin.ldap.skipCertificateVerificationDesc": "Skips the certificate verificaiton step for TLS or STARTTLS connections. Not recommented for production enviroments where TLS is required. For testing only.", "admin.ldap.title": "LDAP Settings", "admin.ldap.true": "true", "admin.ldap.uernameAttrDesc": "The attribute in the LDAP server that will be used to populate the username field in Mattermost. This may be the same as the ID Attribute.", + "admin.ldap.userFilterDisc": "LDAP Filter to use when searching for user objects.", + "admin.ldap.userFilterEx": "Ex. \"(objectClass=user)\"", + "admin.ldap.userFilterTitle": "User Filter:", "admin.ldap.usernameAttrEx": "Ex \"sAMAccountName\"", "admin.ldap.usernameAttrTitle": "Username Attribute:", - "admin.ldap.userFilterTitle": "User Filter:", - "admin.ldap.userFilterEx": "Ex. \"(objectClass=user)\"", - "admin.ldap.userFilterDisc": "LDAP Filter to use when searching for user objects.", "admin.licence.keyMigration": "If you’re migrating servers you may need to remove your license key from this server in order to install it on a new server. To start, <a href=\"http://mattermost.com\" target=\"_blank\">disable all Enterprise Edition features on this server</a>. This will enable the ability to remove the license key and downgrade this server from Enterprise Edition to Team Edition.", "admin.license.choose": "Choose File", "admin.license.chooseFile": "Choose File", diff --git a/webapp/i18n/es.json b/webapp/i18n/es.json index f3c075b48..00d2a9d5e 100644 --- a/webapp/i18n/es.json +++ b/webapp/i18n/es.json @@ -118,20 +118,20 @@ "admin.compliance_table.timestamp": "Marca de tiempo", "admin.compliance_table.type": "Tipo", "admin.compliance_table.userId": "Solicitado por", + "admin.connectionSecurityNone": "Ninguna", + "admin.connectionSecurityNoneDescription": "Mattermost podrá utilizar una conexión insegura.", + "admin.connectionSecurityStart": "STARTTLS", + "admin.connectionSecurityStartDescription": "Intenta convertir una conexión insegura a una conexión segura utilizando TLS.", + "admin.connectionSecurityTest": "Probar Conexión", + "admin.connectionSecurityTitle": "Seguridad de Conexión:", + "admin.connectionSecurityTls": "TLS", + "admin.connectionSecurityTlsDescription": "Cifra la comnicación entre Mattermost y tu servidor.", "admin.email.allowEmailSignInDescription": "Cuando es verdadero, Mattermost permite a los usuarios iniciar sesión utilizando el correo electrónico y contraseña.", "admin.email.allowEmailSignInTitle": "Permitir inicio de sesión con Correo electrónico: ", "admin.email.allowSignupDescription": "Cuando está en verdadero, Mattermost permite la creación de equipos y cuentas utilizando el correo electrónico y contraseña. Este valor debe estar en falso sólo cuando quieres limitar el inicio de sesión a través de servicios tipo OAuth o LDAP.", "admin.email.allowSignupTitle": "Permitir registro con correo electrónico:", "admin.email.allowUsernameSignInDescription": "Cuando es verdadero, Mattermost permite a los usuarios iniciar sesión con el nombre de usuario y contraseña. Esta opción normalmente se utiliza cuando la verificación de correo electrónico está deshabilitada.", "admin.email.allowUsernameSignInTitle": "Permitir inicio de sesión con Nombre de usuario: ", - "admin.email.connectionSecurityNone": "Ninguno", - "admin.email.connectionSecurityNoneDescription": "Mattermost enviará los correos electrónicos sobre conexiones no seguras.", - "admin.email.connectionSecurityStart": "STARTTLS", - "admin.email.connectionSecurityStartDescription": "Tomar la conexión insegura e intentar actualizarla hacia una conexión segura utilizando TLS.", - "admin.email.connectionSecurityTest": "Prueba de conexión", - "admin.email.connectionSecurityTitle": "Seguridad de conexión:", - "admin.email.connectionSecurityTls": "TLS (Recomendado)", - "admin.email.connectionSecurityTlsDescription": "Cifra la comunicación entre Mattermost y tu servidor de correo electrónico.", "admin.email.emailFail": "Conexión fallida: {error}", "admin.email.emailSettings": "Configuraciones de correo", "admin.email.emailSuccess": "No fueron reportados errores mientras se enviada el correo. Favor validar en tu bandeja de entrada.", @@ -284,9 +284,14 @@ "admin.ldap.serverDesc": "El dominio o dirección IP del servidor LDAP.", "admin.ldap.serverEx": "Ej \"10.0.0.23\"", "admin.ldap.serverTitle": "Servidor LDAP:", + "admin.ldap.skipCertificateVerification": "Omitir la Verificación del Certificado", + "admin.ldap.skipCertificateVerificationDesc": "Omite la verificación del certificado para las conexiones TLS o STARTTLS. No recomendado para ambientes de producción donde TLS es requerido. Utilizalo sólamente para pruebas.", "admin.ldap.title": "Configuración de LDAP", "admin.ldap.true": "verdadero", "admin.ldap.uernameAttrDesc": "El atributo en el servidor LDAP que se utilizará para poblar el nombre de usuario en Mattermost. Este puede ser igual al Attributo Id.", + "admin.ldap.userFilterDisc": "Filtro de LDAP para buscar los objetos de los usuarios.", + "admin.ldap.userFilterEx": "Ej. \"(objectClass=user)\"", + "admin.ldap.userFilterTitle": "Filtro de Usuario:", "admin.ldap.usernameAttrEx": "Ej \"sAMAccountName\"", "admin.ldap.usernameAttrTitle": "Atributo Usuario:", "admin.licence.keyMigration": "Si estás migrando servidores es posible que necesites remover tu licencia de este servidor para poder instalarlo en un servidor nuevo. Para empezar, <a href=\"http://mattermost.com\" target=\"_blank\">deshabilita todas las características de la Edición Enterprise de este servidor</a>. Esta operación habilitará la opción para remover la licencia y degradar este servidor de la Edición Enterprise a la Edición Team.", @@ -1420,4 +1425,4 @@ "web.footer.terms": "Términos", "web.header.back": "Atrás", "web.root.singup_info": "Todas las comunicaciones del equipo en un sólo lugar, con búsquedas y accesible desde cualquier parte" -}
\ No newline at end of file +} diff --git a/webapp/i18n/fr.json b/webapp/i18n/fr.json index ffbe89130..4be883cb7 100644 --- a/webapp/i18n/fr.json +++ b/webapp/i18n/fr.json @@ -85,14 +85,6 @@ "admin.email.allowSignupTitle": "Autoriser la création de compte avec une adresse électronique :", "admin.email.allowUsernameSignInDescription": "Si vrai, les utilisateurs seront autorisés à se connecter avec leur nom d'utilisateur et leur mot de passe. Cette option n'est généralement utilisée que lorsque la vérification de l'adresse électronique est désactivée.", "admin.email.allowUsernameSignInTitle": "Autoriser la connexion avec le nom d'utilisateur:", - "admin.email.connectionSecurityNone": "Aucun", - "admin.email.connectionSecurityNoneDescription": "Mattermost enverra les courriels par une connexion non sécurisée.", - "admin.email.connectionSecurityStart": "STARTTLS", - "admin.email.connectionSecurityStartDescription": "Utiliser une connexion existante et non sécurisée et tenter de la faire évoluer vers une connexion sécurisée en utilisant TLS.", - "admin.email.connectionSecurityTest": "Tester une connexion", - "admin.email.connectionSecurityTitle": "Sécurité de la connexion :", - "admin.email.connectionSecurityTls": "TLS (recommandé)", - "admin.email.connectionSecurityTlsDescription": "Crypter la communication entre Mattermost et votre serveur mail.", "admin.email.emailFail": "Echec de la connexion : {error}", "admin.email.emailSettings": "Configuration de la messagerie", "admin.email.emailSuccess": "Aucune erreur signalée lors de l'envoi du courriel. Vérifiez votre boîte de réception ou vos spams.", diff --git a/webapp/i18n/pt.json b/webapp/i18n/pt.json index 663a02f44..b051dc90b 100644 --- a/webapp/i18n/pt.json +++ b/webapp/i18n/pt.json @@ -110,14 +110,6 @@ "admin.email.allowSignupTitle": "Permitir Inscrição com E-Mail: ", "admin.email.allowUsernameSignInDescription": "Quando verdadeiro, Mattermost permite os usuários fazer login usando seu nome de usuário e senha. Esta configuração é normalmente utilizado apenas quando a verificação de e-mail está desativada.", "admin.email.allowUsernameSignInTitle": "Permitir Login Com Usuário: ", - "admin.email.connectionSecurityNone": "Nenhum", - "admin.email.connectionSecurityNoneDescription": "Mattermost irá enviar usando uma conexão insegura.", - "admin.email.connectionSecurityStart": "STARTTLS", - "admin.email.connectionSecurityStartDescription": "Obtém uma conexão insegura existente e tenta atualizá-la para uma conexão segura usando TLS.", - "admin.email.connectionSecurityTest": "Testar Conexão", - "admin.email.connectionSecurityTitle": "Segurança da Conexão:", - "admin.email.connectionSecurityTls": "TLS (Recomendado)", - "admin.email.connectionSecurityTlsDescription": "Encriptar a comunicação entre Mattermost e o seu servidor de email.", "admin.email.emailFail": "Conexão falhou: {error}", "admin.email.emailSettings": "Configuração do e-mail", "admin.email.emailSuccess": "Nenhum erro foram relatados durante o envio de um e-mail. Por favor verifique a sua caixa de entrada para se certificar.", |