From b171750f6565401f83fd2c045034cad29048ff42 Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Tue, 12 Dec 2017 18:23:26 -0800 Subject: [PATCH] Bug fixes on SMTP account verification --- meshcentral.js | 7 +++++++ meshmail.js | 18 +++++++++++++++--- meshuser.js | 41 +++++++++++++++++++++++++--------------- package.json | 2 +- views/default.handlebars | 15 +++++++++++++-- 5 files changed, 62 insertions(+), 21 deletions(-) diff --git a/meshcentral.js b/meshcentral.js index f8388137..93847222 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -355,6 +355,7 @@ function CreateMeshCentralServer() { // Setup email server if ((obj.config.smtp != null) && (obj.config.smtp.host != null) && (obj.config.smtp.from != null)) { obj.mailserver = require('./meshmail.js').CreateMeshMain(obj); + obj.mailserver.verify(); //obj.mailserver.sendMail('ylian.saint-hilaire@intel.com', 'Test Subject', 'This is a sample test', 'This is a sample html test'); } @@ -365,6 +366,12 @@ function CreateMeshCentralServer() { obj.DispatchEvent(['*'], obj, { etype: 'server', action: 'started', msg: 'Server started' }) obj.debug(1, 'Server started'); + + /* + obj.db.GetUserWithVerifiedEmail('', 'ylian.saint-hilaire@intel.com', function (err, docs) { + console.log(JSON.stringify(docs)); + }); + */ }); }); }); diff --git a/meshmail.js b/meshmail.js index dcb86f2d..ffb8f95c 100644 --- a/meshmail.js +++ b/meshmail.js @@ -24,8 +24,9 @@ module.exports.CreateMeshMain = function (parent) { var accountResetMailText = '[[[SERVERNAME]]] - Account Reset\r\n\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting an account password reset. Nagivate to the following link to complete the process: [[[CALLBACKURL]]]\r\nIf you did not initiate this request, please ignore this mail.\r\n'; // Setup mail server - var options = { host: parent.config.smtp.host, secure: false, tls: { rejectUnauthorized: false } }; + var options = { host: parent.config.smtp.host, secure: (parent.config.smtp.tls == true), tls: { rejectUnauthorized: false } }; if (parent.config.smtp.port != null) { options.port = parent.config.smtp.port; } + if ((parent.config.smtp.user != null) && (parent.config.smtp.pass != null)) { options.auth = { user: parent.config.smtp.user, pass: parent.config.smtp.pass }; } obj.smtpServer = nodemailer.createTransport(options); // Perform all e-mail substitution @@ -73,8 +74,19 @@ module.exports.CreateMeshMain = function (parent) { sendNextMail(); // Send the next mail } else { obj.retry++; - //console.log('SMTP server failed, will try again in a minute (' + obj.retry + ').'); - setTimeout(sendNextMail, 60000); // Wait and try again + console.log('SMTP server failed: ' + err.response); + if (obj.retry < 6) { setTimeout(sendNextMail, 60000); } // Wait and try again + } + }); + } + + // Send out the next mail in the pending list + obj.verify = function() { + obj.smtpServer.verify(function (err, info) { + if (err == null) { + console.log('SMTP mail server ' + parent.config.smtp.host + ' working as expected.'); + } else { + console.log('SMTP mail server ' + parent.config.smtp.host + ' failed: ' + err.response); } }); } diff --git a/meshuser.js b/meshuser.js index 4a33a318..1a7b963a 100644 --- a/meshuser.js +++ b/meshuser.js @@ -261,22 +261,30 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain) { var x = command.email.split('@'); if ((x.length == 2) && (x[0].length > 0) && (x[1].split('.').length > 1) && (x[1].length > 2)) { if (obj.parent.users[req.session.userid].email != command.email) { - // Update the user's email - var oldemail = user.email; - user.email = command.email; - user.emailVerified = false; - obj.parent.db.SetUser(user); + // Check if this email is already validated on a different account + obj.db.GetUserWithVerifiedEmail(domain.id, command.email, function (err, docs) { + if (docs.length > 0) { + // Notify the duplicate email error + ws.send(JSON.stringify({ action: 'msg', type: 'notify', value: 'Failed to change email address, another account already using: ' + EscapeHtml(command.email) + '.' })); + } else { + // Update the user's email + var oldemail = user.email; + user.email = command.email; + user.emailVerified = false; + obj.parent.db.SetUser(user); - // Event the change - var userinfo = obj.common.Clone(user); - delete userinfo.hash; - delete userinfo.passhint; - delete userinfo.salt; - delete userinfo.type; - delete userinfo.domain; - delete userinfo.subscriptions; - delete userinfo.passtype; - obj.parent.parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: userinfo.name, account: userinfo, action: 'accountchange', msg: 'Changed email of user ' + userinfo.name + ' from ' + oldemail + ' to ' + user.email, domain: domain.id }) + // Event the change + var userinfo = obj.common.Clone(user); + delete userinfo.hash; + delete userinfo.passhint; + delete userinfo.salt; + delete userinfo.type; + delete userinfo.domain; + delete userinfo.subscriptions; + delete userinfo.passtype; + obj.parent.parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: userinfo.name, account: userinfo, action: 'accountchange', msg: 'Changed email of user ' + userinfo.name + ' from ' + oldemail + ' to ' + user.email, domain: domain.id }) + } + }); } } } @@ -960,5 +968,8 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain) { ws.send(JSON.stringify(files)); } + function EscapeHtml(x) { if (typeof x == "string") return x.replace(/&/g, '&').replace(/>/g, '>').replace(//g, '>').replace(/').replace(/\n/g, '').replace(/\t/g, '  '); if (typeof x == "boolean") return x; if (typeof x == "number") return x; } + return obj; } diff --git a/package.json b/package.json index 25b035a9..49cae205 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.1.0-m", + "version": "0.1.0-o", "keywords": [ "Remote Management", "Intel AMT", diff --git a/views/default.handlebars b/views/default.handlebars index 4ee846b8..ce7abdf8 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -167,8 +167,8 @@

Account actions

- Change email address
+ Change email address
Change password
Delete account

@@ -493,7 +493,10 @@ - +
Terms & Privacy + Verify Email + Terms & Privacy +
@@ -786,6 +789,7 @@ userinfo = message.userinfo; updateSiteAdmin(); QV('verifyEmailId', (userinfo.emailVerified !== true) && (userinfo.email != null) && (serverinfo.emailcheck == true)); + QV('verifyEmailId2', (userinfo.emailVerified !== true) && (userinfo.email != null) && (serverinfo.emailcheck == true)); break; } case 'users': { @@ -859,6 +863,12 @@ addNotification(n); } } + } else { + if (message.type == 'notify') { // This is a notification message. + var n = { text:message.value }; + if (message.tag != undefined) { n.tag = message.tag; } + addNotification(n); + } } break; } @@ -930,6 +940,7 @@ userinfo = message.event.account; if (oldsiteadmin != newsiteadmin) updateSiteAdmin(); QV('verifyEmailId', (userinfo.emailVerified !== true) && (userinfo.email != null) && (serverinfo.emailcheck == true)); + QV('verifyEmailId2', (userinfo.emailVerified !== true) && (userinfo.email != null) && (serverinfo.emailcheck == true)); } if (users == null) break; users[message.event.account._id] = message.event.account;