figure out and implement the plumbing for users to confirm email addresses. ...

figure out and implement the plumbing for users to confirm email addresses. all that's left is actually sending email. issue #3

figure out and implement the plumbing for users to confirm email addresses. ...
figure out and implement the plumbing for users to confirm email addresses. all that's left is actually sending email. issue #3
c26edaed · Lloyd Hilaiel · 58f583b4 · c26edaed · c26edaed · c26edaed
Commit c26edaed authored 13 years ago by Lloyd Hilaiel
--- a/authority/server/email.js
+++ b/authority/server/email.js
 const db = require('./db');

 exports.sendVerificationEmail = function(email, secret) {
-  console.log("fakely sending a verification email for " + email);
-  // XXX: what we would really do here is send out an email, instead
-  // we'll just wait 5 seconds and manually feed the secret back into the
-  // system, as if a user had clicked a link
-  setTimeout(function() {
-    db.gotVerificationSecret(secret, function(e) {
-      if (e) {
-        console.log("error completing the verification: " + e);
-      }
-    });
-  }, 5000);
-};
\ No newline at end of file
+    var url = "https://browserid.org/prove.html?token=" + secret;
+    console.log("sending a verification email with url: " + url);
+};
--- a/authority/server/wsapi.js
+++ b/authority/server/wsapi.js
@@ -27,7 +27,7 @@ function checkParams(getArgs, resp, params) {
 function isAuthed(req) {
  return (req.session && typeof req.session.authenticatedUser === 'string');
 }
-    
+
 function checkAuthed(req, resp) {
  if (!isAuthed(req)) {
    httputils.badRequest(resp, "requires authentication");
@@ -190,3 +190,20 @@ exports.sync_emails = function(req,resp) {
    });
  });
 };
+
+exports.prove_email_ownership = function(req, resp) {
+    var urlobj = url.parse(req.url, true);
+    var getArgs = urlobj.query;
+
+   // validate inputs
+    if (!checkParams(getArgs, resp, [ "token" ])) return;
+
+    db.gotVerificationSecret(getArgs.token, function(e) {
+      if (e) {
+        console.log("error completing the verification: " + e);
+        httputils.jsonResponse(resp, false);
+      } else {
+        httputils.jsonResponse(resp, true);
+      }
+    });
+}
--- a/authority/static/prove.html
+++ b/authority/static/prove.html
+<!DOCTYPE html>
+<html>
+<head>
+<title>
+BrowserID -- Confirm Email 
+</title>
+<script src="../dialog/jquery-min.js"></script>
+<style type="text/css">
+
+body { margin: auto; font: 13px/1.5 Helvetica, Arial, 'Liberation Sans', FreeSans, sans-serif; }
+a:link, a:visited { font-style: italic; text-decoration: none; color: #008; }
+a:hover { border-bottom: 2px solid black ; }
+.number { font-family: 'Permanent Marker', arial, serif; font-size: 4em; float: left; padding: 0; margin: 0; vertical-align: top; width: 1.3em}
+.title { font-size: 2em; font-weight: bold; text-align: center; margin: 1.5em; }
+.intro { font-size: 1.2em; width: 600px; margin: auto; }
+.step { width: 600px; margin: auto; margin-top: 1em;}
+.desc { padding-top: 1.5em; min-height: 4.5em;}
+.output {
+  font-family: 'lucida console', monaco, 'andale mono', 'bitstream vera sans mono', consolas, monospace;
+  border: 3px solid #666;
+  -moz-border-radius: 4px;
+  -webkit-border-radius: 4px;
+  border-radius: 4px;
+  padding: .5em;
+  margin: .5em;
+  color: #ccc;
+  background-color: #333;
+/*  white-space: pre;*/
+  font-size: .9em;
+  width:600px;
+  word-wrap: break-word;
+}
+#emailList {
+  font-size: 1.0em; 
+  width: 4x00px; 
+  margin: auto; 
+  font-weight:bold;
+  margin-top:32px;
+}
+.email {
+  display:inline-block;
+}
+.emailblock a {
+  font-size:0.7em;
+  color:#405090;
+}
+.emailblock {
+  border: 1px solid #ddd;
+  -moz-border-radius: 4px;
+  -webkit-border-radius: 4px;
+  background-color:#f0f0f0;
+  width:500px;
+  padding:8px;
+  min-height:48px;
+  margin:16px auto;
+}
+.meta {
+  display:inline-block;
+  float:right;
+  font:8pt Arial;  
+}
+.meta a {
+  cursor:pointer;
+}
+.keyblock {
+  font:8pt Arial;
+}
+.date {
+  font:8pt Arial;
+}
+</style>
+<body>
+
+<div class="title">
+Email Confirmation...
+</div>
+
+<div class="intro">
+  This page is where you land when you want to confirm ownership of email addresses.
+  One moment while we attempt to confirm your address.
+</div>
+
+</body>
+<script>
+function getParameterByName( name )
+{
+  name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
+  var regexS = "[\\?&]"+name+"=([^&#]*)";
+  var regex = new RegExp( regexS );
+  var results = regex.exec( window.location.href );
+  if( results == null )
+    return "";
+  else
+    return decodeURIComponent(results[1].replace(/\+/g, " "));
+}
+
+function success() {
+  $("div.intro").text("Address confirmed!");
+  setTimeout(function() {
+    $("body").fadeOut(1500, function() {
+      window.close();
+    });
+  }, 1000);
+}
+
+function failure(why) {
+  $("div.intro").text("Error encountered while attempting to confirm your address.  please try again.  (error message: " + why + ")");
+}
+
+$(document).ready(function() {
+    $.ajax({
+      url: '/wsapi/prove_email_ownership?token=' + getParameterByName('token'),
+      success: function(status, textStatus, jqXHR) {
+        var obj = JSON.parse(status);
+        if (obj) {
+          success();
+        } else {
+          failure("unknown");
+        }
+      },
+      error: function() {
+        failure("Error Communicating With Server!");
+      }
+    });
+});
+
+</script>
+</html>