NDS-467: Account approval changes (#119)

* Added post email verification message indicating duration of view. * Updated message * Fixed typo * Fixed anonymous field name
nds-org · Sep 2, 2016 · 6bdbf86 · 6bdbf86
1 parent e4fb97b
commit 6bdbf86
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 11 deletions.
diff --git a/apiserver/cmd/server/server.go b/apiserver/cmd/server/server.go
@@ -711,6 +711,14 @@ func (s *Server) VerifyAccount(w rest.ResponseWriter, r *rest.Request) {
 			rest.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
+
+		err = s.email.SendVerifiedEmail(account.Name, account.EmailAddress)
+		if err != nil {
+			glog.Error(err)
+			rest.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
 		approveUrl := r.BaseUrl().String() + "/api/register/approve?t=" + account.Token + "&u=" + account.Namespace
 		denyUrl := r.BaseUrl().String() + "/api/register/deny?t=" + account.Token + "&u=" + account.Namespace
 		err = s.email.SendNewAccountEmail(account, approveUrl, denyUrl)
@@ -2386,20 +2394,16 @@ func (s *Server) ChangePassword(w rest.ResponseWriter, r *rest.Request) {
 	if err != nil {
 		glog.Error(err)
 		rest.Error(w, err.Error(), http.StatusInternalServerError)
-		return
 	}
 
 	if ok {
 		err = s.createBasicAuthSecret(userId)
 		if err != nil {
 			glog.Error(err)
 			rest.Error(w, err.Error(), http.StatusInternalServerError)
-			return
 		}
-		w.WriteHeader(http.StatusOK)
-	} else {
-		w.WriteHeader(http.StatusConflict)
 	}
+	w.WriteHeader(http.StatusOK)
 }
 
 func (s *Server) ResetPassword(w rest.ResponseWriter, r *rest.Request) {
@@ -2418,8 +2422,14 @@ func (s *Server) ResetPassword(w rest.ResponseWriter, r *rest.Request) {
 		return
 	}
 
-	resetUrl := s.origin + "/#/recover?t=" + token
-	err = s.email.SendRecoveryEmail(account.Name, account.EmailAddress, resetUrl)
+	if account.Status == api.AccountStatusUnverified {
+		verifyUrl := s.origin + "/#/register/verify?t=" + account.Token + "&u=" + account.Namespace
+		err = s.email.SendVerificationEmail(account.Name, account.EmailAddress, verifyUrl)
+	} else {
+		resetUrl := s.origin + "/#/recover?t=" + token
+		err = s.email.SendRecoveryEmail(account.Name, account.EmailAddress, resetUrl, (account.Status == api.AccountStatusUnapproved))
+	}
+
 	if err != nil {
 		glog.Error(err)
 		rest.Error(w, err.Error(), http.StatusInternalServerError)

diff --git a/apiserver/pkg/email/email.go b/apiserver/pkg/email/email.go
@@ -54,6 +54,29 @@ func (s *EmailHelper) SendVerificationEmail(name string, address string, url str
 	return nil
 }
 
+// Send email address verified
+func (s *EmailHelper) SendVerifiedEmail(name string, address string) error {
+
+	data := struct {
+		Name         string
+		SupportEmail string
+	}{
+		Name:         name,
+		SupportEmail: s.SupportEmail,
+	}
+
+	subject := "Registration pending"
+	msg, err := s.parseTemplate("templates/verified-email.html", data)
+	if err != nil {
+		return err
+	}
+	_, err = s.sendEmail(address, subject, msg)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
 // Send new account request email
 func (s *EmailHelper) SendNewAccountEmail(account *api.Account, approveUrl string, denyUrl string) error {
 
@@ -123,17 +146,19 @@ func (s *EmailHelper) SendStatusEmail(name string, address string, url string, a
 }
 
 // Send password recovery email
-func (s *EmailHelper) SendRecoveryEmail(name string, email string, recoveryUrl string) error {
+func (s *EmailHelper) SendRecoveryEmail(name string, email string, recoveryUrl string, unapproved bool) error {
 
 	data := struct {
 		Name         string
 		Email        string
 		Link         string
 		SupportEmail string
+		Unapproved   bool
 	}{
 		Name:         name,
 		Email:        email,
 		Link:         recoveryUrl,
+		Unapproved:   unapproved,
 		SupportEmail: s.SupportEmail,
 	}
 
@@ -142,7 +167,7 @@ func (s *EmailHelper) SendRecoveryEmail(name string, email string, recoveryUrl s
 	if err != nil {
 		return err
 	}
-	_, err = s.sendEmail(s.SupportEmail, subject, msg)
+	_, err = s.sendEmail(email, subject, msg)
 	if err != nil {
 		return err
 	}

diff --git a/apiserver/pkg/types/types.go b/apiserver/pkg/types/types.go
@@ -225,7 +225,7 @@ type Term struct {
 type SupportRequest struct {
 	Type      SupportRequestType `json:"type"`
 	Message   string             `json:"message"`
-	Anonymous bool               `json:"bool"`
+	Anonymous bool               `json:"anonymous"`
 }
 
 type SupportRequestType string

diff --git a/apiserver/templates/recovery-request.html b/apiserver/templates/recovery-request.html
@@ -6,13 +6,22 @@
 Hello {{.Name}}, 
 <br/><br/>
 
-Someone has requested to reset your NDS Labs password.  Please click on the link below to reset the password for your account:
+{{ if .Unapproved }}
+
+Your registration request is still under review and has not been approved. Please contact us at the email address below with any questions. 
+{{ else }}
+
+<br/><br/>
+Someone has requested to reset your NDS Labs password.  If this action was not triggered by you, then you can safely ignore this message. Please click on the link below to reset the password for your account:
 <br/><br/>
 <a href="{{.Link}}">Reset password</a>
 <br/><br/>
 This link is valid for 30 minutes.
+{{ end }}
+
 <br/><br/>
 
+
 Thank you,<br>
 NDS Labs team<br>
 {{.SupportEmail}}<br>

diff --git a/apiserver/templates/verified-email.html b/apiserver/templates/verified-email.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+<body>
+<p>
+Hello {{.Name}}, 
+<br/><br/>
+
+Thank you for verifying your email address. <br/><br/>
+
+Your registration request will be reviewed by the NDS Labs team.  You should hear back from us within 7 days.  
+Please feel free to contact us at the email address below with any questions.
+
+<br/>
+<br/>
+Sincerely,<br>
+NDS Labs team<br>
+{{.SupportEmail}}<br>
+</p>
+
+</body>
+</html>
+