Ignore:
Timestamp:
Oct 9, 2017, 1:47:39 PM (5 years ago)
Author:
Nicklas Nordborg
Message:

References #2097: Implement support for device verification

Added support for verifying email addresses. The "BASE->Contact information" dialog now has a "2-factor login" checkbox. If this checkbox is checked or if the email address is changed an email is sent to the user with a verification code. At the same time, the browser displays a new form asking the user to enter the verfication code. The 2-factor login is only enabled if the correct verification code is entered.

The email message template is currently hard-coded but it should may be configurable?

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/www/my_base/user/submit_user.jsp

    r7295 r7410  
    5959String root = request.getContextPath()+"/";
    6060
     61String forward = null;
    6162DbControl dc = sc.newDbControl();
    6263try
     
    7778    // Contact information tab
    7879    user.setEmail(email);
     80    boolean useDeviceVerification = Values.getBoolean(request.getParameter("useDeviceVerification"));
     81    if (!useDeviceVerification) user.disableDeviceVerification();
    7982    if (EmailUtil.isEnabled())
    8083    {
    8184      user.setSendMessagesAsEmail(email != null && Values.getBoolean(request.getParameter("sendMessagesAsEmail")));
     85      if (useDeviceVerification && !user.getUseDeviceVerification())
     86      {
     87        // Send a verification code for verifying the email address
     88        forward = "verify_email.jsp?ID="+ID;
     89      }
    8290    }
    8391    user.setOrganisation(Values.getStringOrNull(request.getParameter("organisation")));
     
    111119    sc.setSessionSetting("user", null);
    112120    message = "Information saved";
     121  }
     122  else if ("VerifyEmail".equals(cmd))
     123  {
     124    String verificationCode = request.getParameter("verificationCode");
     125    User user = (User)sc.getSessionSetting("user");
     126    dc.reattachItem(user, false);
     127    user.enableDeviceVerification(verificationCode);
     128    message = "The email has been verified";
     129    dc.commit();
    113130  }
    114131  else if ("SavePreferences".equals(cmd))
     
    204221  if (dc != null) dc.close();
    205222}
    206 response.sendRedirect(root + "common/close_popup.jsp?ID="+ID+"&refresh_opener=1&&message="+HTML.urlEncode(message));
     223
     224if (forward != null)
     225{
     226  pageContext.forward(forward);
     227}
     228else
     229{
     230  response.sendRedirect(root + "common/close_popup.jsp?ID="+ID+"&refresh_opener=1&&message="+HTML.urlEncode(message));
     231}
    207232%>
    208233
Note: See TracChangeset for help on using the changeset viewer.