diff --git a/mod/user/_user.js b/mod/user/_user.js
index 07db2d0af..397d10232 100644
--- a/mod/user/_user.js
+++ b/mod/user/_user.js
@@ -1,6 +1,13 @@
+const view = require('../view')
+
const methods = {
admin: {
- handler: require('./admin'),
+ handler: (req,res) => {
+ req.params.template = 'user_admin_view'
+ req.params.language = req.params.user.language
+ req.params.user = req.params.user.email
+ view(req, res)
+ },
admin: true
},
register: {
@@ -56,13 +63,13 @@ module.exports = (req, res) => {
if (!req.params.user && (method.login || method.admin)) {
req.params.msg = 'login_required'
- return
+ return methods.login.handler(req,res)
}
if (req.params.user && (!req.params.user.admin && method.admin)) {
req.params.msg = 'admin_required'
- return
+ return methods.login.handler(req,res)
}
method.handler(req, res)
diff --git a/mod/user/admin.js b/mod/user/admin.js
deleted file mode 100644
index 4f7d0dbb7..000000000
--- a/mod/user/admin.js
+++ /dev/null
@@ -1,10 +0,0 @@
-const view = require('../view')
-
-module.exports = async (req, res) => {
-
- req.params.template = 'user_admin_view'
- req.params.language = req.params.user.language
- req.params.user = req.params.user.email
-
- view(req, res)
-}
\ No newline at end of file
diff --git a/mod/user/delete.js b/mod/user/delete.js
index 2ebd25a63..299328fef 100644
--- a/mod/user/delete.js
+++ b/mod/user/delete.js
@@ -21,8 +21,9 @@ module.exports = async (req, res) => {
template: 'deleted_account',
language: user.language,
to: user.email,
- host: `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`,
- protocol: `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
+ host: `${req.headers.origin
+ || req.headers.referer && new URL(req.headers.referer).origin
+ || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
})
res.send('User account deleted.')
diff --git a/mod/user/login.js b/mod/user/login.js
index f60f1350e..578d90053 100644
--- a/mod/user/login.js
+++ b/mod/user/login.js
@@ -102,9 +102,10 @@ async function post(req, res) {
const date = new Date()
- // Get the protocol and host for account verification email.
- const protocol = `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
- const host = `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`
+ // Get the host for the account verification email.
+ const host = `${req.headers.origin
+ || req.headers.referer && new URL(req.headers.referer).origin
+ || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
// Update access_log and return user record matched by email.
let rows = await acl(`
@@ -169,7 +170,6 @@ async function post(req, res) {
language: user.language,
to: user.email,
host: host,
- protocol: protocol,
remote_address
})
@@ -247,7 +247,6 @@ async function post(req, res) {
to: user.email,
host: host,
failed_attempts: parseInt(process.env.FAILED_ATTEMPTS) || 3,
- protocol: protocol,
verificationtoken: verificationtoken,
remote_address
})
diff --git a/mod/user/register.js b/mod/user/register.js
index 3d170e410..c7d169bd0 100644
--- a/mod/user/register.js
+++ b/mod/user/register.js
@@ -94,9 +94,10 @@ async function post(req, res) {
// Get the date for logs.
const date = new Date().toISOString().replace(/\..*/,'')
- // Get the protocol and host for account verification email.
- const protocol = `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
- const host = `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`
+ // Get the host for account verification email.
+ const host = `${req.headers.origin
+ || req.headers.referer && new URL(req.headers.referer).origin
+ || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
// The password will be reset for exisiting user accounts.
if (user) {
@@ -129,7 +130,7 @@ async function post(req, res) {
language: user.language,
to: user.email,
host: host,
- link: `${protocol}${host}/api/user/verify/${verificationtoken}`,
+ link: `${host}/api/user/verify/${verificationtoken}`,
remote_address
})
@@ -171,7 +172,7 @@ async function post(req, res) {
language,
to: req.body.email,
host: host,
- link: `${protocol}${host}/api/user/verify/${verificationtoken}`,
+ link: `${host}/api/user/verify/${verificationtoken}`,
remote_address
})
diff --git a/mod/user/update.js b/mod/user/update.js
index a5b969d5d..dc4c4a0d3 100644
--- a/mod/user/update.js
+++ b/mod/user/update.js
@@ -34,19 +34,18 @@ module.exports = async (req, res) => {
return res.status(500).send(error_message)
}
- const protocol = `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
-
- const host = `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`
+ const host = `${req.headers.origin
+ || req.headers.referer && new URL(req.headers.referer).origin
+ || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
// Send email to the user account if an account has been approved.
- if (req.params.field === 'approved' && req.params.value === 'true') {
+ if (req.params.field === 'approved' && req.params.value === true) {
await mailer({
template: 'approved_account',
language: req.params.user.language,
to: email,
- host: host,
- protocol: protocol
+ host: host
})
}
diff --git a/mod/user/verify.js b/mod/user/verify.js
index f644743b1..17ad33ed2 100644
--- a/mod/user/verify.js
+++ b/mod/user/verify.js
@@ -97,13 +97,14 @@ module.exports = async (req, res) => {
// Get array of mail promises.
const mail_promises = rows.map(async row => {
- await mailer({
+ return await mailer({
template: 'admin_email',
language: row.language,
to: row.email,
email: user.email,
- host: `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`,
- protocol: `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
+ host: `${req.headers.origin
+ || req.headers.referer && new URL(req.headers.referer).origin
+ || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
})
})
diff --git a/mod/utils/mailer.js b/mod/utils/mailer.js
index 591ea5bd5..3dbfc5ed2 100644
--- a/mod/utils/mailer.js
+++ b/mod/utils/mailer.js
@@ -34,41 +34,42 @@ module.exports = async params => {
const template = await languageTemplates(params)
+ await getBody(template)
+
+ const mailTemplate = {
+ to: params.to,
+ from: email,
+ sender: email,
+ subject: replaceStringParams(template.subject, params),
+ html: template.html ? replaceStringParams(template.html, params) : undefined,
+ text: template.text ? replaceStringParams(template.text, params) : undefined
+ }
+
+ const result = await transport.sendMail(mailTemplate).catch(err => console.error(err))
+
+ logger(result, 'mailer')
+}
+
+async function getBody(template){
+
if (template.text) {
// Prevent mail template from having text and html
delete template.html
- if (Object.hasOwn(getFrom, template.text?.split(':')[0])) {
+ if (Object.hasOwn(getFrom, template.text.split(':')[0])) {
- template.text = await getFrom[template.text.split(':')[0]](template.text)
-
- if (!template.text) return;
+ template.text = await getFrom[template.text.split(':')[0]](template.text)
}
-
- template.text = replaceStringParams(template.text, params)
-
- template.text = template.text.replace(/^(?!\s+$)\s+/gm, '')
}
- if (Object.hasOwn(getFrom, template.html?.split(':')[0])) {
-
- template.html = await getFrom[template.html.split(':')[0]](template.html)
+ if (template.html) {
- if (!template.text) return;
+ if (Object.hasOwn(getFrom, template.html.split(':')[0])) {
- template.html = replaceStringParams(template.html, params)
+ template.html = await getFrom[template.html.split(':')[0]](template.html)
+ }
}
-
- template.subject = replaceStringParams(template.subject, params)
-
- template.to = params.to
- template.from = email
- template.sender = email
-
- const result = await transport.sendMail(template).catch(err => console.error(err))
-
- logger(result, 'mailer')
}
function replaceStringParams(string, params) {
diff --git a/mod/workspace/templates/mails.js b/mod/workspace/templates/mails.js
index 4da51f4e5..0f1761386 100644
--- a/mod/workspace/templates/mails.js
+++ b/mod/workspace/templates/mails.js
@@ -92,7 +92,7 @@ module.exports = {
ko: {
subject: `계정 확인바랍니다 \${host}`,
text: `이 이메일주소의 새로운 계정이 등록되었습니다. \${host}
- 계정 소유자임을 확인해주십시오. \${protocol}\${link}
+ 계정 소유자임을 확인해주십시오. \${link}
로그인전에 입지 관리자가 계정을 승인해야만 합니다.
관리자가 계정 승인을 하면 공지 이메일을 받게됩니다.
기기의 고유주소로부터 계정 등록이 되었습니다. \${remote_address}\n
@@ -101,7 +101,7 @@ module.exports = {
zh: {
subject: `请验证您的帐户 \${host}`,
text: `已为此电子邮件在\${host}上注册了新账户
- 请确认您是帐户持有人 \${protocol}\${link}
+ 请确认您是帐户持有人 \${link}
等待网站管理员批准该帐户,然后才能登录。
一旦管理员批准了您的帐户,就会通过电子邮件通知您。
该帐户是从该远程地址注册的 \${remote_address}\n
@@ -111,57 +111,57 @@ module.exports = {
approved_account: {
en: {
subject: `This account has been approved on \${host}.`,
- text: `You are now able to log on to \${protocol}\${host}`
+ text: `You are now able to log on to \${host}`
},
fr: {
text: `Ce compte a été approuvé sur \${host}.`,
- subject: `Maintenant vous pouvez vous connecter à \${protocol}\${host}`
+ subject: `Maintenant vous pouvez vous connecter à \${host}`
},
pl: {
text: `Konto na \${host} zostało zatwierdzone.`,
- subject: `Teraz możesz się zalogować na \${protocol}\${host}`
+ subject: `Teraz możesz się zalogować na \${host}`
},
ja: {
subject: `アカウントは承認されました \${host}`,
- text: `これで、\${protocol}\${host}にログオンできます。`
+ text: `これで、\${host}にログオンできます。`
},
ko: {
subject: `계정이 승인되었습니다. \${host}`,
- text: `로그인이 가능합니다. \${protocol}\${host}`
+ text: `로그인이 가능합니다. \${host}`
},
zh: {
subject: `该帐户已得到批准 \${host}`,
- text: `您现在已可登录 \${protocol}\${host}`
+ text: `您现在已可登录 \${host}`
}
},
deleted_account: {
en: {
subject: `This \${host} account has been deleted.`,
- text: `You will no longer be able to log in to \${protocol}\${host}`
+ text: `You will no longer be able to log in to \${host}`
},
de: {
subject: `Diese Benutzerkonto für \${host} wurde entfernt.`,
- text: `Einloggen ist nicht länger möglich \${protocol}\${host}`
+ text: `Einloggen ist nicht länger möglich \${host}`
},
fr: {
subject: `Ce compte sur \${host} a été supprimé.`,
- text: `Vous ne pouvez plus vous connecter à \${protocol}\${host}`
+ text: `Vous ne pouvez plus vous connecter à \${host}`
},
pl: {
subject: `Konto na \${host} zostało usunięte.`,
- text: `Nie możesz się już logować na \${protocol}\${host}`
+ text: `Nie możesz się już logować na \${host}`
},
ja: {
subject: `\${host}のこのアカウントは削除されました`,
- text: `\${protocol}\${host}にログインできなくなります削除されました`
+ text: `\${host}にログインできなくなります削除されました`
},
ko: {
subject: `계정이 삭제되었습니다. \${host}`,
- text: `더 이상 로그인이 불가합니다. \${protocol}\${host}`
+ text: `더 이상 로그인이 불가합니다. \${host}`
},
zh: {
subject: `此帐户已被删除 \${host}`,
- text: `您将不再能登录 \${protocol}\${host}`
+ text: `您将不再能登录 \${host}`
}
},
failed_login: {
@@ -201,7 +201,7 @@ module.exports = {
subject: `Too many failed login attempts occured on \${host}`,
text: `\${failed_attempts} failed login attempts have been recorded on this account.
This account has now been locked until verified.
- Please verify that you are the account holder: \${protocol}\${host}/api/user/verify/\${verificationtoken}
+ Please verify that you are the account holder: \${host}/api/user/verify/\${verificationtoken}
Verifying the account will reset the failed login attempts.
The failed attempt occured from this remote address \${remote_address}
This wasn't you? Please let your manager know.`
@@ -210,7 +210,7 @@ module.exports = {
subject: `Trop d'échecs de tentatives de connexions ont été exécutés sur \${host}`,
text: `\${failed_attempts} échecs de tentatives de connexions ont été exécutés par ce compte.
Il a été verrouillé jusqu’à ce qu’il soit vérifié de nouveau.
- Vérifiez que vous disposez des droits d'accès du compte \${protocol}\${host}/api/user/verify/\${verificationtoken}
+ Vérifiez que vous disposez des droits d'accès du compte \${host}/api/user/verify/\${verificationtoken}
La vérification du compte réinitialisera des droits d'accès.
La tentative de connexion échouée a été exécuté par \${remote_address}\n
Vous ne l’avez pas exécuté? Veuillez informer votre directeur.`
@@ -219,7 +219,7 @@ module.exports = {
subject: `Zbyt wiele nieudanych prób logowania na \${host}`,
text: `Na tym koncie zarejestrowano \${failed_attempts} \${failed_attempts === 1 ? 'nieudaną próbę' : 'nieudane próby'}
logowania. To konto zostało zablokowane do czasu powtórnej weryfikacji.
- Potwierdź swoje prawa dostępu do \${protocol}\${host}/api/user/verify/\${verificationtoken}
+ Potwierdź swoje prawa dostępu do \${host}/api/user/verify/\${verificationtoken}
Powtórna weryfikacja odświeży dozwoloną liczbę nieudanych prób.
Nieudaną próbę logowania rozpoczęto z tego adresu \${remote_address}
To nie Ty? Zgłoś to osobie odpowiedzialnej.`
@@ -228,7 +228,7 @@ module.exports = {
subject: `\${host}ログインに多数失敗しました`,
text: `このアカウントによるログインが\${failed_attempts}回失敗しました
このアカウントは検証されるまでロックされます
- アカウントホールダーであることを検証してください \${protocol}\${host}/api/user/verify/\${verificationtoken}
+ アカウントホールダーであることを検証してください \${host}/api/user/verify/\${verificationtoken}
アカウント検証によりログイン失敗がリセットされます
このリモートアドレスから試されましたが失敗しました \${remote_address}
これがあなたではなかった場合、マネージャーに連絡をして下さい`
@@ -237,7 +237,7 @@ module.exports = {
subject: `다수의 잘못된 로그인 시도가 발생했습니다. \${host}`,
text: `이 계정에 \${failed_attempts} 번의 잘못된 로그인 시도가 발생했습니다.
이 계정은 확인될때까지 봉쇄되었습니다.
- 계정 소유자임을 확인해주십시오. \${protocol}\${host}/api/user/verify/\${verificationtoken}
+ 계정 소유자임을 확인해주십시오. \${host}/api/user/verify/\${verificationtoken}
계정 확인은 잘못된 로그인 시도를 재설정합니다.
기기의 고유주소로부터 잘못된 로그인 시도가 발생했습니다. \${remote_address}
본인이 아니면 담당매니저에게 알려주십시오.`
@@ -246,7 +246,7 @@ module.exports = {
subject: `发生太多失败的登录尝试 \${host}`,
text: `此帐户登录尝试失败已发生\${failed_attempts}次
此帐户现已锁定,等待通过验证。
- 请确认您是帐户持有人:\${protocol}\${host}/api/user/verify/\${verificationtoken}
+ 请确认您是帐户持有人:\${host}/api/user/verify/\${verificationtoken}
验证帐户将重置失败的登录尝试。
操作失败。该尝试发生于这个远程地址 \${remote_address}
如果这不是您本人的操作,请告知您的相关负责人`
@@ -292,38 +292,38 @@ module.exports = {
admin_email: {
en: {
subject: `A new account has been verified on \${host}`,
- text: `Please log into the admin panel \${protocol}\${host}/api/user/admin to approve \${email}
- You can also approve the account by following this link: \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `Please log into the admin panel \${host}/api/user/admin to approve \${email}
+ You can also approve the account by following this link: \${host}/api/user/admin?email=\${email}`
},
de: {
subject: `A neues Benutzerkonto wurde erstellt fuer \${host}`,
- text: `Please log into the admin panel \${protocol}\${host}/api/user/admin to approve \${email}
- You can also approve the account by following this link: \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `Please log into the admin panel \${host}/api/user/admin to approve \${email}
+ You can also approve the account by following this link: \${host}/api/user/admin?email=\${email}`
},
fr: {
subject: `Un nouveau compte a été verifié sur \${host}`,
- text: `Veuillez vous connecter à votre compte administrateur \${protocol}\${host}/api/user/admin pour approuver \${email}
- Vous pouvez également l'approuver en suivant ce lien \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `Veuillez vous connecter à votre compte administrateur \${host}/api/user/admin pour approuver \${email}
+ Vous pouvez également l'approuver en suivant ce lien \${host}/api/user/admin?email=\${email}`
},
pl: {
subject: `Nowe konto zostało zweryfikowane na \${host}`,
- text: `Zaloguj się do panelu administratora \${protocol}\${host}/api/user/admin aby zatwierdzić \${email}
- Możesz też zatwierdzić nowego konto za pomocą tego linku \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `Zaloguj się do panelu administratora \${host}/api/user/admin aby zatwierdzić \${email}
+ Możesz też zatwierdzić nowego konto za pomocą tego linku \${host}/api/user/admin?email=\${email}`
},
ja: {
subject: `\${host}についてアカウントを検証されました`,
- text: `\${email} を承認するには、管理パネル \${protocol}\${host}/api/user/admin にログインしてください
- このリンクからもアカウントを承認することができます \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `\${email} を承認するには、管理パネル \${host}/api/user/admin にログインしてください
+ このリンクからもアカウントを承認することができます \${host}/api/user/admin?email=\${email}`
},
ko: {
subject: `새로운 계정이 확인되었습니다. \${host}`,
- text: `\${email} 을 승인하려면 관리자 패널 \${protocol}\${host}/api/user/admin 에 로그인하세요.
- 다음의 링크로 또한 계정 승인을 할 수 있습니다. \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `\${email} 을 승인하려면 관리자 패널 \${host}/api/user/admin 에 로그인하세요.
+ 다음의 링크로 또한 계정 승인을 할 수 있습니다. \${host}/api/user/admin?email=\${email}`
},
zh: {
subject: `新帐户已通过验证 \${host}`,
- text: `请登录管理控制台 \${protocol}\${host}/api/user/admin 批准 \${email}
- You can also approve the account by following this link: \${protocol}\${host}/api/user/admin?email=\${email}`
+ text: `请登录管理控制台 \${host}/api/user/admin 批准 \${email}
+ You can also approve the account by following this link: \${host}/api/user/admin?email=\${email}`
}
}
}
\ No newline at end of file
diff --git a/public/views/_user.html b/public/views/_user.html
index 16460f390..d7d9c6bcc 100644
--- a/public/views/_user.html
+++ b/public/views/_user.html
@@ -138,6 +138,11 @@ Account admin