RocketGit

catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)

Main RocketGit repo

Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit

List of commits:

Subject	Hash	Author	Date (UTC)
Destroy confirmation link after use	6794a957bf695525b1a171eb6b602d228fd0f725	Catalin(ux) M. BOIE	2019-04-01 17:41:47
Show rg_log_sid into the user output to help identifying the logs	f272e87bcb5fef0e34459c5025b3d4bc796dab6d	Catalin(ux) M. BOIE	2018-08-29 21:40:36
SELinux updates	04b76e731f34762838434e8412e283be7360d188	Catalin(ux) M. BOIE	2018-08-29 21:36:29
Corrected wrong help for ssh 2fa	04f8223c0c8fc585d3c7882c17ba4ecb7c22d0b5	Catalin(ux) M. BOIE	2018-08-29 21:36:16
ldap changes	89e6848701e4c27d0f089393c7591302c45c57d4	Catalin(ux) M. BOIE	2018-08-29 21:35:56
Allow login token to be appended to the password	8a5b003845f54d2771beaec7b14b96b2029ee9db	Catalin(ux) M. BOIE	2018-08-29 21:35:16
Cosmetic changes for the theme	e8ed0db5fd9b41c5a63e1e171adb615a33817da8	Catalin(ux) M. BOIE	2018-08-29 21:32:36
samples updated	b42d3dd5947ae9bcf3994854219e759d93abcafa	Catalin(ux) M. BOIE	2018-08-29 21:32:03
docker updates	f26097f046666d3ab5ca96e69f6fc458188a33ed	Catalin(ux) M. BOIE	2018-08-29 21:31:16
Cosmetic changes	d5069178bed9736db02c3233e95564ad7b429e17	Catalin(ux) M. BOIE	2018-08-29 21:30:42
tests: added helper for totp enrollment	bad21ca093b427b200b3fbdcf2a2e1dd1820f93a	Catalin(ux) M. BOIE	2018-08-29 20:59:17
Store the timestamp of the deletion for a repo, not 1	e761b36efaa37fc3c453e8382127e340bc736bc7	Catalin(ux) M. BOIE	2018-06-04 18:00:35
totp: urlencode must be used when building the url for 2fa	f85ea05bf4b456cc0430e78f2705347dc79343ae	Catalin(ux) M. BOIE	2018-05-29 17:39:06
totp: remove expired entries	06cd360eff667740bcf8a580447cb86f3c2e6850	Catalin(ux) M. BOIE	2018-05-29 17:38:16
Show disk size in users list	9cc05cb0307cf31d6d2ebacda0846b0774e704d7	Catalin(ux) M. BOIE	2017-12-25 08:09:22
Added timeout for ldap bind/search operations	502fbf1287f1ad37f7c6c82c473c9b472d3fa65a	Catalin(ux) M. BOIE	2017-11-26 15:46:51
Default uid_attr for ldap is now 'uid'	6e3993359d506d76ec739dd87fa682eea6b5a3b6	Catalin(ux) M. BOIE	2017-11-26 14:57:58
lock cache must not store 'ok' field	5a600b275fcf50c2df2cb0253a80aa99ae145b0d	Catalin(ux) M. BOIE	2017-11-26 14:41:33
CURLOPT_SSLCERT must not be provided in newer versions of curl	d14ad10139a9a5f4f59961fbaa3fe371754e806a	Catalin(ux) M. BOIE	2017-11-26 14:25:32
Newer git, by providing an empty user, will not sent the user. This is bad, switch to using 'guest' user	0c84bf03fa4ceb3fe4b832c39134116d8cea6105	Catalin(ux) M. BOIE	2017-11-26 14:23:11

Commit 6794a957bf695525b1a171eb6b602d228fd0f725 - Destroy confirmation link after use
Author: Catalin(ux) M. BOIE
Author date (UTC): 2019-04-01 17:41
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2019-04-01 17:41
Parent(s): f272e87bcb5fef0e34459c5025b3d4bc796dab6d
Signer:
Signing key:
Signing status: N
Tree: 31373481cd0c9c40c438eba4577192b8cb4286c7

File	Lines added	Lines deleted
inc/struct.inc.php	3	1
inc/user.inc.php	4	2
tests/http_confirm.php	16	5

File inc/struct.inc.php changed (mode: 100644) (index f826798..787bd53)
...	...	$rg_sql_struct[44]['table'] = array(
640	640	);	);
641	641	$rg_sql_struct[44]['other'] = array(	$rg_sql_struct[44]['other'] = array(
642	642	'index ldap_cache uuid' =>	'index ldap_cache uuid' =>
643		"CREATE INDEX ldap_cache_i_uuid on ldap_cache(uuid)"
	643		"CREATE INDEX ldap_cache_i_uuid on ldap_cache(uuid)",
	644		'invalidate_confirmation_token' =>
	645		"UPDATE users SET confirm_token = '' WHERE confirmed > 1"
644	646	);	);
645	647
646	648	// Do not forget to add the new tables to statistics	// Do not forget to add the new tables to statistics

File inc/user.inc.php changed (mode: 100644) (index 3fa5824..ca0aaa6)
...	...	function rg_user_confirm($db, $token)
1748	1748	// "< 2" because we mark with "1" if "no need to confirm"	// "< 2" because we mark with "1" if "no need to confirm"
1749	1749	$params = array("confirmed" => $now, "uid" => $uid);	$params = array("confirmed" => $now, "uid" => $uid);
1750	1750	$sql = 'UPDATE users SET confirmed = @@confirmed@@'	$sql = 'UPDATE users SET confirmed = @@confirmed@@'
	1751		. ', confirm_token = \'\''
1751	1752	. ' WHERE uid = @@uid@@';	. ' WHERE uid = @@uid@@';
1752	1753	$res = rg_sql_query_params($db, $sql, $params);	$res = rg_sql_query_params($db, $sql, $params);
1753	1754	if ($res === FALSE) {	if ($res === FALSE) {

...	...	function rg_user_confirm($db, $token)
1756	1757	}	}
1757	1758	rg_sql_free_result($res);	rg_sql_free_result($res);
1758	1759
1759		rg_cache_set('user' . '::' . $uid . '::' . 'info'
1760		. '::' . 'confirmed', $now, RG_SOCKET_NO_WAIT);
	1760		$_a = array('confirmed' => $now, 'confirm_token' => '');
	1761		rg_cache_merge('user' . '::' . $uid . '::' . 'info',
	1762		$_a, RG_SOCKET_NO_WAIT);
1761	1763	}	}
1762	1764
1763	1765	$ret = $uid;	$ret = $uid;

File tests/http_confirm.php changed (mode: 100644) (index 08450e6..f1d756b)
...	...	while ($tries) {
79	79	sleep(1);	sleep(1);
80	80	}	}
81	81	rg_log_ml('c: ' . print_r($c, TRUE));	rg_log_ml('c: ' . print_r($c, TRUE));
	82		$c = $c['mail/user/welcome'];
82	83	$t = explode('below:', $c['body']);	$t = explode('below:', $c['body']);
83	84	$t = ltrim($t[1]);	$t = ltrim($t[1]);
84	85	$t = explode("\n", $t);	$t = explode("\n", $t);

...	...	$data = array(); $headers = array();
92	93	$r = do_req($link . 'XXX?t=http_confirm', $data, $headers);	$r = do_req($link . 'XXX?t=http_confirm', $data, $headers);
93	94	if (!strstr($r['body'], 'Invalid token')) {	if (!strstr($r['body'], 'Invalid token')) {
94	95	rg_log_ml('r: ' . print_r($r, TRUE));	rg_log_ml('r: ' . print_r($r, TRUE));
95		rg_log('Somethign wrong with the token!');
	96		rg_log('Something wrong with the token!');
96	97	exit(1);	exit(1);
97	98	}	}
98	99	rg_log_exit();	rg_log_exit();
99	100
100	101
101		rg_log_enter('Trying with the good link...');
102		$r = do_req($link . '?t=http_confirm', $data, $headers);
103		if (!strstr($r['body'], 'Home page of user')) {
	102		rg_log_enter('Trying with the good link (first time)...');
	103		$r = do_req($link . '?t=http_confirm1', $data, $headers);
	104		if (!strstr($r['body'], 'Your e-mail is confirmed now.')) {
104	105	rg_log_ml('r: ' . print_r($r, TRUE));	rg_log_ml('r: ' . print_r($r, TRUE));
105		rg_log('Somethign wrong with the token!');
	106		rg_log('Something wrong with the token!');
	107		exit(1);
	108		}
	109		rg_log_exit();
	110
	111
	112		rg_log_enter('Trying with the good link (second time)...');
	113		$r = do_req($link . '?t=http_confirm2', $data, $headers);
	114		if (!strstr($r['body'], 'Invalid token.')) {
	115		rg_log_ml('r: ' . print_r($r, TRUE));
	116		rg_log('Reusing a confirmation token must not work!');
106	117	exit(1);	exit(1);
107	118	}	}
108	119	rg_log_exit();	rg_log_exit();

Hints:
Before first commit, do not forget to setup your git environment:

git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):

git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):

git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:

git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:

... clone the repository ...
... make some changes and some commits ...
git push origin main