mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-20 04:20:55 +01:00
7797443428
Summary: Ref T7152. This substantially completes the upstream login flow. Basically, we just cookie you and push you through normal registration, with slight changes: - All providers allow registration if you have an invite. - Most providers get minor text changes to say "Register" instead of "Login" or "Login or Register". - The Username/Password provider changes to just a "choose a username" form. - We show the user that they're accepting an invite, and who invited them. Then on actual registration: - Accepting an invite auto-verifies the address. - Accepting an invite auto-approves the account. - Your email is set to the invite email and locked. - Invites get to reassign nonprimary, unverified addresses from other accounts. But 98% of the code is the same. Test Plan: - Accepted an invite. - Verified a new address on an existing account via invite. - Followed a bad invite link. - Tried to accept a verified invite. - Reassigned an email by accepting an unverified, nonprimary invite on a new account. - Verified that reassigns appear in the activity log. {F291493} {F291494} {F291495} {F291496} {F291497} {F291498} {F291499} Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T7152 Differential Revision: https://secure.phabricator.com/D11737
63 lines
1.7 KiB
PHP
63 lines
1.7 KiB
PHP
<?php
|
|
|
|
final class PhabricatorAuthInviteController
|
|
extends PhabricatorAuthController {
|
|
|
|
public function shouldRequireLogin() {
|
|
return false;
|
|
}
|
|
|
|
public function handleRequest(AphrontRequest $request) {
|
|
$viewer = $this->getViewer();
|
|
|
|
$engine = id(new PhabricatorAuthInviteEngine())
|
|
->setViewer($viewer);
|
|
|
|
if ($request->isFormPost()) {
|
|
$engine->setUserHasConfirmedVerify(true);
|
|
}
|
|
|
|
$invite_code = $request->getURIData('code');
|
|
|
|
try {
|
|
$invite = $engine->processInviteCode($invite_code);
|
|
} catch (PhabricatorAuthInviteDialogException $ex) {
|
|
$response = $this->newDialog()
|
|
->setTitle($ex->getTitle())
|
|
->appendParagraph($ex->getBody());
|
|
|
|
$submit_text = $ex->getSubmitButtonText();
|
|
if ($submit_text) {
|
|
$response->addSubmitButton($submit_text);
|
|
}
|
|
|
|
$submit_uri = $ex->getSubmitButtonURI();
|
|
if ($submit_uri) {
|
|
$response->setSubmitURI($submit_uri);
|
|
}
|
|
|
|
$cancel_uri = $ex->getCancelButtonURI();
|
|
$cancel_text = $ex->getCancelButtonText();
|
|
if ($cancel_uri && $cancel_text) {
|
|
$response->addCancelButton($cancel_uri, $cancel_text);
|
|
} else if ($cancel_uri) {
|
|
$response->addCancelButton($cancel_uri);
|
|
}
|
|
|
|
return $response;
|
|
} catch (PhabricatorAuthInviteRegisteredException $ex) {
|
|
// We're all set on processing this invite, just send the user home.
|
|
return id(new AphrontRedirectResponse())->setURI('/');
|
|
}
|
|
|
|
// Give the user a cookie with the invite code and send them through
|
|
// normal registration. We'll adjust the flow there.
|
|
$request->setCookie(
|
|
PhabricatorCookies::COOKIE_INVITE,
|
|
$invite_code);
|
|
|
|
return id(new AphrontRedirectResponse())->setURI('/auth/start/');
|
|
}
|
|
|
|
|
|
}
|