1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-20 04:20:55 +01:00
phorge-phorge/src/applications/auth/controller/PhabricatorAuthInviteController.php
epriestley 7797443428 Support invites in the registration and login flow
Summary:
Ref T7152. This substantially completes the upstream login flow. Basically, we just cookie you and push you through normal registration, with slight changes:

  - All providers allow registration if you have an invite.
  - Most providers get minor text changes to say "Register" instead of "Login" or "Login or Register".
  - The Username/Password provider changes to just a "choose a username" form.
  - We show the user that they're accepting an invite, and who invited them.

Then on actual registration:

  - Accepting an invite auto-verifies the address.
  - Accepting an invite auto-approves the account.
  - Your email is set to the invite email and locked.
  - Invites get to reassign nonprimary, unverified addresses from other accounts.

But 98% of the code is the same.

Test Plan:
  - Accepted an invite.
  - Verified a new address on an existing account via invite.
  - Followed a bad invite link.
  - Tried to accept a verified invite.
  - Reassigned an email by accepting an unverified, nonprimary invite on a new account.
  - Verified that reassigns appear in the activity log.

{F291493}
{F291494}
{F291495}
{F291496}
{F291497}
{F291498}
{F291499}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7152

Differential Revision: https://secure.phabricator.com/D11737
2015-02-11 06:06:28 -08:00

63 lines
1.7 KiB
PHP

<?php
final class PhabricatorAuthInviteController
extends PhabricatorAuthController {
public function shouldRequireLogin() {
return false;
}
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$engine = id(new PhabricatorAuthInviteEngine())
->setViewer($viewer);
if ($request->isFormPost()) {
$engine->setUserHasConfirmedVerify(true);
}
$invite_code = $request->getURIData('code');
try {
$invite = $engine->processInviteCode($invite_code);
} catch (PhabricatorAuthInviteDialogException $ex) {
$response = $this->newDialog()
->setTitle($ex->getTitle())
->appendParagraph($ex->getBody());
$submit_text = $ex->getSubmitButtonText();
if ($submit_text) {
$response->addSubmitButton($submit_text);
}
$submit_uri = $ex->getSubmitButtonURI();
if ($submit_uri) {
$response->setSubmitURI($submit_uri);
}
$cancel_uri = $ex->getCancelButtonURI();
$cancel_text = $ex->getCancelButtonText();
if ($cancel_uri && $cancel_text) {
$response->addCancelButton($cancel_uri, $cancel_text);
} else if ($cancel_uri) {
$response->addCancelButton($cancel_uri);
}
return $response;
} catch (PhabricatorAuthInviteRegisteredException $ex) {
// We're all set on processing this invite, just send the user home.
return id(new AphrontRedirectResponse())->setURI('/');
}
// Give the user a cookie with the invite code and send them through
// normal registration. We'll adjust the flow there.
$request->setCookie(
PhabricatorCookies::COOKIE_INVITE,
$invite_code);
return id(new AphrontRedirectResponse())->setURI('/auth/start/');
}
}