1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 05:50:55 +01:00
phorge-phorge/scripts
epriestley 87207b2f4e Allow users to have multiple email addresses, and verify emails
Summary:
  - Move email to a separate table.
  - Migrate existing email to new storage.
  - Allow users to add and remove email addresses.
  - Allow users to verify email addresses.
  - Allow users to change their primary email address.
  - Convert all the registration/reset/login code to understand these changes.
  - There are a few security considerations here but I think I've addressed them. Principally, it is important to never let a user acquire a verified email address they don't actually own. We ensure this by tightening the scoping of token generation rules to be (user, email) specific.
  - This should have essentially zero impact on Facebook, but may require some minor changes in the registration code -- I don't exactly remember how it is set up.

Not included here (next steps):

  - Allow configuration to restrict email to certain domains.
  - Allow configuration to require validated email.

Test Plan:
This is a fairly extensive, difficult-to-test change.

  - From "Email Addresses" interface:
    - Added new email (verified email verifications sent).
    - Changed primary email (verified old/new notificactions sent).
    - Resent verification emails (verified they sent).
    - Removed email.
    - Tried to add already-owned email.
  - Created new users with "accountadmin". Edited existing users with "accountadmin".
  - Created new users with "add_user.php".
  - Created new users with web interface.
  - Clicked welcome email link, verified it verified email.
  - Reset password.
  - Linked/unlinked oauth accounts.
  - Logged in with oauth account.
  - Logged in with email.
  - Registered with Oauth account.
  - Tried to register with OAuth account with duplicate email.
  - Verified errors for email verification with bad tokens, etc.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1184

Differential Revision: https://secure.phabricator.com/D2393
2012-05-07 10:29:33 -07:00
..
aphront Use PhabricatorEnv::newObjectFromConfig() wherever possible 2012-03-21 14:57:52 -07:00
calendar Display holidays 2012-05-03 09:22:52 -07:00
conduit Encode "<" and ">" in JSON/Ajax responses to prevent content-sniffing attacks 2012-02-14 14:51:51 -08:00
daemon Merge __init_env__.php into __init_script__.php 2011-10-02 11:48:09 -07:00
differential Ignore non-existing diffs in copied code detector script 2012-04-30 11:05:30 -07:00
drydock More Drydock Stuff 2012-03-26 20:54:26 -07:00
fpm Minify static resources 2012-03-28 10:13:53 -07:00
install Make SQL patch management DAG-based and provide namespace support 2012-04-30 07:54:00 -07:00
mail Provide upgrade script for transition away from Meta MTA daemon 2012-03-05 15:15:19 -08:00
repository Use "closed", not "committed", in Differential 2012-04-23 17:40:57 -07:00
search Merge __init_env__.php into __init_script__.php 2011-10-02 11:48:09 -07:00
setup Test for pcntl availability from the command line, not Apache 2011-05-30 21:02:08 -07:00
sql Make default database namespace configurable 2012-04-30 11:56:58 -07:00
symbols Add an "--ignore-duplicates" flag to import_project_symbols.php 2012-04-07 17:25:38 -07:00
user Allow users to have multiple email addresses, and verify emails 2012-05-07 10:29:33 -07:00
util Add a script to programmatically add image macros 2012-03-09 08:55:11 -08:00
__init_script__.php Make SQL patch management DAG-based and provide namespace support 2012-04-30 07:54:00 -07:00
celerity_mapper.php Further improve unit/lint rendering 2012-05-01 10:15:56 -07:00