nuttycom/aftok - Change UD5T5B7ACLIM7CPSRYGXSQ3EFNS6DTPABPXJE4HQCBI7JYLE5K3QC

Update email invitation workflow.

Users with valid invitation codes don't have to provide captcha validation.

Created by Kris Nuttycombe on January 9, 2021

UD5T5B7ACLIM7CPSRYGXSQ3EFNS6DTPABPXJE4HQCBI7JYLE5K3QC

Dependencies

In channels

main

Change contents

Insertion in lib/Aftok/Database.hs at line 104 [5.4936]

[3.7075]

[4.28769]

data InvitationError
  = InvitationExpired
  | InvitationAlreadyAccepted
  | InvitationNotFound
  deriving (Eq, Show)

Replacement in lib/Aftok/Database.hs at line 114 [5.4936]
B:BD[4.28877] → [4.28877:28929]
```
  | InvitationExpired
  | InvitationAlreadyAccepted
```
[4.28877]
[4.28929]
```
  | InvitationError InvitationError
```

Replacement in lib/Aftok/Database.hs at line 222 [5.4936]

B:BD[6.5801] → [7.8053:8172]

findInvitation :: (MonadDB m) => InvitationCode -> m (Maybe Invitation)
findInvitation ic = liftdb $ FindInvitation ic

[6.5801]

[6.5906]

findCurrentInvitation :: (MonadDB m) => C.UTCTime -> InvitationCode -> m (Either InvitationError Invitation)
findCurrentInvitation t ic =
  maybe (Left InvitationNotFound) checkInvitation <$> liftdb (FindInvitation ic)
  where
    checkInvitation i
      | t .-. (i ^. invitationTime) > fromSeconds (60 * 60 * 72 :: Int) = Left InvitationExpired
      | isJust (i ^. acceptanceTime) = Left InvitationAlreadyAccepted
      | otherwise = Right i

Replacement in lib/Aftok/Database.hs at line 233 [5.4936]
∅:D[8.444] → [6.6009:6036]
B:BD[6.6009] → [6.6009:6036]
```
  inv <- findInvitation ic
```
[8.444]
[6.6036]
```
  inv <- findCurrentInvitation t ic
```

Replacement in lib/Aftok/Database.hs at line 236 [5.4936]

B:BD[6.6088] → [9.28852:28892]

B:BD[9.28892] → [4.29309:29556]

∅:D[4.29556] → [9.28893:28968]

B:BD[7.8393] → [9.28893:28968]

    Nothing -> raiseSubjectNotFound act
    Just i
      | t .-. (i ^. invitationTime) > fromSeconds (60 * 60 * 72 :: Int) ->
        raiseOpForbidden uid InvitationExpired act
    Just i
      | isJust (i ^. acceptanceTime) ->
        raiseOpForbidden uid InvitationAlreadyAccepted act
    Just i -> withProjectAuth (i ^. P.projectId) (i ^. P.invitingUser) act

[6.6088]

[10.1389]

    Left InvitationNotFound -> raiseSubjectNotFound act
    Left InvitationExpired -> raiseOpForbidden uid (InvitationError InvitationExpired) act
    Left InvitationAlreadyAccepted -> raiseOpForbidden uid (InvitationError InvitationAlreadyAccepted) act
    Right i -> withProjectAuth (i ^. P.projectId) (i ^. P.invitingUser) act

Insertion in migrations/2021-01-03_16-15-52_auction-descriptions.txt at line 8 [11.2418]
[2.6903]
```
  ALTER TABLE bids ADD COLUMN currency currency_t NOT NULL;
```
Replacement in server/Aftok/Snaplet/Users.hs at line 18 [13.3234]
∅:D[12.103472] → [4.66085:66138]
B:BD[4.66085] → [4.66085:66138]
```
import Aftok.Database (acceptInvitation, createUser)
```
[12.103472]
[4.66138]
```
import Aftok.Database (acceptInvitation, createUser, findCurrentInvitation)
```

Replacement in server/Aftok/Snaplet/Users.hs at line 39 [13.3234]

B:BD[4.66562] → [4.66562:66615]

import Data.Text as T
import Data.Text.Encoding as T

[4.66562]

[4.66615]

import qualified Data.Text as T
import qualified Data.Text.Encoding as T

Replacement in server/Aftok/Snaplet/Users.hs at line 76 [13.3234]
B:BD[4.67423] → [4.67423:67454]
```
        _captchaToken :: Text,
```
[4.67423]
[4.67454]
```
        _captchaToken :: Maybe Text,
```

Replacement in server/Aftok/Snaplet/Users.hs at line 94 [13.3234]

B:BD[14.5708] → [14.5708:5740]

B:BD[14.5740] → [15.193:269]

      <*> (v .: "captchaToken")
      <*> (parseInvitationCodes . maybeToList =<< v .:? "invitation_codes")

[14.5708]

[16.6020]

      <*> (v .:? "captchaToken")
      <*> (parseInvitationCodes . join . maybeToList =<< v .:? "invitation_codes")

Replacement in server/Aftok/Snaplet/Users.hs at line 141 [13.3234]

∅:D[17.5009] → [16.6412:6484]

B:BD[16.6412] → [16.6412:6484]

B:BD[16.6484] → [18.6270:6445]

  captchaResult <- liftIO $ checkCaptcha cfg (userData ^. captchaToken)
  case captchaResult of
    Left err ->
      let cmsg = "Captcha check failed, please try again."
       in snapErrorJS 400 cmsg (RegCaptchaError err)
    Right _ -> pure ()

[16.6412]

[14.6062]

  now <- liftIO C.getCurrentTime
  (_, invs) <- partitionEithers <$> snapEval (traverse (findCurrentInvitation now) (userData ^. invitationCodes))
  if null invs
    then checkCaptcha' (userData ^. captchaToken)
    else pure () -- skip the captcha check with a valid invitation code

Deletion in server/Aftok/Snaplet/Users.hs at line 158 [13.3234]
B:BD[14.6466] → [14.6466:6499]
```
  now <- liftIO C.getCurrentTime
```

Insertion in server/Aftok/Snaplet/Users.hs at line 166 [13.3234]

[19.9285]

[14.6676]

  where
    checkCaptcha' = \case
      Just ct -> do
        captchaResult <- liftIO $ checkCaptcha cfg ct
        case captchaResult of
          Left err ->
            let cmsg = "Captcha check failed, please try again."
             in snapErrorJS 400 cmsg (RegCaptchaError err)
          Right _ -> pure ()
      Nothing ->
        let cmsg = "Captcha token or invitation code required."
         in snapErrorJS 400 cmsg ()

Replacement in server/templates/invitation_email.st at line 29 [20.742]

B:BD[20.1716] → [20.1716:1915]

curl -k -v -H 'Content-Type: application/json' -d '{"username":"USER", "password":"PASS", "email":"$to_email$", "btcAddr":"BTC_ADDR", "invitation_codes":["$inv_code$"]}' 'https://aftok.com/register'

[20.1716]

[8.2445]

curl --header 'Content-Type: application/json' \\
     --data '{"username":"USER", "password":"PASS", "recoveryType": "email", "recoveryEmail":"$to_email$", "invitation_codes":["$inv_code$"]}' \\
     'https://aftok.com/api/register'

Update email invitation workflow.

Dependencies

In channels

Change contents

Insertion in lib/Aftok/Database.hs at line 104 [5.4936]

Replacement in lib/Aftok/Database.hs at line 114 [5.4936]

Replacement in lib/Aftok/Database.hs at line 222 [5.4936]

Replacement in lib/Aftok/Database.hs at line 233 [5.4936]

Replacement in lib/Aftok/Database.hs at line 236 [5.4936]

Insertion in migrations/2021-01-03_16-15-52_auction-descriptions.txt at line 8 [11.2418]

Replacement in server/Aftok/Snaplet/Users.hs at line 18 [13.3234]

Replacement in server/Aftok/Snaplet/Users.hs at line 39 [13.3234]

Replacement in server/Aftok/Snaplet/Users.hs at line 76 [13.3234]

Replacement in server/Aftok/Snaplet/Users.hs at line 94 [13.3234]

Replacement in server/Aftok/Snaplet/Users.hs at line 141 [13.3234]

Deletion in server/Aftok/Snaplet/Users.hs at line 158 [13.3234]

Insertion in server/Aftok/Snaplet/Users.hs at line 166 [13.3234]

Replacement in server/templates/invitation_email.st at line 29 [20.742]