feat: add confirmation password on moodle account and add module for server_config

Author: Fixiss

src/app/learnocaml_upgrade_main.ml

@@ -6,7 +6,97 @@
  * included LICENSE file for details. *)
 
 open Js_utils
+open Lwt
 open Learnocaml_common
+open Learnocaml_api
+
+module El = struct
+  let id s = s, find_component s
+  module Login_overlay = struct
+    let login_overlay_id, login_overlay = id "login-overlay"
+    let login_new_id, login_new = id "login-new"
+
+    let upgrade_email_id, upgrade_email = id "upgrade-email-input"
+    let upgrade_password_id, upgrade_password = id "upgrade-password-input"
+    let upgrade_confirmation_id, upgrade_confirmation = id "upgrade-confirmation-input"
+    let upgrade_button_id, upgrade_button = id "upgrade-button"
+  end
+end
+
+let check_email_js email =
+  let re = Regexp.regexp Learnocaml_data.email_regexp_js in
+  Learnocaml_data.email_check_length email
+  && match Regexp.string_match re email 0 with
+     | Some _ -> true
+     | None -> false
+
+let init_token_dialog () =
+  let open El.Login_overlay in
+  Manip.SetCss.display login_overlay "block";
+  let got_token = match Lwt.task () with
+    |(_,got_tok) -> got_tok in
+  let create_token () =
+    let email = Manip.value upgrade_email and
+        password = Manip.value upgrade_password and
+        password_confirmation = Manip.value upgrade_confirmation in
+    let email_criteria = not (check_email_js email) and
+        passwd_crit1 = not (Learnocaml_data.passwd_check_length password) and
+        passwd_crit2 = not (Learnocaml_data.passwd_check_strength password) and
+        passwd_crit3 = not (password = password_confirmation) in
+    Manip.SetCss.borderColor upgrade_email "";
+    Manip.SetCss.borderColor upgrade_password "";
+    Manip.SetCss.borderColor upgrade_confirmation "";
+    if email_criteria || passwd_crit1 || passwd_crit2 || passwd_crit3 then
+      begin
+        if email_criteria then
+          Manip.SetCss.borderColor upgrade_email "#f44";
+        if passwd_crit1 || passwd_crit2 then
+          Manip.SetCss.borderColor upgrade_password "#f44";
+        if passwd_crit3 then
+          Manip.SetCss.borderColor upgrade_confirmation "#f44";
+        if email_criteria then begin
+            cb_alert ~title:[%i"ERROR"]
+              [%i"The entered e-mail was invalid."]
+              (fun () -> Manip.focus upgrade_email)
+          end
+        else if passwd_crit1 then begin
+            cb_alert ~title:[%i"ERROR"]
+              [%i"Password must be at least 8 characters long"]
+              (fun () -> Manip.focus upgrade_password)
+          end
+        else if passwd_crit2 then begin
+            cb_alert ~title:[%i"ERROR"]
+              [%i"Password must contain at least one digit, \
+                  one lower and upper letter, \
+                  and one non-alphanumeric char."]
+              (fun () -> Manip.focus upgrade_password)
+          end
+        else if passwd_crit3 then begin
+            cb_alert ~title:[%i"ERROR"]
+              [%i"The password and its confirmation are not the same"]
+              (fun () -> Manip.focus upgrade_confirmation)
+          end;
+        Lwt.return_none
+      end
+    else
+      let token = Learnocaml_data.Token.to_string (Learnocaml_local_storage.(retrieve sync_token)) in
+      retrieve (Learnocaml_api.Upgrade
+                  ("email="^email^"&passwd="^password^"&token="^token))
+                  (*body exemple ->
+                  email=&passwd=&confirmation=&csrf=Bfkxd/2TjpMAkq4bFGIs1hp9oxeBTZIKioMlQMUDlpk=&token=ZGB-GDD-SNB-41M*)
+      >>= fun _ -> cb_alert ~title:[%i"VALIDATION REQUIRED"]
+                     [%i"A confirmation e-mail has been sent to your address."]
+                     Js_utils.reload;
+                   Lwt.return_none
+  in
+  let handler f t = fun _ ->
+    Lwt.async (fun () ->
+        f () >|= function
+        | Some token -> Lwt.wakeup got_token token
+        | None -> ());
+    t
+  in
+  Manip.Ev.onclick upgrade_button (handler create_token false)
 
 let set_string_translations =
   List.iter
@@ -28,6 +118,7 @@ let () =
         "txt_upgrade_password_confirmation", [%i"Confirm password"];
         "txt_do_upgrade", [%i"Upgrade"];
         "txt_info", [%i"An e-mail will be sent to your address to confirm it."];
-      ]
+      ];
+    init_token_dialog ()
   with Not_found ->
     Learnocaml_common.alert ~title:[%i"NO TOKEN"] [%i"You are not logged in"]

src/main/learnocaml_client.ml

@@ -1089,6 +1089,33 @@ module Exercise_list = struct
     Term.info ~man ~doc:doc "exercise-list"
 end
 
+module Server_config = struct
+  let doc = "Get a structured json containing an information about the use_password compatibility"
+
+  let server_config o = (*get_config_o ~allow_static:true o
+    >>= fun {ConfigFile.server;token} ->
+    fetch server (Learnocaml_api.Server_config)
+    >>= (fun index->
+    let open Json_encoding in
+    let ezjsonm = (Json_encoding.construct
+                  (tup2 Exercise.Index.enc (assoc float))
+                  index)
+    in
+    let json =
+           match ezjsonm with
+           | `O _ | `A _ as json -> json
+           | _ -> assert false
+    in
+    Ezjsonm.to_channel ~minify:false stdout json;*)
+    Lwt.return 0(**) 
+
+  let man = man doc
+
+  let cmd =
+    use_global server_config,
+    Term.info ~man ~doc:doc "server-config"
+end
+
 module Main = struct
   let man =
     man
@@ -1111,7 +1138,8 @@ let () =
           ; Print_server.cmd
           ; Template.cmd
           ; Create_token.cmd
-          ; Exercise_list.cmd]
+          ; Exercise_list.cmd
+          ; Server_config.cmd]
   with
   | exception Failure msg ->
       Printf.eprintf "[ERROR] %s\n" msg;

src/server/learnocaml_server.ml

@@ -935,39 +935,27 @@ module Request_handler = struct
          let params = Uri.query_of_encoded body
                       |> List.map (fun (a, b) -> a, String.concat "," b) in
          let token = Token.parse @@ List.assoc "token" params in
-         Token_index.UserIndex.emails_of_token !sync_dir token >>=
-           (function
-            | None ->
-               let make_cookie = Cohttp.Cookie.Set_cookie_hdr.make
-                                   ~expiration:(`Max_age (Int64.of_int 60)) ~path:"/" in
-               let cookies = [make_cookie ~http_only:true ("csrf", "expired")] and
-                   email = List.assoc "email" params and
-                   password = List.assoc "passwd" params and
-                   confirmation = List.assoc "confirmation" params in
-               Token_index.UserIndex.exists !sync_dir email >>= fun exists ->
-               if exists then lwt_fail (`Forbidden, "E-mail already used")
-               else if not (Learnocaml_data.passwd_check_length password)
-                       || not (Learnocaml_data.passwd_check_strength password)
-                       || not (check_email_ml email)
-                       || not (password = confirmation) then
-                 lwt_ok @@ Redirect { code=`See_other; url="/upgrade"; cookies }
-               else
-                 let cookies = make_cookie ("token", Token.to_string token) :: cookies in
-                 Token_index.UserIndex.upgrade !sync_dir token email password >>= fun () ->
-                 Token_index.UpgradeIndex.change_email !sync_dir token >>= fun handle ->
-                 get_nickname token >>= fun nick ->
-                 Learnocaml_sendmail.confirm_email
-                   ~nick
-                   ~url:(req.Api.host ^ "/confirm/" ^ handle)
-                   email;
-                 lwt_ok @@ Redirect { code=`See_other; url="/"; cookies }
-            | Some _ -> lwt_fail (`Forbidden, "Already an account."))
-
+         let make_cookie = Cohttp.Cookie.Set_cookie_hdr.make
+                             ~expiration:(`Max_age (Int64.of_int 60)) ~path:"/" in
+         let cookies = [make_cookie ~http_only:true ("csrf", "expired")] and
+             email = List.assoc "email" params and
+             password = List.assoc "passwd" params in
+         let  cookies = make_cookie ("token", Token.to_string token) :: cookies in
+         Token_index.UserIndex.upgrade !sync_dir token email password >>= fun () ->
+         Token_index.UpgradeIndex.change_email !sync_dir token >>= fun handle ->
+         get_nickname token >>= fun nick ->
+         Learnocaml_sendmail.confirm_email
+           ~nick
+           ~url:(req.Api.host ^ "/confirm/" ^ handle)
+           email;
+         lwt_ok @@ Redirect { code=`See_other; url="/"; cookies }
       | Api.Upgrade_form _ ->
          lwt_fail (`Forbidden, "Users with passwords are disabled on this instance.")
       | Api.Upgrade _ ->
          lwt_fail (`Forbidden, "Users with passwords are disabled on this instance.")
 
+      | Api.Server_config _ ->
+         lwt_fail (`Forbidden, "pas encore fait")
       | Api.Invalid_request body ->
           lwt_fail (`Bad_request, body)
 

src/state/learnocaml_api.ml

@@ -112,6 +112,8 @@ type _ request =
       string -> string request
   | Upgrade:
       string -> string request
+  | Server_config:
+      unit -> bool request
 
   | Invalid_request:
       string -> string request
@@ -217,6 +219,8 @@ module Conversions (Json: JSON_CODEC) = struct
       | Upgrade_form _ -> str
       | Upgrade _ -> str
 
+      | Server_config () -> json J.bool
+
       | Invalid_request _ ->
           str
 
@@ -362,8 +366,11 @@ module Conversions (Json: JSON_CODEC) = struct
 
     | Upgrade_form _ ->
         assert false (* Reserved for a link *)
-    | Upgrade _ ->
-        assert false (* Reserved for a form *)
+    | Upgrade body ->
+       post ["do_upgrade"] body
+
+    | Server_config () ->
+       get ["get_server_config"]
 
     | Invalid_request s ->
         failwith ("Error request "^s)
@@ -547,7 +554,10 @@ module Server (Json: JSON_CODEC) (Rh: REQUEST_HANDLER) = struct
       | `POST body, ["upgrade"], _ ->
           Upgrade_form body |> k
       | `POST body, ["do_upgrade"], _ ->
-          Upgrade body |> k
+         Upgrade body |> k
+
+      | `GET, ["get_server_config"], _ ->
+         Server_config () |> k
 
       | `GET, ["teacher"; "exercise-status.json"], Some token
         when Token.is_teacher token ->

src/state/learnocaml_api.mli

@@ -126,6 +126,9 @@ type _ request =
   | Upgrade:
       string -> string request
 
+  | Server_config:
+      unit -> bool request
+
   | Invalid_request:
       string -> string request
     (** Only for server-side handling: bound to requests not matching any case

static/upgrade.html

@@ -19,34 +19,32 @@
   </head>
   <body>
     <div id="login-overlay">
-      <form method="post" action="/do_upgrade">
-	<div id="login-new">
-          <h4 id="txt_upgrade"><!-- Upgrade account --></h4>
-	  <div id="txt_info"><!-- An email will be sent to your address to confirm it. --></div>
-          <div>
-            <div id="txt_upgrade_email"><!-- Email address --></div>
-            <div class="filler_h"></div>
-            <input id="upgrade-email-input" name="email" type="email" minlength="5" autocomplete="off">
-          </div>
-          <div>
-            <div id="txt_upgrade_password"><!-- Password --></div>
-            <div class="filler_h"></div>
-            <input id="upgrade-password-input" name="passwd" type="password" minlength="8">
-          </div>
-          <div>
-            <div id="txt_upgrade_password_confirmation"><!-- Confirmation --></div>
-            <div class="filler_h"></div>
-            <input id="upgrade-confirmation-input" name="confirmation" type="password" minlength="8">
-          </div>
-	  <ul>
-	    <li><div id="txt_password_length"><!-- remark 1 --></div></li>
-	    <li><div id="txt_password_strength"><!-- remark 2 --></div></li>
-	  </ul>
-	  <input type="hidden" name="csrf">
-	  <input id="input-token" type="hidden" name="token">
-          <button id="upgrade-button"><span id="txt_do_upgrade"><!-- Upgrade --></span></button>
-	</div>
-      </form>
+      <div id="login-new">
+        <h4 id="txt_upgrade"><!-- Upgrade account --></h4>
+	<div id="txt_info"><!-- An email will be sent to your address to confirm it. --></div>
+        <div>
+          <div id="txt_upgrade_email"><!-- Email address --></div>
+          <div class="filler_h"></div>
+          <input id="upgrade-email-input" name="email" type="email" minlength="5" autocomplete="off">
+        </div>
+        <div>
+          <div id="txt_upgrade_password"><!-- Password --></div>
+          <div class="filler_h"></div>
+          <input id="upgrade-password-input" name="passwd" type="password" minlength="8">
+        </div>
+        <div>
+          <div id="txt_upgrade_password_confirmation"><!-- Confirmation --></div>
+          <div class="filler_h"></div>
+          <input id="upgrade-confirmation-input" name="confirmation" type="password" minlength="8">
+        </div>
+	<ul>
+	  <li><div id="txt_password_length"><!-- remark 1 --></div></li>
+	  <li><div id="txt_password_strength"><!-- remark 2 --></div></li>
+	</ul>
+	<input type="hidden" name="csrf">
+	<input id="input-token" type="hidden" name="token">
+        <button id="upgrade-button"><span id="txt_do_upgrade"><!-- Upgrade --></span></button>
+      </div>
     </div>
   </body>
 </html>