First pass at invite-only migration. #1949
Conversation
| deny_reason text, | ||
| published timestamp not null default now(), | ||
| unique(local_user_id) | ||
| ); |
There was a problem hiding this comment.
@Nutomic take a look at these, I changed some of the column names to make more sense. If they look good I can continue on with it.
There was a problem hiding this comment.
published is the creation time? That one is a bit unclear, others are fine. Not sure if acceptor_id and, accepted and deny_reason are really necessary. The first doesnt really matter, instead of accepted I would use local_user.activated (which i'm adding right now for email verification), and deny_reason can just be sent by email without storing. Well maybe that one makes sense for other admins to view.
|
Still some work to do here, but the difficult part is done. |
- Add a DeleteAccount response. - RegistrationApplicationView now has the safe LocalUserSettings. - Adding VerifyEmail to websocket API, added a proper response type.
- Added a check_registration_application function. - Only send a verification email if its been changed. - VerifyEmail now returns LoginResponse. - Deleting the old tokens after a successful email verify. - If port is missing on email config, display a better error message.
|
Trying to test it now. It looks like you also made it that login is required to view any content, didnt think that was part of this milestone.
|
crates/api/src/local_user.rs
Outdated
| &context.secret().jwt_secret, | ||
| &context.settings().hostname, | ||
| )? | ||
| .into(), |
There was a problem hiding this comment.
So clicking the verification link should directly log the user in, without password check? Thats not very secure, and besides I dont think it worked for me.
There was a problem hiding this comment.
Hrm... yeah I spose that's correct. Dang, I just changed that respose to LoginResponse from an empty VerifyEmailResponse, but I can revert that. In that case, on a successful verify, I'll just redirect them to the login page.
crates/api/src/local_user.rs
Outdated
|
|
||
| let email = if let Some(email) = &email_deref { | ||
| let site = blocking(context.pool(), Site::read_simple).await??; | ||
| if site.require_email_verification { |
There was a problem hiding this comment.
This is also how i implemented it, but i dont think it makes sense. If there is an email being set, Lemmy should always send a verification mail, regardless of the require_email_verification setting. Cause its really useless to have an email with a typo in it. What require_email_verification should do is make the email field mandatory on signup (and prevent unsetting it in the user settings), nothing else.
| #[default(None)] | ||
| pub application_question: Option<String>, | ||
| #[default(None)] | ||
| pub private_instance: Option<bool>, |
There was a problem hiding this comment.
Worth emphasizing that even with this setting, other instances can view all posts, comments etc from the instance via federation if it is enabled. And because of that, it is easy to iterate through all posts and comments using curl -H 'Accept: application/activity+json' https://ds9.lemmy.ml/post/x.
So maybe it should throw an error if both private_instance and federation.enabled are set (at least until #868 or #1576 are implemented).
There was a problem hiding this comment.
I can add that check to main.rs
Only when
Hrm, it shouldn't do that, but I'll test again. Right now I have it so that it will redirect you to the login page if you get that error (just tested, yes this is working ). But I can add a "This instance is private" header to the login page.
If a server suddenly turns on require_email_verification, I'm not sure the best way to not lock out existing users. That's a tough one. Maybe when that gets set to true, we need to update that
It shows up popup that says "verification email sent", and that field is required when the site requires it, so we should be good there.
lemmy.ml is blocked by spamhaus so to even be able to test this, I had to use my gmail creds. Unfortunately I think we're gonna have to give up on postfix for lemmy.ml and just pay for an email service once this gets merged.
I tested that a few days ago, and it worked fine. It should only load for a second or two. I'll also make that isomorphic on the front end tho just in case. I'd be interested to see your console logs there when it failed. |
|
@Nutomic okay these fixes are deployed to ds9.lemmy.ml, you can test whenever. Note that you'll have to disable federation if you want to test private instances. |
Yes its no problem, i just didnt think we would implement it as part of this milestone.
Okay that works, but only when you initially open the site. When you are on the login page and navigate to another page (eg the main page, or communities page), it shows an error popup and loads forever. Also i noticed the mod log is still publicly visible for a private instance.
Not sure either. It could be enough to document this in the config, telling admins that they manually need to update this column for existing users.
Problem is that those popups are extremely easy to miss, as they are in a corner of the screen and disappear pretty quickly.
Only if we enable email verification, which i doubt is gonna help much with spam. The registration applications are gonna be a lot more effective in that regard. But if there is an email service with a reasonable price, we can consider it.
Yes this time it worked fine. But when clicking the verification link for a second time (after already being verified), it again ends up loading forever (just with a small error popup). Maybe in cases like this, it should show the error(s) in place of the loading bar (and no popup). |
Not much I can do about that. The most important thing is the initial page load puts you in the right place.
Looks like
I already added the previous solution to the code. I tested, and it works.
I agree, I'd rather not enable email verification. But it still would probably be worth it to get an email service, so that other notification emails and password resets can still get sent out without problems. Those are all currently broken now due to spamhaus.
I'll check this out on the front end. |
You could hide or disable the buttons in that case. Anyway this seems ready to merge then. |
No description provided.