Skip to content

W
wiki-js
Commit 2b98a5f2 authored by Nicolas Giard's avatar Nicolas Giard
Browse files
Options

feat: account verification + mail config in admin area

parent 78ae137f
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 545 additions and 4 deletions
client/components/admin.vue
View file @ 2b98a5f2
......@@ -66,6 +66,9 @@
v-list-tile(to='/api')
v-list-tile-avatar: v-icon call_split
v-list-tile-title {{ $t('admin:api.title') }}
v-list-tile(to='/mail')
v-list-tile-avatar: v-icon email
v-list-tile-title {{ $t('admin:mail.title') }}
v-list-tile(to='/system')
v-list-tile-avatar: v-icon tune
v-list-tile-title {{ $t('admin:system.title') }}
......@@ -121,6 +124,7 @@ const router = new VueRouter({
{ path: '/search', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-search.vue') },
{ path: '/storage', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-storage.vue') },
{ path: '/api', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-api.vue') },
{ path: '/mail', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-mail.vue') },
{ path: '/system', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-system.vue') },
{ path: '/utilities', component: () => import(/* webpackChunkName: "admin" */ './admin/admin-utilities.vue') },
{ path: '/dev', component: () => import(/* webpackChunkName: "admin-dev" */ './admin/admin-dev.vue') },
......
client/components/admin/admin-mail.vue 0 → 100644
View file @ 2b98a5f2
<template lang='pug'>
v-container(fluid, grid-list-lg)
v-layout(row wrap)
v-flex(xs12)
.admin-header
img(src='/svg/icon-new-post.svg', alt='Mail', style='width: 80px;')
.admin-header-title
.headline.primary--text {{ $t('admin:mail.title') }}
.subheading.grey--text {{ $t('admin:mail.subtitle') }}
v-spacer
v-btn(color='success', depressed, @click='save', large)
v-icon(left) check
span {{$t('common:actions.apply')}}
v-form.pt-3
v-layout(row wrap)
v-flex(lg6 xs12)
v-form
v-card.wiki-form
v-toolbar(color='primary', dark, dense, flat)
v-toolbar-title
.subheading {{ $t('admin:mail.configuration') }}
v-subheader Sender
.px-3.pb-3
v-text-field(
outline
v-model='config.senderName'
label='Sender Name'
required
:counter='255'
prepend-icon='person'
)
v-text-field(
outline
v-model='config.senderEmail'
label='Sender Email'
required
:counter='255'
prepend-icon='email'
)
v-divider
v-subheader SMTP Settings
.px-3.pb-3
v-text-field(
outline
v-model='config.host'
label='Host'
required
:counter='255'
prepend-icon='memory'
)
v-text-field(
outline
v-model='config.port'
label='Port'
required
prepend-icon='router'
persistent-hint
hint='Usually 465 (recommended), 587 or 25.'
style='max-width: 300px;'
)
v-switch(
v-model='config.secure'
label='Secure (TLS)'
color='primary'
persistent-hint
hint='Should be enabled when using port 465, otherwise turned off (587 or 25).'
prepend-icon='vpn_lock'
)
v-text-field.mt-3(
outline
v-model='config.user'
label='Username'
required
:counter='255'
prepend-icon='lock_outline'
)
v-text-field(
outline
v-model='config.pass'
label='Password'
required
prepend-icon='lock'
type='password'
)
v-flex(lg6 xs12)
v-card.wiki-form
v-form
v-toolbar(color='primary', dark, dense, flat)
v-toolbar-title
.subheading {{ $t('admin:mail.dkim') }}
.pa-3
.body-2.grey--text.text--darken-2 DKIM (DomainKeys Identified Mail) provides a layer of security on all emails sent from Wiki.js by providing the means for recipients to validate the domain name and ensure the message authenticity.
v-switch(
v-model='config.useDKIM'
label='Use DKIM'
color='primary'
prepend-icon='vpn_key'
)
v-text-field(
outline
v-model='config.dkimDomainName'
label='Domain Name'
:counter='255'
prepend-icon='vpn_key'
:disabled='!config.useDKIM'
)
v-text-field(
outline
v-model='config.dkimKeySelector'
label='Key Selector'
:counter='255'
prepend-icon='vpn_key'
:disabled='!config.useDKIM'
)
v-text-field(
outline
v-model='config.dkimPrivateKey'
label='Private Key'
prepend-icon='vpn_key'
persistent-hint
hint='Private key for the selector in PEM format'
:disabled='!config.useDKIM'
)
</template>
<script>
import _ from 'lodash'
import { get, sync } from 'vuex-pathify'
import mailConfigQuery from 'gql/admin/mail/mail-query-config.gql'
import mailUpdateConfigMutation from 'gql/admin/mail/mail-mutation-save-config.gql'
export default {
data() {
return {
config: {
senderName: '',
senderEmail: '',
host: '',
port: 0,
secure: false,
user: '',
pass: '',
useDKIM: false,
dkimDomainName: '',
dkimKeySelector: '',
dkimPrivateKey: ''
}
}
},
computed: {
darkMode: get('site/dark')
},
methods: {
async save () {
try {
await this.$apollo.mutate({
mutation: mailUpdateConfigMutation,
variables: {
senderName: this.config.senderName || '',
senderEmail: this.config.senderEmail || '',
host: this.config.host || '',
port: _.toSafeInteger(this.config.port) || 0,
secure: this.config.secure || false,
user: this.config.user || '',
pass: this.config.pass || '',
useDKIM: this.config.useDKIM || false,
dkimDomainName: this.config.dkimDomainName || '',
dkimKeySelector: this.config.dkimKeySelector || '',
dkimPrivateKey: this.config.dkimPrivateKey || ''
},
watchLoading (isLoading) {
this.$store.commit(`loading${isLoading ? 'Start' : 'Stop'}`, 'admin-mail-update')
}
})
this.$store.commit('showNotification', {
style: 'success',
message: 'Configuration saved successfully.',
icon: 'check'
})
} catch (err) {
this.$store.commit('showNotification', {
style: 'red',
message: err.message,
icon: 'warning'
})
}
}
},
apollo: {
config: {
query: mailConfigQuery,
fetchPolicy: 'network-only',
update: (data) => _.cloneDeep(data.mail.config),
watchLoading (isLoading) {
this.$store.commit(`loading${isLoading ? 'Start' : 'Stop'}`, 'admin-mail-refresh')
}
}
}
}
</script>
<style lang='scss'>
</style>
client/graph/admin/mail/mail-mutation-save-config.gql 0 → 100644
View file @ 2b98a5f2
mutation (
$senderName: String!,
$senderEmail: String!,
$host: String!,
$port: Int!,
$secure: Boolean!,
$user: String!,
$pass: String!,
$useDKIM: Boolean!,
$dkimDomainName: String!,
$dkimKeySelector: String!,
$dkimPrivateKey: String!
) {
mail {
updateConfig(
senderName: $senderName,
senderEmail: $senderEmail,
host: $host,
port: $port,
secure: $secure,
user: $user,
pass: $pass,
useDKIM: $useDKIM,
dkimDomainName: $dkimDomainName,
dkimKeySelector: $dkimKeySelector,
dkimPrivateKey: $dkimPrivateKey
) {
responseResult {
succeeded
errorCode
slug
message
}
}
}
}
client/graph/admin/mail/mail-query-config.gql 0 → 100644
View file @ 2b98a5f2
{
mail {
config {
senderName
senderEmail
host
port
secure
user
pass
useDKIM
dkimDomainName
dkimKeySelector
dkimPrivateKey
}
}
}
client/static/svg/icon-new-post.svg 0 → 100644
View file @ 2b98a5f2
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 20.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="&#1057;&#1083;&#1086;&#1081;_1" x="0px" y="0px" viewBox="0 0 64 64" style="enable-background:new 0 0 64 64;" xml:space="preserve" width="100px" height="100px">
<linearGradient id="SVGID_1__44829" gradientUnits="userSpaceOnUse" x1="32" y1="11" x2="32" y2="53.6696" spreadMethod="reflect">
<stop offset="0" style="stop-color:#1A6DFF"/>
<stop offset="1" style="stop-color:#C822FF"/>
</linearGradient>
<path style="fill:url(#SVGID_1__44829);" d="M56,15.184v-1.183C56,12.347,54.654,11,53,11H11c-1.654,0-3,1.347-3,3.001v1.183 C6.837,15.597,6,16.696,6,18v32c0,1.657,1.343,3,3,3h46c1.657,0,3-1.343,3-3V18C58,16.696,57.163,15.597,56,15.184z M9,17h46 c0.395,0,0.729,0.234,0.892,0.567l-22.138,15.94c-1.049,0.754-2.459,0.754-3.508,0L8.108,17.567C8.271,17.234,8.605,17,9,17z M11,13 h42c0.552,0,1,0.449,1,1.001V15H10v-0.999C10,13.449,10.448,13,11,13z M55,51H9c-0.552,0-1-0.448-1-1V19.953L29.078,35.13 c0.874,0.629,1.897,0.943,2.922,0.943s2.048-0.314,2.922-0.943L56,19.953V50C56,50.552,55.552,51,55,51z"/>
<linearGradient id="SVGID_2__44829" gradientUnits="userSpaceOnUse" x1="49" y1="11" x2="49" y2="53.6696" spreadMethod="reflect">
<stop offset="0" style="stop-color:#1A6DFF"/>
<stop offset="1" style="stop-color:#C822FF"/>
</linearGradient>
<rect x="44" y="47" style="fill:url(#SVGID_2__44829);" width="10" height="2"/>
<linearGradient id="SVGID_3__44829" gradientUnits="userSpaceOnUse" x1="50" y1="11" x2="50" y2="53.6696" spreadMethod="reflect">
<stop offset="0" style="stop-color:#1A6DFF"/>
<stop offset="1" style="stop-color:#C822FF"/>
</linearGradient>
<rect x="46" y="43" style="fill:url(#SVGID_3__44829);" width="8" height="2"/>
<linearGradient id="SVGID_4__44829" gradientUnits="userSpaceOnUse" x1="19" y1="11" x2="19" y2="53.6696" spreadMethod="reflect">
<stop offset="0" style="stop-color:#1A6DFF"/>
<stop offset="1" style="stop-color:#C822FF"/>
</linearGradient>
<rect x="18" y="45" style="fill:url(#SVGID_4__44829);" width="2" height="4"/>
<linearGradient id="SVGID_5__44829" gradientUnits="userSpaceOnUse" x1="15" y1="11" x2="15" y2="53.6696" spreadMethod="reflect">
<stop offset="0" style="stop-color:#1A6DFF"/>
<stop offset="1" style="stop-color:#C822FF"/>
</linearGradient>
<rect x="14" y="45" style="fill:url(#SVGID_5__44829);" width="2" height="4"/>
<linearGradient id="SVGID_6__44829" gradientUnits="userSpaceOnUse" x1="11" y1="11" x2="11" y2="53.6696" spreadMethod="reflect">
<stop offset="0" style="stop-color:#1A6DFF"/>
<stop offset="1" style="stop-color:#C822FF"/>
</linearGradient>
<rect x="10" y="45" style="fill:url(#SVGID_6__44829);" width="2" height="4"/>
<linearGradient id="SVGID_7__44829" gradientUnits="userSpaceOnUse" x1="32" y1="20.1667" x2="32" y2="31.2199" spreadMethod="reflect">
<stop offset="0" style="stop-color:#6DC7FF"/>
<stop offset="1" style="stop-color:#E6ABFF"/>
</linearGradient>
<path style="fill:url(#SVGID_7__44829);" d="M20.062,20h23.876c0.969,0,1.374,1.238,0.593,1.811l-11.347,8.321 c-0.705,0.517-1.663,0.517-2.368,0l-11.347-8.322C18.688,21.238,19.093,20,20.062,20z"/>
</svg>
package.json
View file @ 2b98a5f2
......@@ -115,6 +115,7 @@
"mysql2": "1.6.4",
"node-2fa": "1.1.2",
"node-cache": "4.2.0",
"nodemailer": "4.7.0",
"oauth2orize": "1.11.0",
"objection": "1.4.0",
"ora": "3.0.0",
......
server/core/mail.js 0 → 100644
View file @ 2b98a5f2
const nodemailer = require('nodemailer')
const _ = require('lodash')
const fs = require('fs-extra')
const path = require('path')
/* global WIKI */
module.exports = {
transport: null,
templates: {},
init() {
if (_.get(WIKI.config, 'mail.host', '').length > 2) {
let conf = {
host: WIKI.config.mail.host,
port: WIKI.config.mail.port,
secure: WIKI.config.mail.secure
}
if (_.get(WIKI.config, 'mail.user', '').length > 1) {
conf = {
...conf,
auth: {
user: WIKI.config.mail.user,
pass: WIKI.config.mail.pass
}
}
}
if (_.get(WIKI.config, 'mail.useDKIM', false)) {
conf = {
...conf,
dkim: {
domainName: WIKI.config.mail.dkimDomainName,
keySelector: WIKI.config.mail.dkimKeySelector,
privateKey: WIKI.config.mail.dkimPrivateKey
}
}
}
this.transport = nodemailer.createTransport(conf)
} else {
WIKI.logger.warn('Mail is not setup! Please set the configuration in the administration area!')
this.transport = null
}
return this
},
async send(opts) {
if (!this.transport) {
WIKI.logger.warn('Cannot send email because mail is not setup in the administration area!')
throw new WIKI.Error.MailNotSetup()
}
await this.loadTemplate(opts.template)
return this.transport.sendMail({
from: 'noreply@requarks.io',
to: opts.to,
subject: `${opts.subject} - ${WIKI.config.title}`,
text: opts.text,
html: _.get(this.templates, opts.template)({
logo: '',
siteTitle: WIKI.config.title,
copyright: 'Powered by Wiki.js',
...opts.data
})
})
},
async loadTemplate(key) {
if (_.has(this.templates, key)) { return }
const keyKebab = _.kebabCase(key)
try {
const rawTmpl = await fs.readFile(path.join(WIKI.SERVERPATH, `templates/${keyKebab}.html`), 'utf8')
_.set(this.templates, key, _.template(rawTmpl))
} catch (err) {
WIKI.logger.warn(err)
throw new WIKI.Error.MailTemplateFailed()
}
}
}
server/db/migrations/2.0.0.js
View file @ 2b98a5f2
......@@ -170,6 +170,15 @@ exports.up = knex => {
table.string('createdAt').notNullable()
table.string('updatedAt').notNullable()
})
// USER KEYS ---------------------------
.createTable('userKeys', table => {
table.charset('utf8mb4')
table.increments('id').primary()
table.string('kind').notNullable()
table.string('key').notNullable()
table.string('createdAt').notNullable()
table.string('validUntil').notNullable()
})
// USERS -------------------------------
.createTable('users', table => {
table.charset('utf8mb4')
......@@ -185,6 +194,8 @@ exports.up = knex => {
table.string('pictureUrl')
table.string('timezone').notNullable().defaultTo('America/New_York')
table.boolean('isSystem').notNullable().defaultTo(false)
table.boolean('isActive').notNullable().defaultTo(false)
table.boolean('isVerified').notNullable().defaultTo(false)
table.string('createdAt').notNullable()
table.string('updatedAt').notNullable()
})
......@@ -240,6 +251,9 @@ exports.up = knex => {
table.integer('pageId').unsigned().references('id').inTable('pages')
table.string('localeCode', 2).references('code').inTable('locales')
})
.table('userKeys', table => {
table.integer('userId').unsigned().references('id').inTable('users')
})
.table('users', table => {
table.string('providerKey').references('key').inTable('authentication').notNullable().defaultTo('local')
table.string('localeCode', 2).references('code').inTable('locales').notNullable().defaultTo('en')
......@@ -267,5 +281,6 @@ exports.down = knex => {
.dropTableIfExists('settings')
.dropTableIfExists('storage')
.dropTableIfExists('tags')
.dropTableIfExists('userKeys')
.dropTableIfExists('users')
}
server/graph/resolvers/mail.js 0 → 100644
View file @ 2b98a5f2
const _ = require('lodash')
const graphHelper = require('../../helpers/graph')
/* global WIKI */
module.exports = {
Query: {
async mail() { return {} }
},
Mutation: {
async mail() { return {} }
},
MailQuery: {
async config(obj, args, context, info) {
return WIKI.config.mail
}
},
MailMutation: {
async updateConfig(obj, args, context) {
try {
WIKI.config.mail = {
senderName: args.senderName,
senderEmail: args.senderEmail,
host: args.host,
port: args.port,
secure: args.secure,
user: args.user,
pass: args.pass,
useDKIM: args.useDKIM,
dkimDomainName: args.dkimDomainName,
dkimKeySelector: args.dkimKeySelector,
dkimPrivateKey: args.dkimPrivateKey,
}
await WIKI.configSvc.saveToDb(['mail'])
WIKI.mail.init()
return {
responseResult: graphHelper.generateSuccess('Mail configuration updated successfully')
}
} catch (err) {
return graphHelper.generateError(err)
}
}
}
}
server/graph/schemas/mail.graphql 0 → 100644
View file @ 2b98a5f2
# ===============================================
# MAIL
# ===============================================
extend type Query {
mail: MailQuery
}
extend type Mutation {
mail: MailMutation
}
# -----------------------------------------------
# QUERIES
# -----------------------------------------------
type MailQuery {
config: MailConfig @auth(requires: ["manage:system"])
}
# -----------------------------------------------
# MUTATIONS
# -----------------------------------------------
type MailMutation {
updateConfig(
senderName: String!
senderEmail: String!
host: String!
port: Int!
secure: Boolean!
user: String!
pass: String!
useDKIM: Boolean!
dkimDomainName: String!
dkimKeySelector: String!
dkimPrivateKey: String!
): DefaultResponse @auth(requires: ["manage:system"])
}
# -----------------------------------------------
# TYPES
# -----------------------------------------------
type MailConfig {
senderName: String!
senderEmail: String!
host: String!
port: Int!
secure: Boolean!
user: String!
pass: String!
useDKIM: Boolean!
dkimDomainName: String!
dkimKeySelector: String!
dkimPrivateKey: String!
}
server/helpers/error.js
View file @ 2b98a5f2
const CustomError = require('custom-error-instance')
module.exports = {
AuthAccountBanned: CustomError('AuthAccountBanned', {
message: 'Your account has been disabled.',
code: 1016
}),
AuthAccountNotVerified: CustomError('AuthAccountNotVerified', {
message: 'You must verify your account before your can login.',
code: 1017
}),
AuthGenericError: CustomError('AuthGenericError', {
message: 'An unexpected error occured during login.',
code: 1001
......@@ -45,6 +53,14 @@ module.exports = {
message: 'Input data is invalid.',
code: 1013
}),
MailNotSetup: CustomError('MailNotSetup', {
message: 'Mail is not setup yet.',
code: 1014
}),
MailTemplateFailed: CustomError('MailTemplateFailed', {
message: 'Mail template failed to load.',
code: 1015
}),
LocaleInvalidNamespace: CustomError('LocaleInvalidNamespace', {
message: 'Invalid locale or namespace.',
code: 1009
......
server/master.js
View file @ 2b98a5f2
......@@ -19,6 +19,7 @@ module.exports = async () => {
WIKI.auth = require('./core/auth').init()
WIKI.lang = require('./core/localization').init()
WIKI.mail = require('./core/mail').init()
// ----------------------------------------
// Load middlewares
......
server/models/users.js
View file @ 2b98a5f2
......@@ -34,6 +34,8 @@ module.exports = class User extends Model {
location: {type: 'string'},
pictureUrl: {type: 'string'},
isSystem: {type: 'boolean'},
isActive: {type: 'boolean'},
isVerified: {type: 'boolean'},
createdAt: {type: 'string'},
updatedAt: {type: 'string'}
}
......@@ -351,7 +353,24 @@ module.exports = class User extends Model {
locale: 'en',
defaultEditor: 'markdown',
tfaIsActive: false,
isSystem: false
isSystem: false,
isActive: true,
isVerified: false
})
// Send verification email
await WIKI.mail.send({
template: 'accountVerify',
to: email,
subject: 'Verify your account',
data: {
preheadertext: 'Verify your account in order to gain access to the wiki.',
title: 'Verify your account',
content: 'Click the button below in order to verify your account and gain access to the wiki.',
buttonLink: 'http://www.google.com',
buttonText: 'Verify'
},
text: `You must open the following link in your browser to verify your account and gain access to the wiki: http://www.google.com`
})
return true
} else {
......
server/modules/authentication/local/authentication.js
View file @ 2b98a5f2
......@@ -19,7 +19,13 @@ module.exports = {
}).then((user) => {
if (user) {
return user.verifyPassword(uPassword).then(() => {
done(null, user)
if (!user.isActive) {
done(new WIKI.Error.AuthAccountBanned(), null)
} else if (!user.isVerified) {
done(new WIKI.Error.AuthAccountNotVerified(), null)
} else {
done(null, user)
}
}).catch((err) => {
done(err, null)
})
......
server/setup.js
View file @ 2b98a5f2
......@@ -204,7 +204,9 @@ module.exports = () => {
name: 'Administrator',
locale: 'en',
defaultEditor: 'markdown',
tfaIsActive: false
tfaIsActive: false,
isActive: true,
isVerified: true
})
await adminUser.$relatedQuery('groups').relate(adminGroup.id)
......@@ -222,7 +224,9 @@ module.exports = () => {
locale: 'en',
defaultEditor: 'markdown',
tfaIsActive: false,
isSystem: true
isSystem: true,
isActive: true,
isVerified: true
})
await guestUser.$relatedQuery('groups').relate(guestGroup.id)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment