cgi/edituser.cgi

   1 #!/usr/bin/perl
   2 # (c) Petr Baudis <pasky@suse.cz>
   3 # (c) Jan Krueger <jk@jk.gs>
   4 # GPLv2
   5
   6 use strict;
   7 use warnings;
   8
   9 use lib qw(/home/repo/repomgr/cgi);
  10 use Git::RepoCGI;
  11
  12 my $repo = Git::RepoCGI->new('User SSH Key Update');
  13 my $cgi = $repo->cgi;
  14
  15 if ($cgi->param('mail')) {
  16         print "<p>Go away, bot.</p>";
  17         exit;
  18 }
  19
  20 sub _auth_form {
  21         my $name = shift;
  22         my $submit = shift;
  23         my $fields = shift;
  24         $fields = '' if (!$fields);
  25         my $auth = shift;
  26         my $authtag = ($auth ? qq(<input type="hidden" name="auth" value="$auth" />) :
  27                 qq(<p>Authorization code: <input name="auth" size="40" /></p>));
  28         print <<EOT;
  29
  30 <form method="post">
  31 <input type="hidden" name="name" value="$name">
  32 $authtag
  33 $fields<p><input type="submit" value="$submit" /></p>
  34 EOT
  35 }
  36
  37 if ($cgi->param('name')) {
  38         # submitted, let's see
  39         # FIXME: racy, do a lock
  40         my $name = $repo->wparam('name');
  41         (valid_user_name($name)
  42                 and Git::RepoCGI::User::does_exist($name))
  43                 or $repo->err("Username is not registered.");
  44
  45         $repo->err_check and exit;
  46
  47         my $user = Git::RepoCGI::User->load($name) or
  48                 die "Failed loading user $name but this can't really happen here";
  49
  50         if (!$cgi->param('auth')) {
  51                 my $auth = $user->gen_auth;
  52
  53                 # Send auth mail
  54                 open(MAIL, '|-', '/usr/bin/mail', '-s', '[repo.or.cz] Account update authorization', $user->{email}) or
  55                         die "Sorry, could not send authorization code: $!";
  56                 print MAIL <<EOT;
  57 Hello,
  58
  59 you have requested that an authorization code be sent to you for updating your
  60 account's SSH keys. If you don't want to actually update your SSH keys, just
  61 ignore this e-mail. Otherwise, use this code within 24 hours:
  62
  63 $auth
  64
  65 Should you run into any problems, please let me know.
  66
  67 Thanks for using repo.or.cz!
  68
  69                         Petr Baudis <pasky\@suse.cz>
  70 EOT
  71                 close MAIL;
  72
  73                 print "<p>You should shortly receive an e-mail containing an authorization code. Please enter this code below to update your SSH keys.
  74 The code will expire in 24 hours or after you have used it.</p>";
  75                 _auth_form($name, "'Login'");
  76                 exit;
  77         } else {
  78                 $user->{auth} or
  79                         die("There currently isn't any authorization code filed under your account. Please <a href=\"edituser.cgi\">generate one</a>.");
  80
  81                 my $fields = '';
  82                 my $keys = $cgi->param('keys') || '';
  83                 if ($keys) {
  84                         $fields = "<p>Public SSH key(s): <textarea wrap=\"off\" name=\"keys\" cols=\"80\" rows=\"5\">$keys</textarea></p>\n";
  85                 }
  86
  87                 my $auth = $repo->wparam('auth');
  88                 if ($auth ne $user->{auth}) {
  89                         print '<p>Invalid authorization code, please re-enter or <a href="edituser.cgi">generate a new one</a>.</p>';
  90                         _auth_form($name, "'Login'", $fields);
  91                         exit;
  92                 }
  93
  94                 # Auth valid, keys given -> save
  95                 if ($keys) {
  96                         $user->keys_fill($repo);
  97                         $user->del_auth;
  98                         $user->keys_save;
  99                         print "<p>Your SSH keys have been updated.</p>";
 100                         exit;
 101                 }
 102
 103                 # Otherwise pre-fill keys
 104                 $keys = $user->{keys};
 105                 $fields = "<p>Public SSH key(s): <textarea name=\"keys\" cols=\"80\" rows=\"5\">$keys</textarea></p>\n";
 106
 107                 print "<p>Authorization code validated (for now).</p>
 108 <p>You can paste multiple keys in the box below, each on a separate line.
 109 Paste each key <em>including</em> the <tt>ssh-</tt>whatever prefix and email-like postfix.</p>\n";
 110                 _auth_form($name, "Update keys", $fields, $auth);
 111                 exit;
 112         }
 113
 114 }
 115
 116 print <<EOT;
 117 <p>Here you can update the public SSH keys associated with your user account. These keys are required for you to push to projects.</p>
 118 <p>SSH is used for pushing (the <tt>git+ssh</tt> protocol), your SSH key authenticates you -
 119 there is no password (though we recommend that your SSH key is password-protected; use <code>ssh-agent</code> to help your fingers).
 120 You can find your public key in <tt>~/.ssh/id_rsa.pub</tt> or <tt>~/.ssh/id_dsa.pub</tt>.
 121 If you do not have any yet, generate it using the <code>ssh-keygen</code> command.</p>
 122
 123 <p>Please enter your username below so we can send you an authorization code to the e-mail address you gave us when you registered the account.</p>
 124
 125 <form method="post">
 126 <p>Login: <input type="text" name="name" /></p>
 127 <p style="display:none">Anti-captcha (leave empty!): <input type="text" name="mail" /></p>
 128 <p><input type="submit" value="Send authorization code" /></p>
 129 </form>
 130 EOT