cgi/edituser.cgi

   1 #!/usr/bin/perl
   2 # (c) Petr Baudis <pasky@suse.cz>
   3 # (c) Jan Krueger <jk@jk.gs>
   4 # GPLv2
   5
   6 use strict;
   7 use warnings;
   8
   9 use lib qw(/home/repo/repomgr/cgi);
  10 use Git::RepoCGI;
  11
  12 my $repo = Git::RepoCGI->new('User SSH Key Update');
  13
  14 print "<p>Go away, bot.</p>" if $repo->sparam('mail');
  15
  16 sub _auth_form {
  17         my ( $name, $submit, $fields, $auth ) = @_;
  18         $fields = '' unless $fields;
  19         my $authtag = ($auth ?
  20                 qq(<input type="hidden" name="auth" value="$auth" />) :
  21                 qq(<p>Authorization code: <input name="auth" size="40" /></p>));
  22         print <<EOT;
  23
  24 <form method="post">
  25 <input type="hidden" name="name" value="$name">
  26 $authtag
  27 $fields<p><input type="submit" value="$submit" /></p>
  28 </form>
  29 EOT
  30         exit
  31 }
  32
  33 sub _keys_field {
  34         my $keys = shift;
  35         my $cols = 5;
  36         my @lines = split(/\n/, $keys);
  37         my $lines = scalar(@lines);
  38         $cols = $lines + 2 if $lines > $cols;
  39         my $fields = <<EOT;
  40 <p>Public SSH key(s): <br />
  41         <textarea name="keys" cols="80" rows="$cols">$keys</textarea></p>
  42 EOT
  43 }
  44
  45 if ($repo->sparam('name')) {
  46         # submitted, let's see
  47         # FIXME: racy, do a lock
  48         my $name = $repo->wparam('name');
  49         my $user = $repo->load_user($name);
  50
  51         if (!$repo->sparam('auth')) {
  52                 my $auth = $user->gen_auth;
  53
  54                 # Send auth mail
  55                 open(MAIL, '|-', '/usr/bin/mail', '-s', '[repo.or.cz] Account update authorization', $user->{email}) or
  56                         die "Sorry, could not send authorization code: $!";
  57                 print MAIL <<EOT;
  58 Hello,
  59
  60 you have requested that an authorization code be sent to you for updating your
  61 account's SSH keys. If you don't want to actually update your SSH keys, just
  62 ignore this e-mail. Otherwise, use this code within 24 hours:
  63
  64 $auth
  65
  66 Should you run into any problems, please let me know.
  67
  68 Thanks for using repo.or.cz!
  69
  70                         Petr Baudis <pasky\@suse.cz>
  71 EOT
  72                 close MAIL;
  73
  74                 print <<EOT;
  75 <p>You should receive an e-mail shortly containing your authorization
  76 code.  Please enter this code below to update your SSH keys.  This code
  77 will expire in 24 hours or once you have used it.</p>
  78 EOT
  79                 _auth_form($name, "'Login'");
  80         } else {
  81                 my $gen_url = "<a href=\"edituser.cgi?name=$name\">"
  82                                 . "generate a new authorization code</a>";
  83                 $repo->bye("You must $gen_url.") unless $user->{auth};
  84
  85                 my $keys = $repo->sparam('keys');
  86                 my $fields = '';
  87                 $fields = _keys_field($keys) if $keys;
  88
  89                 my $auth = $repo->wparam('auth');
  90                 if ($auth ne $user->{auth}) {
  91                         print <<EOT;
  92 <p>
  93 Invalid authorization code, but you may re-enter it.  If the code still
  94 does not work, you may $gen_url.
  95 </p>
  96 EOT
  97                         _auth_form($name, "'Login'", $keys ? $fields : '');
  98                 }
  99
 100                 # Auth valid, keys given -> save
 101                 if ($keys) {
 102                         $user->keys_fill($repo);
 103                         $user->del_auth;
 104                         $user->keys_save;
 105                         $repo->bye("Your SSH keys have been updated.");
 106                 }
 107
 108                 # Otherwise pre-fill keys
 109                 $keys = $user->{keys};
 110                 $fields = _key_fields($user->{keys});
 111
 112                 print <<EOT;
 113 <p>Authorization code validated (for now).</p>
 114 <p>You can paste multiple keys in the box below, each on a separate
 115 line.  Paste each key <em>including</em> the <tt>ssh-</tt>whatever
 116 prefix and email-like postfix.</p>
 117 EOT
 118                 _auth_form($name, "Update keys", $fields, $auth);
 119         }
 120 }
 121
 122 print <<EOT;
 123 <p>Here you can update the public SSH keys associated with your user account. These keys are required for you to push to projects.</p>
 124 <p>SSH is used for pushing (the <tt>git+ssh</tt> protocol), your SSH key authenticates you -
 125 there is no password (though we recommend that your SSH key is password-protected; use <code>ssh-agent</code> to help your fingers).
 126 You can find your public key in <tt>~/.ssh/id_rsa.pub</tt> or <tt>~/.ssh/id_dsa.pub</tt>.
 127 If you do not have any yet, generate it using the <code>ssh-keygen</code> command.</p>
 128
 129 <p>Please enter your username below so we can send you an authorization code to the e-mail address you gave us when you registered the account.</p>
 130
 131 <form method="post">
 132 <p>Login: <input type="text" name="name" /></p>
 133 <p style="display:none">Anti-captcha (leave empty!): <input type="text" name="mail" /></p>
 134 <p><input type="submit" value="Send authorization code" /></p>
 135 </form>
 136 EOT