Add reset logic to the batcher, along with the final emails.

diff --git a/chanserv/batcher/batcher b/chanserv/batcher/batcher
index 925dcd4ac5d99e4e0713b08ac8c7b9307abf755d..ad40a7fe7274ae6f037ee53be49dfa067bdeeac7 100755 (executable)
--- a/chanserv/batcher/batcher
+++ b/chanserv/batcher/batcher
@@ -57,7 +57,7 @@ def email(userid, emailtype, prevemail):
   if not mailto:
     mailto = "user.email"
 
-  print "%s -> %s" % (`subject`, `unifieddict["user.email"]`)
+  print "%s -> %s" % (`subject`, `unifieddict[mailto]`)
   inject(unifieddict[mailto], subject, template)
 
 def main():

diff --git a/chanserv/batcher/config.py.example b/chanserv/batcher/config.py.example
index be0117a69c807ace651acc753cfcb3f1faf1dd89..ef0a85d91127100aa5775dcc50fe61a1e310373f 100644 (file)
--- a/chanserv/batcher/config.py.example
+++ b/chanserv/batcher/config.py.example
@@ -14,4 +14,5 @@ CONFIG = {
   "url": "http://webdev.quakenet.org/~slug/q9dev/",
   "urlkey": "keyere",
   "urlsecret": secretere",
+  "q9secret": "moo",
 }

diff --git a/chanserv/batcher/templates.py b/chanserv/batcher/templates.py
index 84ff5086185c7670d6a9042fc1b6f083c31a2fd7..9e7dc3970580e1b98baed2a593ab75daf5dc9db1 100644 (file)
--- a/chanserv/batcher/templates.py
+++ b/chanserv/batcher/templates.py
@@ -1,6 +1,15 @@
-import md5, os
+import md5, os, hmac, time
 from rc4 import RC4
 
+try:
+  import hashlib
+  sha256 = hashlib.sha256
+  sha256m = hashlib.sha256
+except ImportError:
+  import sha256 as __sha256
+  sha256 = __sha256.sha256
+  sha256m = __sha256
+
 def generate_url(config, obj):
   s = os.urandom(4)
   r = RC4(md5.md5("%s %s" % (s, config["urlkey"])).hexdigest())
@@ -8,9 +17,22 @@ def generate_url(config, obj):
   b = md5.md5(md5.md5("%s %s %s %s" % (config["urlsecret"], obj["user.username"], a, s)).hexdigest()).hexdigest()
   obj["url"] = "%s?m=%s&h=%s&u=%s&r=%s" % (config["url"], a.encode("hex"), b, obj["user.username"].encode("hex"), s.encode("hex"))
 
+def generate_resetcode(config, obj):
+  if not config.has_key("__codegensecret"):
+    config["__codegenhmac"] = hmac.HMAC(key=sha256(sha256("%s:codegenerator" % config["q9secret"]).digest()).hexdigest(), digestmod=sha256m)
+
+  h = config["__codegenhmac"].copy()
+  h.update(sha256("%s:%d" % (obj["user.username"], obj["user.lockuntil"])).hexdigest())
+
+  obj["resetcode"] = h.hexdigest()
+  print obj
+  obj["lockuntil"] = time.ctime(obj["user.lockuntil"])
+
 MAILTEMPLATES = {
   "mutators": {
     1: generate_url,
+    3: generate_resetcode,
+    5: generate_resetcode,
   },
   "sendto": {
     5: "prevemail",
@@ -51,13 +73,27 @@ To auth yourself to %(config.bot)s, type the following command
 
    /MSG %(config.bot)s@%(config.server)s AUTH %(user.username)s %(user.password)s
 """, },
-      3: { "subject": "%(config.bot)s password change", "body": "Your new password: %(user.password)s", },
+      3: { "subject": "%(config.bot)s password change", "body": """
+Your password has recently changed. If this was not requested by you,
+please use:
+/MSG %(config.bot)s RESET #%(user.username)s %(resetcode)s
+
+You have until %(lockuntil)s to perform this command.
+""", },
+      4: { "subject": "%(config.bot)s account reset", "body": """
+Your %(config.bot)s account settings have been restored:
+  E-mail address: %(user.email)s
+  Password:       %(user.password)s
+
+Make sure you read the %(config.bot)s security FAQ at %(config.securityurl)s.
+""", },
       5: { "subject": "%(config.bot)s email change", "body": """
-Your email address has been changed on %(config.bot)s.
+Your email address has been changed on %(config.bot)s from %(prevemail)s to %(user.email)s.
 
-ADD RESET STUFF,
+If you did not request this please use:
+/MSG %(config.bot)s RESET #%(user.username)s %(resetcode)s
 
-blah %(user.email)s
+You have until %(lockuntil)s to perform this command.
 """, },
     },
   },