feat(email): PWA login sends code only; drop admin link from alert emails
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 10s
CI / integration (pull_request) Successful in 15s
CI / ui (pull_request) Successful in 1m8s
CI / conformance (pull_request) Successful in 9s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m40s
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 10s
CI / integration (pull_request) Successful in 15s
CI / ui (pull_request) Successful in 1m8s
CI / conformance (pull_request) Successful in 9s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m40s
Two email changes, per the owner: 1. Code-only login from an installed PWA. A login requested while running as a standalone PWA now omits the one-tap confirm link from the email — the link would open in a separate browser whose minted session cannot reach the PWA, stranding the login. The code is typed in the same window instead. The client sends a `pwa` flag (isStandalone) on the email-code request (a new FBS field, threaded through the gateway); the backend omits the deeplink when it is set, reusing the existing deletion-code link-omission path. Non-PWA browser logins keep the one-tap link. No polling, no migration. 2. Security: the operator alert digest no longer embeds the admin-console (/_gm) URL. An admin link must never travel in an email, where a mail provider could cache or index it; the operator opens the console directly. Tests: an inttest asserting the PWA login email omits the link (and a browser one keeps it); a codec round-trip of the new pwa field; the alert-digest test flipped to guard the admin link is absent. Docs: ARCHITECTURE + FUNCTIONAL (+ru).
This commit is contained in:
@@ -41,8 +41,13 @@ language(optionalEncoding?:any):string|Uint8Array|null {
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
pwa():boolean {
|
||||
const offset = this.bb!.__offset(this.bb_pos, 10);
|
||||
return offset ? !!this.bb!.readInt8(this.bb_pos + offset) : false;
|
||||
}
|
||||
|
||||
static startEmailRequestRequest(builder:flatbuffers.Builder) {
|
||||
builder.startObject(3);
|
||||
builder.startObject(4);
|
||||
}
|
||||
|
||||
static addEmail(builder:flatbuffers.Builder, emailOffset:flatbuffers.Offset) {
|
||||
@@ -57,16 +62,21 @@ static addLanguage(builder:flatbuffers.Builder, languageOffset:flatbuffers.Offse
|
||||
builder.addFieldOffset(2, languageOffset, 0);
|
||||
}
|
||||
|
||||
static addPwa(builder:flatbuffers.Builder, pwa:boolean) {
|
||||
builder.addFieldInt8(3, +pwa, +false);
|
||||
}
|
||||
|
||||
static endEmailRequestRequest(builder:flatbuffers.Builder):flatbuffers.Offset {
|
||||
const offset = builder.endObject();
|
||||
return offset;
|
||||
}
|
||||
|
||||
static createEmailRequestRequest(builder:flatbuffers.Builder, emailOffset:flatbuffers.Offset, browserTzOffset:flatbuffers.Offset, languageOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
static createEmailRequestRequest(builder:flatbuffers.Builder, emailOffset:flatbuffers.Offset, browserTzOffset:flatbuffers.Offset, languageOffset:flatbuffers.Offset, pwa:boolean):flatbuffers.Offset {
|
||||
EmailRequestRequest.startEmailRequestRequest(builder);
|
||||
EmailRequestRequest.addEmail(builder, emailOffset);
|
||||
EmailRequestRequest.addBrowserTz(builder, browserTzOffset);
|
||||
EmailRequestRequest.addLanguage(builder, languageOffset);
|
||||
EmailRequestRequest.addPwa(builder, pwa);
|
||||
return EmailRequestRequest.endEmailRequestRequest(builder);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -35,6 +35,7 @@ import {
|
||||
} from './telegram';
|
||||
import { onVKPath, insideVK, vkInit, vkClose, vkDisableSwipeBack, vkLaunchParams, vkUserName, vkStartParam, vkOnScheme, vkOnInsets, vkSetViewSettings, appearanceForBg } from './vk';
|
||||
import { pendingVKLink, type VKLinkCallback } from './vkid';
|
||||
import { isStandalone } from './pwa';
|
||||
import { registerServiceWorker } from './pwa.svelte';
|
||||
import { haptic } from './haptics';
|
||||
import { CLOUD_PREFS_KEY, decodeClientPrefs, encodeClientPrefs } from './cloudprefs';
|
||||
@@ -980,7 +981,7 @@ export async function loginGuest(): Promise<void> {
|
||||
|
||||
export async function requestEmailCode(email: string): Promise<boolean> {
|
||||
try {
|
||||
await gateway.authEmailRequest(email, app.locale);
|
||||
await gateway.authEmailRequest(email, app.locale, isStandalone());
|
||||
return true;
|
||||
} catch (err) {
|
||||
handleError(err);
|
||||
|
||||
@@ -65,7 +65,7 @@ export interface GatewayClient {
|
||||
* cosmetic seed for a brand-new account). */
|
||||
authVK(params: string, displayName: string): Promise<Session>;
|
||||
authGuest(locale?: string): Promise<Session>;
|
||||
authEmailRequest(email: string, language: string): Promise<void>;
|
||||
authEmailRequest(email: string, language: string, pwa: boolean): Promise<void>;
|
||||
authEmailLogin(email: string, code: string): Promise<Session>;
|
||||
/** Confirm a one-tap email deeplink token: a login returns a session to adopt; a
|
||||
* link returns a status ('confirmed' | 'merge_required'). */
|
||||
|
||||
@@ -122,10 +122,11 @@ describe('codec', () => {
|
||||
expect(guest.browserTz()).toBe('-05:30');
|
||||
|
||||
const email = fb.EmailRequestRequest.getRootAsEmailRequestRequest(
|
||||
new ByteBuffer(encodeEmailRequest('a@example.com', '+00:00', 'en')),
|
||||
new ByteBuffer(encodeEmailRequest('a@example.com', '+00:00', 'en', true)),
|
||||
);
|
||||
expect(email.email()).toBe('a@example.com');
|
||||
expect(email.browserTz()).toBe('+00:00');
|
||||
expect(email.pwa()).toBe(true);
|
||||
expect(email.language()).toBe('en');
|
||||
|
||||
const confirm = fb.EmailConfirmLinkRequest.getRootAsEmailConfirmLinkRequest(
|
||||
|
||||
+7
-1
@@ -214,7 +214,12 @@ export function encodeGuestLogin(locale: string, browserTz: string): Uint8Array
|
||||
return finish(b, fb.GuestLoginRequest.endGuestLoginRequest(b));
|
||||
}
|
||||
|
||||
export function encodeEmailRequest(email: string, browserTz: string, language: string): Uint8Array {
|
||||
export function encodeEmailRequest(
|
||||
email: string,
|
||||
browserTz: string,
|
||||
language: string,
|
||||
pwa: boolean,
|
||||
): Uint8Array {
|
||||
const b = new Builder(128);
|
||||
const e = b.createString(email);
|
||||
const tz = b.createString(browserTz);
|
||||
@@ -223,6 +228,7 @@ export function encodeEmailRequest(email: string, browserTz: string, language: s
|
||||
fb.EmailRequestRequest.addEmail(b, e);
|
||||
fb.EmailRequestRequest.addBrowserTz(b, tz);
|
||||
fb.EmailRequestRequest.addLanguage(b, l);
|
||||
fb.EmailRequestRequest.addPwa(b, pwa);
|
||||
return finish(b, fb.EmailRequestRequest.endEmailRequestRequest(b));
|
||||
}
|
||||
|
||||
|
||||
@@ -150,7 +150,7 @@ export class MockGateway implements GatewayClient {
|
||||
async authGuest(): Promise<Session> {
|
||||
return { ...SESSION };
|
||||
}
|
||||
async authEmailRequest(_email: string, _language: string): Promise<void> {}
|
||||
async authEmailRequest(_email: string, _language: string, _pwa: boolean): Promise<void> {}
|
||||
async confirmEmailLink(_token: string): Promise<ConfirmLinkResult> {
|
||||
return { purpose: 'link', status: 'confirmed', session: null };
|
||||
}
|
||||
|
||||
@@ -118,8 +118,8 @@ export function createTransport(baseUrl: string): GatewayClient {
|
||||
async authGuest(locale) {
|
||||
return codec.decodeSession(await exec('auth.guest', codec.encodeGuestLogin(locale ?? '', browserOffset())));
|
||||
},
|
||||
async authEmailRequest(email, language) {
|
||||
await exec('auth.email.request', codec.encodeEmailRequest(email, browserOffset(), language));
|
||||
async authEmailRequest(email, language, pwa) {
|
||||
await exec('auth.email.request', codec.encodeEmailRequest(email, browserOffset(), language, pwa));
|
||||
},
|
||||
async confirmEmailLink(token) {
|
||||
return codec.decodeConfirmLinkResult(await exec('auth.email.confirm_link', codec.encodeEmailConfirmLink(token)));
|
||||
|
||||
Reference in New Issue
Block a user