login.sh (3266B)
1 #!/bin/sh 2 3 . $cwd/include/userinfo.sh 4 . $cwd/include/common.sh 5 . $cwd/include/log.sh 6 7 login(){ 8 clear 9 echo "$banner" 10 echo "$start_message" 11 12 prompt "login" user 13 14 [ "$user" = "new" ] && { 15 [ "$(get_log "create_account" | grep -v "localhost" | grep "${REMOTE_HOST:-localhost}")" != "" ] && { 16 error "you have already created an account today" 17 return 1 18 } 19 clear 20 echo "Registration" 21 echo 22 info "Only a-z0-9 are accepted in usernames" 23 info "Max-length of 10 characters" 24 prompt "user" user 25 origuser="$user" 26 user=$(echo "$user" | tr -dc 'a-z0-9') 27 [ "$origuser" != "$user" ] && info "username changed to: $user" 28 origuser="$user" 29 user=$(echo "$user" | cut -c-10) 30 [ "$origuser" != "$user" ] && info "username truncated to: $user" 31 checknuser "$user" 2>/dev/null || { 32 return 1 33 } 34 info "Password must be atleast 8 characters long" 35 info "Passwords are hashed with sha512sum" 36 prompt "passwd" passwd 37 echo "$passwd" | grep '........' >/dev/null || { 38 error "password too short" 39 return 1 40 } 41 [ "$verify_email" = "yes" ] && prompt "email (must be verified in order to post)" email || prompt "email (no verification needed)" email 42 checknmail "$email" || { 43 return 1 44 } 45 [ "$verify_email" = "yes" ] && { 46 vercode=$(head -n 5 /dev/urandom | base64 | tr -d '\n' | cut -c-10) 47 ( 48 echo "This is the bbs auto-mailer" 49 echo 50 echo "Your verification code is:" 51 echo "$vercode" 52 echo 53 echo "If this message is not intended for you, please ignore it" 54 ) | mail -s "$bbs_addr verification code" -r "$email_addr" -- "$email" 55 userset "$user" "expiry" "$(dateadd $(date +%Y-%m-%d) +2d)" 56 userset "$user" "vercode" "$vercode" 57 } 58 userset "$user" "creation" "$(date +%Y-%m-%d)" 59 userset "$user" "email" "$email" 60 userset "$user" "passwd" "$(echo "$passwd" | sha512sum)" 61 userset "$user" "realname" "$user" 62 add_log "create_account" "${REMOTE_HOST:-localhost}" 63 touch $datadir/profile/$user 64 ok "account \"$user\" created" 65 [ "$verify_email" = "yes" ] && info "Your account expires in 2 days unless verified" 66 echo "Login to your account" 67 echo 68 return 1 69 } 70 71 [ "$user" = "recover" ] && { 72 [ "$recover_email" != "yes" ] && { 73 error "email-based account recovery disabled" 74 return 1 75 } 76 [ "$(get_log "recover_account" | grep "^$user$")" != "" ] && { 77 error "you have already attempted to recover an account today" 78 info "if you haven't received your recovery email yet, the mail server is still attmepting to resend it" 79 return 1 80 } 81 clear 82 echo "Recovery" 83 echo 84 prompt "user" user 85 user=$(echo "$user" | tr -dc 'a-z0-9' | cut -c-10) 86 [ ! -f $datadir/users/$user ] && { 87 error "no such user" 88 return 1 89 } 90 passwd=$(head -n 5 /dev/urandom | base64 | tr -d '\n' | cut -c-30) 91 ( 92 echo "This is the bbs auto-mailer" 93 echo 94 echo "Your new passwd is:" 95 echo "$passwd" 96 echo 97 echo "If this message is not intended for you, please ignore it" 98 ) | mail -s "$bbs_addr password recovery" -r "$email_addr" -- "$(userget "$user" email)" 99 userset "$user" "passwd" "$(echo "$passwd" | sha512sum)" 100 add_log "recover_account" "$user" 101 ok "sent recovery email to $(userget "$user" email)" 102 return 1 103 } 104 105 prompt "passwd" passwd 106 check "$user" "$(echo "$passwd" | sha512sum)" 107 }