2 use CGI::Fast qw/:cgi/;
3 use Digest::SHA qw/hmac_sha256/;
4 use MIME::Base64 qw/encode_base64url decode_base64url/;
13 open HMAC_KEY, "$ENV{BLERG_HOME}/etc/hmac_key"
14 or die "Could not open $ENV{BLERG_HOME}/etc/hmac_key";
15 read(HMAC_KEY, $hmac_key, 256);
19 print header(-type => 'text/html',
20 -status => '404 Not Found');
23 <h1>404 Not Found</h1>
28 print header(-type => 'text/html',
29 -status => '403 Forbidden');
32 <h1>403 Forbidden</h1>
37 sub generate_email_verify_url {
38 my ($username, $email) = @_;
40 # generate verification data
41 my $expiry = time + 900;
42 my $email_b64 = encode_base64url($email);
43 my $data = "$username:$email_b64:$expiry";
46 my $hmac = encode_base64url(hmac_sha256($data, $hmac_key));
48 return Blerg::Database::BASEURL . "#/email-verify/$data:$hmac";
51 sub validate_email_data {
55 if ($data =~ /^(.*):([^:]+)$/) {
62 my $computed_hmac = encode_base64url(hmac_sha256($payload, $hmac_key));
63 if ($hmac ne $computed_hmac) {
67 my ($username, $email, $expiry) = split(':', $payload);
68 $email = decode_base64url($email);
73 return ($username, $email);
76 sub validate_authentication {
79 my $auth = $q->cookie('auth');
83 my ($username, $token) = split('/', $auth);
84 if (Blerg::Database::auth_check_token($username, $token)) {
92 while (my $q = new CGI::Fast) {
93 my (undef, $cmd, $args) = split '/', $ENV{PATH_INFO}, 3;
97 my $username = validate_authentication($q);
98 if (!defined $username) {
103 print header(-type => 'application/json');
104 my $email = $q->param('email');
105 if (!defined $email) {
106 say '{"status": "failure"}';
110 my $url = generate_email_verify_url($username, $email);
111 Mail::Message->build(
112 From => Mail::Address->new('BlergBot', 'noreply@blerg.cc'),
114 Subject => 'Blërg Email Verification',
115 Mail::Message::Field->new('Content-Type', 'text/plain', 'charset="utf8"'),
117 To verify this email address, please click or copy/paste the following link
118 into your web browser.
122 If you received this email by mistake, just ignore it.
128 say '{"status": "success"}';
131 print header(-type => 'application/json');
133 my ($username, $email) = validate_email_data($q->param('data'));
135 if (!defined $username) {
136 say '{"status": "failure"}';
140 my $email_conf_path = Blerg::Database::configuration->{data_path} . "/$username/email";
141 open CONF, '>', $email_conf_path;
145 say '{"status": "success"}';
148 my $username = validate_authentication($q);
149 if (!defined $username) {
155 my $email_conf_path = Blerg::Database::configuration->{data_path} . "/$username/email";
156 if (-f $email_conf_path) {
157 open CONF, $email_conf_path;
162 say header(-type => 'application/json'),
163 JSON->new->utf8->encode({email => $email});
166 my $username = validate_authentication($q);
167 if (!defined $username) {
172 print header(-type => 'application/json');
174 my $email_conf_path = Blerg::Database::configuration->{data_path} . "/$username/email";
175 if (unlink $email_conf_path) {
176 say '{"status": "success"}';
178 say '{"status": "failure"}';