projects
/
blerg.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix ordering in perl subscription_list
[blerg.git]
/
aux
/
cgi
/
email.cgi
diff --git
a/aux/cgi/email.cgi
b/aux/cgi/email.cgi
index
62c717d
..
1079ddd
100755
(executable)
--- a/
aux/cgi/email.cgi
+++ b/
aux/cgi/email.cgi
@@
-1,8
+1,8
@@
#!/usr/bin/perl
use CGI::Fast qw/:cgi/;
#!/usr/bin/perl
use CGI::Fast qw/:cgi/;
-use Digest::SHA qw/hmac_sha256_base64/;
+use Digest::SHA qw/hmac_sha256/;
+use MIME::Base64 qw/encode_base64url decode_base64url/;
use Blerg::Database;
use Blerg::Database;
-use URI::Escape;
use Mail::Message;
use JSON;
use strict;
use Mail::Message;
use JSON;
use strict;
@@
-38,32
+38,33
@@
sub generate_email_verify_url {
# generate verification data
my $expiry = time + 900;
# generate verification data
my $expiry = time + 900;
- my $data = "$username;" . uri_escape($email) . ";$expiry";
+ my $email_b64 = encode_base64url($email);
+ my $data = "$username:$email_b64:$expiry";
# HMAC-SHA256 it
# HMAC-SHA256 it
- my $hmac =
hmac_sha256_base64($data, $hmac_key
);
+ my $hmac =
encode_base64url(hmac_sha256($data, $hmac_key)
);
- return Blerg::Database::BASEURL . "#/
account/email-verify/$data;
$hmac";
+ return Blerg::Database::BASEURL . "#/
email-verify/$data:
$hmac";
}
sub validate_email_data {
my ($data) = @_;
my ($payload, $hmac);
}
sub validate_email_data {
my ($data) = @_;
my ($payload, $hmac);
- if ($data =~ /^(.*)
;([^;
]+)$/) {
+ if ($data =~ /^(.*)
:([^:
]+)$/) {
$payload = $1;
$hmac = $2;
} else {
return undef;
}
$payload = $1;
$hmac = $2;
} else {
return undef;
}
- my $computed_hmac =
hmac_sha256_base64($payload, $hmac_key
);
+ my $computed_hmac =
encode_base64url(hmac_sha256($payload, $hmac_key)
);
if ($hmac ne $computed_hmac) {
return undef;
}
if ($hmac ne $computed_hmac) {
return undef;
}
- my ($username, $email, $expiry) = split('
;
', $payload);
- $email =
uri_unescape
($email);
+ my ($username, $email, $expiry) = split('
:
', $payload);
+ $email =
decode_base64url
($email);
if (time > $expiry) {
return undef;
}
if (time > $expiry) {
return undef;
}