#!/usr/bin/perl
use CGI::Fast qw/:cgi/;
-use Digest::SHA qw/hmac_sha256_base64/;
+use Digest::SHA qw/hmac_sha256/;
+use MIME::Base64 qw/encode_base64url decode_base64url/;
use Blerg::Database;
-use URI::Escape;
use Mail::Message;
+use JSON;
use strict;
use v5.10;
# generate verification data
my $expiry = time + 900;
- my $data = "$username;" . uri_escape($email) . ";$expiry";
+ my $email_b64 = encode_base64url($email);
+ my $data = "$username:$email_b64:$expiry";
# HMAC-SHA256 it
- my $hmac = hmac_sha256_base64($data, $hmac_key);
+ my $hmac = encode_base64url(hmac_sha256($data, $hmac_key));
- return Blerg::Database::BASEURL . "#/account/email-verify/$data;$hmac";
+ return Blerg::Database::BASEURL . "#/email-verify/$data:$hmac";
}
sub validate_email_data {
my ($data) = @_;
my ($payload, $hmac);
- if ($data =~ /^(.*);([^;]+)$/) {
+ if ($data =~ /^(.*):([^:]+)$/) {
$payload = $1;
$hmac = $2;
} else {
return undef;
}
- my $computed_hmac = hmac_sha256_base64($payload, $hmac_key);
+ my $computed_hmac = encode_base64url(hmac_sha256($payload, $hmac_key));
if ($hmac ne $computed_hmac) {
return undef;
}
- my ($username, $email, $expiry) = split(';', $payload);
- $email = uri_unescape($email);
+ my ($username, $email, $expiry) = split(':', $payload);
+ $email = decode_base64url($email);
if (time > $expiry) {
return undef;
}
say '{"status": "success"}';
}
+ when ('status') {
+ my $username = validate_authentication($q);
+ if (!defined $username) {
+ print_403;
+ next REQUEST;
+ }
+
+ my $email = undef;
+ my $email_conf_path = Blerg::Database::configuration->{data_path} . "/$username/email";
+ if (-f $email_conf_path) {
+ open CONF, $email_conf_path;
+ $email = <CONF>;
+ close CONF;
+ }
+
+ say header(-type => 'application/json'),
+ JSON->new->utf8->encode({email => $email});
+ }
when ('cancel') {
my $username = validate_authentication($q);
if (!defined $username) {