Commit Graph

28 Commits

Author SHA1 Message Date
Dan Ungureanu fa8cd629f1
DEV: Hash tokens stored from email_tokens (#14493)
This commit adds token_hash and scopes columns to email_tokens table.
token_hash is a replacement for the token column to avoid storing email
tokens in plaintext as it can pose a security risk. The new scope column
ensures that email tokens cannot be used to perform a different action
than the one intended.

To sum up, this commit:

* Adds token_hash and scope to email_tokens

* Reuses code that schedules critical_user_email

* Refactors EmailToken.confirm and EmailToken.atomic_confirm methods

* Periodically cleans old, unconfirmed or expired email tokens
2021-11-25 09:34:39 +02:00
Dan Ungureanu 528cfea079
FEATURE: Auto-activate users invited by email (#12675)
When invited by email, users will receive an invite URL which contains
a token. If that token is present when the invite is redeemed, their
account will be automatically activated.
2021-04-14 12:15:56 +03:00
Dan Ungureanu fb19ee9eee
FIX: Correctly use invite to topic email templates (#12411)
It was used both when inviting from a topic page and when creating
invites with "Send to topic on first login", while it should be used
only in the former case.
2021-03-16 17:08:54 +02:00
Krzysztof Kotlarek 427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
Neil Lalonde 9656a21fdb
FEATURE: customization of html emails (#7934)
This feature adds the ability to customize the HTML part of all emails using a custom HTML template and optionally some CSS to style it. The CSS will be parsed and converted into inline styles because CSS is poorly supported by email clients. When writing the custom HTML and CSS, be aware of what email clients support. Keep customizations very simple.

Customizations can be added and edited in Admin > Customize > Email Style.

Since the summary email is already heavily styled, there is a setting to disable custom styles for summary emails called "apply custom styles to digest" found in Admin > Settings > Email.

As part of this work, RTL locales are now rendered correctly for all emails.
2019-07-30 15:05:08 -04:00
Robin Ward 66214eee85 SECURITY: Strip HTML from invite emails
We also strip new lines from the emails because it ruins the markdown
formatting which expects a one line message.
2019-07-05 14:57:11 -04:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Arpit Jalan 0e0794dff9 FIX: correct use of invitee vs inviter in email templates 2017-12-04 14:09:48 +05:30
Arpit Jalan 16d356ab4e FEATURE: resending invite should include original custom message
https://meta.discourse.org/t/will-resent-invite-include-original-custom-message/64699
2017-06-30 18:13:33 +05:30
Robin Ward 2efe0442bf FIX: Messed up i18n key 2017-04-27 11:45:59 -04:00
Robin Ward bf9c4a7828 FEATURE: secure_email site setting to prevent data going out in email 2017-04-26 13:05:56 -04:00
James Cook c0e25b5a9a Replace certain uses of 'gsub' with 'tr' or 'chomp' for a speed
improvement
2016-06-10 22:08:37 -05:00
Arpit Jalan 40e9e1be66 FEATURE: user-friendly custom message 2016-06-08 18:23:22 +05:30
Arpit Jalan 4253141700 FEATURE: custom email message for topic invites 2016-06-07 23:43:15 +05:30
Arpit Jalan 7b205ebba4 FEATURE: customize invite email message 2016-06-06 20:15:30 +05:30
Arpit Jalan c90251ea25 FIX: check for full name in invite email subject 2015-02-05 22:35:25 +05:30
Arpit Jalan 861f321263 FEATURE: send set password instructions after invite redemption 2014-10-11 14:13:05 +05:30
Arpit Jalan 2f6c984c8c Improve invite email copy 2014-07-10 10:57:40 +05:30
Arpit Jalan 8395da5bd0 FIX: include topic title and domain name in topic invite mail 2014-07-10 10:05:28 +05:30
Arpit Jalan 223bbc3da3 FEATURE: include topic context in topic invite 2014-07-09 21:23:20 +05:30
Jeff Atwood 1b3180f916 better copy for site and topic invites 2014-06-14 15:49:19 -07:00
Robin Ward de30af9302 Support for inviting to a forum from a user's invite page. 2013-11-06 12:56:50 -05:00
Robin Ward e29f4a3496 Work in Progress: Reply By Email:
- Add support classes and settings to enable reply by email
- Split out Email builder to be more OO, add many specs
2013-06-13 12:39:56 -04:00
Robin Ward 93bbe190c0 Moved Email components into a module 2013-06-10 15:34:10 -04:00
Sam b82e408351 add list unsubscribe 2013-04-26 16:56:28 +10:00
Sam 08af09cd7d don't pass notification email into to the default cause it freezes in a potentially incorrect value 2013-04-02 13:29:34 +11:00
Jakub Arnold 61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00