Differential D20117 Diff 48130 src/applications/auth/controller/PhabricatorAuthConfirmLinkController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorAuthConfirmLinkController.php
Show All 14 Lines | public function handleRequest(AphrontRequest $request) { | ||||
} | } | ||||
if (!$provider->shouldAllowAccountLink()) { | if (!$provider->shouldAllowAccountLink()) { | ||||
return $this->renderError(pht('This account is not linkable.')); | return $this->renderError(pht('This account is not linkable.')); | ||||
} | } | ||||
$panel_uri = '/settings/panel/external/'; | $panel_uri = '/settings/panel/external/'; | ||||
if ($request->isFormPost()) { | if ($request->isFormOrHisecPost()) { | ||||
$workflow_key = sprintf( | |||||
'account.link(%s)', | |||||
$account->getPHID()); | |||||
$hisec_token = id(new PhabricatorAuthSessionEngine()) | |||||
->setWorkflowKey($workflow_key) | |||||
->requireHighSecurityToken($viewer, $request, $panel_uri); | |||||
$account->setUserPHID($viewer->getPHID()); | $account->setUserPHID($viewer->getPHID()); | ||||
$account->save(); | $account->save(); | ||||
$this->clearRegistrationCookies(); | $this->clearRegistrationCookies(); | ||||
// TODO: Send the user email about the new account link. | // TODO: Send the user email about the new account link. | ||||
return id(new AphrontRedirectResponse())->setURI($panel_uri); | return id(new AphrontRedirectResponse())->setURI($panel_uri); | ||||
} | } | ||||
// TODO: Provide more information about the external account. Clicking | $dialog = $this->newDialog() | ||||
// through this form blindly is dangerous. | |||||
// TODO: If the user has password authentication, require them to retype | |||||
// their password here. | |||||
$dialog = id(new AphrontDialogView()) | |||||
->setUser($viewer) | |||||
->setTitle(pht('Confirm %s Account Link', $provider->getProviderName())) | ->setTitle(pht('Confirm %s Account Link', $provider->getProviderName())) | ||||
->addCancelButton($panel_uri) | ->addCancelButton($panel_uri) | ||||
->addSubmitButton(pht('Confirm Account Link')); | ->addSubmitButton(pht('Confirm Account Link')); | ||||
$form = id(new PHUIFormLayoutView()) | $form = id(new PHUIFormLayoutView()) | ||||
->setFullWidth(true) | ->setFullWidth(true) | ||||
->appendChild( | ->appendChild( | ||||
phutil_tag( | phutil_tag( | ||||
Show All 29 Lines |