Start recovery view

crates/handlers/src/lib.rs

@@ -381,6 +381,10 @@ where
             get(self::views::account::emails::add::get)
                 .post(self::views::account::emails::add::post),
         )
+        .route(
+            mas_router::AccountRecoveryStart::route(),
+            get(self::views::recovery::start::get).post(self::views::recovery::start::post),
+        )
         .route(
             mas_router::OAuth2AuthorizationEndpoint::route(),
             get(self::oauth2::authorization::get),

crates/handlers/src/views/account/mod.rs

@@ -1,4 +1,4 @@
-// Copyright 2021, 2022 The Matrix.org Foundation C.I.C.
+// Copyright 2021-2024 The Matrix.org Foundation C.I.C.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

crates/handlers/src/views/mod.rs

@@ -18,5 +18,6 @@ pub mod index;
 pub mod login;
 pub mod logout;
 pub mod reauth;
+pub mod recovery;
 pub mod register;
 pub mod shared;

crates/handlers/src/views/recovery/mod.rs

@@ -0,0 +1,15 @@
+// Copyright 2024 The Matrix.org Foundation C.I.C.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+pub mod start;

crates/handlers/src/views/recovery/start.rs

@@ -0,0 +1,137 @@
+// Copyright 2024 The Matrix.org Foundation C.I.C.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use std::str::FromStr;
+
+use axum::{
+    extract::State,
+    response::{Html, IntoResponse, Response},
+    Form, TypedHeader,
+};
+use lettre::Address;
+use mas_axum_utils::{
+    cookies::CookieJar,
+    csrf::{CsrfExt, ProtectedForm},
+    FancyError, SessionInfoExt,
+};
+use mas_data_model::UserAgent;
+use mas_router::UrlBuilder;
+use mas_storage::{BoxClock, BoxRepository, BoxRng};
+use mas_templates::{
+    FieldError, FormState, RecoveryStartContext, RecoveryStartFormField, TemplateContext, Templates,
+};
+use serde::{Deserialize, Serialize};
+
+use crate::{BoundActivityTracker, PreferredLanguage};
+
+#[derive(Deserialize, Serialize)]
+pub(crate) struct StartRecoveryForm {
+    email: String,
+}
+
+pub(crate) async fn get(
+    mut rng: BoxRng,
+    clock: BoxClock,
+    mut repo: BoxRepository,
+    State(templates): State<Templates>,
+    State(url_builder): State<UrlBuilder>,
+    PreferredLanguage(locale): PreferredLanguage,
+    cookie_jar: CookieJar,
+) -> Result<Response, FancyError> {
+    let (session_info, cookie_jar) = cookie_jar.session_info();
+    let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
+
+    let maybe_session = session_info.load_session(&mut repo).await?;
+    if maybe_session.is_some() {
+        // TODO: redirect to continue whatever action was going on
+        return Ok((cookie_jar, url_builder.redirect(&mas_router::Index)).into_response());
+    }
+
+    let context = RecoveryStartContext::new()
+        .with_csrf(csrf_token.form_value())
+        .with_language(locale);
+
+    repo.save().await?;
+
+    let rendered = templates.render_recovery_start(&context)?;
+
+    Ok((cookie_jar, Html(rendered)).into_response())
+}
+
+pub(crate) async fn post(
+    mut rng: BoxRng,
+    clock: BoxClock,
+    mut repo: BoxRepository,
+    user_agent: TypedHeader<headers::UserAgent>,
+    activity_tracker: BoundActivityTracker,
+    State(templates): State<Templates>,
+    State(url_builder): State<UrlBuilder>,
+    PreferredLanguage(locale): PreferredLanguage,
+    cookie_jar: CookieJar,
+    Form(form): Form<ProtectedForm<StartRecoveryForm>>,
+) -> Result<impl IntoResponse, FancyError> {
+    let (session_info, cookie_jar) = cookie_jar.session_info();
+    let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
+
+    let maybe_session = session_info.load_session(&mut repo).await?;
+    if maybe_session.is_some() {
+        // TODO: redirect to continue whatever action was going on
+        return Ok((cookie_jar, url_builder.redirect(&mas_router::Index)).into_response());
+    }
+
+    let user_agent = UserAgent::parse(user_agent.as_str().to_owned());
+    let ip_address = activity_tracker.ip();
+
+    let form = cookie_jar.verify_form(&clock, form)?;
+    let mut form_state = FormState::from_form(&form);
+
+    if Address::from_str(&form.email).is_err() {
+        form_state =
+            form_state.with_error_on_field(RecoveryStartFormField::Email, FieldError::Invalid);
+    }
+
+    if !form_state.is_valid() {
+        repo.save().await?;
+        let context = RecoveryStartContext::new()
+            .with_form_state(form_state)
+            .with_csrf(csrf_token.form_value())
+            .with_language(locale);
+
+        let rendered = templates.render_recovery_start(&context)?;
+
+        return Ok((cookie_jar, Html(rendered)).into_response());
+    }
+
+    let session = repo
+        .user_recovery()
+        .add_session(
+            &mut rng,
+            &clock,
+            form.email,
+            user_agent,
+            ip_address,
+            locale.to_string(),
+        )
+        .await?;
+
+    // TODO: spawn a job which will send all the emails
+
+    repo.save().await?;
+
+    Ok((
+        cookie_jar,
+        url_builder.redirect(&mas_router::AccountRecoveryProgress::new(session.id)),
+    )
+        .into_response())
+}

crates/router/src/endpoints.rs

@@ -776,6 +776,38 @@ impl SimpleRoute for OAuth2DeviceAuthorizationEndpoint {
     const PATH: &'static str = "/oauth2/device";
 }
 
+/// `GET|POST /recover`
+#[derive(Default, Serialize, Deserialize, Debug, Clone)]
+pub struct AccountRecoveryStart;
+
+impl SimpleRoute for AccountRecoveryStart {
+    const PATH: &'static str = "/recover";
+}
+
+/// `GET|POST /recover/progress/:session_id`
+#[derive(Default, Serialize, Deserialize, Debug, Clone)]
+pub struct AccountRecoveryProgress {
+    session_id: Ulid,
+}
+
+impl AccountRecoveryProgress {
+    #[must_use]
+    pub fn new(session_id: Ulid) -> Self {
+        Self { session_id }
+    }
+}
+
+impl Route for AccountRecoveryProgress {
+    type Query = ();
+    fn route() -> &'static str {
+        "/recover/progress/:session_id"
+    }
+
+    fn path(&self) -> std::borrow::Cow<'static, str> {
+        format!("/recover/progress/{}", self.session_id).into()
+    }
+}
+
 /// `GET /assets`
 pub struct StaticAsset {
     path: String,

crates/templates/src/context.rs

@@ -913,6 +913,61 @@ impl TemplateContext for EmailAddContext {
     }
 }
 
+/// Fields of the account recovery start form
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, Hash, PartialEq, Eq)]
+#[serde(rename_all = "snake_case")]
+pub enum RecoveryStartFormField {
+    /// The email
+    Email,
+}
+
+impl FormField for RecoveryStartFormField {
+    fn keep(&self) -> bool {
+        match self {
+            Self::Email => true,
+        }
+    }
+}
+
+/// Context used by the `pages/recovery/start.html` template
+#[derive(Serialize, Default)]
+pub struct RecoveryStartContext {
+    form: FormState<RecoveryStartFormField>,
+}
+
+impl RecoveryStartContext {
+    /// Constructs a context for the recovery start page
+    #[must_use]
+    pub fn new() -> Self {
+        Self::default()
+    }
+
+    /// Set the form state
+    #[must_use]
+    pub fn with_form_state(self, form: FormState<RecoveryStartFormField>) -> Self {
+        Self { form }
+    }
+}
+
+impl TemplateContext for RecoveryStartContext {
+    fn sample(_now: chrono::DateTime<Utc>, _rng: &mut impl Rng) -> Vec<Self>
+    where
+        Self: Sized,
+    {
+        vec![
+            Self::new(),
+            Self::new().with_form_state(
+                FormState::default()
+                    .with_error_on_field(RecoveryStartFormField::Email, FieldError::Required),
+            ),
+            Self::new().with_form_state(
+                FormState::default()
+                    .with_error_on_field(RecoveryStartFormField::Email, FieldError::Invalid),
+            ),
+        ]
+    }
+}
+
 /// Context used by the `pages/upstream_oauth2/{link_mismatch,do_login}.html`
 /// templates
 #[derive(Serialize)]

crates/templates/src/lib.rs

@@ -47,9 +47,10 @@ pub use self::{
         DeviceLinkFormField, EmailAddContext, EmailVerificationContext,
         EmailVerificationPageContext, EmptyContext, ErrorContext, FormPostContext, IndexContext,
         LoginContext, LoginFormField, NotFoundContext, PolicyViolationContext, PostAuthContext,
-        PostAuthContextInner, ReauthContext, ReauthFormField, RegisterContext, RegisterFormField,
-        SiteBranding, SiteConfigExt, SiteFeatures, TemplateContext, UpstreamExistingLinkContext,
-        UpstreamRegister, UpstreamRegisterFormField, UpstreamSuggestLink, WithCsrf, WithLanguage,
+        PostAuthContextInner, ReauthContext, ReauthFormField, RecoveryStartContext,
+        RecoveryStartFormField, RegisterContext, RegisterFormField, SiteBranding, SiteConfigExt,
+        SiteFeatures, TemplateContext, UpstreamExistingLinkContext, UpstreamRegister,
+        UpstreamRegisterFormField, UpstreamSuggestLink, WithCsrf, WithLanguage,
         WithOptionalSession, WithSession,
     },
     forms::{FieldError, FormError, FormField, FormState, ToFormState},
@@ -347,6 +348,9 @@ register_templates! {
     /// Render the email verification page
     pub fn render_account_add_email(WithLanguage<WithCsrf<WithSession<EmailAddContext>>>) { "pages/account/emails/add.html" }
 
+    /// Render the account recovery start page
+    pub fn render_recovery_start(WithLanguage<WithCsrf<RecoveryStartContext>>) { "pages/recovery/start.html" }
+
     /// Render the re-authentication form
     pub fn render_reauth(WithLanguage<WithCsrf<WithSession<ReauthContext>>>) { "pages/reauth.html" }
 
@@ -403,6 +407,7 @@ impl Templates {
         check::render_index(self, now, rng)?;
         check::render_account_add_email(self, now, rng)?;
         check::render_account_verify_email(self, now, rng)?;
+        check::render_recovery_start(self, now, rng)?;
         check::render_reauth(self, now, rng)?;
         check::render_form_post::<EmptyContext>(self, now, rng)?;
         check::render_error(self, now, rng)?;