Merge pull request #431 from jozefrebjak/develop

feat: add request info to all emails

src/Authentication/Actions/Email2FA.php

@@ -6,6 +6,7 @@
 
 use CodeIgniter\HTTP\IncomingRequest;
 use CodeIgniter\HTTP\RedirectResponse;
+use CodeIgniter\I18n\Time;
 use CodeIgniter\Shield\Authentication\Authenticators\Session;
 use CodeIgniter\Shield\Entities\User;
 use CodeIgniter\Shield\Entities\UserIdentity;
@@ -72,11 +73,15 @@ public function handle(IncomingRequest $request)
             return redirect()->route('auth-action-show')->with('error', lang('Auth.need2FA'));
         }
 
+        $ipAddress = $request->getIPAddress();
+        $userAgent = (string) $request->getUserAgent();
+        $date      = Time::now()->toDateTimeString();
+
         // Send the user an email with the code
         $email = emailer()->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
         $email->setTo($user->email);
         $email->setSubject(lang('Auth.email2FASubject'));
-        $email->setMessage(view(setting('Auth.views')['action_email_2fa_email'], ['code' => $identity->secret]));
+        $email->setMessage(view(setting('Auth.views')['action_email_2fa_email'], ['code' => $identity->secret, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date]));
 
         if ($email->send(false) === false) {
             throw new RuntimeException('Cannot send email for user: ' . $user->email . "\n" . $email->printDebugger(['headers']));

src/Authentication/Actions/EmailActivator.php

@@ -8,6 +8,7 @@
 use CodeIgniter\HTTP\IncomingRequest;
 use CodeIgniter\HTTP\RedirectResponse;
 use CodeIgniter\HTTP\Response;
+use CodeIgniter\I18n\Time;
 use CodeIgniter\Shield\Authentication\Authenticators\Session;
 use CodeIgniter\Shield\Entities\User;
 use CodeIgniter\Shield\Entities\UserIdentity;
@@ -43,11 +44,18 @@ public function show(): string
 
         $code = $this->createIdentity($user);
 
+        /** @var IncomingRequest $request */
+        $request = service('request');
+
+        $ipAddress = $request->getIPAddress();
+        $userAgent = (string) $request->getUserAgent();
+        $date      = Time::now()->toDateTimeString();
+
         // Send the email
         $email = emailer()->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
         $email->setTo($userEmail);
         $email->setSubject(lang('Auth.emailActivateSubject'));
-        $email->setMessage(view(setting('Auth.views')['action_email_activate_email'], ['code' => $code]));
+        $email->setMessage(view(setting('Auth.views')['action_email_activate_email'], ['code' => $code, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date]));
 
         if ($email->send(false) === false) {
             throw new RuntimeException('Cannot send email for user: ' . $user->email . "\n" . $email->printDebugger(['headers']));

src/Controllers/MagicLinkController.php

@@ -6,6 +6,7 @@
 
 use App\Controllers\BaseController;
 use CodeIgniter\Events\Events;
+use CodeIgniter\HTTP\IncomingRequest;
 use CodeIgniter\HTTP\RedirectResponse;
 use CodeIgniter\I18n\Time;
 use CodeIgniter\Shield\Authentication\Authenticators\Session;
@@ -90,11 +91,18 @@ public function loginAction()
             'expires' => Time::now()->addSeconds(setting('Auth.magicLinkLifetime'))->format('Y-m-d H:i:s'),
         ]);
 
+        /** @var IncomingRequest $request */
+        $request = service('request');
+
+        $ipAddress = $request->getIPAddress();
+        $userAgent = (string) $request->getUserAgent();
+        $date      = Time::now()->toDateTimeString();
+
         // Send the user an email with the code
         $email = emailer()->setFrom(setting('Email.fromEmail'), setting('Email.fromName') ?? '');
         $email->setTo($user->email);
         $email->setSubject(lang('Auth.magicLinkSubject'));
-        $email->setMessage(view(setting('Auth.views')['magic-link-email'], ['token' => $token]));
+        $email->setMessage(view(setting('Auth.views')['magic-link-email'], ['token' => $token, 'ipAddress' => $ipAddress, 'userAgent' => $userAgent, 'date' => $date]));
 
         if ($email->send(false) === false) {
             log_message('error', $email->printDebugger(['headers']));

src/Language/de/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'Passwort wurde nicht geändert. Der Benutzer existiert nicht',
     'resetTokenExpired'         => 'Tut mir leid. Ihr Reset-Token ist abgelaufen.',
 
+    // Email Globals
+    'emailInfo'      => 'Einige Informationen über die Person:',
+    'emailIpAddress' => 'IP Adresse:',
+    'emailDevice'    => 'Gerät:',
+    'emailDate'      => 'Datum:',
+
     // 2FA
     'email2FATitle'       => 'Zwei-Faktor-Authentifizierung',
     'confirmEmailAddress' => 'Bestätigen Sie Ihre E-Mail-Adresse.',

src/Language/en/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'Password was not changed. User does not exist',
     'resetTokenExpired'         => 'Sorry. Your reset token has expired.',
 
+    // Email Globals
+    'emailInfo'      => 'Some information about the person:',
+    'emailIpAddress' => 'IP Address:',
+    'emailDevice'    => 'Device:',
+    'emailDate'      => 'Date:',
+
     // 2FA
     'email2FATitle'       => 'Two Factor Authentication',
     'confirmEmailAddress' => 'Confirm your email address.',

src/Language/es/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'No se ha cambiado la contraseña. No existe el usuario',
     'resetTokenExpired'         => 'Lo sentimos. Tu token de reseteo ha caducado.',
 
+    // Email Globals
+    'emailInfo'      => 'Algunos datos sobre la persona:',
+    'emailIpAddress' => 'Dirección IP:',
+    'emailDevice'    => 'Dispositivo:',
+    'emailDate'      => 'Fecha:',
+
     // 2FA
     'email2FATitle'       => 'Authenticación de Doble Factor',
     'confirmEmailAddress' => 'Confirma tu dirección de email.',

src/Language/fa/Auth.php

@@ -73,6 +73,12 @@
     'userDoesNotExist'          => 'رمز عبور تغییر نکرد. کاربر وجود ندارد.',
     'resetTokenExpired'         => 'متاسفانه، توکن بازنشانی شما منقضی شده است.',
 
+    // Email Globals
+    'emailInfo'      => 'برخی از اطلاعات درخواست کننده:',
+    'emailIpAddress' => 'آدرس ای پی:',
+    'emailDevice'    => 'دستگاه:',
+    'emailDate'      => 'زمان:',
+
     // 2FA
     'email2FATitle'       => 'احراز هویت دو عاملی',
     'confirmEmailAddress' => 'آدرس ایمیل خود را تایید کنید.',

src/Language/fr/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'Le mot de passe n\'a pas été modifié. L\'utilisateur n\'existe pas',
     'resetTokenExpired'         => 'Désolé. Votre jeton de réinitialisation a expiré.',
 
+    // Email Globals
+    'emailInfo'      => 'Quelques informations sur la personne:',
+    'emailIpAddress' => 'Adresse IP:',
+    'emailDevice'    => 'Dispositif:',
+    'emailDate'      => 'Jour:',
+
     // 2FA
     'email2FATitle'       => 'Authentification à deux facteurs',
     'confirmEmailAddress' => 'Confirmer votre adresse email.',

src/Language/id/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'Kata sandi tidak diubah. User tidak ditemukan',
     'resetTokenExpired'         => 'Maaf, token setel ulang Anda sudah habis waktu.',
 
+    // Email Globals
+    'emailInfo'      => 'Beberapa informasi tentang seseorang:',
+    'emailIpAddress' => 'Alamat IP:',
+    'emailDevice'    => 'Perangkat:',
+    'emailDate'      => 'Tanggal:',
+
     // 2FA
     'email2FATitle'       => 'Otentikasi Dua Faktor',
     'confirmEmailAddress' => 'Alamat email konfirmasi Anda.',

src/Language/ja/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'パスワードは変更されていません。ユーザーは存在しません', // 'Password was not changed. User does not exist',
     'resetTokenExpired'         => '申し訳ありません。リセットトークンの有効期限が切れました。', // 'Sorry. Your reset token has expired.',
 
+    // Email Globals
+    'emailInfo'      => '本人に関する情報:',
+    'emailIpAddress' => 'IPアドレス:',
+    'emailDevice'    => 'デバイス:',
+    'emailDate'      => '日時:',
+
     // 2FA
     'email2FATitle'       => '二要素認証', // 'Two Factor Authentication',
     'confirmEmailAddress' => 'メールアドレスを確認してください。', // 'Confirm your email address.',

src/Language/sk/Auth.php

@@ -64,6 +64,12 @@
     'userDoesNotExist'          => 'Heslo nebolo zmenené. Používateľ neexistuje',
     'resetTokenExpired'         => 'Prepáčte. Platnosť vášho resetovacieho tokenu vypršala.',
 
+    // Email Globals
+    'emailInfo'      => 'Niektoré informácie o osobe:',
+    'emailIpAddress' => 'IP Adresa:',
+    'emailDevice'    => 'Zariadenie:',
+    'emailDate'      => 'Dátum:',
+
     // 2FA
     'email2FATitle'       => 'Dvojfaktorová autentifikácia',
     'confirmEmailAddress' => 'Potvrďte svoju e-mailovú adresu.',

src/Views/Email/email_2fa_email.php

@@ -1 +1,31 @@
-<p><?= lang('Auth.email2FAMailBody') ?> <b><?= $code ?></b></p>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<head>
+    <meta name="x-apple-disable-message-reformatting">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="format-detection" content="telephone=no, date=no, address=no, email=no">
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <title><?= lang('Auth.email2FASubject') ?></title>
+</head>
+
+<body>
+    <p><?= lang('Auth.email2FAMailBody') ?></p>
+    <div style="text-align: center">
+        <h1><?= $code ?></h1>
+    </div>
+    <table role="presentation" border="0" cellpadding="0" cellspacing="0" style="width: 100%;" width="100%">
+        <tbody>
+            <tr>
+                <td style="line-height: 20px; font-size: 20px; width: 100%; height: 20px; margin: 0;" align="left" width="100%" height="20">
+                    &#160;
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    <b><?= lang('Auth.emailInfo') ?></b>
+    <p><?= lang('Auth.emailIpAddress') ?> <?= esc($ipAddress) ?></p>
+    <p><?= lang('Auth.emailDevice') ?> <?= esc($userAgent) ?></p>
+    <p><?= lang('Auth.emailDate') ?> <?= esc($date) ?></p>
+</body>
+
+</html>

src/Views/Email/email_activate_email.php

@@ -1,3 +1,31 @@
-<p><?= lang('Auth.emailActivateMailBody') ?></p>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
-<p><?= $code ?></p>
+<head>
+    <meta name="x-apple-disable-message-reformatting">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="format-detection" content="telephone=no, date=no, address=no, email=no">
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <title><?= lang('Auth.emailActivateSubject') ?></title>
+</head>
+
+<body>
+    <p><?= lang('Auth.emailActivateMailBody') ?></p>
+    <div style="text-align: center">
+        <h1><?= $code ?></h1>
+    </div>
+    <table role="presentation" border="0" cellpadding="0" cellspacing="0" style="width: 100%;" width="100%">
+        <tbody>
+            <tr>
+                <td style="line-height: 20px; font-size: 20px; width: 100%; height: 20px; margin: 0;" align="left" width="100%" height="20">
+                    &#160;
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    <b><?= lang('Auth.emailInfo') ?></b>
+    <p><?= lang('Auth.emailIpAddress') ?> <?= esc($ipAddress) ?></p>
+    <p><?= lang('Auth.emailDevice') ?> <?= esc($userAgent) ?></p>
+    <p><?= lang('Auth.emailDate') ?> <?= esc($date) ?></p>
+</body>
+
+</html>

src/Views/Email/magic_link_email.php

@@ -1,5 +1,36 @@
-<p>
-    <a href="<?= url_to('verify-magic-link') ?>?token=<?= $token ?>">
-        <?= lang('Auth.login') ?>
-    </a>
-</p>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<head>
+    <meta name="x-apple-disable-message-reformatting">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="format-detection" content="telephone=no, date=no, address=no, email=no">
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <title><?= lang('Auth.magicLinkSubject') ?></title>
+</head>
+
+<body>
+    <table role="presentation" border="0" cellpadding="0" cellspacing="0" style="border-radius: 6px; border-collapse: separate !important;">
+        <tbody>
+            <tr>
+                <td style="line-height: 24px; font-size: 16px; border-radius: 6px; margin: 0;" align="center" bgcolor="#0d6efd">
+                    <a href="<?= url_to('verify-magic-link') ?>?token=<?= $token ?>" style="color: #ffffff; font-size: 16px; font-family: Helvetica, Arial, sans-serif; text-decoration: none; border-radius: 6px; line-height: 20px; display: inline-block; font-weight: normal; white-space: nowrap; background-color: #0d6efd; padding: 8px 12px; border: 1px solid #0d6efd;"><?= lang('Auth.login') ?></a>
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    <table role="presentation" border="0" cellpadding="0" cellspacing="0" style="width: 100%;" width="100%">
+        <tbody>
+            <tr>
+                <td style="line-height: 20px; font-size: 20px; width: 100%; height: 20px; margin: 0;" align="left" width="100%" height="20">
+                    &#160;
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    <b><?= lang('Auth.emailInfo') ?></b>
+    <p><?= lang('Auth.emailIpAddress') ?> <?= esc($ipAddress) ?></p>
+    <p><?= lang('Auth.emailDevice') ?> <?= esc($userAgent) ?></p>
+    <p><?= lang('Auth.emailDate') ?> <?= esc($date) ?></p>
+</body>
+
+</html>

tests/Controllers/ActionsTest.php

@@ -236,7 +236,7 @@ public function testEmailActivateShow(): void
             service('email')->archive['body']
         );
         $this->assertMatchesRegularExpression(
-            '!<p>[0-9]{6}</p>!',
+            '!<h1>[0-9]{6}</h1>!',
             service('email')->archive['body']
         );
     }