New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Show user invite link when inviting user #19625
Comments
This issue has been mentioned on Matomo forums. There might be relevant details there: |
I would suggest to maybe add a new config flag for this. Having it enabled will show the invite links instead of sending an email at all. Having the possibility to show an invite link on all instances might otherwise make it a bit less secure I guess. |
@Javi-Ormaechea will look at this and come back with a design solution by end of tomorrow. @justinvelluppillai he will be in touch with questions. |
A solution was created for this issue. Please get in touch with me to get file, thanks! 🙂 |
ah, I finished the UI, but I found some tech difficulty. Because once the token is generated (which saved hash string into the database), it can’t be reviewed again (one-way trip), only in the target emails. The only way to get the token again is to regenerate a new one. discuss with @justinvelluppillai and @bx80, maybe we can merge the send invite and copy link to one button. Or add a new table structure to allow multiple tokens for one user ( which requires quite a few changes). Or save an un hashed token into the database. |
Personally I would suggest to give the admin the possibility to either send an email or to show the invite link. Maybe we could also add a config option that allows configuring which options are available. As viewing the invite link is a bit less secure, some people might want to disable it maybe. Also I think it's totally fine if the token can only be seen once (if the UI explains that clearly). |
@sgiehl that makes sense, @justinvelluppillai @bx80 I was wondering about a simple solution. once the admin creates or resends invites, it will show a green notification on the top, I was wondering if just add a copy link button in the notification. |
@peterhashair Maybe it would be good to discuss updating the original UI design with @Javi-Ormaechea? |
yes good idea - @peterhashair can you please reach out to @Javi-Ormaechea to discuss the changed requirements so he can advise on UI? |
Hey @tsteur, just checking security here is that ok to store an invite token into the database without hashing it? Because we need to copy the invite link after the token has been generated. |
Good question @peterhashair . Ideally we would hash it and don't store it in plain text. Is there a chance we could change it to "Generate a link" and mention that this will basically invalidate any previously sent link in an email? Then we wouldn't need to store this in plain text. Or maybe we could have two tokens? One from the email and one generated when clicking on "generate a link" or something? |
thanks @tsteur another database field makes more sense. |
As I go, I found the
|
Sorry to bother, @tsteur I got a security question here because we using javascript code |
@peterhashair that could be an issue indeed if another site could read that invite link. Is it possible to use an alternative like |
@tsteur I think this function is deprecated, personally, I think copying the password or token link is not a very good practice. Maybe We can either show the link as a string like AWS did or we could remove copy link, but add |
Interesting, then we might at some point also need to adjust other places where we are using this currently. Note that I'm just seeing this clipboard API only works on HTTPS meaning we might still need to fallback to I've just reproduced this and the browser does seem to ask you for permission when you want to |
@tsteur |
@peterhashair Maybe something like https://github.com/sudodoki/copy-to-clipboard/blob/master/index.js#L79-L83 could work (see below)? And it could be also be combined with if (document.queryCommandEnabled) { var isAvailable = document.queryCommandEnabled("copy")}
if (isAvailable && !document.execCommand) { ... }
try {
var successful = document.execCommand("copy");
if (!successful) {
throw new Error("copy command was unsuccessful");
}
success = true;
} catch (err) {
// fallback
} If this doesn't work then we may have to use |
At the moment the only way to invite a user is by letting Matomo send an E-Mail to them. But a ton of people have broken E-Mail setups. Either their mail server isn't properly set up with DKIM, etc. and all mails are rejected as SPAM or they don't really have a mail server or they are using some wonky SMTP setup via gmail (which can break for all kinds of Google changes).
Before that didn't really matter as unless you need E-Mail reports, you are only missing out on some things (mostly password reset and security notifications).
But now with the invite feature Matomo becomes completely unusable unless your Matomo instance is able to successfully and reliably send E-Mails. And I am sure that will trip up and frustrate a lot of newer Matomo uses.
One simple solution would be to display the user invite link that is sent to the new user also to the admin when doing the invite. This also allows the admin to also send the link via other ways than E-Mail and allows people to easily circumvent the invite feature (assuming it works when already signed in).
The text was updated successfully, but these errors were encountered: