{satellite/console,web/satellite}: change invite text in register page

This change removes the project name and inviter name from the registration page's invitation text in order to prevent phishing attempts using these values from succeeding. Resolves storj-private#431 Change-Id: I08636d712b6b273d484cf0594d395c9d7c02ebfa
2023-09-26 14:18:41 -05:00 · 2023-09-26 14:18:41 -05:00 · ae91fa3ce4
commit ae91fa3ce4
parent 9587e09c78
3 changed files with 3 additions and 18 deletions
--- a/satellite/console/consoleweb/server.go
+++ b/satellite/console/consoleweb/server.go
@ -921,24 +921,11 @@ func (server *Server) handleInvited(w http.ResponseWriter, r *http.Request) {
 			server.serveError(w, http.StatusInternalServerError)
 			return
 		}
-		name := inviter.ShortName
-		if name == "" {
-			name = inviter.FullName
-		}
-		params.Add("inviter", name)
 		params.Add("inviter_email", inviter.Email)

 		server.analytics.TrackInviteLinkClicked(inviter.Email, invite.Email)
 	}

-	proj, err := server.service.GetProjectNoAuth(ctx, invite.ProjectID)
-	if err != nil {
-		server.log.Error("error getting invitation project", zap.Error(err))
-		server.serveError(w, http.StatusInternalServerError)
-		return
-	}
-	params.Add("project", proj.Name)
-
 	http.Redirect(w, r, server.config.ExternalAddress+"signup?"+params.Encode(), http.StatusTemporaryRedirect)
 }

--- a/satellite/console/consoleweb/server_test.go
+++ b/satellite/console/consoleweb/server_test.go
@ -138,7 +138,7 @@ func TestInvitedRouting(t *testing.T) {

 		// Valid invite for nonexistent user should redirect to registration page with
 		// query parameters containing invitation information.
-		params := "email=invited%40mail.test&inviter=Project+Owner&inviter_email=owner%40mail.test&project=Test+Project"
+		params := "email=invited%40mail.test&inviter_email=owner%40mail.test"
 		checkInvitedRedirect("Invited - Nonexistent user", baseURL+"signup?"+params, token)

 		_, err = sat.AddUser(ctx, console.CreateUser{
--- a/web/satellite/src/views/registration/RegisterArea.vue
+++ b/web/satellite/src/views/registration/RegisterArea.vue
@ -90,7 +90,7 @@
                        </div>
                    </div>
                    <p v-if="isInvited" class="register-area__input-area__container__invitation-text">
-                        {{ inviterName }} ({{ inviterEmail }}) has invited you to the project {{ projectName }} on Storj. Create an account on the {{ satelliteName }} region to join {{ inviterName }} in the project.
+                        {{ inviterEmail }} has invited you to a project on Storj. Create an account on the {{ satelliteName }} region to join it.
                    </p>
                    <div class="register-area__input-area__toggle__container">
                        <ul class="register-area__input-area__toggle__wrapper">
@ -331,9 +331,7 @@ const viewConfig = ref<ViewConfig | null>(null);
 const secret = queryRef('token');

 const email = queryRef('email');
-const inviterName = queryRef('inviter');
 const inviterEmail = queryRef('inviter_email');
-const projectName = queryRef('project');

 const isTermsAccepted = ref(false);
 const password = ref('');
@ -542,7 +540,7 @@ const partneredSatellites = computed((): PartneredSatellite[] => {
 * redirected from a project invitation link.
 */
 const isInvited = computed((): boolean => {
-    return !!inviterName.value && !!inviterEmail.value && !!projectName.value && !!email.value;
+    return !!inviterEmail.value && !!email.value;
 });

 /**