Merge branch 'send-msg-if-two-factor-disabled' of github.com:andresrcom/lila into andresrcom-send-msg-if-two-factor-disabled

* 'send-msg-if-two-factor-disabled' of github.com:andresrcom/lila:
  sending to streamers, coaches and teachers periodic notifications when two-factor authentication is disabled

app/controllers/Clas.scala

@@ -13,7 +13,8 @@ import lila.user.Holder
 final class Clas(
     env: Env,
     authC: Auth
-) extends LilaController(env) {
+) extends LilaController(env)
+    with TwoFactorReminder {
 
   def index =
     Open { implicit ctx =>
@@ -22,6 +23,7 @@ final class Clas(
           case _ if getBool("home") => renderHome
           case None                 => renderHome
           case Some(me) if isGranted(_.Teacher) && !me.lameOrTroll =>
+            sendMsgIfTwoFactorDisabled(me.id)
             env.clas.api.clas.of(me) map { classes =>
               Ok(views.html.clas.clas.teacherIndex(classes))
             }

app/controllers/Coach.scala

@@ -8,7 +8,7 @@ import lila.coach.{ Coach => CoachModel, CoachProfileForm, CoachPager }
 import views._
 import lila.user.Countries
 
-final class Coach(env: Env) extends LilaController(env) {
+final class Coach(env: Env) extends LilaController(env) with TwoFactorReminder {
 
   private def api = env.coach.api
 
@@ -100,6 +100,7 @@ final class Coach(env: Env) extends LilaController(env) {
 
   def edit =
     Secure(_.Coach) { implicit ctx => me =>
+      sendMsgIfTwoFactorDisabled(me.id)
       OptionFuResult(api findOrInit me) { c =>
         api.reviews.pendingByCoach(c.coach) map { reviews =>
           NoCache(Ok(html.coach.edit(c, CoachProfileForm edit c.coach, reviews)))

app/controllers/Streamer.scala

@@ -11,7 +11,8 @@ import lila.streamer.{ Streamer => StreamerModel, StreamerForm }
 final class Streamer(
     env: Env,
     apiC: => Api
-) extends LilaController(env) {
+) extends LilaController(env)
+    with TwoFactorReminder {
 
   private def api = env.streamer.api
 
@@ -111,6 +112,7 @@ final class Streamer(
   def edit =
     Auth { implicit ctx => _ =>
       AsStreamer { s =>
+        sendMsgIfTwoFactorDisabled(s.user.id)
         env.streamer.liveStreamApi of s flatMap { sws =>
           modData(s.streamer) map { forMod =>
             NoCache(Ok(html.streamer.edit(sws, StreamerForm userForm sws.streamer, forMod)))

app/controllers/TwoFactorReminder.scala

@@ -0,0 +1,35 @@
+package controllers
+
+import scala.concurrent.duration._
+
+import lila.msg.MsgPreset
+import lila.user.User
+
+private[controllers] trait TwoFactorReminder { self: LilaController =>
+
+  private val mongoCache = env.memo.mongoCacheApi
+  private val userRepo   = env.user.repo
+  private val msgApi     = env.msg.api
+
+  private val cache = mongoCache[User.ID, Boolean](
+    65536,
+    "security:2fa",
+    119 hours,
+    identity
+  ) { loader =>
+    _.expireAfterWrite(120 hour)
+      .buildAsyncFuture {
+        loader { userId =>
+          userRepo byId userId map2 { user =>
+            if (user.totpSecret.isEmpty) {
+              msgApi.postPreset(user.id, MsgPreset.enableTwoFactor)
+              false
+            } else true
+          } map (_.getOrElse(false))
+        }
+      }
+  }
+
+  def sendMsgIfTwoFactorDisabled(userId: User.ID) = cache.get(userId)
+
+}

modules/msg/src/main/MsgPreset.scala

@@ -29,6 +29,12 @@ If this behaviour continues to happen, your account will be restricted."""
 This can be very annoying for your opponents. If this behavior continues to happen, we may be forced to terminate your account."""
   )
 
+  lazy val enableTwoFactor = MsgPreset(
+    name = "Enable two-factor authentication",
+    text =
+      """Please enable two-factor authentication to secure your account at https://lichess.org/account/twofactor"""
+  )
+
   def maxFollow(username: Username, max: Int) =
     MsgPreset(
       name = "Follow limit reached!",