diff options
Diffstat (limited to 'mediagoblin/auth/views.py')
| -rw-r--r-- | mediagoblin/auth/views.py | 71 |
1 files changed, 68 insertions, 3 deletions
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 6b5ce88c..e9d75f8b 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -14,8 +14,11 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +import uuid + from webob import Response, exc +from mediagoblin.db.util import ObjectId from mediagoblin.auth import lib as auth_lib from mediagoblin.auth import forms as auth_forms from mediagoblin.util import send_email @@ -140,6 +143,7 @@ def logout(request): return exc.HTTPFound( location=request.urlgen("index")) + def verify_email(request): """ Email verification view @@ -147,13 +151,16 @@ def verify_email(request): validates GET parameters against database and unlocks the user account, if you are lucky :) """ - import bson.objectid + # If we don't have userid and token parameters, we can't do anything; 404 + if not request.GET.has_key('userid') or not request.GET.has_key('token'): + return exc.HTTPNotFound() + user = request.db.User.find_one( - {'_id': bson.objectid.ObjectId(unicode(request.GET.get('userid')))}) + {'_id': ObjectId(unicode(request.GET['userid']))}) verification_successful = bool - if user and user['verification_key'] == unicode(request.GET.get('token')): + if user and user['verification_key'] == unicode(request.GET['token']): user['status'] = u'active' user['email_verified'] = True verification_successful = True @@ -168,3 +175,61 @@ def verify_email(request): {'request': request, 'user': user, 'verification_successful': verification_successful})) + +def verify_email_notice(request): + """ + Verify warning view. + + When the user tries to do some action that requires their account + to be verified beforehand, this view is called upon! + """ + + template = request.template_env.get_template( + 'mediagoblin/auth/verification_needed.html') + return Response( + template.render( + {'request': request})) + + +def resend_activation(request): + """ + The reactivation view + + Resend the activation email. + """ + request.user['verification_key'] = unicode(uuid.uuid4()) + request.user.save() + + # Copied shamelessly from the register view above. + + email_template = request.template_env.get_template( + 'mediagoblin/auth/verification_email.txt') + + # TODO: There is no error handling in place + send_email( + mgoblin_globals.email_sender_address, + [request.user['email']], + # TODO + # Due to the distributed nature of GNU MediaGoblin, we should + # find a way to send some additional information about the + # specific GNU MediaGoblin instance in the subject line. For + # example "GNU MediaGoblin @ Wandborg - [...]". + 'GNU MediaGoblin - Verify email', + email_template.render( + username=request.user['username'], + verification_url='http://{host}{uri}?userid={userid}&token={verification_key}'.format( + host=request.host, + uri=request.urlgen('mediagoblin.auth.verify_email'), + userid=unicode(request.user['_id']), + verification_key=request.user['verification_key']))) + + return exc.HTTPFound( + location=request.urlgen('mediagoblin.auth.resend_verification_success')) + + +def resend_activation_success(request): + template = request.template_env.get_template( + 'mediagoblin/auth/resent_verification_email.html') + return Response( + template.render( + {'request': request})) |