1 files changed, 46 insertions, 10 deletions

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index f67f0588..d01861d1 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -21,8 +21,8 @@ from webob import exc
 
 from mediagoblin import messages
 from mediagoblin import mg_globals
-from mediagoblin.util import render_to_response, redirect, render_404
-from mediagoblin.util import pass_to_ugettext as _
+from mediagoblin.tools.response import render_to_response, redirect, render_404
+from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.db.util import ObjectId, InvalidId
 from mediagoblin.auth import lib as auth_lib
 from mediagoblin.auth import forms as auth_forms
@@ -30,6 +30,19 @@ from mediagoblin.auth.lib import send_verification_email, \
                                  send_fp_verification_email
 
 
+def email_debug_message(request):
+    """
+    If the server is running in email debug mode (which is
+    the current default), give a debug message to the user
+    so that they have an idea where to find their email.
+    """
+    if mg_globals.app_config['email_debug_mode']:
+        # DEBUG message, no need to translate
+        messages.add_message(request, messages.DEBUG,
+            u"This instance is running in email debug mode. "
+            u"The email will be on the console of the server process.")
+
+
 def register(request):
     """
     Your classic registration view!
@@ -61,7 +74,7 @@ def register(request):
             extra_validation_passes = False
         if users_with_email:
             register_form.email.errors.append(
-                _(u'Sorry, that email address has already been taken.'))
+                _(u'Sorry, a user with that email address already exists.'))
             extra_validation_passes = False
 
         if extra_validation_passes:
@@ -74,10 +87,11 @@ def register(request):
             user.save(validate=True)
 
             # log the user in
-            request.session['user_id'] = unicode(user['_id'])
+            request.session['user_id'] = unicode(user._id)
             request.session.save()
 
             # send verification email
+            email_debug_message(request)
             send_verification_email(user, request)
 
             # redirect the user to their homepage... there will be a
@@ -108,7 +122,7 @@ def login(request):
 
         if user and user.check_login(request.POST['password']):
             # set up login in session
-            request.session['user_id'] = unicode(user['_id'])
+            request.session['user_id'] = unicode(user._id)
             request.session.save()
 
             if request.POST.get('next'):
@@ -146,7 +160,7 @@ def verify_email(request):
     you are lucky :)
     """
     # If we don't have userid and token parameters, we can't do anything; 404
-    if not request.GET.has_key('userid') or not request.GET.has_key('token'):
+    if not 'userid' in request.GET or not 'token' in request.GET:
         return render_404(request)
 
     user = request.db.User.find_one(
@@ -181,9 +195,27 @@ def resend_activation(request):
 
     Resend the activation email.
     """
+
+    if request.user is None:
+        messages.add_message(
+            request,
+            messages.ERROR,
+            _('You must be logged in so we know who to send the email to!'))
+        
+        return redirect(request, 'mediagoblin.auth.login')
+
+    if request.user["email_verified"]:
+        messages.add_message(
+            request,
+            messages.ERROR,
+            _("You've already verified your email address!"))
+        
+        return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
+
     request.user[u'verification_key'] = unicode(uuid.uuid4())
     request.user.save()
-
+    
+    email_debug_message(request)
     send_verification_email(request.user, request)
 
     messages.add_message(
@@ -204,6 +236,11 @@ def forgot_password(request):
     fp_form = auth_forms.ForgotPassForm(request.POST)
 
     if request.method == 'POST' and fp_form.validate():
+
+        # Here, so it doesn't depend on the actual mail being sent
+        # and thus doesn't reveal, wether mail was sent.
+        email_debug_message(request)
+
         # '$or' not available till mongodb 1.5.3
         user = request.db.User.find_one(
             {'username': request.POST['username']})
@@ -233,8 +270,7 @@ def forgot_password(request):
                     request, 'mediagoblin.user_pages.user_home',
                     user=user['username'])
 
-
-        # do not reveal whether or not there is a matching user, just move along
+        # do not reveal whether or not there is a matching user
         return redirect(request, 'mediagoblin.auth.fp_email_sent')
 
     return render_to_response(
@@ -308,6 +344,6 @@ def _process_for_token(request):
     formdata = {
         'vars': formdata_vars,
         'has_userid_and_token':
-            formdata_vars.has_key('userid') and formdata_vars.has_key('token')}
+            'userid' in formdata_vars and 'token' in formdata_vars}
 
     return formdata