3 files changed, 47 insertions, 6 deletions

diff --git a/mediagoblin/auth/routing.py b/mediagoblin/auth/routing.py
index 7a688a49..2a6abb47 100644
--- a/mediagoblin/auth/routing.py
+++ b/mediagoblin/auth/routing.py
@@ -25,4 +25,9 @@ auth_routes = [
     ('mediagoblin.auth.verify_email', '/verify_email/',
      'mediagoblin.auth.views:verify_email'),
     ('mediagoblin.auth.resend_verification', '/resend_verification/',
-     'mediagoblin.auth.views:resend_activation')]
+     'mediagoblin.auth.views:resend_activation'),
+    ('mediagoblin.auth.forgot_password', '/forgot_password/',
+     'mediagoblin.auth.views:forgot_password'),
+    ('mediagoblin.auth.verify_forgot_password',
+     '/forgot_password/verify/',
+     'mediagoblin.auth.views:verify_forgot_password')]
diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py
index ac2f6504..3e3c36f0 100644
--- a/mediagoblin/auth/tools.py
+++ b/mediagoblin/auth/tools.py
@@ -22,7 +22,6 @@ from mediagoblin.tools.mail import normalize_email, send_email
 from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
 from mediagoblin.tools.template import render_template
 from mediagoblin.tools.pluginapi import hook_handle
-from mediagoblin.tools.response import redirect
 from mediagoblin import auth
 from mediagoblin.db.models import User
 
@@ -174,3 +173,33 @@ def send_verification_email(user, request):
         # example "GNU MediaGoblin @ Wandborg - [...]".
         'GNU MediaGoblin - Verify your email!',
         rendered_email)
+
+
+EMAIL_FP_VERIFICATION_TEMPLATE = (
+    u"http://{host}{uri}?"
+    u"userid={userid}&token={fp_verification_key}")
+
+
+def send_fp_verification_email(user, request):
+    """
+    Send the verification email to users to change their password.
+
+    Args:
+    - user: a user object
+    - request: the request
+    """
+    rendered_email = render_template(
+        request, 'mediagoblin/auth/fp_verification_email.txt',
+        {'username': user.username,
+         'verification_url': EMAIL_FP_VERIFICATION_TEMPLATE.format(
+                host=request.host,
+                uri=request.urlgen('mediagoblin.auth.verify_forgot_password'),
+                userid=unicode(user.id),
+                fp_verification_key=user.fp_verification_key)})
+
+    # TODO: There is no error handling in place
+    send_email(
+        mg_globals.app_config['email_sender_address'],
+        [user.email],
+        'GNU MediaGoblin - Change forgotten password!',
+        rendered_email)
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index 5a360bd0..a21a92e9 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -15,6 +15,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import uuid
+import datetime
 
 from mediagoblin import messages, mg_globals
 from mediagoblin.db.models import User
@@ -23,7 +24,8 @@ from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.auth import lib as auth_lib
 from mediagoblin.auth import forms as auth_forms
 from mediagoblin.auth.tools import (send_verification_email,
-                                    register_user, email_debug_message)
+                                    register_user, email_debug_message,
+                                    send_fp_verification_email)
 from mediagoblin import auth
 
 
@@ -208,13 +210,17 @@ def forgot_password(request):
     Sends an email with an url to renew forgotten password.
     Use GET querystring parameter 'username' to pre-populate the input field
     """
+    if not 'pass_auth' in request.template_env.globals:
+        return redirect(request, 'index')
+
     fp_form = auth_forms.ForgotPassForm(request.form,
                                         username=request.args.get('username'))
 
     if not (request.method == 'POST' and fp_form.validate()):
         # Either GET request, or invalid form submitted. Display the template
         return render_to_response(request,
-            'mediagoblin/auth/forgot_password.html', {'fp_form': fp_form})
+            'mediagoblin/auth/forgot_password.html', {'fp_form': fp_form,
+                                                      'focus': 'username'})
 
     # If we are here: method == POST and form is valid. username casing
     # has been sanitized. Store if a user was found by email. We should
@@ -310,7 +316,8 @@ def verify_forgot_password(request):
             return render_to_response(
                 request,
                 'mediagoblin/auth/change_fp.html',
-                {'cp_form': cp_form})
+                {'cp_form': cp_form,
+                 'focus': 'password'})
 
     # in case there is a valid id but no user with that id in the db
     # or the token expired
@@ -334,6 +341,6 @@ def _process_for_token(request):
     formdata = {
         'vars': formdata_vars,
         'has_userid_and_token':
-        'userid' in formdata_vars and 'token' in formdata_vars}
+            'userid' in formdata_vars and 'token' in formdata_vars}
 
     return formdata