From 84a7e7706c8b1239f8fd52c604afbb10c776ac04 Mon Sep 17 00:00:00 2001
From: Aaron Williamson <aaron@copiesofcopies.org>
Date: Sat, 1 Oct 2011 19:49:56 -0400
Subject: Display and error and redirect to login page if unauthenticated user
 tries to access resend_verification.

---
 mediagoblin/auth/views.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'mediagoblin/auth')

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index b6f38fec..d91a1f25 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -21,7 +21,7 @@ from webob import exc
 
 from mediagoblin import messages
 from mediagoblin import mg_globals
-from mediagoblin.util import render_to_response, redirect, render_404
+from mediagoblin.util import render_to_response, redirect, render_404, setup_user_in_request
 from mediagoblin.util import pass_to_ugettext as _
 from mediagoblin.db.util import ObjectId, InvalidId
 from mediagoblin.auth import lib as auth_lib
@@ -195,9 +195,18 @@ def resend_activation(request):
 
     Resend the activation email.
     """
+
+    if not request.GET.has_key('userid') or not request.GET.has_key('token'):
+        messages.add_message(
+            request,
+            messages.ERROR,
+            _('You must be logged in so we know who to send the email to!'))
+        
+        return redirect(request, "/auth/login")
+
     request.user[u'verification_key'] = unicode(uuid.uuid4())
     request.user.save()
-
+    
     email_debug_message(request)
     send_verification_email(request.user, request)
 
-- 
cgit v1.2.3


From 3b74ce94ff90e0bd5b214891becb62a6fc503434 Mon Sep 17 00:00:00 2001
From: Aaron Williamson <aaron@copiesofcopies.org>
Date: Mon, 3 Oct 2011 19:59:28 -0400
Subject: Check request.user to determine if user is logged in.

---
 mediagoblin/auth/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'mediagoblin/auth')

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index d91a1f25..fdc5aec8 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -196,7 +196,7 @@ def resend_activation(request):
     Resend the activation email.
     """
 
-    if not request.GET.has_key('userid') or not request.GET.has_key('token'):
+    if request.user is None:
         messages.add_message(
             request,
             messages.ERROR,
-- 
cgit v1.2.3


From 7903a14f986b5bf37a45d5ec3b156c21a1cada72 Mon Sep 17 00:00:00 2001
From: Aaron Williamson <aaron@copiesofcopies.org>
Date: Mon, 3 Oct 2011 20:25:11 -0400
Subject: Make sure user isn't already verified before resending verification.

---
 mediagoblin/auth/views.py | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'mediagoblin/auth')

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index 798fae25..dc4c540b 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -196,6 +196,14 @@ def resend_activation(request):
     Resend the activation email.
     """
 
+    if request.user["email_verified"]:
+        messages.add_message(
+            request,
+            messages.ERROR,
+            _("You've already verified your email address!"))
+        
+        return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
+
     if request.user is None:
         messages.add_message(
             request,
-- 
cgit v1.2.3


From 2fe6991660cd1a20f9117b0cdc88431085eb7490 Mon Sep 17 00:00:00 2001
From: Aaron Williamson <aaron@copiesofcopies.org>
Date: Mon, 3 Oct 2011 20:28:48 -0400
Subject: Reverse order of sanity checks: check email_verified after making
 sure there's a user in the request.

---
 mediagoblin/auth/views.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'mediagoblin/auth')

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index dc4c540b..d8c441ef 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -196,21 +196,21 @@ def resend_activation(request):
     Resend the activation email.
     """
 
-    if request.user["email_verified"]:
+    if request.user is None:
         messages.add_message(
             request,
             messages.ERROR,
-            _("You've already verified your email address!"))
+            _('You must be logged in so we know who to send the email to!'))
         
-        return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
+        return redirect(request, "/auth/login")
 
-    if request.user is None:
+    if request.user["email_verified"]:
         messages.add_message(
             request,
             messages.ERROR,
-            _('You must be logged in so we know who to send the email to!'))
+            _("You've already verified your email address!"))
         
-        return redirect(request, "/auth/login")
+        return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
 
     request.user[u'verification_key'] = unicode(uuid.uuid4())
     request.user.save()
-- 
cgit v1.2.3