class EditAccountForm(wtforms.Form):
- new_email = wtforms.TextField(
- _('New email address'),
- [wtforms.validators.Optional(),
- normalize_user_or_email_field(allow_user=False)])
wants_comment_notification = wtforms.BooleanField(
description=_("Email me when others comment on my media"))
license_preference = wtforms.SelectField(
[wtforms.validators.Required(),
wtforms.validators.Length(min=6, max=30)],
id="password")
+
+
+class ChangeEmailForm(wtforms.Form):
+ new_email = wtforms.TextField(
+ _('New email address'),
+ [wtforms.validators.Required(),
+ normalize_user_or_email_field(allow_user=False)])
+ password = wtforms.PasswordField(
+ _('Password'),
+ [wtforms.validators.Required()],
+ description=_(
+ "Enter your password to prove you own this account."))
'mediagoblin.edit.views:change_pass')
add_route('mediagoblin.edit.verify_email', '/edit/verify_email/',
'mediagoblin.edit.views:verify_email')
+add_route('mediagoblin.edit.email', '/edit/email/',
+ 'mediagoblin.edit.views:change_email')
user=user.username)
-def _update_email(request, form, user):
- new_email = form.new_email.data
- users_with_email = User.query.filter_by(
- email=new_email).count()
-
- if users_with_email:
- form.new_email.errors.append(
- _('Sorry, a user with that email address'
- ' already exists.'))
-
- elif not users_with_email:
- verification_key = get_timed_signer_url(
- 'mail_verification_token').dumps({
- 'user': user.id,
- 'email': new_email})
-
- rendered_email = render_template(
- request, 'mediagoblin/edit/verification.txt',
- {'username': user.username,
- 'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
- uri=request.urlgen('mediagoblin.edit.verify_email',
- qualified=True),
- verification_key=verification_key)})
-
- email_debug_message(request)
- auth_tools.send_verification_email(user, request, new_email,
- rendered_email)
+def change_email(request):
+ """ View to change the user's email """
+ form = forms.ChangeEmailForm(request.form)
+ user = request.user
+
+ # If no password authentication, no need to enter a password
+ if 'pass_auth' not in request.template_env.globals or not user.pw_hash:
+ form.__delitem__('password')
+
+ if request.method == 'POST' and form.validate():
+ new_email = form.new_email.data
+ users_with_email = User.query.filter_by(
+ email=new_email).count()
+
+ if users_with_email:
+ form.new_email.errors.append(
+ _('Sorry, a user with that email address'
+ ' already exists.'))
+
+ if user.pw_hash and not auth.check_password(
+ form.password.data, user.pw_hash):
+ form.password.errors.append(
+ _('Wrong password'))
+
+ if not form.errors:
+ verification_key = get_timed_signer_url(
+ 'mail_verification_token').dumps({
+ 'user': user.id,
+ 'email': new_email})
+
+ rendered_email = render_template(
+ request, 'mediagoblin/edit/verification.txt',
+ {'username': user.username,
+ 'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
+ uri=request.urlgen('mediagoblin.edit.verify_email',
+ qualified=True),
+ verification_key=verification_key)})
+
+ email_debug_message(request)
+ auth_tools.send_verification_email(user, request, new_email,
+ rendered_email)
+
+ return redirect(request, 'mediagoblin.edit.account')
+
+ return render_to_response(
+ request,
+ 'mediagoblin/edit/change_email.html',
+ {'form': form,
+ 'user': user})
--- /dev/null
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#}
+{% extends "mediagoblin/base.html" %}
+
+{% import "/mediagoblin/utils/wtforms.html" as wtforms_util %}
+
+{% block title -%}
+ {% trans username=user.username -%}
+ Changing {{ username }}'s email
+ {%- endtrans %} — {{ super() }}
+{%- endblock %}
+
+{% block mediagoblin_content %}
+ <form action="{{ request.urlgen('mediagoblin.edit.email') }}"
+ method="POST" enctype="multipart/form-data">
+ <div class="form_box edit_box">
+ <h1>
+ {%- trans username=user.username -%}
+ Changing {{ username }}'s email
+ {%- endtrans -%}
+ </h1>
+ {{ wtforms_util.render_divs(form, True) }}
+ {{ csrf_token }}
+ <div class="form_submit_buttons">
+ <input type="submit" value="{% trans %}Save{% endtrans %}"
+ class="button_form" />
+ </div>
+ </div>
+ </form>
+{% endblock %}
</a>
</p>
{% endif %}
+ <p>
+ <a href="{{ request.urlgen('mediagoblin.edit.email') }}">
+ {% trans %}Change your email.{% endtrans %}
+ </a>
+ </p>
{% template_hook("edit_link") %}
{{ wtforms_util.render_divs(form, True) }}
<div class="form_submit_buttons">
projects / mediagoblin.git / commitdiff