From 4c093e85c7457e989b22b5274f240e3ccfdab210 Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Sun, 8 May 2011 00:55:57 +0200 Subject: [PATCH] Made changes according to http://bugs.foocorp.net/issues/271#note-7 Signed-off-by: Joar Wandborg --- mediagoblin.ini | 1 + mediagoblin/app.py | 4 ++ mediagoblin/auth/views.py | 48 +++++++++++-------- mediagoblin/celery_setup/from_celery.py | 4 ++ .../mediagoblin/auth/verify_email.html | 4 +- mediagoblin/util.py | 3 +- 6 files changed, 41 insertions(+), 23 deletions(-) diff --git a/mediagoblin.ini b/mediagoblin.ini index c6dd4f76..a54eebd5 100644 --- a/mediagoblin.ini +++ b/mediagoblin.ini @@ -14,6 +14,7 @@ queuestore_base_dir = %(here)s/user_dev/media/queue publicstore_base_dir = %(here)s/user_dev/media/public publicstore_base_url = /mgoblin_media/ direct_remote_path = /mgoblin_static/ +email_sender_address = "notice@mediagoblin.org" ## Uncomment this to put some user-overriding templates here #local_templates = %(here)s/user_dev/templates/ diff --git a/mediagoblin/app.py b/mediagoblin/app.py index 59b943dd..ca3de6ca 100644 --- a/mediagoblin/app.py +++ b/mediagoblin/app.py @@ -36,6 +36,7 @@ class MediaGoblinApp(object): def __init__(self, connection, database_path, public_store, queue_store, staticdirector, + email_sender_address, user_template_path=None): # Get the template environment self.template_env = util.get_jinja_env(user_template_path) @@ -59,6 +60,7 @@ class MediaGoblinApp(object): # validators, etc, which might not access to the request # object. setup_globals( + email_sender_address=email_sender_address, db_connection=connection, database=self.db, public_store=self.public_store, @@ -139,6 +141,8 @@ def paste_app_factory(global_config, **app_config): connection, app_config.get('db_name', 'mediagoblin'), public_store=public_store, queue_store=queue_store, staticdirector=staticdirector, + email_sender_address=app_config.get('email_sender_address', + 'notice@medigoblin.org'), user_template_path=app_config.get('local_templates')) return mgoblin_app diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 79c09f5b..7468def0 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -20,6 +20,7 @@ from webob import Response, exc from mediagoblin.auth import lib as auth_lib from mediagoblin.auth import forms as auth_forms from mediagoblin.util import send_email +from mediagoblin import globals as mgoblin_globals def register(request): @@ -49,23 +50,26 @@ def register(request): # TODO: Move this setting to a better place EMAIL_SENDER_ADDRESS = 'mediagoblin@fakehost' - ''' TODO Index - Regarding sending of verification email - 1. There is no error handling in place - 2. Due to the distributed nature of GNU MediaGoblin, we should find a way to send some additional information about the specific GNU MediaGoblin instance in the subject line. For example "GNU MediaGoblin @ Wandborg - [...]". - 3. The verification link generation does not detect and adapt to access via the HTTPS protocol. - ''' - - # TODO (1) - send_email( - EMAIL_SENDER_ADDRESS, - entry['email'], - 'GNU MediaGoblin - Verify email', # TODO (2) - 'http://{host}{uri}?userid={userid}&token={verification_key}'.format( # TODO (3) - host = request.host, - uri = request.urlgen('mediagoblin.auth.verify_email'), - userid = unicode( entry['_id'] ), - verification_key = entry['verification_key'] - )) + email_template = request.template_env.get_template( + 'mediagoblin/auth/verification_email.txt') + + # TODO: There is no error handling in place + send_email( + mgoblin_globals.email_sender_address, + list(entry['email']), + # TODO + # Due to the distributed nature of GNU MediaGoblin, we should + # find a way to send some additional information about the + # specific GNU MediaGoblin instance in the subject line. For + # example "GNU MediaGoblin @ Wandborg - [...]". + 'GNU MediaGoblin - Verify email', + email_template.render( + username=entry['username'], + verification_url='http://{host}{uri}?userid={userid}&token={verification_key}'.format( + host=request.host, + uri=request.urlgen('mediagoblin.auth.verify_email'), + userid=unicode(entry['_id']), + verification_key=entry['verification_key']))) # Redirect to register_success return exc.HTTPFound( @@ -138,13 +142,19 @@ def logout(request): location=request.urlgen("index")) def verify_email(request): + """ + Email verification view + + validates GET parameters against database and unlocks the user account, if + you are lucky :) + """ import bson.objectid user = request.db.User.find_one( - {'_id': bson.objectid.ObjectId( unicode( request.GET.get('userid') ) )}) + {'_id': bson.objectid.ObjectId(unicode(request.GET.get('userid')))}) verification_successful = bool - if user and user['verification_key'] == unicode( request.GET.get('token') ): + if user and user['verification_key'] == unicode(request.GET.get('token')): user['status'] = u'active' user['email_verified'] = True verification_successful = True diff --git a/mediagoblin/celery_setup/from_celery.py b/mediagoblin/celery_setup/from_celery.py index 9bd7fe07..387538e6 100644 --- a/mediagoblin/celery_setup/from_celery.py +++ b/mediagoblin/celery_setup/from_celery.py @@ -22,6 +22,7 @@ from paste.deploy.loadwsgi import NicerConfigParser from mediagoblin import storage, models from mediagoblin.celery_setup import setup_celery_from_config from mediagoblin.globals import setup_globals +from mediagoblin import globals as mgoblin_globals OUR_MODULENAME = 'mediagoblin.celery_setup.from_celery' @@ -81,6 +82,9 @@ def setup_self(setup_globals_func=setup_globals): db_connection=connection, database=db, public_store=public_store, + email_sender_address=mgoblin_section.get( + 'email_sender_address', + 'notice@mediagoblin.org'), queue_store=queue_store) diff --git a/mediagoblin/templates/mediagoblin/auth/verify_email.html b/mediagoblin/templates/mediagoblin/auth/verify_email.html index fe9094bd..b6e6d1f8 100644 --- a/mediagoblin/templates/mediagoblin/auth/verify_email.html +++ b/mediagoblin/templates/mediagoblin/auth/verify_email.html @@ -20,9 +20,9 @@ {% block mediagoblin_content %}

{% if verification_successful %} - Your email address has been verified! + Your email address has been verified! {% else %} - The verification key or user id is incorrect + The verification key or user id is incorrect {% endif %}

{% endblock %} diff --git a/mediagoblin/util.py b/mediagoblin/util.py index 0d8bcae2..d24b59b6 100644 --- a/mediagoblin/util.py +++ b/mediagoblin/util.py @@ -163,8 +163,7 @@ def send_email(from_addr, to_addrs, subject, message_body): message = MIMEText(message_body.encode('utf-8'), 'plain', 'utf-8') message['Subject'] = subject message['From'] = from_addr - # The shorthand condition takes height for the possibility that the to_addrs argument can be either list() or string() - message['To'] = ', '.join(to_addrs) if type( to_addrs ) == list else to_addrs + message['To'] = ', '.join(to_addrs) if TESTS_ENABLED: EMAIL_TEST_INBOX.append(message) -- 2.25.1