Add email verification.
This commit is contained in:
parent
aa7f27604f
commit
a274df85ee
1 changed files with 69 additions and 6 deletions
|
@ -131,7 +131,7 @@ class UserView(validators.Schema):
|
||||||
class UserEdit(validators.Schema):
|
class UserEdit(validators.Schema):
|
||||||
targetname = KnownUser
|
targetname = KnownUser
|
||||||
|
|
||||||
def generate_password(password=None, length=14):
|
def generate_password(password=None, length=16):
|
||||||
''' Generate Password '''
|
''' Generate Password '''
|
||||||
secret = {} # contains both hash and password
|
secret = {} # contains both hash and password
|
||||||
|
|
||||||
|
@ -154,6 +154,13 @@ def generate_salt(length=8):
|
||||||
salt += random.choice(chars)
|
salt += random.choice(chars)
|
||||||
return salt
|
return salt
|
||||||
|
|
||||||
|
def generate_token(length=32):
|
||||||
|
chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
|
||||||
|
token = ''
|
||||||
|
for i in xrange(length):
|
||||||
|
token += random.choice(chars)
|
||||||
|
return token
|
||||||
|
|
||||||
class User(controllers.Controller):
|
class User(controllers.Controller):
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
|
@ -242,6 +249,7 @@ class User(controllers.Controller):
|
||||||
target = targetname
|
target = targetname
|
||||||
person = People.by_username(username)
|
person = People.by_username(username)
|
||||||
target = People.by_username(target)
|
target = People.by_username(target)
|
||||||
|
emailflash = ''
|
||||||
|
|
||||||
if not canEditUser(person, target):
|
if not canEditUser(person, target):
|
||||||
turbogears.flash(_("You do not have permission to edit '%s'") % target.username)
|
turbogears.flash(_("You do not have permission to edit '%s'") % target.username)
|
||||||
|
@ -250,10 +258,22 @@ class User(controllers.Controller):
|
||||||
try:
|
try:
|
||||||
target.human_name = human_name
|
target.human_name = human_name
|
||||||
if target.email != email:
|
if target.email != email:
|
||||||
''' Log this '''
|
token = generate_token()
|
||||||
oldEmail = target.email
|
target.unverified_email = email
|
||||||
Log(author_id=person.id, description='Email changed from %s to %s' % (oldEmail, email))
|
target.emailtoken = token
|
||||||
target.email = email
|
message = turbomail.Message(config.get('accounts_email'), email, _('Email Change Requested for %s') % person.username)
|
||||||
|
# TODO: Make this email friendlier.
|
||||||
|
message.plain = _('''
|
||||||
|
You have recently requested to change your Fedora Account System email
|
||||||
|
to this address. To complete the email change, you must confirm your
|
||||||
|
ownership of this email by visiting the following URL (you will need to
|
||||||
|
login with your Fedora account first):
|
||||||
|
|
||||||
|
https://admin.fedoraproject.org/accounts/user/verifyemail/%s
|
||||||
|
''') % token
|
||||||
|
emailflash = _(' Your email ')
|
||||||
|
|
||||||
|
turbomail.enqueue(message)
|
||||||
target.ircnick = ircnick
|
target.ircnick = ircnick
|
||||||
target.gpg_keyid = gpg_keyid
|
target.gpg_keyid = gpg_keyid
|
||||||
target.telephone = telephone
|
target.telephone = telephone
|
||||||
|
@ -266,7 +286,7 @@ class User(controllers.Controller):
|
||||||
except TypeError:
|
except TypeError:
|
||||||
turbogears.flash(_('Your account details could not be saved: %s') % e)
|
turbogears.flash(_('Your account details could not be saved: %s') % e)
|
||||||
else:
|
else:
|
||||||
turbogears.flash(_('Your account details have been saved.'))
|
turbogears.flash(_('Your account details have been saved.') + ' ' + emailflash)
|
||||||
turbogears.redirect("/user/view/%s" % target.username)
|
turbogears.redirect("/user/view/%s" % target.username)
|
||||||
return dict(target=target)
|
return dict(target=target)
|
||||||
|
|
||||||
|
@ -304,6 +324,49 @@ class User(controllers.Controller):
|
||||||
emails[person.username] = person.email
|
emails[person.username] = person.email
|
||||||
return dict(emails=emails)
|
return dict(emails=emails)
|
||||||
|
|
||||||
|
@identity.require(turbogears.identity.not_anonymous())
|
||||||
|
@expose(template='fas.templates.user.verifyemail')
|
||||||
|
def verifyemail(self, token):
|
||||||
|
username = turbogears.identity.current.user_name
|
||||||
|
person = People.by_username(username)
|
||||||
|
if not person.unverified_email:
|
||||||
|
turbogears.flash(_('You do not have any pending email changes.'))
|
||||||
|
turbogears.redirect('/user/view/%s' % username)
|
||||||
|
return dict()
|
||||||
|
if person.emailtoken and (person.emailtoken != token):
|
||||||
|
person.emailtoken = ''
|
||||||
|
turbogears.flash(_('Invalid email change token.'))
|
||||||
|
turbogears.redirect('/user/view/%s' % username)
|
||||||
|
return dict()
|
||||||
|
return dict(person=person, token=token)
|
||||||
|
|
||||||
|
@identity.require(turbogears.identity.not_anonymous())
|
||||||
|
@expose(template='fas.templates.user.verifyemail')
|
||||||
|
def setemail(self, token, confirmation=None):
|
||||||
|
username = turbogears.identity.current.user_name
|
||||||
|
person = People.by_username(username)
|
||||||
|
if not person.unverified_email:
|
||||||
|
turbogears.flash(_('You do not have any pending email changes.'))
|
||||||
|
turbogears.redirect('/user/view/%s' % username)
|
||||||
|
return dict()
|
||||||
|
if person.emailtoken and (person.emailtoken != token):
|
||||||
|
person.emailtoken = ''
|
||||||
|
turbogears.flash(_('Invalid email change token.'))
|
||||||
|
turbogears.redirect('/user/view/%s' % username)
|
||||||
|
return dict()
|
||||||
|
if confirmation:
|
||||||
|
''' Log this '''
|
||||||
|
oldEmail = person.email
|
||||||
|
person.email = person.unverified_email
|
||||||
|
Log(author_id=person.id, description='Email changed from %s to %s' % (oldEmail, person.email))
|
||||||
|
person.unverified_email = ''
|
||||||
|
session.flush()
|
||||||
|
turbogears.flash(_('You have successfully changed your email to \'%s\'') % person.email)
|
||||||
|
turbogears.redirect('/user/view/%s' % username)
|
||||||
|
else:
|
||||||
|
turbogears.flash(_('Your pending email change has been canceled. The email change token has been invalidated.') % person.email)
|
||||||
|
turbogears.redirect('/user/view/%s' % username)
|
||||||
|
|
||||||
@expose(template='fas.templates.user.new')
|
@expose(template='fas.templates.user.new')
|
||||||
def new(self):
|
def new(self):
|
||||||
if turbogears.identity.not_anonymous():
|
if turbogears.identity.not_anonymous():
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue