Anonymous committed 9c6013f

#367 add email verification on email change

Comments (0)

Files changed (5)


     if 'username' in request.values and 'token' in request.values:
         u = user.User(auth_username=request.values['username'])
         token = request.values['token']
-    if u and u.disabled and token and u.validate_recovery_token(token):
-        u.profile[DISABLED] = False
+    success = False
+    if u and token and u.validate_recovery_token(token):
+        unvalidated_email = u.profile[EMAIL_UNVALIDATED]
+        if (app.cfg.user_email_unique and
+            user.search_users(**{EMAIL: unvalidated_email})):
+            msg = _('This email is already in use.')
+        else:
+            if u.disabled:
+                u.profile[DISABLED] = False
+                msg = _('Your account has been activated, you can log in now.')
+            else:
+                msg = _('Your new email address has been confirmed.')
+            u.profile[EMAIL] = unvalidated_email
+            del u.profile[EMAIL_UNVALIDATED]
+            del u.profile[RECOVERPASS_KEY]
+            success = True
+    else:
+        msg = _('Your username and/or token is invalid!')
+    if success:
-        flash(_("Your account has been activated, you can log in now."), "info")
+        flash(msg, 'info')
-        flash(_('Your username and/or token is invalid!'), "error")
+        flash(msg, 'error')
     return redirect(url_for('.show_root'))
                             flaskg.user.profile[k] = v
                         if (part == 'notification' and app.cfg.user_email_verification and
                             form['email'].value != user_old_email):
-                            # disable account
-                            flaskg.user.profile[DISABLED] = True
+                            flaskg.user.profile[EMAIL] = user_old_email
+                            flaskg.user.profile[EMAIL_UNVALIDATED] = form['email'].value
                             # send verification mail
                             is_ok, msg = flaskg.user.mail_email_verification()
                             if is_ok:
-                                flaskg.user.logout_session()
-                                response['flash'].append((_('Your account has been disabled because you changed your '
-                                                            'email address. Please see the email we sent to your '
-                                                            'address to reactivate it.'), "info"))
+                                response['flash'].append(
+                                    (_('A confirmation email has been sent to your '
+                                       'newly configured email address.'), "info"))
                                 response['redirect'] = url_for('.show_root')
-                                # sending the verification email didn't work. reset email change and alert the user.
-                                flaskg.user.profile[DISABLED] = False
-                                flaskg.user.profile[EMAIL] = user_old_email
+                                # sending the verification email didn't work.
+                                # delete the unvalidated email and alert the user.
+                                del flaskg.user.profile[EMAIL_UNVALIDATED]
                                 response['flash'].append((_('Your email address was not changed because sending the '
                                                             'verification email failed. Please try again later.'),


             RESULTS_PER_PAGE: 0,
             LOCALE: None,  # None -> do browser language detection, otherwise just use this locale
             TIMEZONE: None,  # None -> use cfg.timezone_default
+            EMAIL_UNVALIDATED: None,
         }, 'Default attributes of the user object'),
     # ==========================================================================


 QUICKLINKS = u"quicklinks"
 SESSION_KEY = u"session_key"
 SESSION_TOKEN = u"session_token"
-RECOVERPASS_KEY = u"recoverpass_key"
+RECOVERPASS_KEY = u"recoverpass_key"  # TODO: this is used for email confirmation as well, maybe it needs better name
 EDIT_ON_DOUBLECLICK = u"edit_on_doubleclick"
 SCROLL_PAGE_AFTER_EDIT = u"scroll_page_after_edit"
 SHOW_COMMENTS = u"show_comments"
 WANT_TRIVIAL = u"want_trivial"
 EMAIL_SUBSCRIBED_EVENTS = u"email_subscribed_events"
 DISABLED = u"disabled"
+EMAIL_UNVALIDATED = u"email_unvalidated"
 # in which backend is some revision stored?
 BACKENDNAME = u"backendname"


 {{ _("""\
-Somebody has created an account with this email address.
+An account with this email address has been created or
+an existing account has been changed to use this email address.
 Please use the link below to verify your email address:
-If you didn't create this account, please ignore this email.
+Please ignore this email if you didn't initiate this action.
-""", link=link) }}
+""", link=link) }}
     if validate and email and app.cfg.user_email_unique:
         if search_users(email=email):
             return _("This email already belongs to somebody else.")
-    theuser.profile[EMAIL] = email
+        theuser.profile[EMAIL_UNVALIDATED] = email
+    else:
+        theuser.profile[EMAIL] = email
     # Openid should be unique
     if validate and openid and search_users(openid=openid):
         subject = _('[%(sitename)s] Please verify your email address',
                     sitename=self._cfg.sitename or "Wiki")
-        mailok, msg = sendmail.sendmail(subject, text, to=[], mail_from=self._cfg.mail_from)
+        email = self.profile[EMAIL_UNVALIDATED]
+        mailok, msg = sendmail.sendmail(subject, text, to=[email], mail_from=self._cfg.mail_from)
         return mailok, msg
+        self._mail_email_verification(
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.