Merge remote-tracking branch 'gitorious/master'

mediagoblin/auth/routing.py

@@ -26,4 +26,11 @@ auth_routes = [
     Route('mediagoblin.auth.logout', '/logout/',
           controller='mediagoblin.auth.views:logout'),
     Route('mediagoblin.auth.verify_email', '/verify_email/',
-          controller='mediagoblin.auth.views:verify_email')]
+          controller='mediagoblin.auth.views:verify_email'),
+    Route('mediagoblin.auth.verify_email_notice', '/verification_required/',
+          controller='mediagoblin.auth.views:verify_email_notice'),
+    Route('mediagoblin.auth.resend_verification', '/resend_verification/',
+          controller='mediagoblin.auth.views:resend_activation'),
+    Route('mediagoblin.auth.resend_verification_success',
+          '/resend_verification_success/',
+          controller='mediagoblin.auth.views:resend_activation_success')]

mediagoblin/auth/views.py

@@ -14,8 +14,11 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+import uuid
+
 from webob import Response, exc
 
+from mediagoblin.db.util import ObjectId
 from mediagoblin.auth import lib as auth_lib
 from mediagoblin.auth import forms as auth_forms
 from mediagoblin.util import send_email
@@ -140,6 +143,7 @@ def logout(request):
     return exc.HTTPFound(
         location=request.urlgen("index"))
 
+
 def verify_email(request):
     """
     Email verification view
@@ -147,13 +151,16 @@ def verify_email(request):
     validates GET parameters against database and unlocks the user account, if
     you are lucky :)
     """
-    import bson.objectid
+    # If we don't have userid and token parameters, we can't do anything; 404
+    if not request.GET.has_key('userid') or not request.GET.has_key('token'):
+        return exc.HTTPNotFound()
+
     user = request.db.User.find_one(
-        {'_id': bson.objectid.ObjectId(unicode(request.GET.get('userid')))})
+        {'_id': ObjectId(unicode(request.GET['userid']))})
 
     verification_successful = bool
 
-    if user and user['verification_key'] == unicode(request.GET.get('token')):
+    if user and user['verification_key'] == unicode(request.GET['token']):
         user['status'] = u'active'
         user['email_verified'] = True
         verification_successful = True
@@ -168,3 +175,61 @@ def verify_email(request):
             {'request': request,
              'user': user,
              'verification_successful': verification_successful}))
+
+def verify_email_notice(request):
+    """
+    Verify warning view.
+
+    When the user tries to do some action that requires their account
+    to be verified beforehand, this view is called upon!
+    """
+
+    template = request.template_env.get_template(
+        'mediagoblin/auth/verification_needed.html')
+    return Response(
+        template.render(
+            {'request': request}))
+
+
+def resend_activation(request):
+    """
+    The reactivation view
+
+    Resend the activation email.
+    """
+    request.user['verification_key'] = unicode(uuid.uuid4())
+    request.user.save()
+
+    # Copied shamelessly from the register view above.
+
+    email_template = request.template_env.get_template(
+        'mediagoblin/auth/verification_email.txt')
+
+    # TODO: There is no error handling in place
+    send_email(
+        mgoblin_globals.email_sender_address,
+        [request.user['email']],
+        # TODO
+        # Due to the distributed nature of GNU MediaGoblin, we should
+        # find a way to send some additional information about the 
+        # specific GNU MediaGoblin instance in the subject line. For 
+        # example "GNU MediaGoblin @ Wandborg - [...]".   
+        'GNU MediaGoblin - Verify email',
+        email_template.render(
+            username=request.user['username'],
+            verification_url='http://{host}{uri}?userid={userid}&token={verification_key}'.format(
+                host=request.host,
+                uri=request.urlgen('mediagoblin.auth.verify_email'),
+                userid=unicode(request.user['_id']),
+                verification_key=request.user['verification_key'])))
+
+    return exc.HTTPFound(
+        location=request.urlgen('mediagoblin.auth.resend_verification_success'))
+
+
+def resend_activation_success(request):
+    template = request.template_env.get_template(
+        'mediagoblin/auth/resent_verification_email.html')
+    return Response(
+        template.render(
+            {'request': request}))

mediagoblin/decorators.py

@@ -36,9 +36,12 @@ def require_active_login(controller):
     Require an active login from the user.
     """
     def new_controller_func(request, *args, **kwargs):
-        if not request.user or not request.user.get('status') == u'active':
+        if request.user and \
-            # TODO: Indicate to the user that they were redirected
+                request.user.get('status') == u'needs_email_verification':
-            # here because an *active* user is required.
+            return exc.HTTPFound(
+                location = request.urlgen(
+                    'mediagoblin.auth.verify_email_notice'))
+        elif not request.user or request.user.get('status') != u'active':
             return exc.HTTPFound(
                 location="%s?next=%s" % (
                     request.urlgen("mediagoblin.auth.login"),

mediagoblin/templates/mediagoblin/auth/resent_verification_email.html

@@ -0,0 +1,24 @@
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011 Free Software Foundation, Inc
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#}
+{% extends "mediagoblin/base.html" %}
+
+{% block mediagoblin_content %}
+  <p>
+    Resent your verification email.
+  </p>
+{% endblock %}

mediagoblin/templates/mediagoblin/auth/verification_needed.html

@@ -0,0 +1,29 @@
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011 Free Software Foundation, Inc
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#}
+{% extends "mediagoblin/base.html" %}
+
+{% block mediagoblin_content %}
+  <p>
+    Verfication needed!<br />
+    Please check your email to verify your account.
+  </p>
+
+  <p>
+    Still haven't received an email? <a href="{{ request.urlgen('mediagoblin.auth.resend_verification') }}">Click here to resend it.</a>
+  </p>
+{% endblock %}

setup.py

@@ -18,7 +18,7 @@ from setuptools import setup, find_packages
 
 setup(
     name = "mediagoblin",
-    version = "0.0.1",
+    version = "0.0.2",
     packages=find_packages(exclude=['ez_setup', 'examples', 'tests']),
     zip_safe=False,
     # scripts and dependencies
@@ -45,7 +45,7 @@ setup(
     test_suite='nose.collector',
 
     license = 'AGPLv3',
-    author = 'Christopher Webber',
+    author = 'Free Software Foundation and contributors',
     author_email = 'cwebber@gnu.org',
     entry_points = """\
       [console_scripts]