From 28afb47ca82b0857aad546ef4cbf869de1ca95a5 Mon Sep 17 00:00:00 2001
From: Aleksandar Micovic <aleks.micovic@gmail.com>
Date: Mon, 30 May 2011 23:51:30 -0400
Subject: [PATCH 1/3] Added a temporary verification page informing the user
 they need to authenticate.

---
 mediagoblin/auth/routing.py                   |  4 ++-
 mediagoblin/auth/views.py                     | 15 ++++++++++
 mediagoblin/decorators.py                     |  2 +-
 .../mediagoblin/auth/verification_needed.html | 29 +++++++++++++++++++
 4 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100644 mediagoblin/templates/mediagoblin/auth/verification_needed.html

diff --git a/mediagoblin/auth/routing.py b/mediagoblin/auth/routing.py
index 59762840..9544b165 100644
--- a/mediagoblin/auth/routing.py
+++ b/mediagoblin/auth/routing.py
@@ -26,4 +26,6 @@ auth_routes = [
     Route('mediagoblin.auth.logout', '/logout/',
           controller='mediagoblin.auth.views:logout'),
     Route('mediagoblin.auth.verify_email', '/verify_email/',
-          controller='mediagoblin.auth.views:verify_email')]
+          controller='mediagoblin.auth.views:verify_email'),
+    Route('mediagoblin.auth.verify_email_notice', '/verification_required/',
+          controller='mediagoblin.auth.views:verify_email_notice')]
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index 6b5ce88c..edac74a8 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -168,3 +168,18 @@ def verify_email(request):
             {'request': request,
              'user': user,
              'verification_successful': verification_successful}))
+
+def verify_email_notice(request):
+    """
+    Verify warning view.
+
+    When the user tries to do some action that requires their account
+    to be verified beforehand, this view is called upon!
+    """
+
+    template = request.template_env.get_template(
+        'mediagoblin/auth/verification_needed.html')
+    return Response(
+        template.render(
+            {'request': request}))
+
diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py
index ff3f0b5e..bb625667 100644
--- a/mediagoblin/decorators.py
+++ b/mediagoblin/decorators.py
@@ -41,7 +41,7 @@ def require_active_login(controller):
             # here because an *active* user is required.
             return exc.HTTPFound(
                 location="%s?next=%s" % (
-                    request.urlgen("mediagoblin.auth.login"),
+                    request.urlgen("mediagoblin.auth.verify_email_notice"),
                     request.path_info))
 
         return controller(request, *args, **kwargs)
diff --git a/mediagoblin/templates/mediagoblin/auth/verification_needed.html b/mediagoblin/templates/mediagoblin/auth/verification_needed.html
new file mode 100644
index 00000000..26ea84dc
--- /dev/null
+++ b/mediagoblin/templates/mediagoblin/auth/verification_needed.html
@@ -0,0 +1,29 @@
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011 Free Software Foundation, Inc
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#}
+{% extends "mediagoblin/base.html" %}
+
+{% block mediagoblin_content %}
+  <p>
+    Verfication needed!<br />
+    Please check your email to verify your account.
+  </p>
+
+  <p>
+    Still haven't received an email? <a href="#">Click here to resend it.</a>
+  </p>
+{% endblock %}

From bcec749b52c287a6d361fd06bfbd833e03e5b478 Mon Sep 17 00:00:00 2001
From: Aleksandar Micovic <aleks.micovic@gmail.com>
Date: Tue, 31 May 2011 15:26:00 -0400
Subject: [PATCH 2/3] Fixed bug where someone who wasn't logged in was asked to
 verify their emails.

---
 mediagoblin/decorators.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py
index bb625667..bc12d61c 100644
--- a/mediagoblin/decorators.py
+++ b/mediagoblin/decorators.py
@@ -36,12 +36,13 @@ def require_active_login(controller):
     Require an active login from the user.
     """
     def new_controller_func(request, *args, **kwargs):
-        if not request.user or not request.user.get('status') == u'active':
-            # TODO: Indicate to the user that they were redirected
-            # here because an *active* user is required.
+        if request.user and request.user.get('status') == u'needs_email_verification':
+            return exc.HTTPFound(
+                location = request.urlgen('mediagoblin.auth.verify_email_notice'))
+        elif not request.user or request.user.get('status') != u'active':
             return exc.HTTPFound(
                 location="%s?next=%s" % (
-                    request.urlgen("mediagoblin.auth.verify_email_notice"),
+                    request.urlgen("mediagoblin.auth.login"),
                     request.path_info))
 
         return controller(request, *args, **kwargs)

From b93a6a229e1c7a7eef76e8322104912378f79a96 Mon Sep 17 00:00:00 2001
From: Aleksandar Micovic <aleks.micovic@gmail.com>
Date: Tue, 31 May 2011 17:14:23 -0400
Subject: [PATCH 3/3] Added the ability to regenerate a verification key.

---
 mediagoblin/auth/routing.py                   |  4 +-
 mediagoblin/auth/views.py                     | 41 +++++++++++++++++++
 mediagoblin/db/models.py                      |  8 ++++
 .../mediagoblin/auth/verification_needed.html |  2 +-
 4 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/mediagoblin/auth/routing.py b/mediagoblin/auth/routing.py
index 9544b165..069e3019 100644
--- a/mediagoblin/auth/routing.py
+++ b/mediagoblin/auth/routing.py
@@ -28,4 +28,6 @@ auth_routes = [
     Route('mediagoblin.auth.verify_email', '/verify_email/',
           controller='mediagoblin.auth.views:verify_email'),
     Route('mediagoblin.auth.verify_email_notice', '/verification_required/',
-          controller='mediagoblin.auth.views:verify_email_notice')]
+          controller='mediagoblin.auth.views:verify_email_notice'),
+    Route('mediagoblin.auth.resend_verification', '/resend_verification/',
+          controller='mediagoblin.auth.views:resend_activation')]
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index edac74a8..22fdd46b 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -183,3 +183,44 @@ def verify_email_notice(request):
         template.render(
             {'request': request}))
 
+def resend_activation(request):
+    """
+    The reactivation view
+
+    Resend the activation email.
+    """
+
+    request.user.generate_new_verification_key()
+
+    # Copied shamelessly from the register view above.
+
+    email_template = request.template_env.get_template(
+        'mediagoblin/auth/verification_email.txt')
+
+    # TODO: There is no error handling in place
+    send_email(
+        mgoblin_globals.email_sender_address,
+        [request.user['email']],
+        # TODO
+        # Due to the distributed nature of GNU MediaGoblin, we should
+        # find a way to send some additional information about the 
+        # specific GNU MediaGoblin instance in the subject line. For 
+        # example "GNU MediaGoblin @ Wandborg - [...]".   
+        'GNU MediaGoblin - Verify email',
+        email_template.render(
+            username=request.user['username'],
+            verification_url='http://{host}{uri}?userid={userid}&token={verification_key}'.format(
+                host=request.host,
+                uri=request.urlgen('mediagoblin.auth.verify_email'),
+                userid=unicode(request.user['_id']),
+                verification_key=request.user['verification_key'])))
+
+
+    # TODO: For now, we use the successful registration page until we get a 
+    # proper messaging system.
+
+    template = request.template_env.get_template(
+        'mediagoblin/auth/register_success.html')
+    return exc.HTTPFound(
+        location=request.urlgen('mediagoblin.auth.register_success'))
+
diff --git a/mediagoblin/db/models.py b/mediagoblin/db/models.py
index 37420834..0e933fb7 100644
--- a/mediagoblin/db/models.py
+++ b/mediagoblin/db/models.py
@@ -64,6 +64,14 @@ class User(Document):
         return auth_lib.bcrypt_check_password(
             password, self['pw_hash'])
 
+    def generate_new_verification_key(self):
+        """
+        Create a new verification key, overwriting the old one.
+        """
+
+        self['verification_key'] = unicode(uuid.uuid4())
+        self.save(validate=False)
+
 
 class MediaEntry(Document):
     __collection__ = 'media_entries'
diff --git a/mediagoblin/templates/mediagoblin/auth/verification_needed.html b/mediagoblin/templates/mediagoblin/auth/verification_needed.html
index 26ea84dc..4104da19 100644
--- a/mediagoblin/templates/mediagoblin/auth/verification_needed.html
+++ b/mediagoblin/templates/mediagoblin/auth/verification_needed.html
@@ -24,6 +24,6 @@
   </p>
 
   <p>
-    Still haven't received an email? <a href="#">Click here to resend it.</a>
+    Still haven't received an email? <a href="{{ request.urlgen('mediagoblin.auth.resend_verification') }}">Click here to resend it.</a>
   </p>
 {% endblock %}