From db1a438f3e6f8c5c8cec20b9326a21baf4579306 Mon Sep 17 00:00:00 2001
From: Joar Wandborg <git@wandborg.com>
Date: Tue, 3 May 2011 19:49:39 +0200
Subject: [PATCH] Added functionality to support user email verification, email
 = TBD, verification = done. Signed-off-by: Joar Wandborg <git@wandborg.com>

---
 mediagoblin/auth/routing.py                   |  4 ++-
 mediagoblin/auth/views.py                     | 23 +++++++++++++++
 mediagoblin/models.py                         |  7 +++--
 .../mediagoblin/auth/verify_email.html        | 28 +++++++++++++++++++
 4 files changed, 58 insertions(+), 4 deletions(-)
 create mode 100644 mediagoblin/templates/mediagoblin/auth/verify_email.html

diff --git a/mediagoblin/auth/routing.py b/mediagoblin/auth/routing.py
index 92f19371..59762840 100644
--- a/mediagoblin/auth/routing.py
+++ b/mediagoblin/auth/routing.py
@@ -24,4 +24,6 @@ auth_routes = [
     Route('mediagoblin.auth.login', '/login/',
           controller='mediagoblin.auth.views:login'),
     Route('mediagoblin.auth.logout', '/logout/',
-          controller='mediagoblin.auth.views:logout')]
+          controller='mediagoblin.auth.views:logout'),
+    Route('mediagoblin.auth.verify_email', '/verify_email/',
+          controller='mediagoblin.auth.views:verify_email')]
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index 15e33e17..dfb6899f 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -116,3 +116,26 @@ def logout(request):
     
     return exc.HTTPFound(
         location=request.urlgen("index"))
+
+def verify_email(request):
+    import bson.objectid
+    user = request.db.User.find_one(
+        {'_id': bson.objectid.ObjectId( unicode( request.GET.get('userid') ) )})
+
+    verification_successful = bool
+
+    if user and user['verification_key'] == unicode( request.GET.get('token') ):
+        user['status'] = u'active'
+        user['email_verified'] = True
+        verification_successful = True
+        user.save()
+    else:
+        verification_successful = False
+        
+    template = request.template_env.get_template(
+        'mediagoblin/auth/verify_email.html')
+    return Response(
+        template.render(
+            {'request': request,
+             'user': user,
+             'verification_successful': verification_successful}))
diff --git a/mediagoblin/models.py b/mediagoblin/models.py
index eef59ed4..62cab4a5 100644
--- a/mediagoblin/models.py
+++ b/mediagoblin/models.py
@@ -14,7 +14,7 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-import datetime
+import datetime, uuid
 
 from mongokit import Document, Set
 
@@ -41,6 +41,7 @@ class User(Document):
         'pw_hash': unicode,
         'email_verified': bool,
         'status': unicode,
+        'verification_key': unicode
         }
 
     required_fields = ['username', 'created', 'pw_hash', 'email']
@@ -48,8 +49,8 @@ class User(Document):
     default_values = {
         'created': datetime.datetime.utcnow,
         'email_verified': False,
-        # TODO: shouldn't be active by default, must have email registration
-        'status': u'active'}
+        'status': u'needs_email_verification',
+        'verification_key': unicode( uuid.uuid4() ) }
 
     def check_login(self, password):
         """
diff --git a/mediagoblin/templates/mediagoblin/auth/verify_email.html b/mediagoblin/templates/mediagoblin/auth/verify_email.html
new file mode 100644
index 00000000..fe9094bd
--- /dev/null
+++ b/mediagoblin/templates/mediagoblin/auth/verify_email.html
@@ -0,0 +1,28 @@
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011 Free Software Foundation, Inc
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#}
+{% extends "mediagoblin/base.html" %}
+
+{% block mediagoblin_content %}
+<p>
+  {% if verification_successful %}
+  Your email address has been verified!
+  {% else %}
+  The verification key or user id is incorrect
+  {% endif %}
+</p>
+{% endblock %}