def _register(self, username, email, password):
user = User(username=username, email=email, password=password)
self.request.db.add(user)
# Create a new activation for the user
activation = Activation()
self.request.db.add(activation)
user.activation = activation
# Flush the session to ensure that the user can be created and the
# activation is successfully wired up
self.request.db.flush()
# Send the activation email
message = activation_email(self.request, user)
mailer = get_mailer(self.request)
mailer.send(message)
self.request.session.flash(
jinja2.Markup(
_('Thank you for creating an account! '
"We've sent you an email with an activation link, "
'before you can sign in <strong>please check your email and open '
'the link to activate your account</strong>.')), 'success')
self.request.registry.notify(RegistrationEvent(self.request, user))
def forgot_password(self):
"""
Handle submission of the forgot password form.
Validates that the email is one we know about, and then generates a new
activation for the associated user, and dispatches a "reset your
password" email which contains a token and/or link to the reset
password form.
"""
schema = schemas.ForgotPasswordSchema().bind(request=self.request)
form = deform.Form(schema)
# Nothing to do here for logged-in users
if self.request.authenticated_userid is not None:
return httpexceptions.HTTPFound(
location=self.forgot_password_redirect)
err, appstruct = validate_form(form, self.request.POST.items())
if err is not None:
return err
# If the validation passes, we assume the user exists.
#
# TODO: fix this latent race condition by returning a user object in
# the appstruct.
user = User.get_by_email(appstruct['email'])
# Create a new activation for this user. Any previous activation will
# get overwritten.
activation = Activation()
self.request.db.add(activation)
user.activation = activation
# Write the new activation to the database in order to set up the
# foreign key field and generate the code.
self.request.db.flush()
# Send the reset password email
code = user.activation.code
link = reset_password_link(self.request, code)
message = reset_password_email(user, code, link)
mailer = get_mailer(self.request)
mailer.send(message)
self.request.session.flash(
_("Please check your email to finish "
"resetting your password."), "success")
return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def _send_forgot_password_email(self, user):
# Create a new activation for this user. Any previous activation will
# get overwritten.
activation = Activation()
self.request.db.add(activation)
user.activation = activation
# Write the new activation to the database in order to set up the
# foreign key field and generate the code.
self.request.db.flush()
# Send the reset password email
code = user.activation.code
link = reset_password_link(self.request, code)
message = reset_password_email(user, code, link)
mailer = get_mailer(self.request)
mailer.send(message)
def register(self):
"""
Handle submission of the new user registration form.
Validates the form data, creates a new activation for the user, sends
the activation mail, and then redirects the user to the index.
"""
err, appstruct = validate_form(self.form, self.request.POST.items())
if err is not None:
return err
# Create the new user from selected form fields
props = {k: appstruct[k] for k in ['username', 'email', 'password']}
user = User(**props)
self.request.db.add(user)
# Create a new activation for the user
activation = Activation()
self.request.db.add(activation)
user.activation = activation
# Flush the session to ensure that the user can be created and the
# activation is successfully wired up
self.request.db.flush()
# Send the activation email
message = activation_email(self.request, user)
mailer = get_mailer(self.request)
mailer.send(message)
self.request.session.flash(
_("Thank you for registering! Please check "
"your e-mail now. You can continue by "
"clicking the activation link we have "
"sent you."), 'success')
self.request.registry.notify(RegistrationEvent(self.request, user))
return httpexceptions.HTTPFound(
location=self.request.route_url('index'))
