def view_settings(request): old_email = request.user.email # this line has to be at the top to work. old_wants_newsletter = request.user.profile.wants_newsletter user = request.user up = user.profile user_form = UserForm(request.POST or None, instance=user) profile_form = ProfileForm(request.POST or None, instance=up) if profile_form.is_valid() and user_form.is_valid(): user_cd = user_form.cleaned_data profile_cd = profile_form.cleaned_data new_email = user_cd['email'] changed_email = old_email != new_email if changed_email: # Email was changed. up.activation_key = sha1_activation_key(user.username) up.key_expires = now() + timedelta(5) up.email_confirmed = False # Unsubscribe the old address in mailchimp (we'll # resubscribe it when they confirm it later). update_mailchimp.delay(old_email, 'unsubscribed') # Send the email. email = emails['email_changed_successfully'] send_mail( email['subject'], email['body'] % (user.username, up.activation_key), email['from'], [new_email], ) msg = message_dict['email_changed_successfully'] messages.add_message(request, msg['level'], msg['message']) logout(request) else: # if the email wasn't changed, simply inform of success. msg = message_dict['settings_changed_successfully'] messages.add_message(request, msg['level'], msg['message']) new_wants_newsletter = profile_cd['wants_newsletter'] if old_wants_newsletter != new_wants_newsletter: if new_wants_newsletter is True and not changed_email: # They just subscribed. If they didn't *also* update their # email address, subscribe them. subscribe_to_mailchimp.delay(new_email) elif new_wants_newsletter is False: # They just unsubscribed update_mailchimp.delay(new_email, 'unsubscribed') # New email address and changes above are saved here. profile_form.save() user_form.save() return HttpResponseRedirect(reverse('view_settings')) return render(request, 'profile/settings.html', { 'profile_form': profile_form, 'user_form': user_form, 'private': True })
def request_email_confirmation(request: HttpRequest) -> HttpResponse: """Send an email confirmation email""" if request.method == "POST": form = EmailConfirmationForm(request.POST) if form.is_valid(): cd = form.cleaned_data users = User.objects.filter(email__iexact=cd["email"]) if not len(users): # Normally, we'd throw an error here, but instead we pretend it # was a success. Meanwhile, we send an email saying that a # request was made, but we don't have an account with that # email address. email: EmailType = emails["no_account_found"] message = email["body"] % ( "email confirmation", reverse("register"), ) send_mail( email["subject"], message, email["from_email"], [cd["email"]], ) return HttpResponseRedirect(reverse("email_confirm_success")) activation_key = sha1_activation_key(cd["email"]) key_expires = now() + timedelta(days=5) for user in users: # associate it with the user's accounts. up = user.profile up.activation_key = activation_key up.key_expires = key_expires up.save() email: EmailType = emails["confirm_existing_account"] send_mail( email["subject"], email["body"] % activation_key, email["from_email"], [user.email], ) return HttpResponseRedirect(reverse("email_confirm_success")) else: form = EmailConfirmationForm() return render( request, "register/request_email_confirmation.html", { "private": True, "form": form }, )
def notify_unconfirmed_accounts(self): """This function will notify people who have not confirmed their accounts that they must do so for fear of deletion. This function should be run once a week, or so. Because it updates the expiration date of the user's key, and also uses that field to determine if the user should be notified in the first place, the first week, a user will have an old enough key, and will be notified, but the next week their key will have a very recent expiration date (because it was just updated the prior week). This means that they won't be selected the next week, but the one after, their key will be old again, and they will be selected. It's not ideal, but it's OK. """ # if your account is more than a week old, and you have not confirmed # it, we will send you a notification, requesting that you confirm it. a_week_ago = now() - datetime.timedelta(7) unconfirmed_ups = UserProfile.objects.filter( email_confirmed=False, key_expires__lte=a_week_ago, stub_account=False, ) for up in unconfirmed_ups: if self.options["verbose"]: print "User %s will be notified" % up.user if not self.options["simulate"]: # Build and save a new activation key for the account. activation_key = sha1_activation_key(up.user.username) key_expires = now() + datetime.timedelta(5) up.activation_key = activation_key up.key_expires = key_expires up.save() # Send the email. current_site = Site.objects.get_current() email = emails["email_not_confirmed"] send_mail( email["subject"] % current_site.name, email["body"] % (up.user.username, up.activation_key), email["from"], [up.user.email], )
def request_email_confirmation(request): """Send an email confirmation email""" if request.method == 'POST': form = EmailConfirmationForm(request.POST) if form.is_valid(): cd = form.cleaned_data users = User.objects.filter(email__iexact=cd['email']) if not len(users): # Normally, we'd throw an error here, but instead we pretend it # was a success. Meanwhile, we send an email saying that a # request was made, but we don't have an account with that # email address. email = emails['no_account_found'] message = email['body'] % ('email confirmation', reverse('register')) send_mail(email['subject'], message, email['from'], [cd['email']]) return HttpResponseRedirect(reverse('email_confirm_success')) activation_key = sha1_activation_key(cd['email']) key_expires = now() + timedelta(days=5) for user in users: # associate it with the user's accounts. up = user.profile up.activation_key = activation_key up.key_expires = key_expires up.save() email = emails['confirm_existing_account'] send_mail( email['subject'], email['body'] % activation_key, email['from'], [user.email], ) return HttpResponseRedirect(reverse('email_confirm_success')) else: form = EmailConfirmationForm() return render(request, 'register/request_email_confirmation.html', { 'private': True, 'form': form })
def register(request): """allow only an anonymous user to register""" redirect_to = sanitize_redirection(request) if request.user.is_anonymous: if request.method == 'POST': try: stub_account = User.objects.filter( profile__stub_account=True, ).get( email__iexact=request.POST.get('email'), ) except User.DoesNotExist: stub_account = False if stub_account: form = UserCreationFormExtended( request.POST, instance=stub_account ) else: form = UserCreationFormExtended(request.POST) consent_form = OptInConsentForm(request.POST) if form.is_valid() and consent_form.is_valid(): cd = form.cleaned_data if not stub_account: # make a new user that is active, but has not confirmed # their email address user = User.objects.create_user( cd['username'], cd['email'], cd['password1'] ) up = UserProfile(user=user) else: # Upgrade the stub account to make it a regular account. user = stub_account user.set_password(cd['password1']) user.username = cd['username'] up = stub_account.profile up.stub_account = False if cd['first_name']: user.first_name = cd['first_name'] if cd['last_name']: user.last_name = cd['last_name'] user.save() # Build and assign the activation key up.activation_key = sha1_activation_key(user.username) up.key_expires = now() + timedelta(days=5) up.save() email = emails['confirm_your_new_account'] send_mail( email['subject'], email['body'] % (user.username, up.activation_key), email['from'], [user.email] ) email = emails['new_account_created'] send_mail( email['subject'] % up.user.username, email['body'] % ( up.user.get_full_name() or "Not provided", up.user.email ), email['from'], email['to'], ) tally_stat('user.created') get_str = '?next=%s&email=%s' % (urlencode(redirect_to), urlencode(user.email)) return HttpResponseRedirect(reverse('register_success') + get_str) else: form = UserCreationFormExtended() consent_form = OptInConsentForm() return render(request, "register/register.html", { 'form': form, 'consent_form': consent_form, 'private': False }) else: # The user is already logged in. Direct them to their settings page as # a logical fallback return HttpResponseRedirect(reverse('view_settings'))
def view_settings(request): old_email = request.user.email # this line has to be at the top to work. old_wants_newsletter = request.user.profile.wants_newsletter user = request.user up = user.profile user_form = UserForm(request.POST or None, instance=user) profile_form = ProfileForm(request.POST or None, instance=up) if profile_form.is_valid() and user_form.is_valid(): user_cd = user_form.cleaned_data profile_cd = profile_form.cleaned_data new_email = user_cd["email"] changed_email = old_email != new_email if changed_email: # Email was changed. up.activation_key = sha1_activation_key(user.username) up.key_expires = now() + timedelta(5) up.email_confirmed = False # Unsubscribe the old address in mailchimp (we'll # resubscribe it when they confirm it later). update_mailchimp.delay(old_email, "unsubscribed") # Send an email to the new and old addresses. New for verification; # old for notification of the change. email = emails["email_changed_successfully"] send_mail( email["subject"], email["body"] % (user.username, up.activation_key), email["from"], [new_email], ) email = emails["notify_old_address"] send_mail( email["subject"], email["body"] % (user.username, old_email, new_email), email["from"], [old_email], ) msg = message_dict["email_changed_successfully"] messages.add_message(request, msg["level"], msg["message"]) logout(request) else: # if the email wasn't changed, simply inform of success. msg = message_dict["settings_changed_successfully"] messages.add_message(request, msg["level"], msg["message"]) new_wants_newsletter = profile_cd["wants_newsletter"] if old_wants_newsletter != new_wants_newsletter: if new_wants_newsletter is True and not changed_email: # They just subscribed. If they didn't *also* update their # email address, subscribe them. subscribe_to_mailchimp.delay(new_email) elif new_wants_newsletter is False: # They just unsubscribed update_mailchimp.delay(new_email, "unsubscribed") # New email address and changes above are saved here. profile_form.save() user_form.save() return HttpResponseRedirect(reverse("view_settings")) return render( request, "profile/settings.html", { "profile_form": profile_form, "user_form": user_form, "private": True, }, )
def register(request: HttpRequest) -> HttpResponse: """allow only an anonymous user to register""" redirect_to = get_redirect_or_login_url(request, "next") if request.user.is_anonymous: if request.method == "POST": try: stub_account = User.objects.filter( profile__stub_account=True, ).get( email__iexact=request.POST.get("email")) except User.DoesNotExist: stub_account = False if stub_account: form = UserCreationFormExtended(request.POST, instance=stub_account) else: form = UserCreationFormExtended(request.POST) consent_form = OptInConsentForm(request.POST) if form.is_valid() and consent_form.is_valid(): cd = form.cleaned_data if not stub_account: # make a new user that is active, but has not confirmed # their email address user = User.objects.create_user(cd["username"], cd["email"], cd["password1"]) up = UserProfile(user=user) else: # Upgrade the stub account to make it a regular account. user = stub_account user.set_password(cd["password1"]) user.username = cd["username"] up = stub_account.profile up.stub_account = False if cd["first_name"]: user.first_name = cd["first_name"] if cd["last_name"]: user.last_name = cd["last_name"] user.save() # Build and assign the activation key up.activation_key = sha1_activation_key(user.username) up.key_expires = now() + timedelta(days=5) up.save() email: EmailType = emails["confirm_your_new_account"] send_mail( email["subject"], email["body"] % (user.username, up.activation_key), email["from_email"], [user.email], ) email: EmailType = emails["new_account_created"] send_mail( email["subject"] % up.user.username, email["body"] % ( up.user.get_full_name() or "Not provided", up.user.email, ), email["from_email"], email["to"], ) tally_stat("user.created") get_str = "?next=%s&email=%s" % ( urlencode(redirect_to), urlencode(user.email), ) return HttpResponseRedirect( reverse("register_success") + get_str) else: form = UserCreationFormExtended() consent_form = OptInConsentForm() return render( request, "register/register.html", { "form": form, "consent_form": consent_form, "private": False }, ) else: # The user is already logged in. Direct them to their settings page as # a logical fallback return HttpResponseRedirect(reverse("view_settings"))