示例#1
0
def send(email):
    ''' 
    Main endpoint, checks if email+host is valid and sends 
    either form data or verification to email 
    '''

    if request.method == 'GET':
        if request_wants_json():
            return jsonerror(405, {'error': "Please submit POST request."})
        else:
            return render_template(
                'info.html',
                title='Form should POST',
                text=
                'Make sure your form has the <span class="code"><strong>method="POST"</strong></span> attribute'
            ), 405

    if not IS_VALID_EMAIL(email):
        if request_wants_json():
            return jsonerror(400, {'error': "Invalid email address"})
        else:
            return render_template(
                'error.html',
                title='Check email address',
                text='Email address %s is not formatted correctly' %
                str(email)), 400

    # Earlier we used referrer, which is problematic as it includes also URL
    # parameters. To maintain backwards compatability and to avoid doing migrations
    # check also if email is confirmed for the entire referrer
    host = flask.request.referrer
    new_host = _referrer_to_path(host)

    if not host:
        if request_wants_json():
            return jsonerror(400, {'error': "Invalid \"Referrer\" header"})
        else:
            return render_template(
                'error.html',
                title='Unable to submit form',
                text=
                'Make sure your form is running on a proper server. For geeks: could not find the "Referrer" header.'
            ), 400

    if not EMAIL_CONFIRMED(HASH(email, host)) and not EMAIL_CONFIRMED(
            HASH(email, new_host)):
        return _send_confirmation(email, new_host)

    return _send_form(email, new_host)
示例#2
0
def _send_form(email, host):
    '''
    Sends request.form to user's email. 
    Assumes email has been verified.
    '''

    data, keys = _form_to_dict(request.form)

    subject = data.get(
        '_subject',
        'New submission from %s' % _referrer_to_path(request.referrer))
    reply_to = data.get('_replyto', None)
    cc = data.get('_cc', None)
    next = data.get('_next', url_for('thanks', next=request.referrer))
    spam = data.get('_gotcha', None)

    # prevent submitting empty form
    if not any(data.values()):
        if request_wants_json():
            return k(400, {'error': "Can't send an empty form"})
        else:
            return render_template('error.html',
                                   title='Can\'t send an empty form',
                                   text=str('<a href="%s">Return to form</a>' %
                                            request.referrer)), 400

    if not spam:
        text = render_template('email/form.txt',
                               data=data,
                               host=host,
                               keys=keys)
        html = render_template('email/form.html',
                               data=data,
                               host=host,
                               keys=keys)
        result = _send_email(to=email,
                             subject=subject,
                             text=text,
                             html=html,
                             sender=DEFAULT_SENDER,
                             reply_to=reply_to,
                             cc=cc)

        if not result[0]:
            if request_wants_json():
                return jsonerror(500, {'error': "Unable to send email"})
            else:
                return render_template('error.html',
                                       title='Unable to send email',
                                       text=result[1]), 500

        REDIS.incr(COUNTER_KEY(email, host))

    if request_wants_json():
        return jsonify({'success': "Email sent"})
    else:
        return redirect(next, code=302)
示例#3
0
def _send_confirmation(email, host):
    '''
    Helper that actually creates confirmation nonce
    and sends the email to associated email. Renders
    different templates depending on the result
    '''
    log.debug('Sending confirmation')
    if VALID_NONCE(HASH(email, host)):
        log.debug('Confirmation already sent')
        if request_wants_json():
            return jsonify({'success': "confirmation email sent"})
        else:
            return render_template('confirmation_sent.html',
                                   email=email,
                                   host=host)

    link = url_for('confirm_email', nonce=HASH(email, host), _external=True)

    def render_content(type):
        return render_template('email/confirm.%s' % type,
                               email=email,
                               host=host,
                               nonce_link=link)

    log.debug('Sending email')

    result = _send_email(to=email,
                         subject='Confirm email for %s' %
                         settings.SERVICE_NAME,
                         text=render_content('txt'),
                         html=render_content('html'),
                         sender=DEFAULT_SENDER)

    log.debug('Sent')

    if not result[0]:
        if request_wants_json():
            return jsonerror(500, {'error': "Unable to send email"})
        else:
            return render_template('error.html',
                                   title='Unable to send email',
                                   text=result[1]), 500

    REDIS.set(NONCE_KEY(email, host), None)
    REDIS.set(HASH_EMAIL_KEY(HASH(email, host)), email)
    REDIS.set(HASH_HOST_KEY(HASH(email, host)), host)

    if request_wants_json():
        return jsonify({'success': "confirmation email sent"})
    else:
        return render_template('confirmation_sent.html',
                               email=email,
                               host=host)
示例#4
0
def send(email):
    ''' 
    Main endpoint, checks if email+host is valid and sends 
    either form data or verification to email 
    '''

    if request.method == 'GET':
        if request_wants_json():
            return jsonerror(405, {'error': "Please submit POST request."})
        else:
            return render_template('info.html', 
                                   title='Form should POST', 
                                   text='Make sure your form has the <span class="code"><strong>method="POST"</strong></span> attribute'), 405

    if not IS_VALID_EMAIL(email):
        if request_wants_json():
            return jsonerror(400, {'error': "Invalid email address"})
        else:
            return render_template('error.html', 
                                   title='Check email address', 
                                   text='Email address %s is not formatted correctly' % str(email)), 400

    # Earlier we used referrer, which is problematic as it includes also URL
    # parameters. To maintain backwards compatability and to avoid doing migrations
    # check also if email is confirmed for the entire referrer
    host = flask.request.referrer
    new_host = _referrer_to_path(host)

    if not host:
        if request_wants_json():
            return jsonerror(400, {'error': "Invalid \"Referrer\" header"})
        else:
            return render_template('error.html', 
                                   title='Unable to submit form', 
                                   text='Make sure your form is running on a proper server. For geeks: could not find the "Referrer" header.'), 400

    if not EMAIL_CONFIRMED(HASH(email, host)) and not EMAIL_CONFIRMED(HASH(email, new_host)):
        return _send_confirmation(email, new_host)

    return _send_form(email, new_host)
示例#5
0
def _send_confirmation(email, host):
    '''
    Helper that actually creates confirmation nonce
    and sends the email to associated email. Renders
    different templates depending on the result
    '''
    log.debug('Sending confirmation')
    if VALID_NONCE(HASH(email, host)):
        log.debug('Confirmation already sent')
        if request_wants_json():
            return jsonify({'success': "confirmation email sent"})
        else:
            return render_template('confirmation_sent.html', email=email, host=host)

    link = url_for('confirm_email', nonce=HASH(email, host), _external=True)
    
    def render_content(type):
        return render_template('email/confirm.%s' % type, 
                                  email=email, 
                                  host=host, 
                                  nonce_link=link)

    log.debug('Sending email')

    result = _send_email(to=email, 
                         subject='Confirm email for %s' % settings.SERVICE_NAME, 
                         text=render_content('txt'),
                         html=render_content('html'), 
                         sender=DEFAULT_SENDER) 

    log.debug('Sent')

    if not result[0]:
        if request_wants_json():
            return jsonerror(500, {'error': "Unable to send email"})
        else:
            return render_template('error.html', 
                                   title='Unable to send email', 
                                   text=result[1]), 500


    REDIS.set(NONCE_KEY(email, host), None)
    REDIS.set(HASH_EMAIL_KEY(HASH(email, host)), email)
    REDIS.set(HASH_HOST_KEY(HASH(email, host)), host)

    if request_wants_json():
        return jsonify({'success': "confirmation email sent"})
    else:
        return render_template('confirmation_sent.html', email=email, host=host)
示例#6
0
def _send_form(email, host):
    '''
    Sends request.form to user's email. 
    Assumes email has been verified.
    '''

    data, keys = _form_to_dict(request.form)

    subject = data.get('_subject', 'New submission from %s' % _referrer_to_path(request.referrer))
    reply_to = data.get('_replyto', None)
    cc = data.get('_cc', None)
    next = data.get('_next', url_for('thanks', next=request.referrer))
    spam = data.get('_gotcha', None)

    # prevent submitting empty form
    if not any(data.values()):
        if request_wants_json():
            return k(400, {'error': "Can't send an empty form"})
        else:
            return render_template('error.html', 
                                   title='Can\'t send an empty form', 
                                   text=str('<a href="%s">Return to form</a>' % request.referrer)), 400

    if not spam:
        text = render_template('email/form.txt', data=data, host=host, keys=keys)
        html = render_template('email/form.html', data=data, host=host, keys=keys)
        result = _send_email(to=email, 
                          subject=subject,
                          text=text,
                          html=html,
                          sender=DEFAULT_SENDER,
                          reply_to=reply_to,
                          cc=cc)

        if not result[0]:
            if request_wants_json():
                return jsonerror(500, {'error': "Unable to send email"})
            else:
                return render_template('error.html', 
                                       title='Unable to send email', 
                                       text=result[1]), 500

        REDIS.incr(COUNTER_KEY(email, host))

    if request_wants_json():
        return jsonify({'success': "Email sent"})
    else:
        return redirect(next, code=302)