def send(email):
'''
Main endpoint, checks if email+host is valid and sends
either form data or verification to email
'''
if request.method == 'GET':
if request_wants_json():
return jsonerror(405, {'error': "Please submit POST request."})
else:
return render_template(
'info.html',
title='Form should POST',
text=
'Make sure your form has the <span class="code"><strong>method="POST"</strong></span> attribute'
), 405
if not IS_VALID_EMAIL(email):
if request_wants_json():
return jsonerror(400, {'error': "Invalid email address"})
else:
return render_template(
'error.html',
title='Check email address',
text='Email address %s is not formatted correctly' %
str(email)), 400
# Earlier we used referrer, which is problematic as it includes also URL
# parameters. To maintain backwards compatability and to avoid doing migrations
# check also if email is confirmed for the entire referrer
host = flask.request.referrer
new_host = _referrer_to_path(host)
if not host:
if request_wants_json():
return jsonerror(400, {'error': "Invalid \"Referrer\" header"})
else:
return render_template(
'error.html',
title='Unable to submit form',
text=
'Make sure your form is running on a proper server. For geeks: could not find the "Referrer" header.'
), 400
if not EMAIL_CONFIRMED(HASH(email, host)) and not EMAIL_CONFIRMED(
HASH(email, new_host)):
return _send_confirmation(email, new_host)
return _send_form(email, new_host)
def _send_form(email, host):
'''
Sends request.form to user's email.
Assumes email has been verified.
'''
data, keys = _form_to_dict(request.form)
subject = data.get(
'_subject',
'New submission from %s' % _referrer_to_path(request.referrer))
reply_to = data.get('_replyto', None)
cc = data.get('_cc', None)
next = data.get('_next', url_for('thanks', next=request.referrer))
spam = data.get('_gotcha', None)
# prevent submitting empty form
if not any(data.values()):
if request_wants_json():
return k(400, {'error': "Can't send an empty form"})
else:
return render_template('error.html',
title='Can\'t send an empty form',
text=str('<a href="%s">Return to form</a>' %
request.referrer)), 400
if not spam:
text = render_template('email/form.txt',
data=data,
host=host,
keys=keys)
html = render_template('email/form.html',
data=data,
host=host,
keys=keys)
result = _send_email(to=email,
subject=subject,
text=text,
html=html,
sender=DEFAULT_SENDER,
reply_to=reply_to,
cc=cc)
if not result[0]:
if request_wants_json():
return jsonerror(500, {'error': "Unable to send email"})
else:
return render_template('error.html',
title='Unable to send email',
text=result[1]), 500
REDIS.incr(COUNTER_KEY(email, host))
if request_wants_json():
return jsonify({'success': "Email sent"})
else:
return redirect(next, code=302)
def _send_confirmation(email, host):
'''
Helper that actually creates confirmation nonce
and sends the email to associated email. Renders
different templates depending on the result
'''
log.debug('Sending confirmation')
if VALID_NONCE(HASH(email, host)):
log.debug('Confirmation already sent')
if request_wants_json():
return jsonify({'success': "confirmation email sent"})
else:
return render_template('confirmation_sent.html',
email=email,
host=host)
link = url_for('confirm_email', nonce=HASH(email, host), _external=True)
def render_content(type):
return render_template('email/confirm.%s' % type,
email=email,
host=host,
nonce_link=link)
log.debug('Sending email')
result = _send_email(to=email,
subject='Confirm email for %s' %
settings.SERVICE_NAME,
text=render_content('txt'),
html=render_content('html'),
sender=DEFAULT_SENDER)
log.debug('Sent')
if not result[0]:
if request_wants_json():
return jsonerror(500, {'error': "Unable to send email"})
else:
return render_template('error.html',
title='Unable to send email',
text=result[1]), 500
REDIS.set(NONCE_KEY(email, host), None)
REDIS.set(HASH_EMAIL_KEY(HASH(email, host)), email)
REDIS.set(HASH_HOST_KEY(HASH(email, host)), host)
if request_wants_json():
return jsonify({'success': "confirmation email sent"})
else:
return render_template('confirmation_sent.html',
email=email,
host=host)
def send(email):
'''
Main endpoint, checks if email+host is valid and sends
either form data or verification to email
'''
if request.method == 'GET':
if request_wants_json():
return jsonerror(405, {'error': "Please submit POST request."})
else:
return render_template('info.html',
title='Form should POST',
text='Make sure your form has the <span class="code"><strong>method="POST"</strong></span> attribute'), 405
if not IS_VALID_EMAIL(email):
if request_wants_json():
return jsonerror(400, {'error': "Invalid email address"})
else:
return render_template('error.html',
title='Check email address',
text='Email address %s is not formatted correctly' % str(email)), 400
# Earlier we used referrer, which is problematic as it includes also URL
# parameters. To maintain backwards compatability and to avoid doing migrations
# check also if email is confirmed for the entire referrer
host = flask.request.referrer
new_host = _referrer_to_path(host)
if not host:
if request_wants_json():
return jsonerror(400, {'error': "Invalid \"Referrer\" header"})
else:
return render_template('error.html',
title='Unable to submit form',
text='Make sure your form is running on a proper server. For geeks: could not find the "Referrer" header.'), 400
if not EMAIL_CONFIRMED(HASH(email, host)) and not EMAIL_CONFIRMED(HASH(email, new_host)):
return _send_confirmation(email, new_host)
return _send_form(email, new_host)
def _send_confirmation(email, host):
'''
Helper that actually creates confirmation nonce
and sends the email to associated email. Renders
different templates depending on the result
'''
log.debug('Sending confirmation')
if VALID_NONCE(HASH(email, host)):
log.debug('Confirmation already sent')
if request_wants_json():
return jsonify({'success': "confirmation email sent"})
else:
return render_template('confirmation_sent.html', email=email, host=host)
link = url_for('confirm_email', nonce=HASH(email, host), _external=True)
def render_content(type):
return render_template('email/confirm.%s' % type,
email=email,
host=host,
nonce_link=link)
log.debug('Sending email')
result = _send_email(to=email,
subject='Confirm email for %s' % settings.SERVICE_NAME,
text=render_content('txt'),
html=render_content('html'),
sender=DEFAULT_SENDER)
log.debug('Sent')
if not result[0]:
if request_wants_json():
return jsonerror(500, {'error': "Unable to send email"})
else:
return render_template('error.html',
title='Unable to send email',
text=result[1]), 500
REDIS.set(NONCE_KEY(email, host), None)
REDIS.set(HASH_EMAIL_KEY(HASH(email, host)), email)
REDIS.set(HASH_HOST_KEY(HASH(email, host)), host)
if request_wants_json():
return jsonify({'success': "confirmation email sent"})
else:
return render_template('confirmation_sent.html', email=email, host=host)
def _send_form(email, host):
'''
Sends request.form to user's email.
Assumes email has been verified.
'''
data, keys = _form_to_dict(request.form)
subject = data.get('_subject', 'New submission from %s' % _referrer_to_path(request.referrer))
reply_to = data.get('_replyto', None)
cc = data.get('_cc', None)
next = data.get('_next', url_for('thanks', next=request.referrer))
spam = data.get('_gotcha', None)
# prevent submitting empty form
if not any(data.values()):
if request_wants_json():
return k(400, {'error': "Can't send an empty form"})
else:
return render_template('error.html',
title='Can\'t send an empty form',
text=str('<a href="%s">Return to form</a>' % request.referrer)), 400
if not spam:
text = render_template('email/form.txt', data=data, host=host, keys=keys)
html = render_template('email/form.html', data=data, host=host, keys=keys)
result = _send_email(to=email,
subject=subject,
text=text,
html=html,
sender=DEFAULT_SENDER,
reply_to=reply_to,
cc=cc)
if not result[0]:
if request_wants_json():
return jsonerror(500, {'error': "Unable to send email"})
else:
return render_template('error.html',
title='Unable to send email',
text=result[1]), 500
REDIS.incr(COUNTER_KEY(email, host))
if request_wants_json():
return jsonify({'success': "Email sent"})
else:
return redirect(next, code=302)