Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: sitescripts/submit_email/web/submit_email.py

Issue 5177883412660224: Issue 2234 - Add a WSGI controller to collect email addresses for the Adblock Browser iOS launch (Closed)
Patch Set: Send error response when verification request is invalid Created April 24, 2015, 12:04 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sitescripts/submit_email/web/__init__.py ('k') | sitescripts/utils.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 # coding: utf-8
2
3 # This file is part of the Adblock Plus web scripts,
4 # Copyright (C) 2006-2015 Eyeo GmbH
5 #
6 # Adblock Plus is free software: you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License version 3 as
8 # published by the Free Software Foundation.
9 #
10 # Adblock Plus is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>.
17
18 import fcntl
19 import hmac
20 import hashlib
21 import wsgiref.util
22 from urlparse import parse_qs, urljoin
23 from urllib import urlencode
24
25 from sitescripts.utils import get_config, sendMail, encode_email_address
26 from sitescripts.web import url_handler, form_handler
27
28 VERIFICATION_PATH = '/verifyEmail'
29
30 def sign(config, data):
31 secret = config.get('submit_email', 'secret')
32 return hmac.new(secret, data, hashlib.sha1).hexdigest()
33
34 @url_handler('/submitEmail')
35 @form_handler
36 def submit_email(environ, start_response, data):
37 email = data.get('email', '').strip()
38 try:
39 email = encode_email_address(email)
40 except ValueError:
41 start_response('400 Bad Request', [('Content-Type', 'text/plain')])
42 return ["Oops! You didn't enter a valid email address."]
43
44 config = get_config()
45 sendMail(
46 config.get('submit_email', 'verification_email_template'),
47 {
48 'recipient': email,
49 'verification_url': '%s?%s' % (
50 urljoin(wsgiref.util.application_uri(environ), VERIFICATION_PATH),
51 urlencode([('email', email), ('signature', sign(config, email))])
52 )
53 }
54 )
55
56 start_response('200 OK', [('Content-Type', 'text/plain')])
57 return ["A confirmation email has been sent. "
58 "Please check your email and click the confirmation link."]
59
60 @url_handler(VERIFICATION_PATH)
61 def verify_email(environ, start_response):
62 config = get_config()
63
64 params = parse_qs(environ.get('QUERY_STRING', ''))
65 email = params.get('email', [''])[0]
66 signature = params.get('signature', [''])[0]
67
68 if sign(config, email) != signature:
69 start_response('403 Forbidden', [('Content-Type', 'text/plain')])
70 return ['Invalid signature in verification request.']
71
72 filename = config.get('submit_email', 'filename')
73 with open(filename, 'ab', 0) as file:
74 fcntl.lockf(file, fcntl.LOCK_EX)
75 try:
76 print >>file, email
77 finally:
78 fcntl.lockf(file, fcntl.LOCK_UN)
79
80 location = config.get('submit_email', 'successful_verification_redirect_locati on')
81 start_response('303 See Other', [('Location', location)])
82 return []
OLDNEW
« no previous file with comments | « sitescripts/submit_email/web/__init__.py ('k') | sitescripts/utils.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld