Left: | ||
Right: |
OLD | NEW |
---|---|
(Empty) | |
1 # coding: utf-8 | |
2 | |
3 # This file is part of the Adblock Plus web scripts, | |
4 # Copyright (C) 2006-2015 Eyeo GmbH | |
5 # | |
6 # Adblock Plus is free software: you can redistribute it and/or modify | |
7 # it under the terms of the GNU General Public License version 3 as | |
8 # published by the Free Software Foundation. | |
9 # | |
10 # Adblock Plus is distributed in the hope that it will be useful, | |
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 # GNU General Public License for more details. | |
14 # | |
15 # You should have received a copy of the GNU General Public License | |
16 # along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. | |
17 | |
18 import fcntl | |
19 import hmac | |
20 import hashlib | |
21 import wsgiref.util | |
22 from urlparse import parse_qsl, urljoin | |
23 from urllib import urlencode, quote | |
24 | |
25 from sitescripts.utils import get_config, sendMail, encode_email_address | |
26 from sitescripts.web import url_handler, form_handler, send_simple_response | |
27 | |
28 VERIFICATION_PATH = '/verifyEmail' | |
29 | |
30 def sign(config, data): | |
31 secret = config.get('submit_email', 'secret') | |
32 return hmac.new(secret, data, hashlib.sha1).hexdigest() | |
33 | |
34 @url_handler('/submitEmail') | |
35 @form_handler | |
36 def submit_email(environ, start_response, data): | |
37 email = data.get('email', '').strip() | |
38 try: | |
39 email = encode_email_address(email) | |
40 except ValueError: | |
41 return send_simple_response( | |
42 start_response, 400, | |
43 'Please enter a valid email address.' | |
44 ) | |
45 | |
46 config = get_config() | |
47 params = [('email', email), ('signature', sign(config, email))] | |
48 lang = data.get('lang') | |
49 if lang: | |
50 params.append(('lang', lang)) | |
51 | |
52 sendMail( | |
53 config.get('submit_email', 'verification_email_template'), | |
54 { | |
55 'recipient': email, | |
56 'verification_url': '%s?%s' % ( | |
57 urljoin(wsgiref.util.application_uri(environ), VERIFICATION_PATH), | |
58 urlencode(params) | |
59 ) | |
60 } | |
61 ) | |
62 | |
63 return send_simple_response( | |
64 start_response, 200, | |
65 'A confirmation email has been sent. Please check ' | |
66 'your email and click the confirmation link.' | |
67 ) | |
68 | |
69 @url_handler(VERIFICATION_PATH) | |
70 def verify_email(environ, start_response): | |
71 config = get_config() | |
72 params = dict(parse_qsl(environ.get('QUERY_STRING', ''))) | |
73 | |
74 email = params.get('email', '') | |
75 signature = params.get('signature', '') | |
76 if sign(config, email) != signature: | |
77 return send_simple_response( | |
78 start_response, 403, | |
79 'Invalid signature in verification request.' | |
80 ) | |
81 | |
82 filename = config.get('submit_email', 'filename') | |
83 with open(filename, 'ab', 0) as file: | |
84 fcntl.lockf(file, fcntl.LOCK_EX) | |
85 try: | |
86 print >>file, email | |
87 finally: | |
88 fcntl.lockf(file, fcntl.LOCK_UN) | |
89 | |
90 location = config.get('submit_email', 'successful_verification_redirect_locati on') | |
91 location = location.format(lang=quote(params.get('lang') or 'en', '')) | |
kzar
2015/04/28 11:13:42
Looks like a typo at the end there? ", ''"
Sebastian Noack
2015/04/28 11:31:25
The empty string at the end is the second argument
kzar
2015/04/28 11:33:41
Oh I see.
Sebastian Noack
2015/04/28 11:36:04
I meant (forward) slashes.
| |
92 start_response('303 See Other', [('Location', location)]) | |
93 return [] | |
OLD | NEW |