Index: sitescripts/submitEmail/web/submitEmail.py |
=================================================================== |
new file mode 100644 |
--- /dev/null |
+++ b/sitescripts/submitEmail/web/submitEmail.py |
@@ -0,0 +1,132 @@ |
+# coding: utf-8 |
+ |
+# This file is part of the Adblock Plus web scripts, |
+# Copyright (C) 2006-2015 Eyeo GmbH |
+# |
+# Adblock Plus is free software: you can redistribute it and/or modify |
+# it under the terms of the GNU General Public License version 3 as |
+# published by the Free Software Foundation. |
+# |
+# Adblock Plus is distributed in the hope that it will be useful, |
+# but WITHOUT ANY WARRANTY; without even the implied warranty of |
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
+# GNU General Public License for more details. |
+# |
+# You should have received a copy of the GNU General Public License |
+# along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. |
+ |
+import os |
+import errno |
+import fcntl |
+import random |
+import string |
+import wsgiref.util |
+from urlparse import parse_qs, urljoin |
+from urllib import urlencode |
+ |
+from sitescripts.utils import get_config, sendMail |
+from sitescripts.web import url_handler, form_handler |
+ |
+VERIFICATION_PATH = '/verifyEmail' |
+VERIFICATION_CODE_PARAM = 'code' |
+ |
+def generate_verification_code(): |
+ return ''.join(random.sample(string.letters + string.digits, 32)) |
+ |
+def get_filename_for_verification_code(config, verification_code): |
+ directory = config.get('submitEmail', 'pendingVerficationsDirectory') |
+ return os.path.join(directory, verification_code) |
+ |
+def create_file_for_verification_code(config): |
+ flags = os.O_CREAT | os.O_EXCL | os.O_WRONLY | getattr(os, 'O_BINARY', 0) |
+ |
+ while True: |
+ verification_code = generate_verification_code() |
+ filename = get_filename_for_verification_code(config, verification_code) |
+ |
+ try: |
+ return (os.open(filename, flags), verification_code) |
+ except OSError as e: |
+ if e.errno != errno.EEXIST: |
+ raise |
+ |
+def verify_email_address(config, verification_code): |
+ if verification_code in ('', os.path.curdir, os.path.pardir): |
+ return False |
+ if os.path.sep in verification_code: |
+ return False |
+ |
+ verification_filename = get_filename_for_verification_code(config, verification_code) |
+ try: |
+ file = open(verification_filename, 'rb') |
+ except IOError as e: |
+ if e.errno == errno.ENOENT: |
+ return False |
+ raise |
+ |
+ with file: |
+ email = file.read() |
+ |
+ verified_filename = config.get('submitEmail', 'verifiedEmailAddressesFile') |
+ with open(verified_filename, 'ab', 0) as file: |
+ fcntl.lockf(file, fcntl.LOCK_EX) |
+ try: |
+ print >>file, email |
+ finally: |
+ fcntl.lockf(file, fcntl.LOCK_UN) |
+ |
+ try: |
+ os.unlink(verification_filename) |
+ except OSError as e: |
+ if e.errno != errno.ENOENT: |
+ raise |
+ |
+ return True |
+ |
+@url_handler('/submitEmail') |
+@form_handler |
+def submitEmail(environ, start_response, data): |
+ email = data.get('email', '').strip() |
+ if not email or '\r' in email or '\n' in email: |
+ start_response('400 Bad Request', [('Content-Type', 'text/plain')]) |
+ if email: |
+ message = 'No newlines allowed in email address.' |
+ else: |
+ message = 'No email address given.' |
+ return [message] |
+ |
+ config = get_config() |
+ fd, verification_code = create_file_for_verification_code(config) |
+ try: |
+ os.write(fd, email.encode('utf-8')) |
+ finally: |
+ os.close(fd) |
+ |
+ sendMail( |
+ config.get('submitEmail', 'verificationEmailTemplate'), |
+ { |
+ 'recipient': email, |
+ 'verification_url': '%s?%s' % ( |
+ urljoin(wsgiref.util.application_uri(environ), VERIFICATION_PATH), |
+ urlencode([(VERIFICATION_CODE_PARAM, verification_code)]) |
+ ) |
+ } |
+ ) |
+ |
+ start_response('200 OK', [('Content-Type', 'text/plain')]) |
+ return ["Thanks for your submission! You'll receive a verification email shortly."] |
+ |
+@url_handler(VERIFICATION_PATH) |
+def verifyEmail(environ, start_response): |
+ config = get_config() |
+ |
+ params = parse_qs(environ.get('QUERY_STRING', '')) |
+ verification_code = params.get(VERIFICATION_CODE_PARAM, [''])[0] |
+ |
+ if verify_email_address(config, verification_code): |
+ option = 'successfulVerificationRedirectLocation' |
+ else: |
+ option = 'unknownVerificationCodeRedirectLocation' |
+ |
+ start_response('303 See other', [('Location', config.get('submitEmail', option))]) |
+ return [] |