Hi,
I'm looking for a peer review of some code I put together for email
inviting users to join an application. I couldn't find anything suitable
looking around, hopefully I didn't overlook anything!
The idea is, you enter in email addresses into a form, click submit and it
will send an email to the email address with an invite to your application.
The email will contain a link which the user clicks to take them to a form
to fill in the rest of their required details, name etc.
I've tested this and it works, but I would like to know what others
thoughts are and there are any improvements that could be made.
Thank you!
*default.py controller*
def index():
form=FORM('Enter a comma separated list of emails to send invites:',
BR(),
INPUT(_id='emails', _value=''),
INPUT(_type='submit'))
if form.accepts(request,session):
# send the invitations
for email in form.vars.email.split(','):
auth.invite_user(email=email)
response.flash = 'Invitations sent'
return dict(form=form)
def confirm_registration():
return dict(form=auth.confirm_registration())
*gluon/tools.py*
def confirm_registration(
self,
next=DEFAULT,
onvalidation=DEFAULT,
onaccept=DEFAULT,
log=DEFAULT,
):
"""
Modified version of Auth.reset_password()
"""
table_user = self.table_user()
request = current.request
# response = current.response
session = current.session
if next is DEFAULT:
next = self.get_vars_next() or self.settings.reset_password_next
if self.settings.prevent_password_reset_attacks:
key = request.vars.key
if not key and len(request.args)>1:
key = request.args[-1]
if key:
session._reset_password_key = key
redirect(self.url('confirm_registration'))
else:
key = session._reset_password_key
else:
key = request.vars.key or getarg(-1)
try:
t0 = int(key.split('-')[0])
if time.time() - t0 > 60 * 60 * 24:
raise Exception
user = table_user(reset_password_key=key)
if not user:
raise Exception
except Exception as e:
session.flash = self.messages.invalid_reset_password
redirect(self.url('login', vars=dict(test=e)))
redirect(next, client_side=self.settings.client_side)
passfield = self.settings.password_field
form = SQLFORM.factory(
Field('first_name',
label='First Name',
required=True),
Field('last_name',
label='Last Name',
required=True),
Field('new_password', 'password',
label=self.messages.new_password,
requires=self.table_user()[passfield].requires),
Field('new_password2', 'password',
label=self.messages.verify_password,
requires=[IS_EXPR(
'value==%s' % repr(request.vars.new_password),
self.messages.mismatched_password)]),
submit_button='Confirm Registration',
hidden=dict(_next=next),
formstyle=self.settings.formstyle,
separator=self.settings.label_separator
)
if form.accepts(request, session,
hideerror=self.settings.hideerror):
user.update_record(
**{passfield: str(form.vars.new_password),
'first_name': str(form.vars.first_name),
'last_name': str(form.vars.last_name),
'registration_key': '',
'reset_password_key': ''})
session.flash = self.messages.password_changed
if self.settings.login_after_password_change:
self.login_user(user)
redirect(next, client_side=self.settings.client_side)
return form
def email_registration(self, user):
"""
Modified version of Auth.email_reset_password()
"""
import time
from gluon.utils import web2py_uuid
reset_password_key = str(int(time.time())) + '-' + web2py_uuid()
link = self.url('confirm_registration',
vars={'key': reset_password_key},
scheme=True)
d = dict(user)
d.update(dict(key=reset_password_key, link=link))
if self.settings.mailer and self.settings.mailer.send(
to=user.email,
subject='Invite to join web2py app',
message='Click on the link %(link)s to finalise your
registration.' % d):
user.update_record(reset_password_key=reset_password_key)
return True
return False
def invite_user(self, email):
"""
Register the user with only an email and password then send them an
email to complete their registration
"""
user = self.register_bare(email=email, password=self.random_password
())
if user:
self.email_registration(user)
return True
else:
return False
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
