Ticket #442: verify_account_registrations.patch

a/acct_mgr/admin.py

@@ -16 +16 @@
-from trac.perm import PermissionSystem
-from trac.util import sorted
-from trac.util.datefmt import format_datetime
-
+, add_stylesheet
-from trac.admin import IAdminPanelProvider
-
-from acct_mgr.api import AccountManager
-from acct_mgr.web_ui import _create_user
+from acct_mgr.verify import VerifyAccountModule
-
-def _getoptions(cls):
-    if isinstance(cls, Component):
@@ -42 +43 @@
-            yield ('accounts', 'Accounts', 'users', 'Users')
-
-    def render_admin_panel(self, req, cat, page, path_info):
+        add_stylesheet(req, 'acct_mgr/admin_acct_mgr.css')
-        if page == 'config':
-            return self._do_config(req)
-        elif page == 'users':
-            return self._do_users(req)
-
-    def _do_config(self, req):
+
-        if req.method == 'POST':
-            selected_class = req.args.get('selected')
-            self.config.set('account-manager', 'password_store', selected_class)
@@ -59 +62 @@
-                    self.config.save()
-            self.config.set('account-manager', 'force_passwd_change',
-                            req.args.get('force_passwd_change'))
+            if 'verify_accounts' in req.args:
+                self.config.set('account-manager', 'verify_accounts',
+                                req.args.get('verify_accounts'))
-            self.config.save()
-
-
@@ -80 +86 @@
-            } for store in self.account_manager.stores
-        ]
-        sections = sorted(sections, key=lambda i: i['name'])
+        verify_acct_enabled = self.env.is_component_enabled(VerifyAccountModule)
-        data = {'sections': sections,
-
+
+
+
-        return 'admin_accountsconfig.html', data
-
-    def _do_users(self, req):
@@ -89 +98 @@
-        listing_enabled = self.account_manager.supports('get_users')
-        create_enabled = self.account_manager.supports('set_password')
-        delete_enabled = self.account_manager.supports('delete_user')
+        verify_accounts = self.account_manager.verify_accounts
+        verify_acct_enabled = self.env.is_component_enabled(VerifyAccountModule)
-
-        data = {
-            'listing_enabled': listing_enabled,
-            'create_enabled': create_enabled,
-            'delete_enabled': delete_enabled,
+            'verify_accounts': verify_accounts,
+            'verify_accounts_enabled': verify_acct_enabled
-        }
-
-        if req.method == 'POST':
@@ -136 +149 @@
-                if account and last_visit:
-                    account['last_visit'] = format_datetime(last_visit)
-
+            if verify_accounts:
+                cursor.execute("SELECT sid,value FROM session_attribute "
+                               "WHERE name=%s AND authenticated=1",
+                               ('verified',))
+                for username, verified in cursor:
+                    account = accounts.get(username)
+                    if account:
+                        account['verified'] = bool(int(verified))
+
-            data['accounts'] = sorted(accounts.itervalues(),
-                                      key=lambda acct: acct['username'])
-
@@ -147 +169 @@
-        """Return the absolute path of a directory containing additional
-        static resources (such as images, style sheets, etc).
-        """
-
+
+
-
-    def get_templates_dirs(self):
-        """Return the absolute path of the directory containing the provided

a/acct_mgr/api.py

@@ -88 +88 @@
-    force_passwd_change = BoolOption('account-manager', 'force_passwd_change',
-                                     True, doc="Forge the user to change "
-                                     "password when it's reset.")
+    verify_accounts = BoolOption('account-manager', 'verify_accounts', True,
+                                 "Force user to verify their email address")
-
-    # Public API
-

/dev/null

@@ +1 @@
+from trac.db import Table, Column
+
+name = 'acct_mgr.verify_accounts'
+version = 1
+tables = [
+    Table('acct_mgr_verify_accounts', key=('ts', 'sid', 'hash'))[
+        Column('ts'),
+        Column('sid'),
+        Column('hash')
+    ]
+]
+
+def current_usernames_to_confirmed_state(data):
+    "Update current sid's to a verified state"
+    if 'session_attribute' in data:
+        colnames, coldata = data['session_attribute']
+        ndata = []
+        sids = []
+        for sid, authenticated, name, value in coldata:
+            ndata.append((sid, authenticated, name, value))
+            if sid not in sids and authenticated:
+                sids.append(sid)
+                ndata.append((sid, authenticated, 'verified', 1))
+        data['session_attribute'] = (colnames, ndata)
+
+migrations = [
+    (xrange(0, 1), current_usernames_to_confirmed_state)
+]

/dev/null

@@ +1 @@
+.verified {
+  background-color: #bcecaf;
+}
+
+.unverified {
+  background-color: #ffc1c1;
+}

/dev/null

@@ +1 @@
+You, or someone posing as you, has just registered into
+${project.name} Trac environment.
+
+To verify your email address please follow the following link:
+
+  ${hash.link}
+
+
+
+If the above link got broken because it's too long, go to:
+
+   ${hash.url}
+
+And the hash value to fill is:
+
+  ${hash.value}
+
+--
+${project.name} <${project.url}>
+${project.descr}
+

a/acct_mgr/templates/admin_accountsconfig.html

@@ -10 +10 @@
-  </head>
-
-  <body>
-
+General 
-
-    <form id="accountsconfig" class="mod" method="post">
+
+      <fieldset py:if="verify_accounts_enabled">
+        <legend>New Accounts</legend>
+        <label for="verify_accounts">
+          Verify email addresses on new accounts?
+        </label>
+        <input type="radio" name="verify_accounts" value="true"
+          checked="${verify_accounts and 'checked' or None}">Yes</input>
+        <input type="radio" name="verify_accounts" value="false"
+          checked="${not verify_accounts and 'checked' or None}">No</input>
+      </fieldset>
+
+      <fieldset>
+        <legend>Password Reset</legend>
+        <label for="force_passwd_change">
+          Force users to change passwords after a password reset?
+        </label>
+        <input type="radio" name="force_passwd_change" value="true"
+          checked="${force_passwd_change and 'checked' or None}">Yes</input>
+        <input type="radio" name="force_passwd_change" value="false"
+          checked="${not force_passwd_change and 'checked' or None}">No</input>
+      </fieldset>
+
+      <div class="buttons">
+        <input type="submit" name="save" value="Save" />
+      </div>
+
+    <hr/>
+    <h2>Accounts: Stores Configuration</h2>
+
-      <fieldset py:for="section in sections">
-        <legend>
-          <label>
@@ -29 +59 @@
-          </label>
-        </div>
-      </fieldset>
-      <fieldset>
-        <legend>Password Reset</legend>
-        <label for="force_passwd_change">
-          Force users to change passwords after a password reset?
-        </label>
-        <input type="radio" name="force_passwd_change" value="true"
-          checked="${force_passwd_change and 'checked' or None}">Yes</input>
-        <input type="radio" name="force_passwd_change" value="false"
-          checked="${not force_passwd_change and 'checked' or None}">No</input>
-      </fieldset>
-      <div class="buttons">
-        <input type="submit" name="save" value="Save" />
-      </div>

a/acct_mgr/templates/admin_users.html

@@ -56 +56 @@
-          </tr>
-        </thead>
-        <tbody>
-
+
+
+
+
+
+
+
+
+
+
+
+
+
-            <td py:if="delete_enabled">
-              <input type="checkbox" name="sel" value="${account.username}" />
-            </td>

a/acct_mgr/templates/register.html

@@ -15 +15 @@
-  </head>
-
-  <body>
+    <py:def function="email_field_output">
+      <label>Email:
+        <input type="text" name="email" class="textwidget" size="20"
+          value="${defined('email') and email or None}"/>
+      </label>
+      <p py:if="reset_password_enabled">Entering your email address will
+      enable you to reset your password if you ever forget it.</p>
+    </py:def>
-    <div id="content" class="register">
-      <h1>Register an account</h1>
-
@@ -29 +37 @@
-          <div>
-            <input type="hidden" name="action" value="create" />
-            <label>Username:
-
+
+
-            </label>
-          </div>
-          <div>
-            <label>Password:
-
+
+
-            </label>
-          </div>
-          <div>
-            <label>Confirm Password:
-
-     class="textwidget" size="20" 
+ class="textwidget"
+size="20" value="${defined('password_confirm') and password_confirm or None}"
-            </label>
+          </div>
+          <div py:if="verify_accounts">
+            ${ email_field_output() }
-          </div>
-        </fieldset>
-        <fieldset>
-          <legend>Optional</legend>
-          <div>
-            <label>Name:
-
+
+
-            </label>
-          </div>
-
-
-
-
-
-
+
+
-          </div>
-        </fieldset>
-        <input type="submit" value="Create account" />

/dev/null

@@ +1 @@
+<!DOCTYPE html
+    PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"
+      xmlns:py="http://genshi.edgewall.org/"
+      xmlns:xi="http://www.w3.org/2001/XInclude">
+  <xi:include href="layout.html" />
+  <head>
+    <title>Verify Account</title>
+  </head>
+  <body>
+    <div class="system-message" py:if="message">
+      <h2>Error</h2>
+      <p>$message</p>
+    </div>
+    <form action="" method="POST" py:if="not verified">
+      <fieldset>
+        <legend>Verify Account</legend>
+        <div>
+          <p><b>Please fill in the <em>hash</em> that was sent to you by email</b></p>
+          <label for="hash">Hash:</label>
+          <input type="text" size="55" value="${defined('hash') and hash or None}"
+            name="hash" class="textwidgets"/>
+        </div>
+        <input type="submit" value="Verify account" />
+      </fieldset>
+    </form>
+    <fieldset py:if="verified">
+      <legend>Verified Account</legend>
+      <p>Your email address is verified.</p>
+      <p py:if="not req.session.authenticated">You can now
+      <a href="${req.href.login()}">login</a>.</p>
+    </fieldset>
+  </body>
+</html>

/dev/null

@@ +1 @@
+import sha
+import time
+import random
+
+
+from trac.core import *
+from trac.env import IEnvironmentSetupParticipant
+from trac.config import BoolOption
+from trac.web.api import ITemplateStreamFilter
+from trac.web.main import IRequestHandler, IRequestFilter
+from trac.notification import NotifyEmail
+from trac.util.translation import _
+
+from genshi.filters.transform import Transformer
+from genshi.builder import tag
+
+from api import AccountManager
+import db_default
+
+def _build_hash(sid, env, req):
+    import sha, time
+    hash = sha.new(str(random.random()))
+    email = req.session.get('email', "")
+    now = int(time.time())
+
+    hash.update(sid)
+    hash.update(str(random.random()))
+    hash.update(email)
+    hash.update(str(random.random()))
+    hash.update(str(now))
+    hash.update(str(random.random()))
+
+    db = env.get_db_cnx()
+    cursor = db.cursor()
+
+    older_than = now - 86400 * 1 # Delete pending older than a day
+    cursor.execute("DELETE FROM acct_mgr_verify_accounts WHERE ts < %s",
+                   (older_than,))
+    env.log.debug("Cleaning %s timed out email verifications", cursor.rowcount)
+    cursor.execute("INSERT INTO acct_mgr_verify_accounts (ts,sid,hash) "
+                   "VALUES (%s,%s,%s)", (now, sid, hash.hexdigest()))
+    cursor.execute("UPDATE session_attribute SET value=%s WHERE name=%s",
+                   (0, 'verified'))
+    if not cursor.rowcount:
+        cursor.execute("INSERT INTO session_attribute "
+                       "(sid,authenticated,name,value) VALUES (%s,%s,%s,%s)",
+                       (sid, 1, 'verified', 0))
+    db.commit()
+    return hash.hexdigest()
+
+class AccountVerifyNotification(NotifyEmail):
+    template_name = 'account_verify_email.txt'
+    _username = None
+    _hash = None
+
+    def get_recipients(self, resid):
+        return ([resid],[])
+
+    def get_smtp_address(self, addr):
+        """Overrides `get_smtp_address` in order to prevent CCing users
+        other than the user whose password is being reset.
+        """
+        if addr == self._username:
+            return NotifyEmail.get_smtp_address(self, addr)
+        else:
+            return None
+
+    def notify(self, username, hash):
+        # save the username for use in `get_smtp_address`
+        self._username = username
+        self._hash = hash
+        self.data.update({
+            'hash': {
+                'link': self.env.abs_href.verify_account(self._hash),
+                'url': self.env.abs_href.verify_account(),
+                'value': self._hash
+            }
+        })
+
+        projname = self.config.get('project', 'name')
+        subject = _('[%(project_name)s] Trac Email Verification for user: '
+                    '%(username)s', project_name=projname, username=username)
+
+        NotifyEmail.notify(self, username, subject)
+
+class VerifyAccountModule(Component):
+    implements(IRequestHandler, IRequestFilter, ITemplateStreamFilter,
+               IEnvironmentSetupParticipant)
+
+    def __init__(self):
+        self.verify_accounts = AccountManager(self.env).verify_accounts
+
+    # IEnvironmentSetupParticipant methods
+    def environment_created(self):
+        if self.verify_accounts:
+            self.found_db_version = 0
+            self.upgrade_environment(self.env.get_db_cnx())
+
+    def environment_needs_upgrade(self, db):
+        if not self.verify_accounts:
+            return False
+        cursor = db.cursor()
+        cursor.execute("SELECT value FROM system WHERE name=%s",
+                       (db_default.name,))
+        value = cursor.fetchone()
+        if not value:
+            self.found_db_version = 0
+            return True
+        else:
+            self.found_db_version = int(value[0])
+            self.log.debug(_('AccountManager: Found db version '
+                             '%(db_default_version)s, current is '
+                             '%(system_version)s',
+                             db_default_version=self.found_db_version,
+                             system_version=db_default.version))
+            return self.found_db_version < db_default.version
+
+    def upgrade_environment(self, db):
+        # 0.10 compatibility hack (thanks Alec)
+        try:
+            from trac.db import DatabaseManager
+            db_manager, _ = DatabaseManager(self.env)._get_connector()
+        except ImportError:
+            db_manager = db
+
+        from trac.db_default import schema as trac_schema
+
+        session_attribute = [
+            s for s in trac_schema if s.name == 'session_attribute'
+        ]
+
+        # Insert the default table
+        old_data = {} # {table_name: (col_names, [row, ...]), ...}
+        cursor = db.cursor()
+        if not self.found_db_version:
+            cursor.execute("INSERT INTO system (name, value) VALUES (%s, %s)",
+                           (db_default.name, db_default.version))
+            for tbl in session_attribute:
+                try:
+                    cursor.execute('SELECT * FROM %s'%tbl.name)
+                    old_data[tbl.name] = ([d[0] for d in cursor.description],
+                                          cursor.fetchall())
+                    cursor.execute('DROP TABLE %s'%tbl.name)
+                except Exception, e:
+                    if 'OperationalError' not in e.__class__.__name__:
+                        # If it is an OperationalError, just move on to the
+                        # next table
+                        raise e
+        else:
+            cursor.execute("UPDATE system SET value=%s WHERE name=%s",
+                           (db_default.version, db_default.name))
+            for tbl in db_default.tables + session_attribute:
+                try:
+                    cursor.execute('SELECT * FROM %s'%tbl.name)
+                    old_data[tbl.name] = ([d[0] for d in cursor.description],
+                                          cursor.fetchall())
+                    cursor.execute('DROP TABLE %s'%tbl.name)
+                except Exception, e:
+                    if 'OperationalError' not in e.__class__.__name__:
+                        # If it is an OperationalError, just move on to the
+                        # next table
+                        raise e
+
+
+        for vers, migration in db_default.migrations:
+            if self.found_db_version in vers:
+                self.log.info(_('AccountManager: Running migration %(doc)s',
+                                doc=migration.__doc__))
+                migration(old_data)
+
+        for tbl in db_default.tables + session_attribute:
+            for sql in db_manager.to_sql(tbl):
+                cursor.execute(sql)
+
+            # Try to reinsert any old data
+            if tbl.name in old_data:
+                data = old_data[tbl.name]
+                sql = 'INSERT INTO %s (%s) VALUES (%s)' % (
+                    tbl.name, ','.join(data[0]),','.join(['%s'] * len(data[0]))
+                )
+                for row in data[1]:
+                    try:
+                        cursor.execute(sql, row)
+                    except Exception, e:
+                        if 'OperationalError' not in e.__class__.__name__:
+                            raise
+                        else:
+                            self.log.debug(_('AccountManager: Masking exception'
+                                             ' %(exception)s', exception=e))
+
+
+    # IRequestHandler methods
+    def match_request(self, req):
+        return (req.path_info.startswith('/verify_account') or
+                req.path_info.startswith('/verified_account'))
+
+    def process_request(self, req):
+        if req.path_info.startswith('/verify_account'):
+            return self._process_verify_account(req)
+        elif req.path_info.startswith('/verified_account'):
+            return self._process_verified_account(req)
+
+    # IRequestFilter methods
+    def pre_process_request(self, req, handler):
+        if not self.verify_accounts or not req.session.authenticated or \
+            not self.env.is_component_enabled(VerifyAccountModule):
+            # Don't do anything is we're not verifying accounts;
+            # Don't trac anonymous users;
+            # Don't do anything if component is not enabled;
+            return handler
+        if req.path_info.startswith('/prefs'):
+            if not req.method == 'POST':
+                return handler
+            if not hasattr(self, '_old') and ('TRAC_ADMIN' not in req.perm):
+                # Don't track TRAC_ADMIN email changes
+                self._old = req.session._old.copy()
+        return handler
+
+    def post_process_request(self, req, template, data, content_type):
+        if not self.verify_accounts or not req.session.authenticated or \
+            not self.env.is_component_enabled(VerifyAccountModule):
+            # Don't do anything is we're not verifying accounts;
+            # Don't trac anonymous users;
+            # Don't do anything if component is not enabled;
+            return (template, data, content_type)
+        if req.session.authenticated and ('TRAC_ADMIN' not in req.perm):
+            # Don't track TRAC_ADMIN email changes
+            if req.path_info.startswith('/verify_account'):
+                if req.session.get('verified') == '1':
+                    req.redirect(req.href.verified_account())
+
+            elif req.path_info.startswith('/prefs') and self.verify_accounts:
+                if req.session.get('verified') == '0':
+                    req.redirect(req.href.verify_account())
+
+                if not hasattr(self, '_old'):
+                    # No previous POST, prefs were not saved
+                    return (template, data, content_type)
+
+                req.session.save() # Just in case
+
+                if self._old['email'] != req.session.get('email'):
+                    # Email Changed. Need to re-verify address
+                    email = req.session.get('email')
+                    notifier = AccountVerifyNotification(self.env)
+                    hash = _build_hash(req.session.sid, self.env, req)
+                    if email == notifier.email_map.get(req.session.sid):
+                        notifier.notify(req.session.sid, hash)
+                    # Let user know that he has to verify his new email address
+                    del self._old
+                    return ('confirm_address_email_sent.html', data,
+                            content_type)
+            else:
+                if req.session.get('verified') == '0':
+                    req.redirect(req.href.verify_account())
+        return (template, data, content_type)
+
+    # ITemplateStreamFilter
+    def filter_stream(self, req, method, filename, stream, data):
+        self.log.debug("On ITemplateStreamFilter: %s",req.session.authenticated)
+        if not self.verify_accounts or not req.session.authenticated or \
+            not self.env.is_component_enabled(VerifyAccountModule):
+            # No point tweaking css if we're not using this module or
+            # if user is not authenticated. Are we actually going to verify
+            # anonymous users email addresses?
+            # Perhaps we should... But that would probably also mean finding a
+            # way to use that info, ie, only notify verified addresses.
+            return stream
+        if filename == 'prefs_general.html':
+            if req.session.get('verified') == '1':
+                return stream | Transformer("td/input[@id='email']").attr(
+                    'style', 'border-color: green;').after(
+                    tag(tag(" "), tag.span("verified address",
+                                           style="color: green;")))
+            else:
+                return stream | Transformer("td/input[@id='email']").attr(
+                    'style', 'border-color: red;').after(
+                    tag(tag(" "), tag.span("unverified address",
+                                           style="color: red;")))
+        return stream
+
+
+    # Internal Methods
+    def _process_verified_account(self, req):
+        data = {'verified': True}
+        return 'verify_account.html', data, None
+
+    def _process_verify_account(self, req):
+        verified = False
+        data = {}
+        def _activate_account(hash):
+            db = self.env.get_db_cnx()
+            cursor = db.cursor()
+            cursor.execute("SELECT sid from acct_mgr_verify_accounts "
+                           "WHERE hash=%s", (hash,))
+            row = cursor.fetchone()
+            if row:
+                if req.session.authenticated:
+                    # In case user is authenticated, update session.
+                    req.session['verified'] = 1
+                    req.session.save()
+                else:
+                    # User ain't authenticated, update DB
+                    sid = row[0]
+                    cursor.execute("UPDATE session_attribute SET value=%s "
+                       "WHERE sid=%s AND name=%s",(1, sid, 'verified'))
+                cursor.execute("DELETE FROM acct_mgr_verify_accounts WHERE "
+                               "hash=%s", (hash,))
+                data['verified'] = True
+                db.commit()
+                return True # Verified
+            else:
+                data['message'] = _("Address already verified? Hash not found.")
+            return False # Not verified
+
+        if req.method == 'POST':
+            hash = req.args.get('hash')
+        elif req.method == 'GET':
+            hash = req.path_info[len('/verify_account/'):]
+
+        if hash:
+            verified = _activate_account(hash)
+        data.update({'hash': hash,
+                     'verified': verified})
+        if req.session.get('verified') == '0' and req.session.authenticated:
+            data['message'] = _("Please verify your email address. An email "
+                                "message was sent to you just for that")
+        return 'verify_account.html', data, None
+

a/acct_mgr/web_ui.py

@@ -23 +23 @@
-from trac.web.chrome import INavigationContributor, ITemplateProvider
-from genshi.builder import tag
-
-
+
+
+
+
-
-def _create_user(req, env, check_permissions=True):
-    mgr = AccountManager(env)
@@ -109 +112 @@
-
-        projname = self.config.get('project', 'name')
-        subject = '[%s] Trac password reset for user: %s' % (projname, username)
-
-        NotifyEmail.notify(self, username, subject)
-
-
@@ -345 +347 @@
-        if req.authname != 'anonymous':
-            req.redirect(req.href.prefs('account'))
-        action = req.args.get('action')
-
+
+
+
-        if req.method == 'POST' and action == 'create':
-            try:
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-            except TracError, e:
-                data['registration_error'] = e.message
-            else:
@@ -451 +480 @@
-        """
-        from pkg_resources import resource_filename
-        return [resource_filename(__name__, 'templates')]
-