--- moin-1.9.8/MoinMoin/action/newaccount.py 2014-10-17 15:45:32.000000000 -0400
+++ ./usr/lib/python2.7/dist-packages/MoinMoin/action/newaccount.py 2014-10-18 20:44:39.000000000 -0400
@@ -10,8 +10,31 @@
from MoinMoin.Page import Page
from MoinMoin.widget import html
from MoinMoin.security.textcha import TextCha
+from MoinMoin.security.sec_recaptcha import ReCaptcha
from MoinMoin.auth import MoinAuth
+from MoinMoin.mail import sendmail
+import subprocess
+def _send_verification_mail(request, user):
+ _ = request.getText
+ querystr = {'action': 'verifyaccount',
+ 'i': user.id,
+ 'v': user.account_verification}
+ page = Page(request, "FrontPage")
+ pagelink = "%(link)s" % {'link': request.getQualifiedURL(page.url(request, querystr))}
+ subject = _('[%(sitename)s] account verification check for new user %(username)s') % {
+ 'sitename': request.page.cfg.sitename or request.url_root,
+ 'username': user.name,
+ }
+
+ text = "Please verify your account by visiting this URL:\n\n %(link)s\n\n" % {
+ 'link': pagelink}
+
+ mailok, msg = sendmail.sendmail(request, user.email, subject, text, request.cfg.mail_from)
+ if mailok:
+ return (1, _("Verification message sent to %(email)s" % {'email': user.email}))
+ else:
+ return (mailok, msg)
def _create_user(request):
_ = request.getText
@@ -26,6 +49,9 @@
if not TextCha(request).check_answer_from_form():
return _('TextCha: Wrong answer! Go back and try again...')
+ if not ReCaptcha(request).check_answer_from_form():
+ return _('ReCaptcha: Wrong answer! Go back and try again...')
+
# Create user profile
theuser = user.User(request, auth_method="new-user")
@@ -42,8 +68,18 @@
space between words. Group page name is not allowed.""", wiki=True) % wikiutil.escape(theuser.name)
# Name required to be unique. Check if name belong to another user.
- if user.getUserId(request, theuser.name):
- return _("This user name already belongs to somebody else.")
+ userid = user.getUserId(request, theuser.name)
+ if userid:
+ if request.cfg.require_email_verification and theuser.account_verification:
+ resendlink = request.page.url(request, querystr={
+ 'action': 'newaccount',
+ 'i': userid,
+ 'resend': '1'})
+ return _('This user name already belongs to somebody else. If this is a new account'
+ ' and you need another verification link, try '
+ 'sending another one. ' % resendlink)
+ else:
+ return _("This user name already belongs to somebody else.")
# try to get the password and pw repeat
password = form.get('password1', '')
@@ -72,18 +108,49 @@
email = wikiutil.clean_input(form.get('email', ''))
theuser.email = email.strip()
if not theuser.email and 'email' not in request.cfg.user_form_remove:
- return _("Please provide your email address. If you lose your"
- " login information, you can get it by email.")
+ if request.cfg.require_email_verification:
+ return _("Please provide your email address. You will need it"
+ " to be able to confirm your registration.")
+ else:
+ return _("Please provide your email address. If you lose your"
+ " login information, you can get it by email.")
# Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py
if theuser.email and request.cfg.user_email_unique:
- if user.get_by_email_address(request, theuser.email):
- return _("This email already belongs to somebody else.")
+ emailuser = user.get_by_email_address(request, theuser.email)
+ if emailuser:
+ if request.cfg.require_email_verification and theuser.account_verification:
+ resendlink = request.page.url(request, querystr={
+ 'action': 'newaccount',
+ 'i': emailuser.id,
+ 'resend': '1'})
+ return _('This email already belongs to somebody else. If this is a new account'
+ ' and you need another verification link, try '
+ 'sending another one. ' % resendlink)
+ else:
+ return _("This email already belongs to somebody else.")
+
+ # Send verification links if desired
+ if request.cfg.require_email_verification:
+ if request.cfg.external_creation_check:
+ p = subprocess.Popen([request.cfg.external_creation_check,
+ theuser.name.encode('utf-8'),
+ theuser.email.encode('utf-8'),
+ theuser.account_creation_host.encode('utf-8')], shell=False, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ (create_error, ignored) = p.communicate(None)
+ if create_error:
+ return _("Account creation failed: %s." % create_error)
+ mailok, msg = _send_verification_mail(request, theuser)
+ if mailok:
+ result = _("User account created! Use the link in your email (%s) to verify your account"
+ " then you will be able to use this account to login..." % theuser.email)
+ else:
+ request.theme.add_msg(_("Unable to send verification mail, %s. Account creation aborted." % msg), "error")
+ else:
+ result = _("User account created! You can use this account to login now...")
# save data
theuser.save()
-
- result = _("User account created! You can use this account to login now...")
return result
@@ -142,6 +209,17 @@
td.append(textcha.render())
row.append(td)
+ recaptcha = ReCaptcha(request)
+ if recaptcha.is_enabled():
+ row = html.TR()
+ tbl.append(row)
+ row.append(html.TD().append(html.STRONG().append(
+ html.Text(_('ReCaptcha (required)')))))
+ td = html.TD()
+ if recaptcha:
+ td.append(recaptcha.render())
+ row.append(td)
+
row = html.TR()
tbl.append(row)
row.append(html.TD())
@@ -170,9 +248,20 @@
submitted = form.has_key('create')
+ uid = request.values.get('i', None)
+ resend = request.values.get('resend', None)
+
if submitted: # user pressed create button
request.theme.add_msg(_create_user(request), "dialog")
return page.send_page()
+ if resend and uid:
+ theuser = user.User(request, id=uid)
+ mailok, msg = _send_verification_mail(request, theuser)
+ if mailok:
+ request.theme.add_msg(_("Verification message re-sent to %s" % theuser.email), "dialog")
+ else:
+ request.theme.add_msg(_("Unable to re-send verification message, %s" % msg), "dialog")
+ return page.send_page()
else: # show create form
request.theme.send_title(_("Create Account"), pagename=pagename)