Merge pull request #281 from Yajo/signup-email-check

Add module auth_signup_verify_email.
9 years ago · 085009b68d
9 changed files with 367 additions and 0 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -33,6 +33,7 @@ install:
  - travis_install_nightly
  - pip install python-ldap
  - pip install unidecode
+  - pip install validate_email
  - printf '[options]\n\nrunning_env = dev' > ${HOME}/.openerp_serverrc
  - ln -s server_environment_files_sample ./server_environment_files
 script:
--- a/auth_signup_verify_email/README.rst
+++ b/auth_signup_verify_email/README.rst
@ -0,0 +1,84 @@
+.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
+   :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+   :alt: License: AGPL-3
+
+======================
+Verify email at signup
+======================
+
+This module extends the functionality of public sign up, and forces users to
+provide a valid email address.
+
+To achieve this requirement, the user does not need to provide a password at
+sign up, but when logging in later for the first time.
+
+Installation
+============
+
+* Install validate_email_ with ``pip install validate_email`` or equivalent.
+
+Configuration
+=============
+
+To configure this module, you need to:
+
+* `Properly configure your outgoing email server(s)
+  <https://www.odoo.com/es_ES/forum/help-1/question/how-to-configure-email-gateway-282#answer_290>`_.
+* Go to *Settings > Configuration > General Settings* and enable *Allow
+  external users to sign up*.
+
+Usage
+=====
+
+To use this module, you need to:
+
+* Log out.
+* `Sign up </web/signup>`_ with a valid email.
+
+.. image:: https://odoo-community.org/website/image/ir.attachment/5784_f2813bd/datas
+   :alt: Try me on Runbot
+   :target: https://runbot.odoo-community.org/runbot/149/8.0
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/ website/issues>`_.
+
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and
+welcomed feedback `here <https://github.com/OCA/
+website/issues/new?body=module:%20 auth_signup_verify_email%0Aversion:%20
+8.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+
+Credits
+=======
+
+Icon
+----
+
+* https://openclipart.org/detail/3040/thumbtack-note-email
+* https://openclipart.org/detail/202732/check-mark
+
+Contributors
+------------
+
+* Rafael Blasco <rafaelbn@antiun.com>
+* Jairo Llopis <yajo.sk8@gmail.com>
+
+Maintainer
+----------
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+This module is maintained by the OCA.
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+To contribute to this module, please visit http://odoo-community.org.
+
+.. _validate_email: https://pypi.python.org/pypi/validate_email
--- a/auth_signup_verify_email/init.py
+++ b/auth_signup_verify_email/init.py
@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+# © 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import controllers
--- a/auth_signup_verify_email/openerp.py
+++ b/auth_signup_verify_email/openerp.py
@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+# © 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+{
+    "name": "Verify email at signup",
+    "summary": "Force uninvited users to use a good email for signup",
+    "version": "8.0.1.0.0",
+    "category": "Authentication",
+    "website": "https://odoo-community.org/",
+    "author": "Antiun Ingeniería, S.L., Odoo Community Association (OCA)",
+    "license": "AGPL-3",
+    "application": False,
+    "installable": True,
+    "external_dependencies": {
+        "python": [
+            "validate_email",
+        ],
+    },
+    "depends": [
+        "auth_signup",
+    ],
+    "data": [
+        "views/signup.xml",
+    ],
+}
--- a/auth_signup_verify_email/controllers/init.py
+++ b/auth_signup_verify_email/controllers/init.py
@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+# © 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import main
--- a/auth_signup_verify_email/controllers/main.py
+++ b/auth_signup_verify_email/controllers/main.py
@ -0,0 +1,55 @@
+# -*- coding: utf-8 -*-
+# © 2015 Antiun Ingeniería, S.L.
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+import logging
+from openerp import _, http
+from openerp.addons.auth_signup.controllers.main import AuthSignupHome
+
+_logger = logging.getLogger(__name__)
+
+try:
+    from validate_email import validate_email
+except ImportError:
+    _logger.debug("Cannot import `validate_email`.")
+
+
+class SignupVerifyEmail(AuthSignupHome):
+    @http.route()
+    def web_auth_signup(self, *args, **kw):
+        if (http.request.params.get("login") and
+                not http.request.params.get("password")):
+            return self.passwordless_signup(http.request.params)
+        else:
+            return super(SignupVerifyEmail, self).web_auth_signup(*args, **kw)
+
+    def passwordless_signup(self, values):
+        qcontext = self.get_auth_signup_qcontext()
+
+        # Check good format of e-mail
+        if not validate_email(values.get("login", "")):
+            qcontext["error"] = _("That does not seem to be an email address.")
+            return http.request.render("auth_signup.signup", qcontext)
+        elif not values.get("email"):
+            values["email"] = values.get("login")
+
+        # Remove password
+        values["password"] = False
+        sudo_users = (http.request.env["res.users"]
+                      .with_context(create_user=True).sudo())
+
+        try:
+            sudo_users.signup(values, qcontext.get("token"))
+            sudo_users.reset_password(values.get("login"))
+        except Exception as error:
+            # Duplicate key or wrong SMTP settings, probably
+            _logger.exception(error)
+            http.request.env.cr.rollback()
+
+            # Agnostic message for security
+            qcontext["error"] = _(
+                "Something went wrong, please try again later or contact us.")
+            return http.request.render("auth_signup.signup", qcontext)
+
+        qcontext["message"] = _("Check your email to activate your account!")
+        return http.request.render("auth_signup.reset_password", qcontext)
--- a/auth_signup_verify_email/static/description/icon.png
+++ b/auth_signup_verify_email/static/description/icon.png
--- a/auth_signup_verify_email/static/description/icon.svg
+++ b/auth_signup_verify_email/static/description/icon.svg
--- a/auth_signup_verify_email/views/signup.xml
+++ b/auth_signup_verify_email/views/signup.xml
@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<openerp>
+<data>
+
+<template id="signup_fields" inherit_id="auth_signup.fields">
+    <xpath expr="//div[@class='form-group field-password']"
+           position="attributes">
+        <attribute name="t-if">only_passwords</attribute>
+    </xpath>
+    <xpath expr="//div[@class='form-group field-confirm_password']"
+           position="attributes">
+        <attribute name="t-if">only_passwords</attribute>
+    </xpath>
+    <xpath expr="//input[@name='login']" position="attributes">
+        <attribute name="type">email</attribute>
+    </xpath>
+</template>
+
+</data>
+</openerp>