Register: Fix behaviour on email conflict, add password suggestion

This commit is contained in:
rubenwardy 2020-12-05 00:01:36 +00:00
parent 43aab057c8
commit f7d90f2f53
3 changed files with 26 additions and 14 deletions

@ -23,8 +23,10 @@ from wtforms import *
from wtforms.validators import *
from app.models import *
from app.tasks.emails import sendVerifyEmail
from app.tasks.emails import sendVerifyEmail, sendEmailRaw
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash
from passlib.pwd import genphrase
from . import bp
@ -102,24 +104,29 @@ class RegisterForm(FlaskForm):
def register():
form = RegisterForm(request.form)
if form.validate_on_submit():
user = User(form.username.data, False, form.email.data, make_flask_login_password(form.password.data))
db.session.add(user)
user = User.query.filter_by(email=form.email.data).first()
if user:
sendEmailRaw([form.email.data], "Email already in use",
"We were unable to create the account as the email is already in use by {}. Try a different email address.".format(user.display_name))
else:
user = User(form.username.data, False, form.email.data, make_flask_login_password(form.password.data))
db.session.add(user)
token = randomString(32)
token = randomString(32)
ver = UserEmailVerification()
ver.user = user
ver.token = token
ver.email = form.email.data
db.session.add(ver)
db.session.commit()
ver = UserEmailVerification()
ver.user = user
ver.token = token
ver.email = form.email.data
db.session.add(ver)
db.session.commit()
sendVerifyEmail.delay(form.email.data, token)
sendVerifyEmail.delay(form.email.data, token)
flash("Check your email address to verify your account", "success")
return redirect(url_for("homepage.home"))
return render_template("users/register.html", form=form)
return render_template("users/register.html", form=form, suggested_password=genphrase(entropy=52, wordset="bip39"))
class ForgotPassword(FlaskForm):

@ -41,11 +41,11 @@ def sendVerifyEmail(newEmail, token):
mail.send(msg)
@celery.task()
def sendEmailRaw(to, subject, text, html):
def sendEmailRaw(to, subject, text, html=None):
from flask_mail import Message
msg = Message(subject, recipients=to)
msg.body = text or html
msg.body = text
html = html or text
msg.html = render_template("emails/base.html", subject=subject, content=html)
mail.send(msg)

@ -20,6 +20,11 @@ Register
<p>
Must be at least 8 characters long.
</p>
<p>
Password suggestion
(<a href="https://xkcd.com/936/">Why?</a>):
<code>{{ suggested_password }}</code>
</p>
{# Submit button #}
<p>