Change email confirmation

- New endpoint to send a user an email to verify the email address when they want to change it.
2026-02-03 18:01:08 -05:00 · 2016-10-12 13:06:39 +01:00
parent 153e9c3f3a
commit b37eef974c
4 changed files with 154 additions and 140 deletions
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -43,7 +43,6 @@ register_errors(user)
 def create_user():
    user_to_create, errors = user_schema.load(request.get_json())
    req_json = request.get_json()
-    # TODO password policy, what is valid password
    if not req_json.get('password', None):
        errors.update({'password': ['Missing data for required field.']})
        raise InvalidRequest(errors, status_code=400)
@@ -147,6 +146,35 @@ def send_user_sms_code(user_id):
    return jsonify({}), 204


+@user.route('/<uuid:user_id>/confirm-new-email', methods=['POST'])
+def send_user_confirm_new_email(user_id):
+    user_to_send_to = get_model_users(user_id=user_id)
+    email, errors = email_data_request_schema.load(request.get_json())
+    if errors:
+        raise InvalidRequest(message=errors, status_code=400)
+
+    template = dao_get_template_by_id(current_app.config['CHANGE_EMAIL_CONFIRMATION_TEMPLATE_ID'])
+    message = {
+        'template': str(template.id),
+        'template_version': template.version,
+        'to': user_to_send_to.email_address,
+        'personalisation': {
+            'name': user_to_send_to.name,
+            'url': _create_confirmation_url(user=user_to_send_to, email_address=email),
+            'feedback_url': current_app.config['ADMIN_BASE_URL'] + '/feedback'
+        }
+    }
+
+    send_email.apply_async((
+        current_app.config['NOTIFY_SERVICE_ID'],
+        str(uuid.uuid4()),
+        encryption.encrypt(message),
+        datetime.utcnow().strftime(DATETIME_FORMAT)
+    ), queue='notify')
+
+    return jsonify({}), 204
+
+
@user.route('/<uuid:user_id>/email-verification', methods=['POST'])
 def send_user_email_verification(user_id):
    user_to_send_to = get_model_users(user_id=user_id)
@@ -257,17 +285,25 @@ def send_user_reset_password():
    return jsonify({}), 204


-def _create_reset_password_url(email):
+def _create_url(data, base_url):
    from notifications_utils.url_safe_token import generate_token
-    data = json.dumps({'email': email, 'created_at': str(datetime.utcnow())})
    token = generate_token(data, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'])
+    return base_url + token

-    return current_app.config['ADMIN_BASE_URL'] + '/new-password/' + token
+
+def _create_reset_password_url(email):
+    data = json.dumps({'email': email, 'created_at': str(datetime.utcnow())})
+    base_url = current_app.config['ADMIN_BASE_URL'] + '/new-password/'
+    return _create_url(data=data, base_url=base_url)


 def _create_verification_url(user, secret_code):
-    from notifications_utils.url_safe_token import generate_token
    data = json.dumps({'user_id': str(user.id), 'email': user.email_address, 'secret_code': secret_code})
-    token = generate_token(data, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'])
+    base_url = current_app.config['ADMIN_BASE_URL'] + '/verify-email/'
+    return _create_url(data=data, base_url=base_url)

-    return current_app.config['ADMIN_BASE_URL'] + '/verify-email/' + token
+
+def _create_confirmation_url(user, email_address):
+    data = json.dumps({'user_id': str(user.id), 'email': user.email_address})
+    base_url = current_app.config['ADMIN_BASE_URL'] + '/confirm-new-email/'
+    return _create_url(data=data, base_url=base_url)