commit bfe03c596893b173b7ce85400f5eb1ce082aa210
parent 02c49bda4c3c0526e6f0008f1190b26b501a0232
Author: parazyd <parazyd@dyne.org>
Date: Mon, 21 Jan 2019 15:45:37 +0100
Notify the user about their password if an account is created.
Diffstat:
3 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/diaspora.py b/diaspora.py
@@ -183,10 +183,11 @@ def write():
print(storyargs)
sql_insert(storyargs)
+ new_account = False
if request.form['Email']:
- make_profile(request.form['Name'], request.form['Email'])
+ new_account = make_profile(request.form['Name'], request.form['Email'])
- return render_template('success_write.html', delkey=delkey)
+ return render_template('success_write.html', delkey=delkey, new=new_account)
@app.route('/edit', methods=['GET', 'POST'])
diff --git a/templates/success_write.html b/templates/success_write.html
@@ -7,13 +7,33 @@
<main role="main" class="container cover">
<h1 class="cover-heading">Story submitted!</h1>
+ <hr style="width: 100%; height: 2px;">
<p class="lead">Thank you for writing your story!</p>
+ <p class="lead">Your story will be read and approved by someone from the
+ crew.</p>
+
<p class="lead">Bookmark or copy the following link if you ever wish to
delete your post: <a href="/delete?key={{ delkey }}">delete link</a>
</p>
+ {% if new %}
+ <p class="lead">Since you've left your email, we've created credentials
+ for you. This will enable you to send and recieve messages, and have a
+ profile page.</p>
+
+ <p class="lead">Your email is kept privately and will not be used for
+ <b>any</b> purposes other than identifying your account in the database.
+ It's the easiest way for us unfortunately.</p>
+
+ <p class="lead">To log in, use your email address and the following password:
+ <b>{{ new }}</b></p>
+
+ <p class="lead">If you wish to delete your account, don't hesitate to contact
+ us via email.</p>
+
+ {% endif %}
<p class="lead">You can return to the <a href="/">homepage</a> now.</p>
</main>
diff --git a/utils.py b/utils.py
@@ -210,9 +210,11 @@ def make_profile(name, email):
if sql_select_col_where('email', 'email', email, table='users'):
return
+ plain_pw = randomstring(24)
+
# hashed = bcrypt.hashpw(password, bcrypt.gensalt())
# bcrypt.hashpw(plaintext, hashed) == hashed
- password = hashpw('password'.encode(), gensalt())
+ password = hashpw(plain_pw.encode(), gensalt())
userargs = [
None,
@@ -232,6 +234,8 @@ def make_profile(name, email):
json.dump([{'from': 'Diaspora Diaries', 'message': 'Welcome!',
'time': int(time())}], msgfile)
+ return plain_pw
+
def get_latest_messages(user_id):
"""
