20220112 email verified #591

peterthomassen · 2022-01-12T13:31:43Z

No description provided.

peterthomassen · 2022-01-17T15:02:42Z

The PR improves (hopefully) on the way authenticated actions are processed. User.is_active is now nullable, with the null value representing pending activation. Activated users have is_active = True, and locked ones have is_active = False, as before. Users which have not logged in and previously had is_active = False are pending activation (in the old scheme) and are migrated to "null".

Authenticated actions now only can be performed by active users (except account activation, which only requires that is_active != False, so null is fine). Locked users cannot perform any authenticated actions any longer.

The PR also adds User.email_verified which is set any time an auth action code is presented and passes the serializer validation. This means that the code is structurally valid and not expired (this includes cases where the action is not executed because the user is locked, but the code was otherwise valid).

We started verifying email addresses on Oct 23, 2019. Users which signed up on or after this date and have is_active = True or have logged in at least once have email_verified set to created. (The last case covers locked users, for which we set is_active = False manually at some point.)

peterthomassen · 2022-01-19T13:22:53Z

rebased on top of #592, i.e. first commit doesn't actually belong to this PR

peterthomassen · 2022-08-11T21:17:15Z

Alright, this time ready for real. Did some minor tweaks here and there, added some unrelated bug fixes, and put all the commits in right order.

api/desecapi/management/commands/outreach-email.py

nils-wisiol

This lgtm!

nils-wisiol · 2022-08-13T12:47:50Z

Note the one comment above. While at it, maybe add an example for how to use this to README?

Code changes were necessary - in serializers.py (https://docs.djangoproject.com/en/4.1/releases/4.1/#reverse-foreign-key-changes-for-unsaved-model-instances), - in authentication.py (https://docs.djangoproject.com/en/4.1/ref/utils/#django.utils.timezone.utc).

nils-wisiol approved these changes Jan 12, 2022

View reviewed changes

peterthomassen force-pushed the 20220112_email_verified branch 10 times, most recently from 1a11c6a to b801018 Compare January 17, 2022 14:55

peterthomassen marked this pull request as ready for review January 17, 2022 14:56

peterthomassen force-pushed the 20220112_email_verified branch from dd24d0d to 34daa57 Compare January 19, 2022 13:22

peterthomassen force-pushed the 20220112_email_verified branch 2 times, most recently from b8d1489 to db4934c Compare January 19, 2022 14:50

nils-wisiol marked this pull request as draft January 19, 2022 14:58

peterthomassen force-pushed the 20220112_email_verified branch 9 times, most recently from 38d1663 to 0b8315c Compare January 25, 2022 10:38

peterthomassen marked this pull request as ready for review January 25, 2022 11:47

peterthomassen requested a review from nils-wisiol January 25, 2022 11:48

peterthomassen force-pushed the 20220112_email_verified branch from 0b8315c to e2e7a82 Compare January 25, 2022 12:24

peterthomassen force-pushed the 20220112_email_verified branch 4 times, most recently from f73fcae to aef7eae Compare August 11, 2022 16:09

peterthomassen added 3 commits August 11, 2022 12:12

fix(webapp): correct error display when error detail is string

6ba623a

fix(): update README for a2c259d

b9abc9e

refactor(api): remove dead code

9f5e22f

peterthomassen force-pushed the 20220112_email_verified branch 2 times, most recently from c239386 to f121ffb Compare August 11, 2022 18:23

peterthomassen added 6 commits August 11, 2022 14:56

refactor(api): better logic and template tags for confirmation mails

97627bc

refactor(api): use template inheritance for confirmation emails

4900c0c

feat(api): add User.outreach_preference

8bae2c5

refactor(api): add AuthenticatedEmailUserAction in action hierarchy

9d6da39

feat(api): add AuthenticatedChangeOutreachPreferenceUserAction and view

25737a4

feat(webapp): sign-up: add outreach preference checkbox

7de41c0

peterthomassen force-pushed the 20220112_email_verified branch from f121ffb to 6658f15 Compare August 11, 2022 18:57

nils-wisiol reviewed Aug 13, 2022

View reviewed changes

api/desecapi/management/commands/outreach-email.py Outdated Show resolved Hide resolved

nils-wisiol approved these changes Aug 13, 2022

View reviewed changes

peterthomassen added 7 commits August 13, 2022 17:46

feat(api): add management command to send emails

d09e7bd

fix(api): cover c373930 in tests

1373a74

fix(api): limit Token.max * to prevent overflow in .is_valid

3aad58a

fix(api): reject overly long subname + domain combinations

bf5ce82

fix(api): don't raise when domains/?owns_qname is invalid

6c02d0b

fix(): avoid unnecessary stuff in images for security and size

86a7014

peterthomassen force-pushed the 20220112_email_verified branch from 8dc1e40 to 86a7014 Compare August 13, 2022 21:46

peterthomassen merged commit 86a7014 into main Aug 13, 2022

peterthomassen deleted the 20220112_email_verified branch August 13, 2022 22:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

20220112 email verified #591

20220112 email verified #591

peterthomassen commented Jan 12, 2022

peterthomassen commented Jan 17, 2022

peterthomassen commented Jan 19, 2022

peterthomassen commented Aug 11, 2022

nils-wisiol left a comment

nils-wisiol commented Aug 13, 2022

20220112 email verified #591

20220112 email verified #591

Conversation

peterthomassen commented Jan 12, 2022

peterthomassen commented Jan 17, 2022

peterthomassen commented Jan 19, 2022

peterthomassen commented Aug 11, 2022

nils-wisiol left a comment

Choose a reason for hiding this comment

nils-wisiol commented Aug 13, 2022