Merge branch 'develop' into feature/nklink

rowers/templates/acc_activate_email.html

@@ -0,0 +1,7 @@
+{% autoescape off %}
+Hi {{ user.username }},
+Please click on the link to confirm your registration,
+
+http://{{ domain }}{% url 'useractivate' uidb64=uid token=token %}
+If you think, it's not you, then just ignore this email.
+{% endautoescape %}

rowers/tests/test_newusers.py

@@ -42,20 +42,38 @@ class NewUserRegistrationTest(TestCase):
         self.assertTrue(form.is_valid())
 
         response = self.c.post('/rowers/register/', form_data, follow=True)
+        self.assertEqual(response.status_code,200)
 
-        self.assertRedirects(response,
-                             expected_url='/rowers/me/gdpr-optin/?next=/rowers/list-workouts/',
-                             status_code=302,target_status_code=200)
+        # set opt-in
+        user = User.objects.get(username='janderoeiert')
+        user.rower.gdpr_optin = True
+        user.set_password('aapindewei2')
+        user.is_active = True
+        user.save()
+        user.rower.save()
+
+        login = self.c.login(username=user.username,password='aapindewei2')
+        self.assertTrue(login)
 
 
-        url = '/rowers/me/gdpr-optin-confirm/?next=/rowers/list-workouts/'
+        url = '/rowers/list-workouts/'
 
         response = self.c.get(url)
 
+        expected = '/rowers/me/gdpr-optin/?next=/rowers/list-workouts/'
+
         self.assertRedirects(response,
-                             expected_url='/rowers/list-workouts/',
-                             status_code=302,target_status_code=200,
-                             )
+                            expected_url=expected,
+                            status_code=302,target_status_code=200)
+
+        url = '/rowers/me/gdpr-optin-confirm/?next=/rowers/list-workouts/'
+        response = self.c.get(url)
+
+        expected = '/rowers/list-workouts/'
+        self.assertRedirects(response,
+                            expected_url=expected,
+                            status_code=302,target_status_code=200)
+
 
         url = '/rowers/exportallworkouts/'
 
@@ -74,6 +92,8 @@ class NewUserRegistrationTest(TestCase):
 
         self.assertTrue(response.status_code,200)
 
+
+
         url = '/rowers/me/delete/'
 
         form_data = {

rowers/tokens.py

@@ -0,0 +1,12 @@
+from django.contrib.auth.tokens import PasswordResetTokenGenerator
+from django.utils import six
+
+
+class AccountActivationTokenGenerator(PasswordResetTokenGenerator):
+    def _make_hash_value(self, user, timestamp):
+        return (
+            six.text_type(user.pk) + six.text_type(timestamp) +
+            six.text_type(user.is_active)
+        )
+
+account_activation_token = AccountActivationTokenGenerator()

rowers/urls.py

@@ -731,6 +731,7 @@ urlpatterns = [
     re_path(r'^legal', TemplateView.as_view(template_name='legal.html'),name='legal'),
     re_path(r'^register/$',views.rower_register_view,name='rower_register_view'),
     re_path(r'^coachregister/$',views.freecoach_register_view,name='freecoach_register_view'),
+    path('activate/<uidb64>/<token>/',views.useractivate, name='useractivate'), 
     re_path(r'^register/thankyou/$', TemplateView.as_view(template_name='registerthankyou.html'), name='registerthankyou'),
     re_path(r'^workout/(?P<id>\b[0-9A-Fa-f]+\b)/workflow/$',views.workout_workflow_view,
         name='workout_workflow_view'),

rowers/views/paymentviews.py

@@ -4,6 +4,7 @@ from __future__ import print_function
 from __future__ import unicode_literals
 
 from rowers.views.statements import *
+from django.core.mail import EmailMessage
 
 @csrf_exempt
 def braintree_webhook_view(request):
@@ -711,6 +712,59 @@ def downgrade_completed_view(request):
                       'rower':r
                       })
 
+from django.utils.encoding import force_bytes, force_text
+from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode
+from django.contrib.sites.shortcuts import get_current_site
+from rowers.tokens import account_activation_token
+# Email activation
+def useractivate(request, uidb64, token):
+    try:
+        uid = force_text(urlsafe_base64_decode(uidb64))
+        user = User.objects.get(id=uid)
+    except(TypeError, ValueError, OverflowError, User.DoesNotExist):
+        user = None
+    if user is not None and account_activation_token.check_token(user, token):
+        user.is_active = True
+        user.save()
+        # below is old
+        fullemail = user.first_name + " " + user.last_name + " " + "<" + user.email + ">"
+        subject = "Thank you for registering on rowsandall.com"
+        from_address = 'Sander Roosendaal <info@rowsandall.com>'
+
+        d = {'first_name':user.first_name}
+
+        template = 'registeremail.html'
+        if user.rower.rowerplan == 'freecoach':
+            template = 'coachregisteremail.html'
+
+        send_template_email(from_address,[fullemail],
+                            subject,'registeremail.html',d)
+
+
+        subject2 = "New User"
+        message2 = "New user registered.\n"
+        message2 += fullemail + "\n"
+        message2 += "User name: "+user.username
+
+        if user.rower.rowerplan == 'freecoach':
+            subject2 = "New Free Coach User"
+
+
+        send_mail(subject2, message2,
+                  'Rowsandall Server <info@rowsandall.com>',
+                  ['roosendaalsander@gmail.com'])
+
+
+        messages.info(request,'Thank you for your email confirmation. Now you can login to your account.')
+        url = '/login/'
+        if user.rower.rowerplan == 'freecoach':
+            url+='?next=/rowers/me/teams'
+        return HttpResponseRedirect(url)
+    else:
+        return HttpResponse('Activation link is invalid!')
+
+
+
 # User registration
 def rower_register_view(request):
 
@@ -736,6 +790,7 @@ def rower_register_view(request):
             theuser.first_name = first_name
             theuser.last_name = last_name
             theuser.email = email
+            theuser.is_active = False
             theuser.save()
 
             birthdate = birthdate.replace(tzinfo=None)
@@ -766,26 +821,29 @@ def rower_register_view(request):
                 w.save()
 
             # Create and send email
-            fullemail = first_name + " " + last_name + " " + "<" + email + ">"
-            subject = "Thank you for registering on rowsandall.com"
-            from_address = 'Sander Roosendaal <info@rowsandall.com>'
-
-            d = {'first_name':theuser.first_name}
-
-            send_template_email(from_address,[fullemail],
-                                subject,'registeremail.html',d)
+            current_site = get_current_site(request)
+            mail_subject = 'Activate your account.'
+            d = {
+                'user': theuser,
+                'domain': current_site.domain,
+                'uid': urlsafe_base64_encode(force_bytes(theuser.id)).decode(),
+                'token': account_activation_token.make_token(theuser),
+            }
+            to_email = form.cleaned_data.get('email')
+            message = render_to_string('acc_activate_email.html', {
+                'user': theuser,
+                'domain': current_site.domain,
+                'uid': urlsafe_base64_encode(force_bytes(theuser.id)).decode(),
+                'token': account_activation_token.make_token(theuser),
+            })
+            to_email = form.cleaned_data.get('email')
+            email = EmailMessage(
+                mail_subject, message, to=[to_email]
+            )
+            email.send()
+            return HttpResponse('Please confirm your email address to complete the registration')
 
 
-            subject2 = "New User"
-            message2 = "New user registered.\n"
-            message2 += fullemail + "\n"
-            message2 += "User name: "+username
-
-            send_mail(subject2, message2,
-                      'Rowsandall Server <info@rowsandall.com>',
-                      ['roosendaalsander@gmail.com'])
-
-            theuser = authenticate(username=username,password=password)
             login(request,theuser)
 
             return HttpResponseRedirect(nextpage)
@@ -842,29 +900,28 @@ def freecoach_register_view(request):
             # create default favorite charts
             add_defaultfavorites(therower)
 
-
             # Create and send email
-            fullemail = first_name + " " + last_name + " " + "<" + email + ">"
-            subject = "Thank you for registering on rowsandall.com"
-            from_address = 'Sander Roosendaal <info@rowsandall.com>'
-
-            d = {'first_name':theuser.first_name}
-
-            send_template_email(from_address,[fullemail],
-                                subject,'coachregisteremail.html',d)
-
-
-            subject2 = "New Free Coach"
-            message2 = "New Free Coach registered.\n"
-            message2 += fullemail + "\n"
-            message2 += "User name: "+username
-
-            send_mail(subject2, message2,
-                      'Rowsandall Server <info@rowsandall.com>',
-                      ['roosendaalsander@gmail.com'])
-
-            theuser = authenticate(username=username,password=password)
-            login(request,theuser)
+            current_site = get_current_site(request)
+            mail_subject = 'Activate your account.'
+            d = {
+                'user': theuser,
+                'domain': current_site.domain,
+                'uid': urlsafe_base64_encode(force_bytes(theuser.id)).decode(),
+                'token': account_activation_token.make_token(theuser),
+            }
+            to_email = form.cleaned_data.get('email')
+            message = render_to_string('acc_activate_email.html', {
+                'user': theuser,
+                'domain': current_site.domain,
+                'uid': urlsafe_base64_encode(force_bytes(theuser.id)).decode(),
+                'token': account_activation_token.make_token(theuser),
+            })
+            to_email = form.cleaned_data.get('email')
+            email = EmailMessage(
+                mail_subject, message, to=[to_email]
+            )
+            email.send()
+            return HttpResponse('Please confirm your email address to complete the registration')
 
             return HttpResponseRedirect(nextpage)