diff --git a/data/database.py b/data/database.py
index 50ca6055a..e4c276c03 100644
--- a/data/database.py
+++ b/data/database.py
@@ -18,9 +18,7 @@ class User(BaseModel):
username = CharField(unique=True)
password_hash = CharField()
email = CharField(unique=True)
-
- # TODO move this to False and require email verification
- verified = BooleanField(default=True)
+ verified = BooleanField(default=False)
class Visibility(BaseModel):
@@ -67,7 +65,7 @@ class AccessToken(BaseModel):
class EmailConfirmation(BaseModel):
- code = CharField(default=random_string_generator())
+ code = CharField(default=random_string_generator(), unique=True)
user = ForeignKeyField(User)
pw_reset = BooleanField(default=False)
email_confirm = BooleanField(default=False)
@@ -101,7 +99,8 @@ class RepositoryTag(BaseModel):
def initialize_db():
create_model_tables([User, Repository, Image, AccessToken, Role,
- RepositoryPermission, Visibility, RepositoryTag])
+ RepositoryPermission, Visibility, RepositoryTag,
+ EmailConfirmation])
Role.create(name='admin')
Role.create(name='write')
Role.create(name='read')
diff --git a/data/model.py b/data/model.py
index 4c64699be..69cc79dbc 100644
--- a/data/model.py
+++ b/data/model.py
@@ -34,10 +34,23 @@ def create_user(username, password, email):
def create_confirm_email_code(user):
- code = EmailConfirmation(user=user, email_confirm=True)
+ code = EmailConfirmation.create(user=user, email_confirm=True)
return code
+def confirm_user_email(code):
+ code = EmailConfirmation.get(EmailConfirmation.code == code,
+ EmailConfirmation.email_confirm == True)
+
+ user = code.user
+ user.verified = True
+ user.save()
+
+ code.delete_instance()
+
+ return user
+
+
def get_user(username):
try:
return User.get(User.username == username)
diff --git a/endpoints/web.py b/endpoints/web.py
index c2a549b5d..ca4f07c91 100644
--- a/endpoints/web.py
+++ b/endpoints/web.py
@@ -36,6 +36,12 @@ def index():
return send_file('templates/index.html')
+def common_login(db_user):
+ logger.debug('Successfully signed in as: %s' % db_user.username)
+ login_user(_LoginWrappedDBUser(db_user))
+ identity_changed.send(app, identity=Identity(db_user.username, 'username'))
+
+
@app.route('/signin', methods=['POST'])
def signin():
username = request.form['username']
@@ -44,12 +50,7 @@ def signin():
#TODO Allow email login
verified = model.verify_user(username, password)
if verified:
- logger.debug('Successfully signed in as: %s' % username)
-
- login_user(_LoginWrappedDBUser(verified))
-
- identity_changed.send(app, identity=Identity(verified.username,
- 'username'))
+ common_login(verified)
return redirect(request.args.get('next') or url_for('index'))
@@ -58,7 +59,12 @@ def signin():
@app.route('/confirm', methods=['GET'])
def confirm_email():
- pass
+ code = request.values['code']
+ user = model.confirm_user_email(code)
+
+ common_login(user)
+
+ return redirect(url_for('index'))
@app.route('/reset', methods=['GET'])
diff --git a/util/email.py b/util/email.py
index 2d7dc950e..fcc069409 100644
--- a/util/email.py
+++ b/util/email.py
@@ -8,7 +8,7 @@ This email address was recently used to register the username '%s'
at Quay.io.
To confirm this email address, please click the following link:
-http://quay.io/confirm?token=%s
+http://quay.io/confirm?code=%s
"""