Change in forms, models, urls, views

- Add is_email_expired, activation_key, key_expiry_time in Profile model
- Add new functions activate_user and new_activation in views for verifying and activating user via email
- Change user_login and user_register functions in views for email verification
- Change in forms.py to verify email during registration
- Add activation urls in urls.py

4 files changed, 98 insertions, 17 deletions

diff --git a/yaksh/forms.py b/yaksh/forms.py
index f7f7a10..ac4e1b0 100644
--- a/yaksh/forms.py
+++ b/yaksh/forms.py
@@ -5,7 +5,7 @@ from yaksh.models import get_model_class, Profile, Quiz, Question, TestCase, Cou
 from django.contrib.auth import authenticate
 from django.contrib.auth.models import User
 from django.contrib.contenttypes.models import ContentType
-
+from django.conf import settings
 from taggit.managers import TaggableManager
 from taggit.forms import TagField
 from django.forms.models import inlineformset_factory
@@ -18,6 +18,7 @@ except ImportError:
 from string import punctuation, digits
 import datetime
 import pytz
+from .email_verification import generate_activation_key
 
 languages = (
     ("select", "Select Language"),
@@ -117,6 +118,12 @@ class UserRegisterForm(forms.Form):
 
         return c_pwd
 
+    def clean_email(self):
+        user_email = self.cleaned_data['email']
+        if User.objects.filter(email=user_email).exists():
+            raise forms.ValidationError("This email already exists")
+        return user_email
+
     def save(self):
         u_name = self.cleaned_data["username"]
         u_name = u_name.lower()
@@ -135,9 +142,19 @@ class UserRegisterForm(forms.Form):
         new_profile.department = cleaned_data["department"]
         new_profile.position = cleaned_data["position"]
         new_profile.timezone = cleaned_data["timezone"]
+        if settings.IS_DEVELOPMENT:
+            new_profile.is_email_verified = True
+            new_profile.save()
+            return u_name, pwd
+        else:
+            new_profile.activation_key = generate_activation_key(new_user.username)
+            new_profile.key_expiry_time = datetime.datetime.strftime(
+                                        datetime.datetime.now() + \
+                                        datetime.timedelta(minutes=20),
+                                        "%Y-%m-%d %H:%M:%S"
+                                        )
         new_profile.save()
-
-        return u_name, pwd
+        return new_user.email, new_profile.activation_key
 
 
 class UserLoginForm(forms.Form):
@@ -307,4 +324,3 @@ class QuestionPaperForm(forms.ModelForm):
     class Meta:
         model = QuestionPaper
         fields = ['shuffle_questions']
-
diff --git a/yaksh/models.py b/yaksh/models.py
index 802a1fc..3e80570 100644
--- a/yaksh/models.py
+++ b/yaksh/models.py
@@ -251,6 +251,9 @@ class Profile(models.Model):
         default=pytz.utc.zone,
         choices=[(tz, tz) for tz in pytz.common_timezones]
     )
+    is_email_verified = models.BooleanField(default=False)
+    activation_key = models.CharField(max_length=40, blank=True, null=True)
+    key_expiry_time = models.DateTimeField(blank=True, null=True)
 
     def get_user_dir(self):
         """Return the output directory for the user."""
diff --git a/yaksh/urls.py b/yaksh/urls.py
index 00b34e4..03e5354 100644
--- a/yaksh/urls.py
+++ b/yaksh/urls.py
@@ -5,6 +5,8 @@ urlpatterns = [
     url(r'^$', views.index),
     url(r'^login/$', views.user_login, name='login'),
     url(r'^logout/$', views.user_logout),
+    url(r'^activate/(?P<key>.+)$', views.activate_user),
+    url(r'^new_activation/$', views.new_activation),
     url(r'^quizzes/$', views.quizlist_user, name='quizlist_user'),
     url(r'^quizzes/(?P<enrolled>\w+)/$', views.quizlist_user, name='quizlist_user'),
     url(r'^results/$', views.results_user),
diff --git a/yaksh/views.py b/yaksh/views.py
index db7498c..aa23d01 100644
--- a/yaksh/views.py
+++ b/yaksh/views.py
@@ -1,7 +1,7 @@
 import random
 import string
 import os
-from datetime import datetime
+from datetime import datetime, timedelta
 import collections
 import csv
 from django.http import HttpResponse
@@ -17,11 +17,13 @@ from django.contrib.auth.models import Group
 from django.forms.models import inlineformset_factory
 from django.utils import timezone
 from django.core.exceptions import MultipleObjectsReturned
+from django.conf import settings
 import pytz
 from taggit.models import Tag
 from itertools import chain
 import json
 import six
+from textwrap import dedent
 # Local imports.
 from yaksh.models import get_model_class, Quiz, Question, QuestionPaper, QuestionSet, Course
 from yaksh.models import Profile, Answer, AnswerPaper, User, TestCase, FileUpload,\
@@ -35,6 +37,7 @@ from yaksh.forms import UserRegisterForm, UserLoginForm, QuizForm,\
 from .settings import URL_ROOT
 from yaksh.models import AssignmentUpload
 from .file_utils import extract_files
+from .email_verification import send_user_mail, generate_activation_key
 
 
 
@@ -73,7 +76,7 @@ def index(request):
     """
     user = request.user
     if user.is_authenticated():
-        if user.groups.filter(name='moderator').count() > 0:
+        if is_moderator(user):
             return my_redirect('/exam/manage/')
         return my_redirect("/exam/quizzes/")
 
@@ -88,15 +91,20 @@ def user_register(request):
     ci = RequestContext(request)
     if user.is_authenticated():
         return my_redirect("/exam/quizzes/")
-
+    context = {}
     if request.method == "POST":
         form = UserRegisterForm(request.POST)
         if form.is_valid():
             data = form.cleaned_data
-            u_name, pwd = form.save()
-            new_user = authenticate(username=u_name, password=pwd)
-            login(request, new_user)
-            return my_redirect("/exam/quizzes/")
+            if settings.IS_DEVELOPMENT:
+                u_name, pwd = form.save()
+                new_user = authenticate(username=u_name, password=pwd)
+                login(request, new_user)
+                return index(request)
+            user_email, key = form.save()
+            success, msg = send_user_mail(user_email, key)
+            context = {'activation_msg': msg}
+            return my_render_to_response('yaksh/activation_status.html', context)
         else:
             return my_render_to_response('yaksh/register.html', {'form': form},
                                          context_instance=ci)
@@ -323,19 +331,29 @@ def user_login(request):
 
     user = request.user
     ci = RequestContext(request)
+    context = {}
     if user.is_authenticated():
-        if user.groups.filter(name='moderator').count() > 0:
-            return my_redirect('/exam/manage/')
-        return my_redirect("/exam/quizzes/")
+        if not settings.IS_DEVELOPMENT:
+            if not user.profile.is_email_verified:
+                context['success'] = False
+                context['msg'] = "Your account is not verified"
+                return my_render_to_response('yaksh/activation_status.html',
+                                            context, context_instance=ci)
+            return index(request)
 
     if request.method == "POST":
         form = UserLoginForm(request.POST)
         if form.is_valid():
             user = form.cleaned_data
+            if not settings.IS_DEVELOPMENT:
+                if not user.profile.is_email_verified:
+                    context['success'] = False
+                    context['msg'] = "Your account is not verified. \
+                                    Please verify your account"
+                    return my_render_to_response('yaksh/activation_status.html',
+                                                 context, context_instance=ci)
             login(request, user)
-            if user.groups.filter(name='moderator').count() > 0:
-                return my_redirect('/exam/manage/')
-            return my_redirect('/exam/login/')
+            return index(request)
         else:
             context = {"form": form}
             return my_render_to_response('yaksh/login.html', context,
@@ -1403,3 +1421,45 @@ def download_course_csv(request, course_id):
     for student in students:
         writer.writerow(student)
     return response
+
+def activate_user(request, key):
+    ci = RequestContext(request)
+    profile = get_object_or_404(Profile, activation_key=key)
+    context = {}
+    context['success'] = False
+    if timezone.now() > profile.key_expiry_time:
+        context['msg'] = dedent("""
+                    Your activation time expired.
+                    Please try again.
+                    """)
+    else:
+        context['success'] = True
+        profile.is_email_verified = True
+        profile.save()
+        context['msg'] = "Your account is activated"
+    return my_render_to_response('yaksh/activation_status.html', context,
+                                context_instance=ci)
+
+def new_activation(request):
+    ci = RequestContext(request)
+    context = {}
+    if request.method == "POST":
+        email = request.POST.get('email')
+        user = get_object_or_404(User, email=email)
+        if not user.profile.is_email_verified:
+            user.profile.activation_key = generate_activation_key(user.username)
+            user.profile.key_expiry_time = datetime.strftime(
+                                    datetime.now() + \
+                                    timedelta(minutes=20), "%Y-%m-%d %H:%M:%S"
+                                    )
+            user.profile.save()
+            success, msg = send_user_mail(user.email, user.profile.activation_key)
+            if success:
+                context['new_activation_msg'] = msg
+            else:
+                context['msg'] = msg
+        else:
+            context['new_activation_msg'] = "Your account is already verified"
+
+    return my_render_to_response('yaksh/activation_status.html', context,
+                                context_instance=ci)