mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-27 07:02:26 +00:00
Ensure confirmation email tokens are deleted if no longer valid
This commit is contained in:
parent
b88fea3b4b
commit
216d14bb25
2 changed files with 26 additions and 0 deletions
20
users/migrations/0087_request_email.py
Normal file
20
users/migrations/0087_request_email.py
Normal file
|
@ -0,0 +1,20 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.11.28 on 2020-04-17 20:10
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('users', '0086_user_email_change_date'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='request',
|
||||
name='email',
|
||||
field=models.EmailField(blank=True, max_length=254, null=True),
|
||||
),
|
||||
]
|
|
@ -831,10 +831,15 @@ class User(
|
|||
def confirm_email_address_mail(self, request):
|
||||
"""Prend en argument un request, envoie un mail pour
|
||||
confirmer l'adresse"""
|
||||
# Delete all older requests for this user, that aren't for this email
|
||||
filter = Q(user=self) & Q(type=Request.EMAIL) & ~Q(email=self.email)
|
||||
Request.objects.filter(filter).delete()
|
||||
|
||||
# Create the request and send the email
|
||||
req = Request()
|
||||
req.type = Request.EMAIL
|
||||
req.user = self
|
||||
req.email = self.email
|
||||
req.save()
|
||||
|
||||
template = loader.get_template("users/email_confirmation_request")
|
||||
|
@ -1873,6 +1878,7 @@ class Request(models.Model):
|
|||
type = models.CharField(max_length=2, choices=TYPE_CHOICES)
|
||||
token = models.CharField(max_length=32)
|
||||
user = models.ForeignKey("User", on_delete=models.CASCADE)
|
||||
email = models.EmailField(blank=True, null=True)
|
||||
created_at = models.DateTimeField(auto_now_add=True, editable=False)
|
||||
expires_at = models.DateTimeField()
|
||||
|
||||
|
|
Loading…
Reference in a new issue