improve confirmation email link generation #38

Author: merwok

rest_auth_toolkit/templates/rest_auth_toolkit/email_confirmation.html renamed to demo/demo/accounts/templates/rest_auth_toolkit/email_confirmation.html

@@ -9,7 +9,8 @@
 <div>
 
 <p>{% trans "Follow this link to validate your email:" %}<br>
- <a href="{{ confirmation_url }}">{{ confirmation_url }}</a></p>
+ {% url "pages:confirm-email" token=confirmation.external_id as confirmation_url %}
+ <a href="{{ base_url }}{{ confirmation_url }}">{{ base_url }}{{ confirmation_url }}</a></p>
 
 </div>
 </body>

rest_auth_toolkit/templates/rest_auth_toolkit/email_confirmation.txt renamed to demo/demo/accounts/templates/rest_auth_toolkit/email_confirmation.txt

@@ -2,6 +2,6 @@
 {% load i18n %}
 
 {% trans "Follow this link to validate your email:" %}
-{{ confirmation_url }}
+{{ base_url }}{% url "pages:confirm-email" token=confirmation.external_id %}
 
 {% endautoescape %}

demo/demo/pages/auth_urls.py

@@ -0,0 +1,13 @@
+{% load i18n %}
+{% get_current_language as LANGUAGE_CODE %}
+<!doctype html>
+<html lang="{{ LANGUAGE_CODE }}">
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <title>{% block title %}{% endblock %}</title>
+</head>
+<body>
+  {% block body %}{% endblock %}
+</body>
+</html>

demo/demo/pages/templates/base.html

@@ -1,18 +1,10 @@
+{% extends "base.html" %}
 {% load i18n %}
-{% get_current_language as LANGUAGE_CODE %}
-<!doctype html>
-<html lang="{{ LANGUAGE_CODE }}">
-<head>
-  <meta charset="utf-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <title>{{ site_name }}</title>
-</head>
-<body>
+{% block title %}Error! {{ site_name }}{% endblock %}
 
+{% block body %}
 <div>
   <h1>{% trans "Error!" %}</h1>
   <p>{{ error }}</p>
 </div>
-
-</body>
-</html>
+{% endblock %}

demo/demo/pages/templates/error.html

@@ -1,13 +1,7 @@
-{% load i18n %}
-{% get_current_language as LANGUAGE_CODE %}
-<!doctype html>
-<html lang="{{ LANGUAGE_CODE }}">
-<head>
-  <meta charset="utf-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <title>{{ site_name }}</title>
-</head>
-<body>
+{% extends "base.html" %}
+{% block title %}{{ site_name }}{% endblock %}
+
+{% block body %}
 <script>
   window.fbAsyncInit = function() {
     FB.init({appId: "{{ fb_app_id }}", xfbml: true, version: "v2.9"});
@@ -34,12 +28,11 @@
 <div id="fb-root"></div>
 
 <div>
-  <h1>Hello!</h1>
+  <h1>Hello world!</h1>
   <button onclick="fb_login()">Login with Facebook</button>
 </div>
 
 <script src="https://code.jquery.com/jquery-3.2.1.min.js"
   integrity="sha256-hwg4gsxgFZhOsEEamdOYGBf13FyQuiTwlAQgxVSNgt4="
   crossorigin="anonymous"></script>
-</body>
-</html>
+{% endblock %}

demo/demo/pages/templates/index.html

@@ -0,0 +1,10 @@
+{% extends "base.html" %}
+{% load i18n %}
+{% block title %}Success! {{ site_name }}{% endblock %}
+
+{% block body %}
+<div>
+  <h1>{% trans "Success!" %}</h1>
+  <p>Your address {{ email }} is now confirmed.</p>
+</div>
+{% endblock %}

demo/demo/pages/templates/welcome.html

@@ -8,4 +8,5 @@
 
 urlpatterns = [
     url(r'^$', views.index, name='root'),
+    url(r'^welcome/(?P<token>[^/.]+)$', views.confirm_email, name='confirm-email'),
 ]

demo/demo/pages/urls.py

@@ -14,12 +14,12 @@ def index(request):
     return render(request, 'index.html', context=ctx)
 
 
-def email_view(request, external_id):
+def confirm_email(request, token):
     """Landing page for links in confirmation emails."""
     error = None
 
     try:
-        confirmation = EmailConfirmation.objects.get(external_id=external_id)
+        confirmation = EmailConfirmation.objects.get(external_id=token)
         confirmation.confirm()
     except EmailConfirmation.DoesNotExist:
         error = _('Invalid link')
@@ -33,4 +33,8 @@ def email_view(request, external_id):
         }
         return render(request, 'error.html', context=ctx)
     else:
-        return index(request)
+        ctx = {
+            'site_name': 'Demo',
+            'email': confirmation.user.email,
+        }
+        return render(request, 'welcome.html', context=ctx)

demo/demo/pages/views.py

@@ -102,7 +102,6 @@
 
 
 STATIC_URL = '/static/'
-# STATIC_ROOT = os.path.join(BASE_DIR, 'static')
 
 
 REST_FRAMEWORK = {
@@ -122,6 +121,5 @@
 REST_AUTH_TOOLKIT = {
     'email_confirmation_class': 'demo.accounts.models.EmailConfirmation',
     'email_confirmation_from': 'auth-demo@localhost',
-    'email_confirmation_lookup_field': 'external_id',
     'api_token_class': 'demo.accounts.models.APIToken',
 }

demo/demo/settings.py

@@ -32,5 +32,4 @@ class GoAwayRenderer(DocumentationRenderer):
     path('admin/', admin.site.urls),
     path('api/', include(api_urlpatterns)),
     path('', include('demo.pages.urls')),
-    path('', include('demo.pages.auth_urls')),
 ]

demo/demo/urls.py

@@ -1,7 +1,6 @@
 from django.contrib.auth import get_user_model
 from django.core.mail import send_mail
 from django.template.loader import render_to_string
-from django.urls import reverse
 from django.utils.translation import gettext as _
 
 from rest_framework import generics, status, views
@@ -26,11 +25,21 @@ class SignupView(generics.GenericAPIView):
 
     If the setting email_confirmation_send_email is true (default),
     the function send_email will be called.  That function requires
-    that your app define a route named app-auth:email-confirmation
-    with an id parameter; the view for this route should get an
-    email confirmation instance using the ID and call the confirm
-    method.  To use a field that's not named 'id', define the setting
-    email_confirmation_lookup_param (this will change the URL pattern).
+    that your project defines defines two email templates:
+        - rest_auth_toolkit/email_confirmation.txt
+        - rest_auth_toolkit/email_confirmation.html
+
+    The templates will be passed the User and EmailConfirmation instances
+    (as variables *user* and *confirmation*).  To help generating links,
+    a variable *base_url* with a value like "https://domain" (scheme,
+    domain and optional port depending on the request, but no path), which
+    lets you write code like `{{ base_url }}{% url "my-route" %}`.
+
+    It is up to your project to define what the link is.  The demo app
+    demonstrates a simple Django view that validates the email validation
+    token in the URL; for a project with a front-end site (e.g. a JavaScript
+    app) on a different domain than the Django API, a custom template tag
+    could be used to generate the right URL for the front-end site.
 
     If the setting is false, the user will be active immediately.
     """
@@ -157,14 +166,14 @@ def send_email(request, user, address, confirmation):
     subject = _('Confirm your email address')
     from_address = get_setting('email_confirmation_from')
 
-    lookup_field = get_setting('email_confirmation_lookup_field', 'id')
-    confirmation_url = request.build_absolute_uri(
-        reverse('app-auth:email-confirmation',
-                kwargs={lookup_field: getattr(confirmation, lookup_field)}))
     # The url template tag doesn't include scheme/domain/port, pass a helper
     base_url = request.build_absolute_uri('/')[:-1]
 
-    context = {'base_url': base_url, 'confirmation_url': confirmation_url}
+    context = {
+        'user': user,
+        'confirmation': confirmation,
+        'base_url': base_url,
+    }
     txt_content = render_to_string('rest_auth_toolkit/email_confirmation.txt', context)
     html_content = render_to_string('rest_auth_toolkit/email_confirmation.html', context)