From ea2a984d24c56aa2f06cf24ab6dddac4e8b4fe91 Mon Sep 17 00:00:00 2001
From: "Peter J. Holzer" <hjp@hjp.at>
Date: Mon, 28 Mar 2022 00:33:37 +0200
Subject: [PATCH] Confirm email addresses

---
 htmx/app.py                                  |  51 +++++++++++++++++--
 htmx/messages.pot                            |  37 ++++++++++++--
 htmx/templates/confirm.html                  |  18 +++++++
 htmx/translations/de/LC_MESSAGES/messages.mo | Bin 1565 -> 2373 bytes
 htmx/translations/de/LC_MESSAGES/messages.po |  39 ++++++++++++++
 5 files changed, 135 insertions(+), 10 deletions(-)
 create mode 100644 htmx/templates/confirm.html

diff --git a/htmx/app.py b/htmx/app.py
index 57ed5b5..cbe12d7 100644
--- a/htmx/app.py
+++ b/htmx/app.py
@@ -1,9 +1,12 @@
+import email.message
+import json
 import logging
+import smtplib
 import uuid
 import psycopg2
 import psycopg2.extras
 
-from flask import Flask, request, render_template, render_template_string, session, g
+from flask import Flask, request, render_template, render_template_string, session, g, url_for
 from flask_babel import Babel, _
 
 logging.basicConfig(format="%(asctime)s %(levelname)s %(name)s %(lineno)d | %(message)s", level=logging.DEBUG)
@@ -135,20 +138,34 @@ def result(public_id):
                 stats["band_rank"] = r["rank"]
                 stats["band_count"] = r["c"]
 
-    ask_mail = session["uuid"].endswith(public_id)
-    log.debug("uuid = %s, public_id=%s, ask_mail=%s", session["uuid"], public_id, ask_mail)
+    uuid = session.get("uuid", "")
+    ask_mail = uuid.endswith(public_id)
+    log.debug("uuid = %s, public_id=%s, ask_mail=%s", uuid, public_id, ask_mail)
     return render_template("result.html", public_id=public_id, stats=stats, ask_mail=ask_mail)
 
 @app.route("/add-email", methods=["POST"])
 def add_email():
     csr = get_cursor()
-    csr.execute("update users set email=%s where uuid = %s", (request.form["email"], session["uuid"],))
+    csr.execute("update users set email=%s, lang=%s, confirmation_sent_ts=now() where uuid = %s",
+                (request.form["email"], get_locale(), session["uuid"],))
     if csr.rowcount:
+        send_mail(request.form["email"], session["uuid"])
         return render_template_string(_("Saved. Expect mail at {{email}}"),
                                       email=request.form["email"])
     else:
         return _("<span>You don't exist. Go away!</span>")
 
+@app.route("/confirm-email/<uuid>", methods=["GET"])
+def confirm_email_ask(uuid):
+    return render_template("confirm.html", uuid=uuid)
+
+@app.route("/confirm-email/<uuid>", methods=["POST"])
+def confirm_email_do(uuid):
+    csr = get_cursor()
+    csr.execute("update users set confirmation_received_ts=now(), confirmation_info=%s where uuid=%s",
+                (json.dumps({"ip": request.remote_addr, "ua": request.user_agent.string}), uuid))
+    return "<p>" + _("Thanks!") + "</p>"
+
 # Middleware
 
 @babel.localeselector
@@ -188,10 +205,34 @@ def teardown_db(exception):
         db.close()
 
 def new_user():
+    lang = get_locale()
     user_uuid = str(uuid.uuid4())
     user_public_id = user_uuid[-12:]
     csr = get_cursor()
-    csr.execute("insert into users(uuid, public_id) values(%s, %s)", (user_uuid, user_public_id,))
+    csr.execute("insert into users(uuid, public_id, lang) values(%s, %s, %s)",
+                (user_uuid, user_public_id, lang))
     return user_uuid, user_public_id
 
+def send_mail(mailaddress, uuid):
+    msg = email.message.EmailMessage()
+    msg["From"] ="i12e@hjp.at"
+    msg["To"] = mailaddress
+    msg["Subject"] = _("The Musical Internatiionale: Confirm mail address")
+    confirmation_url = url_for("confirm_email_ask", uuid=uuid, _external=True)
+    body = _(
+        "Hello,\n"
+        "\n"
+        "somebody requested news about new developments at https://i12e.hjp.at/ to be sent to\n"
+        "{mailaddress}.\n"
+        "\n"
+        "To confirm that that this was you, please visit this url:\n"
+        "{url}\n"
+        "\n"
+        "With musical greetings\n"
+        "    I12E Bot\n"
+        "").format(mailaddress=mailaddress, url=confirmation_url)
+    msg.set_content(body)
+    mta = smtplib.SMTP(host="localhost")
+    mta.send_message(msg)
+
 # vim: tw=99
diff --git a/htmx/messages.pot b/htmx/messages.pot
index 7da1d0c..92ad7cf 100644
--- a/htmx/messages.pot
+++ b/htmx/messages.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PROJECT VERSION\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2022-03-20 23:24+0100\n"
+"POT-Creation-Date: 2022-03-28 00:28+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,22 +17,49 @@ msgstr ""
 "Content-Transfer-Encoding: 8bit\n"
 "Generated-By: Babel 2.9.1\n"
 
-#: app.py:22
+#: app.py:25
 msgid "hello"
 msgstr ""
 
-#: app.py:147
+#: app.py:153
 msgid "Saved. Expect mail at {{email}}"
 msgstr ""
 
-#: app.py:150
+#: app.py:156
 msgid "<span>You don't exist. Go away!</span>"
 msgstr ""
 
-#: templates/home.html:6 templates/result.html:6
+#: app.py:167
+msgid "Thanks!"
+msgstr ""
+
+#: app.py:220
+msgid "The Musical Internatiionale: Confirm mail address"
+msgstr ""
+
+#: app.py:222
+msgid ""
+"Hello,\n"
+"\n"
+"somebody requested news about new developments at https://i12e.hjp.at/ to"
+" be sent to\n"
+"{mailaddress}.\n"
+"\n"
+"To confirm that that this was you, please visit this url:\n"
+"{url}\n"
+"\n"
+"With musical greetings\n"
+"    I12E Bot\n"
+msgstr ""
+
+#: templates/confirm.html:6 templates/home.html:6 templates/result.html:6
 msgid "The Musical Internatiionale"
 msgstr ""
 
+#: templates/confirm.html:14
+msgid "I confirm that I want to receive mails about new developments at this site"
+msgstr ""
+
 #: templates/home.html:20
 msgid ""
 "All the countries in the world — which bands or solo musicians from these"
diff --git a/htmx/templates/confirm.html b/htmx/templates/confirm.html
new file mode 100644
index 0000000..ec8a348
--- /dev/null
+++ b/htmx/templates/confirm.html
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <title>
+      {{ _("The Musical Internatiionale") }}
+    </title>
+    <script src='https://unpkg.com/htmx.org@1.7.0'></script>
+    <link rel="stylesheet" href="/static/style.css">
+  </head>
+  <body>
+    <main>
+      <button class="btn" hx-post="{{url_for('confirm_email_do', uuid=uuid)}}" hx-swap="outerHTML">
+        {{_("I confirm that I want to receive mails about new developments at this site")}}
+      </button>
+    </main>
+  </body>
+</html>
diff --git a/htmx/translations/de/LC_MESSAGES/messages.mo b/htmx/translations/de/LC_MESSAGES/messages.mo
index 2826bad5d2dad1584bfcb9951bc2bf6dbd047bf2..3314fc51948a0a60f41417d57896ac2c8aa1c857 100644
GIT binary patch
delta 990
zcmb7?y=xRf7{>R^#g9cSQusmCdk-X}IPXX-gd-?MBe|f3!4R~Y-F<UA-tO#WXEsL?
z!j(Z#P!3Bg^)Comi54M+RuZsPQdrnnYNOyYn-h!#!GU*v^Z9-}Gf$6h4Rt>b6`we0
z$6%*n5A5WR_5<S)*iV=TJ6CX=ZEzi&0q-7goD%o~EP`9$A@ChI3~qyC;8*YtNCUV7
zu7I<S({(;zFo=aw+<pY7Rj`ct8!Xy`JK#5P;^3}>3-E3oJ_L{0b0D^yx8O<eJ$MoP
z0^S14haG1T)Syk^Gic*owwEU!zrNp{<|s-kuB(%ny(CzslovDBh67UE(ImViGj>P;
zFL9K#V^#*shC*Z7x?Zcvv2m`3_u5rqYGe}fm^98{=&r^>Mj{AO)_Se#y0;VZ6SW}I
zm`n&4ChX?D)YK80mXoYP?TCeDT9R7Y1K7&asP3+!Uvu4gX+nxKEqxJDGi5eXHML7<
zjj{15noNxAH1<Ymz<HhzYV%nxG1;_sODpYPTOJn)aPN9ybWo_4F85l6Qco359k0{X
zeht<Q^~>8>FPs_ZP7A16cHJ3{g$l^l7>G2BsmUH2RuxROriNNb(pVUoC|0!j%HtFg
zXG~Mdbfn*kGS$R}$QJfjS*X9IZL;=5+4Wn7I-CZqs_tA&D;Zuxo6YA&!e2i)GN5Z2
zG)c9o*!|28nLKF>Qy>{{M{~0`{!?*3w4P@Bq56?zOgD3-|5;%kGo^X<tl-3HC?ez#
uZ@%<HJixQ!CHnwe?tLl__jZaW&em!2cTvy@|1!<PoWGL)vyJb?k-{(Nb0F;i

delta 221
zcmX>qG?%CTo)F7a1|Z-9Vi_RL0dbJP9w1u{i1z|<5)eNDVtF8TXJlYt0n+I}S{g{_
z0O?2|-2tSdfb=6E9R#FpnHU&Yf%F6*Jpm{-4M-~j`RYK;Ky}s(o<N2nP+$p=<^<B$
zfV2dVegLEcf%H!xT?nMTfu?{g*bAgV28y#y{M9>oDU<r-D@-z*m6)ZNC-<`3PQJ)4
Kxmk%rnGpcglO5Rr

diff --git a/htmx/translations/de/LC_MESSAGES/messages.po b/htmx/translations/de/LC_MESSAGES/messages.po
index cf57a26..517d7c1 100644
--- a/htmx/translations/de/LC_MESSAGES/messages.po
+++ b/htmx/translations/de/LC_MESSAGES/messages.po
@@ -30,11 +30,50 @@ msgstr "Gespeichert. Du wirst Mail an {{email}} bekommen."
 msgid "<span>You don't exist. Go away!</span>"
 msgstr "Du existierst nicht. Verschwinde!"
 
+#: app.py:167
+msgid "Thanks!"
+msgstr "Danke!"
+
+#: app.py:206
+msgid "The Musical Internatiionale: Confirm mail address"
+msgstr "Die Musik-Internationale: Bestätigung der Mail-Adresse"
+
+#: app.py:207
+msgid ""
+"Hello,\n"
+"\n"
+"somebody requested news about new developments at https://i12e.hjp.at/ to"
+" be sent to\n"
+"{mailaddress}.\n"
+"\n"
+"To confirm that that this was you, please visit this url:\n"
+"{url}\n"
+"\n"
+"With musical greetings\n"
+"    I12E Bot\n"
+msgstr ""
+"Hallo!\n"
+"\n"
+"Jemand hat darum gebeten, dass Informationen über neue Entwicklungen "
+"auf https://i12e.hjp.at/ an\n"
+"{mailaddress}.\n"
+"geschickt werden.\n"
+"Um zu bestätigen, dass das Du warst, besuche bitte diesen URL:\n"
+"{url}\n"
+"\n"
+"With musical greetings\n"
+"    I12E Bot\n"
+
 #: templates/home.html:6
 msgid "The Musical Internatiionale"
 msgstr "Die Musik-Internationale"
 
 #: templates/home.html:21
+msgid "I confirm that I want to receive mails about new developments at this site"
+msgstr "Ich bestätige, dass im Mails über neue Entwicklungen auf dieser "
+"Website erhalen möchte"
+
+#: templates/home.html:20
 msgid ""
 "All the countries in the world — which bands or solo musicians from these"
 " countries do you know?"