The purpose of the validator is to ensure the user isn't active, so
let's correctly test for that here.
(imported from commit 772ddb901098f78750efab274405a10f36c49232)
Previously we checked and bailed when there was a user registered with
an email address, regardless of active status.
This meant that MIT users who had inactive accounts autocreated had
issues where they would be confusingly told they were signed up even
though they had never taken any action on our site directly.
Now we instead check whether there are any current *active* user
accounts with that email address, and proceed with generating an
activation link if the user lacks a corresponding active account.
Security implications of this commit come into play if we start
implementing removing users ability to sign in as deactivation. Since we
lack a user removal story here, this isn't terribly concerning yet and
we'll revist this code when we decide to add such functionality in the
future.
This resolves trac #581 and #631.
(imported from commit c3fb93ce065e63e19b41f63c1f27891b93b75f86)
This view lives at /accounts/accept_terms, and (after getting an acceptance
from the user) sends an email to all@ documenting the acceptance.
(imported from commit 8f64286ab02887fd6544fa274b2967f6499b6dbc)
Here we introduce a new manage.py command, activate_mit, which takes a
number of usernames and sends out emails to the users with instructions on
how to activate their accounts.
(imported from commit f14401b55f915698e83ff27b86434f53e64685f3)
We add a few templates for django-confirmation. We define a
"PreregistrationForm" which is validated by accounts_home, which then
generates a confirmation object and emails the user. This required creating
a new table for a PreregistrationUser with an email and status (confirmed)
field.
The register function now no longer accepts a "email" field in the form
and deals only with confirmation IDs to determine the email used to sign
up a user.
(imported from commit 4fcde04530aa7ad4de84579668daee7290b424ac)
Previously no check was performed to ensure that the same email wasn't used
to register twice. Here we add a validator to perform that check.
We also noted that the domain field was omitted, but checked by a client of
this class. Therefore, we add it directly.
(imported from commit 1411bf0adeb3cd048278376b059a26a0da4c54df)
Split off some content previously placed into base back into index.html.
Move content previously localised in accounts_home to a new content_base
for use in the non-app version of the site.
We wrote up some copy and styled it according to taste.
In our new signup form, we no longer collect a short name and instead
extrapolate from the email.
(imported from commit cd734b13a4bda7f304129379524c4cc96b77b24b)