1 files changed, 45 insertions, 8 deletions

diff --git a/app.py b/app.py
index 22a11f2..4a18226 100644
--- a/app.py
+++ b/app.py
@@ -7,8 +7,8 @@ import account
 import ldap
 import os
 from flask import flash, Flask, g, redirect, request, session, url_for
-from utils import templated, login_required, encrypt_password, decrypt_password, login_user, logout_user
-from forms import RegisterForm, LoginForm, SettingsForm
+from utils import *
+from forms import RegisterForm, RegisterCompleteForm, LoginForm, SettingsForm
 
 
 app = Flask(__name__)
@@ -52,18 +52,55 @@ def register():
     if request.method == 'POST' and form.validate():
         username = form.username.data
         mail = form.mail.data
+
+        confirm_token = make_confirmation('register', (username, mail))
+        confirm_link = url_for('register_complete', token=confirm_token, _external=True)
+
+        body = render_template('mail/register.txt', username=username,
+                               mail=mail, link=confirm_link)
+
+        send_mail(mail, u'E-Mail-Adresse bestätigen', body,
+                  sender=app.config.get('MAIL_CONFIRM_SENDER'))
+
+        flash(u'Es wurde eine E-Mail an die angegebene Adresse geschickt, '
+              u'um diese zu überprüfen. Bitte folge den Anweisungen in der '
+              u'E-Mail.')
+
+        return redirect(url_for('index'))
+
+    return {'form': form}
+
+
+@app.route('/register/<token>', methods=['GET', 'POST'])
+@templated('register_complete.html')
+def register_complete(token):
+    try:
+        username, mail = verify_confirmation('register', token.encode('ascii'), timeout=3*24*60*60)
+    except ConfirmationInvalid:
+        raise Forbidden(u'Ungültiger Bestätigungslink')
+    except ConfirmationTimeout:
+        raise Forbidden(u'Bestätigungslink ist zu alt')
+
+
+    form = RegisterCompleteForm(request.form)
+    if request.method == 'POST' and form.validate():
         password = form.password.data
 
-        user = Account(form.username.data, form.mail.data, password=form.password.data)
-        service.register(user)
+        user = account.Account(username, mail, password=form.password.data)
+        g.ldap.register(user)
 
         # populate request context and session
-        assert login_user(user.username, user.password)
+        assert login_user(user.uid, user.password)
 
         flash(u'Benutzer erfolgreich angelegt.')
-        redirect(url_for('settings'))
-
-    return {'form': form}
+        return redirect(url_for('settings'))
+
+    return {
+        'form': form,
+        'token': token,
+        'username': username,
+        'mail': mail,
+    }