diff --git a/mafiasi/registration/templates/registration/email_exsts.txt b/mafiasi/registration/templates/registration/email_exsts.txt new file mode 100644 index 00000000..688f5c4d --- /dev/null +++ b/mafiasi/registration/templates/registration/email_exsts.txt @@ -0,0 +1,17 @@ +{% extends "base_email.html" %}{% load i18n %}{% autoescape off %} +{% block content_de %}Hallo, +du hast versucht, einen Account zu erstellen, den es schon gibt. Falls du dein Passwort vergessen hast, kannst du es hier zurücksetzen: +{{ password_reset_url }} +Dein Nutzername ist {{ username }}. + +Viele Grüße, +Deine Server-AG +{% endblock %} +{% block content_en %}Hello, +you tried to create an account that already exists. If you forgot your password, you can reset it here: +{{ password_reset_url }} +Your username is {{ username }}. + +Best regards, +Your Server-AG +{% endblock %}{% endautoescape %} diff --git a/mafiasi/registration/views.py b/mafiasi/registration/views.py index fadad03d..2ebb927d 100644 --- a/mafiasi/registration/views.py +++ b/mafiasi/registration/views.py @@ -71,6 +71,10 @@ def request_account(request): slug="employee", defaults={"name": "Employee"} ) + username = _get_username({"account": account, "domain": domain}, yeargroup) + if Mafiasi.objects.filter(username=username).exists(): + return _send_email_exists(request, username) + return _finish_account_request( request, { @@ -130,6 +134,10 @@ def additional_info(request): if form.is_valid(): account = form.cleaned_data["account"] domain = form.cleaned_data["domain"] + username = _get_username({"account": account, "domain": domain}, form.cleaned_data["yeargroup"]) + if Mafiasi.objects.filter(username=username).exists(): + return _send_email_exists(request, username) + return _finish_account_request( request, { @@ -148,7 +156,7 @@ def request_successful(request): return TemplateResponse(request, "registration/request_successful.html") -def _create_username(info, yeargroup): +def _get_username(info, yeargroup): if info["domain"] != settings.PRIMARY_DOMAIN: return "{}.{}".format(info["account"], settings.REGISTER_DOMAIN_MAPPING[info["domain"]]) elif info["account"][0].isdigit(): @@ -169,10 +177,10 @@ def create_account(request, info_token): return TemplateResponse(request, "registration/token_invalid.html") yeargroup = Yeargroup.objects.get(pk=info["yeargroup_pk"]) - username = _create_username(info, yeargroup) + username = _get_username(info, yeargroup) if Mafiasi.objects.filter(username=username).exists(): - return redirect("simple_openid_connect.login") + return redirect(reverse("simple_openid_connect:login")) if request.method == "POST": form = PasswordForm(request.POST) @@ -306,6 +314,20 @@ def _finish_account_request(request, info): ) +def _send_email_exists(request, username): + email = Mafiasi.objects.get(username=username).real_email + email_content = render_to_string( + "registration/email_exists.txt", + { + "username": username, + "password_reset_url": settings.PASSWORD_RESET_URL, + }, + ) + return _send_mail_or_error_page( + _("Account exists at %s" % settings.PROJECT_NAME), email_content, email, request, None + ) + + def _send_mail_or_error_page(subject, content, address, request, email_shown): try: send_mail(subject, content, None, [address]) diff --git a/mafiasi/settings.py b/mafiasi/settings.py index a3ef7fe2..4c12413d 100644 --- a/mafiasi/settings.py +++ b/mafiasi/settings.py @@ -30,6 +30,10 @@ KEYCLOAK_ACCOUNT_CONSOLE_URL = env.str( "MAFIASI_KEYCLOAK_ACCOUNT_CONSOLE_URL", default="https://identity.mafiasi.de/realms/mafiasi/account" ) +PASSWORD_RESET_URL = env.str( + "MAFIASI_PASSWORD_RESET_URL", + default="https://identity.mafiasi.de/realms/mafiasi/login-actions/reset-credentials?client_id=mafiasi-dashboard", +) OPENID_SYNC_SUPERUSER = env.bool("MAFIASI_OPENID_SYNC_SUPERUSER", default=True) if OPENID_SYNC_SUPERUSER: