完善邮件发送功能 #39

- 用户注册后发送欢迎邮件
- 重置密码成功后发送通知邮件
- 优化发送密码模板的结构
- 修正登陆时密码验证逻辑错误的问题

Author: greatghoul

website/scriptfan/forms/user.py

@@ -6,6 +6,7 @@
     定义用户相关页面所用到的表单, 包括注册、登陆、基本资料修改、密码修改、邮箱修改等。
 """
 
+from flask import current_app as app
 from flask.ext import wtf
 from flask.ext.login import current_user
 from flask.ext.babel import gettext as _
@@ -47,7 +48,7 @@ def validate(self):
         if not super(RedirectForm, self).validate(): return False
 
         user = User.get_by_email(self.email.data)
-        if not user or user.check_password(self.password.data):
+        if not user or not user.check_password(self.password.data):
             self.email.errors.append(_('forms.signin.errors.invalid_email_or_password')) 
         else:
             self.user = user

website/scriptfan/templates/users/reset_email.html website/scriptfan/templates/users/email/reset.html

@@ -0,0 +1,6 @@
+{%- set home_url = url_for('home.index', _external=True) -%}
+<strong>{{ user.nickname }}，你好！</strong>
+
+你的 ScriptFan 的密码已经修改。
+
+<p>想了解更多信息，请访问 <a href="{{ home_url }}">{{ home_url }}</a></p>

website/scriptfan/templates/users/email/reset_success.html

@@ -0,0 +1,4 @@
+{%- set home_url = url_for('home.index', _external=True) -%}
+<strong>{{ user.nickname }}，你好！</strong>
+
+<p>想了解更多信息，请访问 <a href="{{ home_url }}">{{ home_url }}</a></p>

website/scriptfan/templates/users/email/welcome.html

@@ -218,6 +218,8 @@ def _create_or_login(resp):
         db.session.add(user)
         db.session.commit()
 
+        _send_welcome_email(user)
+
         flash(u'帐号已经创建, 可以在资料<a href="%s">修改页面</a>补充密码等信息'% url_for('users.general'), 'success')
 
     app.logger.info('Signin users: %s', user.email)
@@ -240,6 +242,7 @@ def signup():
         user.set_password(form.password1.data)
         db.session.add(user)
         app.logger.info(u'New users added: %s', user)
+        _send_welcome_email(user)
         flash(u'注册成功', 'success')
         return redirect(url_for('users.signin'))
 
@@ -279,8 +282,6 @@ def general():
     # TODO 处理更新用户资料的请求
     # TODO 用户照片上传
 
-# TODO: 用户找回密码功能
-
 # 更新用户slug功能
 @blurprint.route('/slug', methods=['GET', 'POST'])
 @login.login_required
@@ -296,14 +297,27 @@ def slug():
     form.process(obj=current_user.user)
     return render_template('users/slug.html', form=form, skip_slug_info=True)
 
+def _send_welcome_email(user):
+    """ 发送欢迎邮件 """
+
+    try:
+        app.logger.info('Sending welcome email to %s', user.email)
+        msg = Message(u'欢迎来到ScriptFan', recipients=[user.email])
+        msg.html = render_template('users/email/welcome.html', user=user)
+        # FIXME: 邮件发送使用异步方式，避免用户等待太长时间
+        mail.send(msg)
+        app.logger.info('Mail sent successfully.')
+    except Exception, e:
+        app.logger.info(e.message)
+        app.logger.error('Failed to send welcome reset mail, because: %s', e)
 
 def _send_reset_email(user, token):
     """ 发送密码重置邮件 """
 
     try:
         app.logger.info('Sending reset email to %s with token %s', user.email, token)
         msg = Message(u'ScriptFan密码重置', recipients=[user.email])
-        msg.html = render_template('users/reset_email.html', user=user, token=token)
+        msg.html = render_template('users/email/reset.html', user=user, token=token)
         # FIXME: 邮件发送使用异步方式，避免用户等待太长时间
         mail.send(msg)
         app.logger.info('Mail sent successfully.')
@@ -313,6 +327,20 @@ def _send_reset_email(user, token):
         app.logger.error('Failed to send password reset mail, because: %s', e)
         return False
 
+def _send_reset_success_email(user):
+    """ 发送重置通知邮件 """
+
+    try:
+        app.logger.info('Sending email confirm notification to %s', user.email)
+        msg = Message(u'你在 ScriptFan 的密码已经重置！', recipients=[user.email])
+        msg.html = render_template('users/email/reset_success.html', user=user)
+        # FIXME: 邮件发送使用异步方式，避免用户等待太长时间
+        mail.send(msg)
+        app.logger.info('Mail sent successfully.')
+    except Exception, e:
+        app.logger.info(e.message)
+        app.logger.error('Failed to send email reset notification mail, because: %s', e)
+
 
 @blurprint.route('/reset/step1', methods=['GET', 'POST'])
 def reset_step1():
@@ -336,11 +364,12 @@ def reset_step1():
 
 def _valid_reset_token():
     """ 验证重置口令及邮件地址是否匹配 """
-
+    email, token = request.args.get('email'), request.args.get('token')
+    app.logger.info('Validating email reset with email: %s and token: %s', email, token)
     return session.get('reset_email') and \
            session.get('reset_token') and \
-           session['reset_email'] == request.args['email'] and \
-           session['reset_token'] == request.args['token']
+           session['reset_email'] == email and \
+           session['reset_token'] == token 
 
 @blurprint.route('/reset/step2', methods=['GET', 'POST'])
 def reset_step2():
@@ -353,12 +382,12 @@ def reset_step2():
         user.set_password(form.password.data)
         flash(u'用户密码已经更新', 'success')
 
-        # TODO: 通过重置密码功能修改密码成功后，向用户发送邮件提醒。
-
         # 清除验证用的 Token
         del session['reset_email']
         del session['reset_token']
 
+        _send_reset_success_email(user)
+
         return redirect(url_for('users.signin'))
 
     # 如果邮件及当前token均匹配，则显示重置密码的表单