templates/keys/address_verified.html templates/keys/address_verifyfailed.html templates/keys/email_confirmation_message.txt @@ -1,6 +1,5 @@ TODO: -* actually check whether a mail/key pair is Verified before returning it. * check for weak keys when a key is uploaded * allow upload of more than one key/associate with more than one mail address at once. TODO @@ -44,19 +44,22 @@ class AddressKey (models.Model): else: return False - def send_confirmation(self, email_address): + def send_confirmation(self, keyobj): salt = sha.new(str(random())).hexdigest()[:5] # FIXME: Is this random enough? - confirmation_key = sha.new(salt + email_address.address.address).hexdigest() + confirmation_key = sha.new(salt + keyobj.address.address).hexdigest() activate_url = u"http://%s%s" % ( "sshkeys.net/confirm_email/", confirmation_key) message = render_to_string("keys/email_confirmation_message.txt", { "confirmation_key": confirmation_key, + "sshkey": keyobj.sshkey.keytext, + "email_address": keyobj.address.address }) - send_mail("SSH Key verification.", message, settings.FROM_EMAIL, [email_address.address.address]) - email_address.token = confirmation_key - email_address.save() + send_mail("SSH Key verification.", message, + settings.FROM_EMAIL, [keyobj.address.address]) + keyobj.token = confirmation_key + keyobj.save() def delete_expired_confirmations(self): for confirmation in self.all(): keys/models.py @@ -17,13 +17,17 @@ def index(request): def list(request, **kwargs): kwargs['allow_empty'] = True - kwargs['queryset'] = Address.objects.all().order_by("address") + kwargs['queryset'] = \ + AddressKey.objects.filter(verified=True).order_by("address__address") return object_list(request, **kwargs) def detail(request, address): - owner = Address.objects.get(address=address) - keys = [unicode(key) for key in owner.sshkey_set.all()] - return HttpResponse("\n".join(keys), mimetype="text/plain") + keyobjs = AddressKey.objects.filter(verified=True, + address__address=address) + keylist = set() + for key in keyobjs: + keylist.add(unicode(key.sshkey)) + return HttpResponse("\n".join(keylist), mimetype="text/plain") def upload(request): address_str = request.POST['address'] @@ -39,18 +43,18 @@ def upload(request): defaults={'date_added': datetime.now(), 'verified': False, 'token_sent': datetime.now()}) - if created: - newrel.send_confirmation(newrel) - return render_to_response("keys/address_uploaded.html") - else: - newrel.send_confirmation(newrel) - return render_to_response("keys/address_index.html") + + # "if created:" can tell us whether we created a new pair or + # just sent out a reminder about an old one, if we care. + newrel.send_confirmation(newrel) + return render_to_response("keys/address_uploaded.html") def search(request, **kwargs): search_str = request.POST['search'] search = search_str.rstrip() kwargs['allow_empty'] = True - kwargs['queryset'] = Address.objects.filter(address__contains=search) + kwargs['queryset'] = AddressKey.objects.filter(verified=True, + address__address__contains=search).order_by("address__address") return object_list(request, extra_context={"search": search}, **kwargs) def confirm(request, token): @@ -63,13 +67,11 @@ def confirm(request, token): def download(request): search_str = request.POST['search'] - addresses = Address.objects.filter(address__contains=search_str) - keys = set() - for address in addresses: - for key in address.sshkey_set.all(): - keys.add(unicode(key)) + keys = AddressKey.objects.filter(verified=True, + address__address__contains=search_str).order_by("address__address") + + keylist = set() + for key in keys: + keylist.add(unicode(key.sshkey)) - if len(keys) > 0: - return HttpResponse("\n".join(keys), mimetype="text/plain") - else: - raise Http404 + return HttpResponse("\n".join(keylist), mimetype="text/plain") keys/views.py 0c17c360a30797a86fc5c55f038b2bda4da930e9 Chris Ball chris@printf.net http://github.com/cjb/sshkeys/commit/903b94708c3a9d6508ce01838a1086c54b3f5a5f 903b94708c3a9d6508ce01838a1086c54b3f5a5f 2008-09-03T00:18:01-07:00 2008-09-03T00:18:01-07:00 Implement "verified" checking in all views. cac6b6c173203fd5215b7d7d7f67f2cf1ad94795 Chris Ball chris@printf.net