collective.confirm_email provides a helper to require that the user
confirm their email address before accessing a Zope 2 browser view.
A browser view can require this protection by using the
helper when it is called:
from collective.confirm_email import confirm_email class ProtectedView(object): def __init__(self, context, request): self.context = context self.request = request def __call__(self): confirm_email(self) # do stuff here
A beaker session is used to keep track of whether the user's email has
been confirmed. If the
collective.confirm_email.confirmed key is
not found in the session, the user is redirected to the
form which asks them to enter their email address.
Upon entry, a nonce is generated and stored, and an email is sent to the
user including a link back to the
confirm-email view with the nonce
included. When the user clicks the link, the view validates the nonce,
and if it is valid, sets up the beaker session. The email address that
was entered is also stored in the beaker session under the
collective.confirm_email.email key, so it can be used by the original
from collective.beaker.interfaces import ISession session = ISession(self.request) email = session['collective.confirm_email.email']
You must configure
collective.beaker sessions as described in its
You must run the
collective.confirm_email default profile, or otherwise
arrange for an
INonceManager to be available.