Send notif email to old email address on email change.
This commit is contained in:
parent
69fefdb2ea
commit
3654bcb854
|
@ -21,6 +21,11 @@ export default [
|
|||
title: 'Change email confirmation',
|
||||
description: 'Sent when the user has changed their email, to confirm their new one',
|
||||
},
|
||||
{
|
||||
id: 'change_email_old',
|
||||
title: 'Change email notification (Old email)',
|
||||
description: 'Sent when the user has changed their email, in case of compromise',
|
||||
},
|
||||
{
|
||||
id: 'change_password',
|
||||
title: 'Change password confirmation',
|
||||
|
|
|
@ -50,6 +50,10 @@ example_email_args = {
|
|||
'display_name': user.display_name,
|
||||
'confirm_url': 'http://someconfirmurl.com',
|
||||
},
|
||||
'change_email_old': {
|
||||
'display_name': user.display_name,
|
||||
'contact_url': 'http://somecontacturl.com',
|
||||
},
|
||||
'change_password': {
|
||||
'display_name': user.display_name,
|
||||
'recover_url': 'http://somerecoverurl.com',
|
||||
|
|
|
@ -46,6 +46,14 @@ def change_email_info(email_args):
|
|||
}
|
||||
|
||||
|
||||
def change_email_old_info(email_args):
|
||||
return {
|
||||
'subject': 'Your email has been changed',
|
||||
'title': 'Email changed',
|
||||
'preview': 'Your email address has been updated on ZF Grants'
|
||||
}
|
||||
|
||||
|
||||
def change_password_info(email_args):
|
||||
return {
|
||||
'subject': 'Your password has been changed',
|
||||
|
@ -135,6 +143,7 @@ get_info_lookup = {
|
|||
'team_invite': team_invite_info,
|
||||
'recover': recover_info,
|
||||
'change_email': change_email_info,
|
||||
'change_email_old': change_email_old_info,
|
||||
'change_password': change_password_info,
|
||||
'proposal_approved': proposal_approved,
|
||||
'proposal_rejected': proposal_rejected,
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
<p style="margin: 0 0 20px;">
|
||||
Hey {{ args.display_name }}, you just changed your email. Your new email
|
||||
address was also sent an email to confirm your new one. If you did this,
|
||||
you can safely delete this message.
|
||||
</p>
|
||||
|
||||
<p style="margin: 0;">
|
||||
If it wasn't you who did this, you should
|
||||
<a href="{{ args.contact_url }}" target="_blank" style="color: #CF8A00;">
|
||||
contact support
|
||||
</a>
|
||||
immediately.
|
||||
</p>
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
Hey {{ args.display_name }}, you just changed your email. Your new email address was also sent an email to confirm your new one. If you did this, you can safely delete this message.
|
||||
|
||||
If it wasn't you who did this, you should contact support immediately.
|
||||
|
||||
{{ args.contact_url }}
|
|
@ -188,6 +188,7 @@ class User(db.Model, UserMixin):
|
|||
|
||||
def set_email(self, email: str):
|
||||
# Update email address
|
||||
old_email = self.email_address
|
||||
self.email_address = email
|
||||
# Delete old verification(s?)
|
||||
old_evs = EmailVerification.query.filter_by(user_id=self.id).all()
|
||||
|
@ -196,8 +197,12 @@ class User(db.Model, UserMixin):
|
|||
# Generate a new one
|
||||
ev = EmailVerification(user_id=self.id)
|
||||
db.session.add(ev)
|
||||
# Save changes & send a verification email
|
||||
# Save changes & send notification & verification emails
|
||||
db.session.commit()
|
||||
send_email(old_email, 'change_email_old', {
|
||||
'display_name': self.display_name,
|
||||
'contact_url': make_url('/contact')
|
||||
})
|
||||
send_email(self.email_address, 'change_email', {
|
||||
'display_name': self.display_name,
|
||||
'confirm_url': make_url(f'/email/verify?code={ev.code}')
|
||||
|
|
Loading…
Reference in New Issue