signup, reset and other account stuff

.env.template

@@ -52,11 +52,32 @@ SHOPPING_MIN_AUTOSYNC_INTERVAL=5
 # when unset: 1 (true) - this is temporary until an appropriate amount of time has passed for everyone to migrate
 GUNICORN_MEDIA=0
 
+# S3 Media settings: store mediafiles in s3 or any compatible storage backend (e.g. minio)
+# as long as S3_ACCESS_KEY is not set S3 features are disabled
+# S3_ACCESS_KEY=
+# S3_SECRET_ACCESS_KEY=
+# S3_BUCKET_NAME=
+# S3_QUERYSTRING_AUTH=1 # default true, set to 0 to serve media from a public bucket without signed urls
+# S3_ENDPOINT_URL= # when using a custom endpoint like minio
+
+# Email Settings, see https://docs.djangoproject.com/en/3.2/ref/settings/#email-host
+# Required for email confirmation and password reset (automatically activates if host is set)
+# EMAIL_HOST=
+# EMAIL_PORT=
+# EMAIL_HOST_USER=
+# EMAIL_HOST_PASSWORD=
+# EMAIL_USE_TLS=0
+# EMAIL_USE_SSL=0
+# ACCOUNT_EMAIL_SUBJECT_PREFIX
+
 # allow authentication via reverse proxy (e.g. authelia), leave off if you dont know what you are doing
 # see docs for more information https://vabene1111.github.io/recipes/features/authentication/
 # when unset: 0 (false)
 REVERSE_PROXY_AUTH=0
 
+# allow people to create accounts on your application instance
+# when unset: 0 (false)
+# ENABLE_SIGNUP=0
 
 # allows you to setup OAuth providers
 # see docs for more information https://vabene1111.github.io/recipes/features/authentication/

cookbook/helper/AllAuthCustomAdapter.py

@@ -9,11 +9,14 @@ class AllAuthCustomAdapter(DefaultAccountAdapter):
         """
         Whether to allow sign ups.
         """
-        if request.resolver_match.view_name == 'account_signup':
+        if request.resolver_match.view_name == 'account_signup' and not settings.ENABLE_SIGNUP:
             return False
         else:
             return super(AllAuthCustomAdapter, self).is_open_for_signup(request)
 
     # disable password reset for now
     def send_mail(self, template_prefix, email, context):
-        pass
+        if settings.EMAIL_HOST != '':
+            super(AllAuthCustomAdapter, self).send_mail(template_prefix, email, context)
+        else:
+            pass

cookbook/templates/account/login.html

@@ -26,6 +26,8 @@
                 {% endif %}
 
                 <button class="btn btn-primary" type="submit">{% trans "Sign In" %}</button>
+                <a class="btn btn-success" href="{% url 'account_signup' %}">{% trans "Sign Up" %}</a>
+                <a class="btn btn-secondary" href="{% url 'account_reset_password' %}">{% trans "Reset Password" %}</a>
             </form>
         </div>
     </div>

cookbook/templates/account/password_reset.html

@@ -1,11 +1,26 @@
 {% extends "base.html" %}
 {% load crispy_forms_filters %}
+
 {% load i18n %}
+{% load account %}
 
-{% block title %}{% trans 'Password Reset' %}{% endblock %}
+{% block head_title %}{% trans "Password Reset" %}{% endblock %}
-
 
 {% block content %}
-    <span>{% trans 'Password reset is not implemented for the time being!' %}</span>
+
+    <h3>{% trans "Password Reset" %}</h3>
+    {% if user.is_authenticated %}
+    {% include "account/snippets/already_logged_in.html" %}
+    {% endif %}
+
+    <p>{% trans "Forgotten your password? Enter your e-mail address below, and we'll send you an e-mail allowing you to reset it." %}</p>
+
+    <form method="POST" action="{% url 'account_reset_password' %}" class="password_reset">
+        {% csrf_token %}
+        {{ form | crispy}}
+        <input type="submit" class="btn btn-primary" value="{% trans 'Reset My Password' %}" />
+        <a class="btn btn-primary" href="{% url 'account_signup' %}">{% trans "Sign In" %}</a>
+        <a class="btn btn-success" href="{% url 'account_signup' %}">{% trans "Sign Up" %}</a>
+    </form>
 
 {% endblock %}

cookbook/templates/account/password_reset_done.html

@@ -1,11 +1,17 @@
 {% extends "base.html" %}
-{% load crispy_forms_filters %}
+
+
 {% load i18n %}
+{% load account %}
 
-{% block title %}{% trans 'Password Reset' %}{% endblock %}
+{% block head_title %}{% trans "Password Reset" %}{% endblock %}
-
 
 {% block content %}
-    <span>{% trans 'Password reset is not implemented for the time being!' %}</span>
+    <h3>{% trans "Password Reset" %}</h3>
 
+    {% if user.is_authenticated %}
+    {% include "account/snippets/already_logged_in.html" %}
+    {% endif %}
+
+    <p>{% blocktrans %}We have sent you an e-mail. Please contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
 {% endblock %}

recipes/settings.py

@@ -100,6 +100,8 @@ INSTALLED_APPS = INSTALLED_APPS + SOCIAL_PROVIDERS
 SOCIALACCOUNT_PROVIDERS = ast.literal_eval(
     os.getenv('SOCIALACCOUNT_PROVIDERS') if os.getenv('SOCIALACCOUNT_PROVIDERS') else '{}')
 
+ENABLE_SIGNUP = bool(int(os.getenv('ENABLE_SIGNUP', False)))
+
 MIDDLEWARE = [
     'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
@@ -293,10 +295,10 @@ if os.getenv('S3_ACCESS_KEY', ''):
     AWS_ACCESS_KEY_ID = os.getenv('S3_ACCESS_KEY', '')
     AWS_SECRET_ACCESS_KEY = os.getenv('S3_SECRET_ACCESS_KEY', '')
     AWS_STORAGE_BUCKET_NAME = os.getenv('S3_BUCKET_NAME', '')
-    AWS_QUERYSTRING_AUTH = True
+    AWS_QUERYSTRING_AUTH = bool(int(os.getenv('S3_QUERYSTRING_AUTH', True)))
 
     if os.getenv('S3_ENDPOINT_URL', ''):
-        AWS_S3_ENDPOINT_URL  = os.getenv('S3_ENDPOINT_URL', '')
+        AWS_S3_ENDPOINT_URL = os.getenv('S3_ENDPOINT_URL', '')
 
     MEDIA_URL = os.getenv('MEDIA_URL', '/media/')
     MEDIA_ROOT = os.path.join(BASE_DIR, "mediafiles")
@@ -321,3 +323,11 @@ CORS_URLS_REGEX = r'^/api/bookmarklet-import.*$'
 CORS_ALLOW_METHODS = ['GET', 'OPTIONS', 'POST']
 # future versions of django will make undeclared default django.db.models.BigAutoField which will force migrations on all models
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
+
+EMAIL_HOST = os.getenv('EMAIL_HOST', '')
+EMAIL_PORT = int(os.getenv('EMAIL_PORT', 25))
+EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '')
+EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '')
+EMAIL_USE_TLS = bool(int(os.getenv('EMAIL_USE_TLS', False)))
+EMAIL_USE_SSL = bool(int(os.getenv('EMAIL_USE_SSL', False)))
+ACCOUNT_EMAIL_SUBJECT_PREFIX = os.getenv('ACCOUNT_EMAIL_SUBJECT_PREFIX', '[Tandoor Recipes] ')  # allauth sender prefix