Smalltalk Frameworks & Tools Seaside Seaside General

How to implement the classical email confirmation with seaside

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Sebastian Sastre-2
Reply | Threaded
Open this post in threaded view
|

How to implement the classical email confirmation with seaside

Sebastian Sastre-2
Hi there,
 
    I'm wonder how one can implement with Seaside the classical feature in which a user fills an online form and the system sends an email confirmation to the user with a link that when clicked the system can store it as a valid user with a valid email.
 
    As Seaside uses the urls in an ephemeral fashion I can't figure out how a seaside application can detect that link in a callback or something like that.
 
    Any clue will be appreciated,
 
    thank you,
 

Sebastian Sastre

 

_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Lukas Renggli
Reply | Threaded
Open this post in threaded view
|

Re: How to implement the classical email confirmation with seaside

Lukas Renggli
>     I'm wonder how one can implement with Seaside the classical feature in
> which a user fills an online form and the system sends an email confirmation
> to the user with a link that when clicked the system can store it as a valid
> user with a valid email.

See WAEmailConfirmation in Seaside, that does exactly that.

You can also have a look at SqueakSource. It uses the same principle
for lost passwords.

On seasidehosting.st we use something like:

nextPage
        Continuation currentDo: [ :cc |
                self
                        mailUrl: (self session actionUrlForContinuation: cc)
                        for: self account.
                ^ self inform: 'Check your e-mail.' ].
        self account activate.
        self inform: 'Account activated'

Cheers,
Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch
_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
cdavidshaffer
Reply | Threaded
Open this post in threaded view
|

Re: How to implement the classical email confirmation with seaside

cdavidshaffer
In reply to this post by Sebastian Sastre-2
Sebastian Sastre wrote:

> Hi there,
>  
>     I'm wonder how one can implement with Seaside the classical
> feature in which a user fills an online form and the system sends an
> email confirmation to the user with a link that when clicked the
> system can store it as a valid user with a valid email.
>  
>     As Seaside uses the urls in an ephemeral fashion I can't figure
> out how a seaside application can detect that link in a callback or
> something like that.
>  
>     Any clue will be appreciated,
>  
>     thank you,
>  
Here's what I do:

Mark your "change password request" objects with a unique Id (I use
UUID>>asString36).  Send an e-mail to the user with a URL which contains
an ID encoded in its path.

Create a root component and implement initialRequest:.  This method gets
the WARequest instance as an argument.  From that you can get the path
elements (I think I use "request nativeRequest pathParts last" to get
the last one).  Now you have the id so you can pull the change password
request object out of your database.

David

_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Sebastian Sastre-2
Reply | Threaded
Open this post in threaded view
|

RE: How to implement the classical email confirmation withseaside

Sebastian Sastre-2
> >     Any clue will be appreciated,
> >  
> >     thank you,
> >  
> Here's what I do:
>
> Mark your "change password request" objects with a unique Id (I use
> UUID>>asString36).  Send an e-mail to the user with a URL
> which contains
> an ID encoded in its path.
>
> Create a root component and implement initialRequest:.  This
> method gets
> the WARequest instance as an argument.  From that you can get
> the path
> elements (I think I use "request nativeRequest pathParts last" to get
> the last one).  Now you have the id so you can pull the
> change password
> request object out of your database.
>
> David
>
Looks very good! This way, the sent link (unless one explicitely implement
it) don't has an expiration time. I'll give a try to this. Thank you very
much,

Sebastian

_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Sebastian Sastre-2
Reply | Threaded
Open this post in threaded view
|

RE: How to implement the classical email confirmation withseaside

Sebastian Sastre-2
In reply to this post by Lukas Renggli
> -----Mensaje original-----
> De: [hidden email]
> [mailto:[hidden email]] En nombre
> de Lukas Renggli
> Enviado el: Viernes, 27 de Abril de 2007 09:56
> Para: Seaside - general discussion
> Asunto: Re: [Seaside] How to implement the classical email
> confirmation withseaside
>
> >     I'm wonder how one can implement with Seaside the classical
> > feature in which a user fills an online form and the system
> sends an
> > email confirmation to the user with a link that when clicked the
> > system can store it as a valid user with a valid email.
>
> See WAEmailConfirmation in Seaside, that does exactly that.
>
> You can also have a look at SqueakSource. It uses the same
> principle for lost passwords.
>
> On seasidehosting.st we use something like:
>
> nextPage
> Continuation currentDo: [ :cc |
> self
> mailUrl: (self session
> actionUrlForContinuation: cc)
> for: self account.
> ^ self inform: 'Check your e-mail.' ].
> self account activate.
> self inform: 'Account activated'
>
> Cheers,
> Lukas
>
Lukas, if I understood right, the "self session actionUrlForContinuation:
cc" are getting the url of the current session and that means that the url
sent it's only useful until the expiration of that session right?

        cheers,

Sebastian
PD: thanks for the reference of look into SqueakSource code I haven't see it
yet. I think I can download it from SqueakSource itself.

_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Boris Popov, DeepCove Labs (SNN)
Reply | Threaded
Open this post in threaded view
|

RE: How to implement the classical email confirmationwithseaside

Boris Popov, DeepCove Labs (SNN)
In reply to this post by Sebastian Sastre-2
Or you could consider session expiration a free security feature
otherwise you may end up implementing one yourself to ensure old email
requests don't actually do anything after X period of time.

;)

-Boris

--
+1.604.689.0322
DeepCove Labs Ltd.
4th floor 595 Howe Street
Vancouver, Canada V6C 2T5
http://tinyurl.com/r7uw4

[hidden email]

CONFIDENTIALITY NOTICE

This email is intended only for the persons named in the message
header. Unless otherwise indicated, it contains information that is
private and confidential. If you have received it in error, please
notify the sender and delete the entire message including any
attachments.

Thank you.

> -----Original Message-----
> From: [hidden email] [mailto:seaside-
> [hidden email]] On Behalf Of Sebastian Sastre
> Sent: Friday, April 27, 2007 10:25 AM
> To: 'Seaside - general discussion'
> Subject: RE: [Seaside] How to implement the classical email
> confirmationwithseaside
>
> > >     Any clue will be appreciated,
> > >
> > >     thank you,
> > >
> > Here's what I do:
> >
> > Mark your "change password request" objects with a unique Id (I use
> > UUID>>asString36).  Send an e-mail to the user with a URL
> > which contains
> > an ID encoded in its path.
> >
> > Create a root component and implement initialRequest:.  This
> > method gets
> > the WARequest instance as an argument.  From that you can get
> > the path
> > elements (I think I use "request nativeRequest pathParts last" to
get
> > the last one).  Now you have the id so you can pull the
> > change password
> > request object out of your database.
> >
> > David
> >
> Looks very good! This way, the sent link (unless one explicitely
implement
> it) don't has an expiration time. I'll give a try to this. Thank you
very
> much,
>
> Sebastian
>
> _______________________________________________
> Seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Lukas Renggli
Reply | Threaded
Open this post in threaded view
|

Re: How to implement the classical email confirmation with seaside

Lukas Renggli
In reply to this post by Lukas Renggli
> I don't quite understand something in your posted code:
>
> On 27/04/07, Lukas Renggli <[hidden email]> wrote:
> > On seasidehosting.st we use something like:
> >
> > nextPage
> >         Continuation currentDo: [ :cc |
> >                 self
> >                         mailUrl: (self session actionUrlForContinuation: cc)
> >                         for: self account.
> >                 ^ self inform: 'Check your e-mail.' ].
> >         self account activate.
> >         self inform: 'Account activated'
>
> After informing 'Check your e-mail', won't control flow continue down
> through 'self account activate', and so on? I.e. don't you need to
> exit the function after doing the 'self inform', or am I
> misunderstanding something?

There is a return right after sending out the mail and the 'self inform' ;-)

The only way to get to 'self account activate' and the next inform is
by clicking on the (secret) URL that is hopefully in your mailbox.

Cheers,
Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch
_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Lukas Renggli
Reply | Threaded
Open this post in threaded view
|

Re: How to implement the classical email confirmation withseaside

Lukas Renggli
In reply to this post by Sebastian Sastre-2
> Lukas, if I understood right, the "self session actionUrlForContinuation:
> cc" are getting the url of the current session and that means that the url
> sent it's only useful until the expiration of that session right?

Yes, this link expires with the session.

> PD: thanks for the reference of look into SqueakSource code I haven't see it
> yet. I think I can download it from SqueakSource itself.

Yes, it is on SqueakSource, however it uses a very old version of
Seaside. The thing with the mail should still work.

Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch
_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Sebastian Sastre-2
Reply | Threaded
Open this post in threaded view
|

RE: How to implement the classical emailconfirmationwithseaside

Sebastian Sastre-2
In reply to this post by Boris Popov, DeepCove Labs (SNN)

> -----Mensaje original-----
> De: [hidden email]
> [mailto:[hidden email]] En nombre
> de Boris Popov
> Enviado el: Viernes, 27 de Abril de 2007 17:46
> Para: Seaside - general discussion
> Asunto: RE: [Seaside] How to implement the classical
> emailconfirmationwithseaside
>
> Or you could consider session expiration a free security
> feature otherwise you may end up implementing one yourself to
> ensure old email requests don't actually do anything after X
> period of time.
>
> ;)
>
> -Boris
>
And I actually do, it's just that the other technique could allow you to
beign able to activate it for periods greater than one that could be
reasonable for a seaside session (like two weeks). I don't know a priori
which one a client will ask for, and probably the shortest one but is good
to have both ;)

        cheers,

Sebastian



_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Sebastian Sastre-2
Reply | Threaded
Open this post in threaded view
|

RE: How to implement the classical email confirmationwithseaside

Sebastian Sastre-2
In reply to this post by Lukas Renggli
> > PD: thanks for the reference of look into SqueakSource code
> I haven't
> > see it yet. I think I can download it from SqueakSource itself.
>
> Yes, it is on SqueakSource, however it uses a very old
> version of Seaside. The thing with the mail should still work.
>
> Lukas
>
Lukas, after loading SmaCC Runtime 4 into a brand new
Squeak3.9-final-7067.image in a Windows system, I've opened the Monticello
repository of SqueakSource and pointed SqueakSource-lr.1016.mcz. It started
to load until it informs about an error:
'MacOSGraphVizGenerator  external calls  runWithSystemFramework:'

Should I try another version? Of SqueakSource? Of squeak itself?

Regards,

Sebastian
PD: By the way I've also see that when pointing to the Seaside2.6a2 of that
repository it brings an error when cliked.

_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Lukas Renggli
Reply | Threaded
Open this post in threaded view
|

Re: How to implement the classical email confirmationwithseaside

Lukas Renggli
> Lukas, after loading SmaCC Runtime 4 into a brand new
> Squeak3.9-final-7067.image in a Windows system, I've opened the Monticello
> repository of SqueakSource and pointed SqueakSource-lr.1016.mcz. It started
> to load until it informs about an error:
> 'MacOSGraphVizGenerator  external calls  runWithSystemFramework:'

There is a nice write-up on how to load SqueakSource:
http://lists.squeakfoundation.org/pipermail/beginners/2006-December/001610.html

> Should I try another version? Of SqueakSource? Of squeak itself?

Just to see how to mail the forgotten password it is probably not
worth the trouble to load all the right dependencies. You might just
want to have a look at the implementation from the Monticello browser.

Cheers,
Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch
_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Free forum by Nabble Edit this page