Handle unverified emails

If a user provides the correct credentials to login, but they are
unverified, redirect them to the email verification page, where they
are provided with a chance to verify their email, or send a new
verification code.

1 files changed, 69 insertions, 0 deletions

diff --git a/gn_auth/templates/users/unverified-user.html b/gn_auth/templates/users/unverified-user.html
new file mode 100644
index 0000000..b2c6992
--- /dev/null
+++ b/gn_auth/templates/users/unverified-user.html
@@ -0,0 +1,69 @@
+{%extends "base.html"%}
+
+{%block title%}gn-auth: Verify Email{%endblock%}
+
+{%block pagetitle%}Verify Email{%endblock%}
+
+{%block content%}
+{{flash_messages()}}
+
+<h1>Verify Your E-Mail</h1>
+
+<form id="frm-email-verification" method="POST"
+      action="{{url_for('oauth2.users.verify_user')}}">
+  <legend>Email Verification</legend>
+
+  <p>In order to reduce the number of bots we have to deal with, we no longer
+    allow sign-in with users who have not verified their accounts.</p>
+
+  <p>We know this is annoying &mdash; especially if you already have an account,
+    and have been using it just fine &mdash; however, we have found that without
+    this check in place, we will get overrun by silly bots, which will ruin
+    every user's experience.</p>
+
+  <p>
+    Do bear with us, enter the verification code you received via email below:
+  </p>
+
+  <input type="hidden" name="email" value="email" />
+
+  <fieldset class="form-group">
+    <label for="txt-verification-code" class="form-label">
+      Verification Code</label>
+    <input id="txt-verification-code" name="verificationcode" type="text"
+           required="required" class="form-control"
+           placeholder="Enter your verification code here." />
+  </fieldset>
+
+  <fieldset>
+    <input type="submit" value="Verify Email Address" class="btn btn-primary" />
+  </fieldset>
+</form>
+
+<h2>Send Verification Code</h2>
+
+<form id="frm-send-verification-code" method="POST"
+      action="{{url_for('oauth2.users.send_verification_code')}}">
+  <legend>Send Verification Code</legend>
+
+  <p>If you have not received a verification code, or your code is already
+    expired, provide <strong>your GeneNetwork</strong> password and
+    click the "<em>Send Verification Code</em>" button below and we will send
+    you a new verification code.</p>
+
+  <input type="hidden" name="user_email" value="{{email}}" />
+
+  <fieldset class="form-group">
+    <label class="form-label">Email</label>
+    <label class="form-control">{{email}}</label>
+  </fieldset>
+
+  <fieldset class="form-group">
+    <label for="txt-password" class="form-label">Password</label>
+    <input id="txt-password" name="user_password" type="password"
+           placeholder="Enter your GeneNetwork password"
+           class="form-control" />
+  </fieldset>
+  <input type="submit" value="Send Verification Code" class="btn btn-danger" />
+</form>
+{%endblock%}