email token as URL

Signed-off-by: firstTimeCaller

Author: firstTimeCaller

README.md

@@ -233,7 +233,7 @@ DEFAULTS = {
 
     # URL Prefix for Authentication Endpoints
     'PASSWORDLESS_AUTH_PREFIX': 'auth/',
-    
+
     #  URL Prefix for Verification Endpoints
     'PASSWORDLESS_VERIFY_PREFIX': 'auth/verify/',
 
@@ -268,6 +268,15 @@ DEFAULTS = {
     # The email template name.
     'PASSWORDLESS_EMAIL_TOKEN_HTML_TEMPLATE_NAME': "passwordless_default_token_email.html",
 
+    # Providing a domain name will email token within a URL
+    'PASSWORDLESS_LOGIN_URL_DOMAIN': False,
+
+    # The email template name for URL
+    'PASSWORDLESS_EMAIL_URL_HTML_TEMPLATE_NAME': "passwordless_default_url_email.html",
+
+    # A plaintext email URL message overridden by the html message. Takes one string.
+    'PASSWORDLESS_EMAIL_URL_PLAINTEXT_MESSAGE': "Click here to login %s",
+
     # Your twilio number that sends the callback tokens.
     'PASSWORDLESS_MOBILE_NOREPLY_NUMBER': None,
 
@@ -304,7 +313,7 @@ DEFAULTS = {
     # the token itself, the second is a boolean value representating whether
     # the token was newly created.
     'PASSWORDLESS_AUTH_TOKEN_CREATOR': 'drfpasswordless.utils.create_authentication_token',
-    
+
     # What function is called to construct a serializer for drf tokens when
     # exchanging a passwordless token for a real user auth token.
     'PASSWORDLESS_AUTH_TOKEN_SERIALIZER': 'drfpasswordless.serializers.TokenResponseSerializer'

drfpasswordless/settings.py

@@ -45,6 +45,15 @@
     # The email template name.
     'PASSWORDLESS_EMAIL_TOKEN_HTML_TEMPLATE_NAME': "passwordless_default_token_email.html",
 
+    # Providing a domain name will email token within a URL
+    'PASSWORDLESS_LOGIN_URL_DOMAIN': False,
+
+    # The email template name for URL
+    'PASSWORDLESS_EMAIL_URL_HTML_TEMPLATE_NAME': "passwordless_default_url_email.html",
+
+    # A plaintext email URL message overridden by the html message. Takes one string.
+    'PASSWORDLESS_EMAIL_URL_PLAINTEXT_MESSAGE': "Click here to login %s",
+
     # Your twilio number that sends the callback tokens.
     'PASSWORDLESS_MOBILE_NOREPLY_NUMBER': None,
 

drfpasswordless/templates/passwordless_default_url_email.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Your Login Token</title>
+</head>
+<body>
+    <h2>  <a href="{{ callback_token }}">Click here to login</a> </h2>
+</body>
+</html>

drfpasswordless/utils.py

@@ -119,17 +119,20 @@ def send_email_with_callback_token(user, email_token, **kwargs):
             # Get email subject and message
             email_subject = kwargs.get('email_subject',
                                        api_settings.PASSWORDLESS_EMAIL_SUBJECT)
-            email_plaintext = kwargs.get('email_plaintext',
-                                         api_settings.PASSWORDLESS_EMAIL_PLAINTEXT_MESSAGE)
-            email_html = kwargs.get('email_html',
-                                    api_settings.PASSWORDLESS_EMAIL_TOKEN_HTML_TEMPLATE_NAME)
 
             # Inject context if user specifies.
-            context = inject_template_context({'callback_token': email_token.key, })
+            if api_settings.PASSWORDLESS_LOGIN_URL_DOMAIN:
+                context['callback_token'] = api_settings.PASSWORDLESS_LOGIN_URL_DOMAIN + api_settings.PASSWORDLESS_AUTH_PREFIX + 'login/' + user.email + '/' + email_token.key
+            else:
+                context = inject_template_context({'callback_token': email_token.key, })
+
+            email_html = kwargs.get('email_html')
+            email_plaintext = kwargs.get('email_plaintext')
+
             html_message = loader.render_to_string(email_html, context,)
             send_mail(
                 email_subject,
-                email_plaintext % email_token.key,
+                email_plaintext % context['callback_token'],
                 api_settings.PASSWORDLESS_EMAIL_NOREPLY_ADDRESS,
                 [getattr(user, api_settings.PASSWORDLESS_USER_EMAIL_FIELD_NAME)],
                 fail_silently=False,

drfpasswordless/views.py

@@ -2,7 +2,7 @@
 from django.utils.module_loading import import_string
 from rest_framework import parsers, renderers, status
 from rest_framework.response import Response
-from rest_framework.permissions import AllowAny, IsAuthenticated 
+from rest_framework.permissions import AllowAny, IsAuthenticated
 from rest_framework.views import APIView
 from drfpasswordless.models import CallbackToken
 from drfpasswordless.settings import api_settings
@@ -77,8 +77,14 @@ class ObtainEmailCallbackToken(AbstractBaseObtainCallbackToken):
     token_type = CallbackToken.TOKEN_TYPE_AUTH
 
     email_subject = api_settings.PASSWORDLESS_EMAIL_SUBJECT
-    email_plaintext = api_settings.PASSWORDLESS_EMAIL_PLAINTEXT_MESSAGE
-    email_html = api_settings.PASSWORDLESS_EMAIL_TOKEN_HTML_TEMPLATE_NAME
+
+    if api_settings.PASSWORDLESS_LOGIN_URL_DOMAIN:
+        email_plaintext = api_settings.PASSWORDLESS_EMAIL_URL_PLAINTEXT_MESSAGE
+        email_html = api_settings.PASSWORDLESS_EMAIL_URL_HTML_TEMPLATE_NAME
+    else:
+        email_plaintext = api_settings.PASSWORDLESS_EMAIL_PLAINTEXT_MESSAGE
+        email_html = api_settings.PASSWORDLESS_EMAIL_TOKEN_HTML_TEMPLATE_NAME
+
     message_payload = {'email_subject': email_subject,
                        'email_plaintext': email_plaintext,
                        'email_html': email_html}

tests/test_settings.py

@@ -55,6 +55,14 @@ def test_mobile_sender_required(self):
         email_response = self.client.post(self.mobile_url, self.mobile_data)
         self.assertEqual(email_response.status_code, status.HTTP_400_BAD_REQUEST)
 
+    def test_tokon_as_url(self):
+        """
+        Check to make sure user has a send address if mobile is selected.
+        """
+        api_settings.PASSWORDLESS_AUTH_TYPES = ['MOBILE']
+        email_response = self.client.post(self.mobile_url, self.mobile_data)
+        self.assertEqual(email_response.status_code, status.HTTP_400_BAD_REQUEST)
+
     def test_email_only_auth_enabled(self):
         api_settings.PASSWORDLESS_AUTH_TYPES = ['EMAIL']
         api_settings.PASSWORDLESS_EMAIL_NOREPLY_ADDRESS = 'email@example.com'