authnzerver.actions.email module

This contains functions to drive email-related auth actions.

authnzerver.actions.email.authnzerver_send_email(sender, subject, text, recipients, server, user, password, pii_salt, port=587)[source]

This is a utility function to send email.

Parameters:
  • sender (str) –

    The name and email address of the entity sending the email in the following form:

    "Sender Name <senderemail@example.com>"
  • subject (str) – The subject of the email.
  • text (str) – The text of the email.
  • recipients (list of str) –

    A list of the email addresses to send the email to. Use either of the formats below for each email address:

    "Recipient Name <recipient@example.com>"
"recipient@example.com"
  • server (str) – The address of the email server to use.
  • user (str) – The username to use when logging into the email server via SMTP.
  • password (str) – The password to use when logging into the email server via SMTP.
  • pii_salt (str) – The PII salt value passed in from a wrapping function. Used to censor personally identifying information in the logs emitted from this function.
  • port (int) – The SMTP port to use when logging into the email server via SMTP.
Returns:

Returns True if email sending succeeded. False otherwise.
Return type:

bool
authnzerver.actions.email.send_forgotpass_verification_email(payload, raiseonfail=False, override_authdb_path=None)[source]

This actually sends the forgot password email.

Parameters:
  • payload (dict) –

    Keys expected in this dict from a client are:

    • email_address: str, the email address to send the email to
    • session_token: str, session token of the user being sent the email
    • server_name: str, the name of the frontend server
    • server_baseurl: str, the base URL of the frontend server
    • password_forgot_url: str, the URL fragment of the frontend forgot-password process initiation endpoint
    • verification_token: str, a verification token generated by frontend
    • verification_expiry: int, number of seconds after which the token expires

    In addition, the following keys must be provided by a wrapper function to set up the email server.

    • smtp_user
    • smtp_pass
    • smtp_server
    • smtp_port
    • smtp_sender

    Finally, the payload must also include the following keys (usually added in by a wrapping function):

    • reqid: int or str
    • pii_salt: str
  • override_authdb_path (str or None) – If given as a str, is the alternative path to the auth DB.
  • raiseonfail (bool) – If True, will raise an Exception if something goes wrong.
Returns:

Returns a dict containing the user_id, email_address, and the forgotemail_sent_datetime value if email was sent successfully.
Return type:

dict
authnzerver.actions.email.send_signup_verification_email(payload, raiseonfail=False, override_authdb_path=None)[source]

This actually sends the verification email.

Parameters:
  • payload (dict) –

    Keys expected in this dict from a client are:

    • email_address: str, the email address to send the email to
    • session_token: str, session token of the user being sent the email
    • created_info: str, the dict returned by users.auth_create_user()
    • server_name: str, the name of the frontend server
    • server_baseurl: str, the base URL of the frontend server
    • account_verify_url: str, the URL fragment of the frontend verification endpoint
    • verification_token: str, a verification token generated by frontend
    • verification_expiry: int, number of seconds after which the token expires

    In addition, the following keys must be provided by a wrapper function to set up the email server.

    • smtp_user
    • smtp_pass
    • smtp_server
    • smtp_port
    • smtp_sender

    Finally, the payload must also include the following keys (usually added in by a wrapping function):

    • reqid: int or str
    • pii_salt: str
  • override_authdb_path (str or None) – If given as a str, is the alternative path to the auth DB.
  • raiseonfail (bool) – If True, will raise an Exception if something goes wrong.
Returns:

Returns a dict containing the user_id, email_address, and the verifyemail_sent_datetime value if email was sent successfully.
Return type:

dict
authnzerver.actions.email.verify_user_email_address(payload, raiseonfail=False, override_authdb_path=None)[source]

Sets the verification status of the email address of the user.

This is called by the frontend after it verifies that the token challenge to verify the user’s email succeeded and has not yet expired. This will set the user_role to ‘authenticated’ and the is_active column to True.

Parameters:
  • payload (dict) –

    This is a dict with the following key:

    • email

    Finally, the payload must also include the following keys (usually added in by a wrapping function):

    • reqid: int or str
    • pii_salt: str
  • override_authdb_path (str or None) – If given as a str, is the alternative path to the auth DB.
  • raiseonfail (bool) – If True, will raise an Exception if something goes wrong.
Returns:

Returns a dict containing the user_id, is_active, and user_role values if verification status is successfully set.
Return type:

dict