From 72292457cbae4dfd4675832482af32cb2b375069 Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Thu, 10 Jun 2021 14:25:31 -0400 Subject: [PATCH] registration: improve sign up flow This adds separate paths for contributors and maintainers, the former which skips the billing setup, and the latter which better explains the payment requirements. --- metasrht/blueprints/auth.py | 83 +++++++++--- metasrht/templates/billing-initial.html | 58 +++----- metasrht/templates/blurb.html | 4 - metasrht/templates/forgot.html | 2 +- metasrht/templates/login.html | 6 +- metasrht/templates/register-step2.html | 156 +++++++++++++++++++++ metasrht/templates/register.html | 173 +++++++++--------------- metasrht/templates/registered.html | 8 +- metasrht/templates/reset.html | 4 +- metasrht/templates/totp-challenge.html | 4 +- 10 files changed, 324 insertions(+), 174 deletions(-) delete mode 100644 metasrht/templates/blurb.html create mode 100644 metasrht/templates/register-step2.html diff --git a/metasrht/blueprints/auth.py b/metasrht/blueprints/auth.py index 37da712..05aaf83 100644 --- a/metasrht/blueprints/auth.py +++ b/metasrht/blueprints/auth.py @@ -91,13 +91,14 @@ def index(): def register(): if current_user: return redirect("/") + if cfg("meta.sr.ht::billing", "enabled") != "yes": + return redirect(url_for("auth.register_step2_GET")) return render_template("register.html", site_key=site_key_id) @auth.route("/register/") def register_invite(invite_hash): if current_user: return redirect("/") - if is_external_auth(): return render_template("register.html") @@ -110,13 +111,62 @@ def register_invite(invite_hash): return render_template("register.html", site_key=site_key_id, invite_hash=invite_hash) - -@csrf_bypass # for registration via sourcehut.org @auth.route("/register", methods=["POST"]) def register_POST(): - valid = Validation(request) is_open = allow_registration() + valid = Validation(request) + payment = valid.require("payment") + invite_hash = valid.optional("invite_hash") + if not valid.ok: + abort(400) + payment = payment == "yes" + + if not is_open: + if not invite_hash: + abort(401) + else: + invite = (Invite.query + .filter(Invite.invite_hash == invite_hash) + .filter(Invite.recipient_id == None) + ).one_or_none() + if not invite: + abort(401) + + if invite_hash: + session["invite_hash"] = invite_hash + session["payment"] = payment + + return redirect(url_for("auth.register_step2_GET")) + +@auth.route("/register/step2") +def register_step2_GET(): + invite_hash = session.get("invite_hash") + payment = session.get("payment", "no") + if current_user: + return redirect("/") + + if invite_hash: + invite = (Invite.query + .filter(Invite.invite_hash == invite_hash) + .filter(Invite.recipient_id == None) + ).one_or_none() + if not invite: + abort(404) + + return render_template("register-step2.html", + site_key=site_key_id, invite_hash=invite_hash, payment=payment) + +@csrf_bypass # for registration via sourcehut.org +@auth.route("/register/step2", methods=["POST"]) +def register_step2_POST(): + if current_user: + abort(400) + is_open = allow_registration() + session.pop("invite_hash", None) + payment = session.get("payment", False) + + valid = Validation(request) username = valid.require("username", friendly_name="Username") email = valid.require("email", friendly_name="Email address") password = valid.require("password", friendly_name="Password") @@ -141,10 +191,9 @@ def register_POST(): valid.expect(False, "Invalid email address", field="email") if not valid.ok: - return render_template("register.html", + return render_template("register-step2.html", is_open=(is_open or invite_hash is not None), - site_key=site_key_id, - **valid.kwargs), 400 + site_key=site_key_id, **valid.kwargs), 400 if is_abuse(valid): return redirect("/registered") @@ -167,17 +216,15 @@ def register_POST(): validate_password(valid, password) if not valid.ok: - return render_template("register.html", - site_key=site_key_id, + return render_template("register-step2.html", is_open=(is_open or invite_hash is not None), - **valid.kwargs), 400 + site_key=site_key_id, **valid.kwargs), 400 allow_plus_in_email = valid.optional("allow-plus-in-email") if "+" in email and allow_plus_in_email != "yes": - return render_template("register.html", - site_key=site_key_id, + return render_template("register-step2.html", is_open=(is_open or invite_hash is not None), - **valid.kwargs), 400 + site_key=site_key_id, **valid.kwargs), 400 user = User(username) user.email = email @@ -248,11 +295,15 @@ def confirm_account(token): audit_log("account confirmed", user=user) db.session.commit() login_user(user, set_cookie=True) - if cfg("meta.sr.ht::billing", "enabled") == "yes": - return redirect(url_for("billing.billing_initial_GET")) + metrics.meta_confirmations.inc() print(f"Confirmed account: {user.username} ({user.email})") - return redirect(onboarding_redirect) + + payment = session.pop("payment", False) + if payment and cfg("meta.sr.ht::billing", "enabled") == "yes": + return redirect(url_for("billing.billing_initial_GET")) + else: + return redirect(onboarding_redirect) @auth.route("/login") def login_GET(): diff --git a/metasrht/templates/billing-initial.html b/metasrht/templates/billing-initial.html index b8f0c66..fab55fb 100644 --- a/metasrht/templates/billing-initial.html +++ b/metasrht/templates/billing-initial.html @@ -14,43 +14,29 @@

On {{cfg("sr.ht", "site-name")}}, all plans have access to the same - features. You should pick the plan which best matches your financial needs - and best represents the level of investment you have in {{cfg("sr.ht", - "site-name")}}. If you require financial aid to use {{cfg("sr.ht", - "site-name")}}, please send an email explaining your circumstances and - we'll do our best to accommodate your needs. + features and in the same quantity. You should pick the plan which best + matches your financial needs and best represents the level of investment + you have in {{cfg("sr.ht", "site-name")}}. If you require financial aid + to use {{cfg("sr.ht", "site-name")}}, please + send us an email + explaining your circumstances and we'll do our best to accommodate your + needs.

-
- Notice: sr.ht is currently in alpha, - and the quality of the service may reflect that. As such, payment is - currently optional, and only encouraged for users who want to support the - ongoing development of the site. For a summary of the guarantees and - limitations that the alpha entails, see this reference. You may +
+ Notice: {{cfg("sr.ht", "site-name")}} is currently + considered at an alpha stage of development, and the quality of the + service may reflect that. However, the service is reliable, stable, + secure, and mostly complete at this stage of development. To learn + exactly what the alpha entails, click here to continue without payment. -
-
-
-
{{paid_pct}}% paid
-
13.37%
-
of {{total_users}} registered users
-
- - Current number of paid accounts on {{cfg("sr.ht", "site-name")}} - + href="https://sourcehut.org/alpha-details/" + rel="noopener" + target="_blank" + >consult this document. + During the alpha, payment is encouraged, but optional, for most features. + Continue without payment {{icon('caret-right')}}.
@@ -104,7 +90,7 @@
- Notice: continuing to the next page will execute + Notice: Continuing to the next page will execute non-free JavaScript from our payment processor, - {{cfg("sr.ht", "site-name")}} is a community and a network of websites - supporting hackers and their projects. -

diff --git a/metasrht/templates/forgot.html b/metasrht/templates/forgot.html index 72e7456..218f763 100644 --- a/metasrht/templates/forgot.html +++ b/metasrht/templates/forgot.html @@ -4,7 +4,7 @@ {% endblock %} {% block content %}
-
+

Reset password

diff --git a/metasrht/templates/login.html b/metasrht/templates/login.html index 03ed0f9..696f77c 100644 --- a/metasrht/templates/login.html +++ b/metasrht/templates/login.html @@ -4,17 +4,17 @@ {% endblock %} {% block content %}
-
+

Log in to {{cfg("sr.ht", "site-name")}} - or register + or register

-
+
{{csrf_token()}}
diff --git a/metasrht/templates/register-step2.html b/metasrht/templates/register-step2.html new file mode 100644 index 0000000..a9c02d0 --- /dev/null +++ b/metasrht/templates/register-step2.html @@ -0,0 +1,156 @@ +{% extends "layout.html" %} +{% block title %} +Register for {{cfg("sr.ht", "site-name")}} +{% endblock %} +{% block content %} +
+
+

+ Register for {{cfg("sr.ht", "site-name")}} + + or log in + +

+
+
+{% if is_external_auth() %} +

Registration is disabled because {{cfg("sr.ht", "site-name")}} authentication + is managed by a different service. Please contact the system administrator + for further information.

+{% elif allow_registration() or invite_hash %} +{% if cfg("meta.sr.ht::billing", "enabled") == "yes" %} +
+
+

+ {% if payment %} + You are registering as a maintainer. After you complete + your registration, you will be taken to the billing page, where you'll + be provided information on payment options, financial aid, and so on. + Register as a contributor instead {{icon('caret-right')}} + {% else %} + You are registering as a contributor, which is free but + will limit your access to some features. After you complete registration, + you can convert to a maintainer account by setting up billing on your + profile at any time. + Register as a maintainer instead {{icon('caret-right')}} + {% endif %} +

+
+
+{% endif %} +
+
+ + {{csrf_token()}} + {% if invite_hash %} + +
+ You have received a special invitation to join {{cfg("sr.ht", + "site-name")}}. Sign up here! +
+ {% endif %} +
+ + + {{valid.summary("username")}} +
+
+ + + {{valid.summary("email")}} + {% if email and "+" in email %} + +
+ Warning: in order to use {{cfg("sr.ht", + "site-name")}} effectively, you must be able to both send and + receive emails from this email address. To continue, submit the form + again. +
+ {% endif %} +
+
+ + + {{valid.summary("password")}} +
+ {% if site_key %} +
+
+ PGP public key (optional) + + + Emails sent from {{cfg("sr.ht", "site-name")}} are + signed with our PGP key:
+ {{site_key}} +
+ If you add your PGP key here, we will also encrypt emails sent to + you. You may change this in your settings later, but if you enable + it now you must be able to decrypt the confirmation email to + complete registration. + + {{valid.summary("pgp-key")}} +
+
+ {% endif %} + +

+ +
+
+ +
+
+
+ Privacy notice: + {{cfg("sr.ht", "site-name")}} collects the minimum amount of your personal + information which is necessary to faciliate the features of our services. + We do not collect or process any of your personal information for the + purposes of marketing or analytics. We do not send unsolicited marketing + emails. Your information is only shared with third-parties if it is + necessary to facilitate our services, and you will be warned before this + occurs and given an opportunity to prevent the transmission of your + information. + Privacy policy {{icon('external-link-alt')}} +
+
+
+{% else %} +

Registration is currently closed.

+{% endif %} +{% endblock %} diff --git a/metasrht/templates/register.html b/metasrht/templates/register.html index e0d3e15..f20f48c 100644 --- a/metasrht/templates/register.html +++ b/metasrht/templates/register.html @@ -4,7 +4,7 @@ {% endblock %} {% block content %}
-
+

Register for {{cfg("sr.ht", "site-name")}} @@ -18,116 +18,77 @@ is managed by a different service. Please contact the system administrator for further information.

{% elif allow_registration() or invite_hash %} -
-
- {% include "blurb.html" %} -
-
-
-
-
- {% if invite_hash %} - -
- You have received a special invitation to join {{cfg("sr.ht", - "site-name")}}. Sign up here! -
- {% endif %} -
- - - {{valid.summary("username")}} -
-
- - - {{valid.summary("email")}} - {% if email and "+" in email %} - -
- Warning: in order to use {{cfg("sr.ht", - "site-name")}} effectively, you must be able to both send and - receive emails from this email address. To continue, submit the form - again. -
- {% endif %} -
-
- - - {{valid.summary("password")}} -
- {% if site_key %} -
-
- - - - Emails sent from {{cfg("sr.ht", "site-name")}} are - signed with our PGP key:
- {{site_key}} -
- If you add your PGP key here, we will also encrypt emails sent to - you. You may change this in your settings later, but if you enable - it now you must be able to decrypt the confirmation email to - complete registration. - - {{valid.summary("pgp-key")}} -
-
- {% endif %} - -

-
+
-
-
- Privacy notice: - {{cfg("sr.ht", "site-name")}} collects the minimum amount of your personal - information which is necessary to faciliate the features of our services. - We do not collect or process any of your personal information for the - purposes of marketing or analytics. For details, please review our - privacy policy. +
+
+

Register as a maintainer

+

+ Want to host your own projects here? +
+ Projects hosted on {{cfg("sr.ht", "site-name")}} are expected to pay for + their account. Financial aid is available for those in need. You can + cancel at any time without losing access to your data. + + Pricing details {{icon('external-link-alt')}} + +

+ +
+
+ + +
+
+
+ Contributors can also skip registration entirely. You may submit or + comment on tickets, participate in discussions, and send patches to + projects on {{cfg("sr.ht", "site-name")}}, without signing up for an + account. You can find links to participate via email throughout the + logged-out version of many services.
{% else %} -

Registration is currently closed.

+
+
+

Registration is currently closed.

+
+
{% endif %} {% endblock %} diff --git a/metasrht/templates/registered.html b/metasrht/templates/registered.html index ba859c3..5f01e86 100644 --- a/metasrht/templates/registered.html +++ b/metasrht/templates/registered.html @@ -4,13 +4,13 @@ {% endblock %} {% block content %}
-
+

- Check your email + Registration successful

- You will receive an email shortly with a link to complete registration. - Contact + You will receive an email shortly with a link to complete your account + registration. Contact support at {{ "{} <{}>".format(cfg("sr.ht", "owner-name"), cfg("sr.ht", "owner-email")) }} if you need help.

diff --git a/metasrht/templates/reset.html b/metasrht/templates/reset.html index 1ffa46a..a43bb09 100644 --- a/metasrht/templates/reset.html +++ b/metasrht/templates/reset.html @@ -4,14 +4,14 @@ {% endblock %} {% block content %}
-
+

Reset password

-
+
{{csrf_token()}}
diff --git a/metasrht/templates/totp-challenge.html b/metasrht/templates/totp-challenge.html index df697cd..bed38fa 100644 --- a/metasrht/templates/totp-challenge.html +++ b/metasrht/templates/totp-challenge.html @@ -4,14 +4,14 @@ {% endblock %} {% block content %}
-
+

TOTP Challenge

-
+

{% if challenge_type == "reset" %} This account has two-factor authentication enabled. You must complete a