Providing an extra verification step for Plone when self-registration is enabled
Project description
Introduction
============
The purpose of this package is to provide an extra verification step for Plone
when self-registration is enabled.
When you install this product, before a user can register with the Plone site, they
first must verify they have a valid email address. This done by sending the user
an email with a unique verification url that includes a randomly generated code.
This is meant to be a proof-of-concept solution. There are no tests and I haven't
spent a lot of time on it.
Yes, I know very sophisticated spam bots can also automate the email verification
process. To address that, the next step for this package would be to check the email
address against database/API with a known list of bad emails/domains(if there is such a thing).
In any case, I'm hoping that this can be a decent OOTB method for protecting Plone's
self-registration setting.
Installation on plone 4.3
-------------------------
You will need to pin the version of plone.app.users to 2.1.0. plone.app.users 2.2.x is Plone 5 only.
Recaptcha Support
-----------------
This package copies the way collective.registrationcaptcha does recapcha support.
Copy of collective.registrationcaptcha documentation::
It depends on plone.app.discussion and uses it's captcha abstaction facilities.
In order to use a captcha widget, you have to install one - wether by depending on the captchawidgets extra of this package or by installing plone.formwidget.captcha, plone.formwidget.recaptcha (not functional at time of this writing) or collective.z3cform.norobots. Then you have to configure plone.app.discussion to use a captcha widget. You don't need to keep the discussion activated, if you don't want them to be active on your site.
Install with collective.registrationcaptcha
-------------------------------------------
This package will override the functionality of collective.registrationcaptcha. You might as well
remove collective.registrationcaptcha from your site when using this add-on.
Review registrations
--------------------
To turn on reviewing registrations before the user is created on the site
after the user is verified, go to the Configuration registry in
Site setup(http://site-url/portal_registry), search for "plone.review_registrations"
and enable this setting.
Changelog
=========
1.2.0b5 (2015-12-06)
--------------------
- fix notification issue
1.2.0b4 (2015-12-05)
--------------------
- plone 5 support
- send email to admins warning them they need to review request
1.2.0b3 (2015-09-09)
--------------------
- Send email to user that doesn't need to reset their password that they have
been approved.
[vangheem]
- Added button to enable request review.
[maurits]
1.2.0b2 (2015-09-07)
--------------------
- fix upgrade
[vangheem]
1.2.0b1 (2015-09-05)
--------------------
- be able to review registration requests before
a user is created on the site
1.1.0b2 (2015-06-18)
--------------------
- handle no email being set
1.1.0b1 (2015-06-18)
--------------------
- implement honey pot field
- integrate recaptcha into email check form. This package no longer
works with collective.captcha registration
1.0.0a5 (2015-06-17)
--------------------
- fix recaptcha integration
1.0.0a4 (2015-06-17)
--------------------
- disable the smtp validate email domain check
1.0.0a3 (2015-06-17)
--------------------
- make work with collective.registrationcaptcha
1.0.0a2 (2015-06-17)
--------------------
- updated, nothing special
1.0.0a1 (2015-06-17)
--------------------
- initial release
============
The purpose of this package is to provide an extra verification step for Plone
when self-registration is enabled.
When you install this product, before a user can register with the Plone site, they
first must verify they have a valid email address. This done by sending the user
an email with a unique verification url that includes a randomly generated code.
This is meant to be a proof-of-concept solution. There are no tests and I haven't
spent a lot of time on it.
Yes, I know very sophisticated spam bots can also automate the email verification
process. To address that, the next step for this package would be to check the email
address against database/API with a known list of bad emails/domains(if there is such a thing).
In any case, I'm hoping that this can be a decent OOTB method for protecting Plone's
self-registration setting.
Installation on plone 4.3
-------------------------
You will need to pin the version of plone.app.users to 2.1.0. plone.app.users 2.2.x is Plone 5 only.
Recaptcha Support
-----------------
This package copies the way collective.registrationcaptcha does recapcha support.
Copy of collective.registrationcaptcha documentation::
It depends on plone.app.discussion and uses it's captcha abstaction facilities.
In order to use a captcha widget, you have to install one - wether by depending on the captchawidgets extra of this package or by installing plone.formwidget.captcha, plone.formwidget.recaptcha (not functional at time of this writing) or collective.z3cform.norobots. Then you have to configure plone.app.discussion to use a captcha widget. You don't need to keep the discussion activated, if you don't want them to be active on your site.
Install with collective.registrationcaptcha
-------------------------------------------
This package will override the functionality of collective.registrationcaptcha. You might as well
remove collective.registrationcaptcha from your site when using this add-on.
Review registrations
--------------------
To turn on reviewing registrations before the user is created on the site
after the user is verified, go to the Configuration registry in
Site setup(http://site-url/portal_registry), search for "plone.review_registrations"
and enable this setting.
Changelog
=========
1.2.0b5 (2015-12-06)
--------------------
- fix notification issue
1.2.0b4 (2015-12-05)
--------------------
- plone 5 support
- send email to admins warning them they need to review request
1.2.0b3 (2015-09-09)
--------------------
- Send email to user that doesn't need to reset their password that they have
been approved.
[vangheem]
- Added button to enable request review.
[maurits]
1.2.0b2 (2015-09-07)
--------------------
- fix upgrade
[vangheem]
1.2.0b1 (2015-09-05)
--------------------
- be able to review registration requests before
a user is created on the site
1.1.0b2 (2015-06-18)
--------------------
- handle no email being set
1.1.0b1 (2015-06-18)
--------------------
- implement honey pot field
- integrate recaptcha into email check form. This package no longer
works with collective.captcha registration
1.0.0a5 (2015-06-17)
--------------------
- fix recaptcha integration
1.0.0a4 (2015-06-17)
--------------------
- disable the smtp validate email domain check
1.0.0a3 (2015-06-17)
--------------------
- make work with collective.registrationcaptcha
1.0.0a2 (2015-06-17)
--------------------
- updated, nothing special
1.0.0a1 (2015-06-17)
--------------------
- initial release
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for collective.emailconfirmationregistration-1.2.0b5.zip
Algorithm | Hash digest | |
---|---|---|
SHA256 | db488317d5ebe67f733dfb8b11c7463893dc54f1360381ed13733431ebebcea6 |
|
MD5 | fb7cf3c42b3ad96b3106e8a19225a6a0 |
|
BLAKE2b-256 | 60dbc4e0e6a204b588ae70ed9c81c0d3e57f825c007e20cd0786dd2e886b87d0 |