Re: [Zope] double opt-in or opt-in with confirmation.

2010-11-30 Thread Andreas Jung
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brian Sullivan wrote:
 I am looking for a strategy or samples (or even just a hint as to the
 best process) to create an email opt-in strategy in Zope. I am
 thinking that what you do is use some sort of hash or unique id
 creation mechanism (based on the email address, time or something
 else).
 
 Based on what I am seeing -- some sort of MD5(not totally sure what
 that means but I understand there are Python supplied functions to
 generate it) hash of a combination of the email address and date/time
 stored and then sent to the user should guarantee that it is unique,
 can't be auto generated by some bot and should allow verification on
 http access using the hash in the url?
 
 All the potential solutions I am seeing use Python 2.5 + -- the
 version of Zope I am using is based on Python 2.4.4.
 
 Anybody have any ideas or have implemented something like this?

As an example look at the Products.EasyNewsletter code.
In a recent project we implemented as similar functionality where we
generated 32 char longs strings (based on random numbers) and stored
the token in an external DB (MongoDB). Sending out a confirmation email
and implementing a view for validating the token through an URL
is straight forward.

- -aj
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQGUBAEBAgAGBQJM9ToyAAoJEADcfz7u4AZjUfcLwIl28L7mHM82x0NmLEizNHKc
qcFHi+rQshpg/DqiIgSiYPIgf+608LbbGX5B+ZR4ekBXQBaHJSuzy/kT/xPxlfO2
EaPYnk/ri93PkmGNHFq5ASz5amNn1kwNrOolM32iP24krbzP91vCujFGvIJ4izJk
UkacsI6CD8m7q+9StNPjs/uoHEb5ceHBwiC+u/ipBpAnhHNeum0BxNsWIsiQa/Ns
M5+ckS0wMfbyQ+FYEtA7+KnmSiDTnHmg0M0Ii3INXbEZgx9h7u+ezHDFpxU5V2UD
kYBf+3eTFu5rRmqbiHMNwnEzBHt1pe8QHPns3+3v15fi7b3i3r4x7PxHHDLbawQq
+wtLDlCBzz02vcKjHd0aItSTCxCPu3vOPgCY/hMpsCnz2ElQIgBb6Np0tl6Vt1D6
A3XIkM39X1+wOQUgiqWgylvKvYosx9rrUM+zJ3L6zNZt6YpaDT8+d3cA3hqBNMUA
fqRaDaMFL7xclCzB4BOUoEUYwHdjzC0=
=uy5J
-END PGP SIGNATURE-
attachment: lists.vcf___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )


Re: [Zope] double opt-in or opt-in with confirmation.

2010-11-30 Thread Brian Sullivan
Looking at the code now -- do you remember where the code to generate
the strings is situated?

On Tue, Nov 30, 2010 at 12:53 PM, Andreas Jung li...@zopyx.com wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Brian Sullivan wrote:
 I am looking for a strategy or samples (or even just a hint as to the
 best process) to create an email opt-in strategy in Zope. I am
 thinking that what you do is use some sort of hash or unique id
 creation mechanism (based on the email address, time or something
 else).

 Based on what I am seeing -- some sort of MD5(not totally sure what
 that means but I understand there are Python supplied functions to
 generate it) hash of a combination of the email address and date/time
 stored and then sent to the user should guarantee that it is unique,
 can't be auto generated by some bot and should allow verification on
 http access using the hash in the url?

 All the potential solutions I am seeing use Python 2.5 + -- the
 version of Zope I am using is based on Python 2.4.4.

 Anybody have any ideas or have implemented something like this?

 As an example look at the Products.EasyNewsletter code.
 In a recent project we implemented as similar functionality where we
 generated 32 char longs strings (based on random numbers) and stored
 the token in an external DB (MongoDB). Sending out a confirmation email
 and implementing a view for validating the token through an URL
 is straight forward.

 - -aj
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.11 (Darwin)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iQGUBAEBAgAGBQJM9ToyAAoJEADcfz7u4AZjUfcLwIl28L7mHM82x0NmLEizNHKc
 qcFHi+rQshpg/DqiIgSiYPIgf+608LbbGX5B+ZR4ekBXQBaHJSuzy/kT/xPxlfO2
 EaPYnk/ri93PkmGNHFq5ASz5amNn1kwNrOolM32iP24krbzP91vCujFGvIJ4izJk
 UkacsI6CD8m7q+9StNPjs/uoHEb5ceHBwiC+u/ipBpAnhHNeum0BxNsWIsiQa/Ns
 M5+ckS0wMfbyQ+FYEtA7+KnmSiDTnHmg0M0Ii3INXbEZgx9h7u+ezHDFpxU5V2UD
 kYBf+3eTFu5rRmqbiHMNwnEzBHt1pe8QHPns3+3v15fi7b3i3r4x7PxHHDLbawQq
 +wtLDlCBzz02vcKjHd0aItSTCxCPu3vOPgCY/hMpsCnz2ElQIgBb6Np0tl6Vt1D6
 A3XIkM39X1+wOQUgiqWgylvKvYosx9rrUM+zJ3L6zNZt6YpaDT8+d3cA3hqBNMUA
 fqRaDaMFL7xclCzB4BOUoEUYwHdjzC0=
 =uy5J
 -END PGP SIGNATURE-

___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )