user registration
Posted by Ian Holsman
So while I was investigating django’s built in comment templates, and trying to get them working (the documentation is on Adrian’s VERY long todo) I checked out LJWorld and how they use them.
The first thing I noticed was their cool idea for User registration. Instead of making me fill in all the details and then having to wait for a some key-code (and creating a record in their database which for a big percentage would be just crap as people put in fake emails, or forget to register).
They ask for the email address first.
This is a great idea as no database activity is required. you can just encrypt the email address and mail that back to them. If they click on it you then create the record.
and BTW.. the comment stuff is pretty cool as well, it basically is a self-contained review/comment application just waiting for a product to hang off.. you just need to add some templates and it works.
Thanks for the tip about user registration – it came just in time for me as this was next on my TODO list for my own app.
Cheers. Luke
What’s the best way to encrypt the email?
Are you sure the email address is encrypted? Looks like the key you’re sent is only 32 hex digits, which isn’t enough to store longer email addresses. Maybe a database is being used after all?
from Crypto.Cipher import Blowfish
obj=Blowfish.new(‘this is my seed. live in fear’, Blowfish.MODE_ECB)
plain=”thisis_myemail@example.com”
padded = plain + ” ” l = len(plain)+8-len(plain)%8
ciph=obj.encrypt(padded[:l])
obj.decrypt(ciph) ‘thisis_myemail@example.com ’
from base64 import *
b32encode(ciph) ‘MIWPRHTAJS6ZGDMWZBE7J3JFYDLNAYDNTBLK7AAQXMM6LSHBN7SA====’
and then when you get it back
obj.decrypt( b32decode(‘MIWPRHTAJS6ZGDMWZBE7J3JFYDLNAYDNTBLK7AAQXMM6LSHBN7SA====’)).strip()
of course you will need to add a hash at the end of the email (not just spaces) to make sure it is a valid tag and not rubbish coming back.
Of course..adding a captcha to the email screen is needed to prevent too much spam.