feat(api): explain link expiration in emails

api/desecapi/models.py

@@ -152,6 +152,8 @@ class User(ExportModelOperationsMixin('User'), AbstractBaseUser):
             raise ValueError(f'Cannot send email to user {self.pk} without a good reason: {reason}')
 
         context = context or {}
+        context.setdefault('link_expiration_hours',
+                           settings.VALIDITY_PERIOD_VERIFICATION_SIGNATURE // timedelta(hours=1))
         content = get_template(f'emails/{reason}/content.txt').render(context)
         content += f'\nSupport Reference: user_id = {self.pk}\n'
         footer = get_template('emails/footer.txt').render()

api/desecapi/templates/emails/activate-with-domain/content.txt

@@ -1,9 +1,11 @@
 Hi there,
 
-Thank you for registering with deSEC!
+Thank you for registering with deSEC! You are about to register the
+following domain: {{ domain }}
 
-To create your account and register {{ domain }}, please confirm you
-received this email by clicking on the following link:
+To create your account and finish the registration, please confirm you
+received this email by clicking on the following link (valid for {{ link_expiration_hours }}
+hours):
 
 {{ confirmation_link }}
 

api/desecapi/templates/emails/activate/content.txt

@@ -4,7 +4,7 @@ Thank you for registering with deSEC!
 
 As we may need to contact you in the future, you need to verify your
 email address before you can use your account. To do so, please use
-the following link:
+the following link (valid for {{ link_expiration_hours }} hours):
 
 {{ confirmation_link }}
 

api/desecapi/templates/emails/change-email/content.txt

@@ -11,7 +11,7 @@ to:
 
 As we may need to contact you under this address in the future, you
 need to verify your new email address before we can make the change.
-To do so, please use the following link:
+To do so, please use the following link (valid for {{ link_expiration_hours }} hours):
 
 {{ confirmation_link }}
 

api/desecapi/templates/emails/delete-user/content.txt

@@ -6,7 +6,7 @@ please shoot us an email so that we can improve whatever is not right.
 
 Otherwise, we will delete your account, including all related data.
 Before we do so, we need you to confirm once more that this is what you
-really, really want by clicking the following link:
+really, really want by clicking the following link (valid for {{ link_expiration_hours }} hours):
 
 {{ confirmation_link }}
 

api/desecapi/templates/emails/reset-password/content.txt

@@ -6,7 +6,7 @@ web site, or when you created a new account just now that does not yet
 have a password.
 
 To ensure that the request is legitimate, we need you to confirm it
-using the following link:
+using the following link (valid for {{ link_expiration_hours }} hours):
 
 {{ confirmation_link }}
 

api/desecapi/tests/test_user_management.py

@@ -179,7 +179,7 @@ class UserManagementTestCase(DesecTestCase, PublicSuffixMockMixin):
             body_contains='Thank you for registering with deSEC!',
             recipient=[recipient],
             reset=reset,
-            pattern=r'following link:\s+([^\s]*)',
+            pattern=r'following link[^:]*:\s+([^\s]*)',
         )
 
     def assertResetPasswordEmail(self, recipient, reset=True):
@@ -188,7 +188,7 @@ class UserManagementTestCase(DesecTestCase, PublicSuffixMockMixin):
             body_contains='We received a request to reset the password for your deSEC account.',
             recipient=[recipient],
             reset=reset,
-            pattern=r'following link:\s+([^\s]*)',
+            pattern=r'following link[^:]*:\s+([^\s]*)',
         )
 
     def assertChangeEmailVerificationEmail(self, recipient, reset=True):
@@ -197,7 +197,7 @@ class UserManagementTestCase(DesecTestCase, PublicSuffixMockMixin):
             body_contains='You requested to change the email address associated',
             recipient=[recipient],
             reset=reset,
-            pattern=r'following link:\s+([^\s]*)',
+            pattern=r'following link[^:]*:\s+([^\s]*)',
         )
 
     def assertChangeEmailNotificationEmail(self, recipient, reset=True):
@@ -214,7 +214,7 @@ class UserManagementTestCase(DesecTestCase, PublicSuffixMockMixin):
             body_contains='confirm once more',
             recipient=[recipient],
             reset=reset,
-            pattern=r'following link:\s+([^\s]*)',
+            pattern=r'following link[^:]*:\s+([^\s]*)',
         )
 
     def assertRegistrationSuccessResponse(self, response):