9.4.1. User Notification Handler Module¶
The user notification handler module is used to send emails token owners or administrators in case of any event.
9.4.1.1. Possible Actions¶
9.4.1.1.1. sendmail¶
The sendmail action sends an email to the tokenowner user. The email is sent, if an administrator managed the users token.
emailconfig
- required Option
- The email is sent via this SMTP server configuration.
subject
- optional
The subject line of the mail that is sent.
9.4.1.1.2. sendsms¶
The sendsms action sends an SMS to the tokenowner. The SMS is sent, if an administrator managed the users token.
smsconfig
- required Option
- The SMS Gateway configuration.
9.4.1.2. Options for both actions¶
Both actions sendmail and sendsms take several common options.
body
- optional
Here the administartor can specify the body of the email, that is sent. The body may contain the following tags
- {admin} name of the logged in user.
- {realm} realm of the logged in user.
- {action} the action that the logged in user performed.
- {serial} the serial number of the token.
- {url} the URL of the privacyIDEA system.
- {user} the given name of the token owner.
- {givenname} the given name of the token owner.
- {surname} the surname of the token owner.
- {username} the loginname of the token owner.
- {userrealm} the realm of the token owner.
- {tokentype} the type of the token.
- {registrationcode} the registration code in the detail response.
- {recipient_givenname} the given name of the recipient.
- {recipient_surname} the surname of the recipient.
- {googleurl_value} is the KEY URI for a google authenticator.
- {googleurl_img} is the data image source of the google authenticator QR
code.
mimetype
You can choose if the email should be sent as plain text or HTML. If the email is sent as HTML, you can do the following:
<a href={googleurl_value}>Your new token</a>
Which will create a clickable link. Clicked on the smartphone, the token will be imported to the smartphone app.
You can also do this:
<img src={googleurl_img}>
This will add the QR Code into the HTML email.
Warning
The KEY URI and the QR Code contain the secret OTP key in plain text. Everyone who receives this data has a detailed copy of this token. Thus we very much recommend to never send these data in an unencrypted email!
To
- required
This specifies to which type of user the notification should be sent. Possible recipient types are:
- token owner,
- logged in user,
- admin realm,
- internal admin,
- email address.
Depending on the recipient type you can enter additional information. The recipient type email takes a comma separated list of email addresses.
9.4.1.3. Code¶
This is the event handler module for user notifications. It can be bound to each event and can perform the action:
- sendmail: Send an email to the user/token owner
- sendsms: We can also notify the user with an SMS.
The module is tested in tests/test_lib_events.py
-
class
privacyidea.lib.eventhandler.usernotification.
NOTIFY_TYPE
[source]¶ Allowed token owner
-
ADMIN_REALM
= 'admin realm'¶
-
EMAIL
= 'email'¶
-
INTERNAL_ADMIN
= 'internal admin'¶
-
LOGGED_IN_USER
= 'logged_in_user'¶
-
TOKENOWNER
= 'tokenowner'¶
-
-
class
privacyidea.lib.eventhandler.usernotification.
UserNotificationEventHandler
[source]¶ An Eventhandler needs to return a list of actions, which it can handle.
It also returns a list of allowed action and conditions
It returns an identifier, which can be used in the eventhandlig definitions
-
actions
¶ This method returns a dictionary of allowed actions and possible options in this handler module.
Returns: dict with actions
-
description
= 'This eventhandler notifies the user about actions on his tokens'¶
-
do
(action, options=None)[source]¶ This method executes the defined action in the given event.
Parameters: - action –
- options (dict) – Contains the flask parameters g, request, response and the handler_def configuration
Returns:
-
identifier
= 'UserNotification'¶
-