Drop SHARED_SECRET in favour of EMAIL_SECRET

Originally we used SHARED secret both for email and for the API.  That
was a bad idea, and now that we're only using this value for one case,
I've renamed it to reflect its actual use.

src/documents/forms.py

@@ -13,7 +13,6 @@ from .consumer import Consumer
 
 class UploadForm(forms.Form):
 
-    SECRET = settings.SHARED_SECRET
     TYPE_LOOKUP = {
         "application/pdf": Document.TYPE_PDF,
         "image/png": Document.TYPE_PNG,

src/documents/mail.py

@@ -43,7 +43,10 @@ class Message(Loggable):
     and n attachments, and that we don't care about the message body.
     """
 
-    SECRET = settings.SHARED_SECRET
+    SECRET = os.getenv(
+        "PAPERLESS_EMAIL_SECRET",
+        os.getenv("PAPERLESS_SHARED_SECRET")  # TODO: Remove after 2017/09
+    )
 
     def __init__(self, data, group=None):
         """
@@ -153,15 +156,16 @@ class MailFetcher(Loggable):
         Loggable.__init__(self)
 
         self._connection = None
-        self._host = settings.MAIL_CONSUMPTION["HOST"]
-        self._port = settings.MAIL_CONSUMPTION["PORT"]
-        self._username = settings.MAIL_CONSUMPTION["USERNAME"]
-        self._password = settings.MAIL_CONSUMPTION["PASSWORD"]
-        self._inbox = settings.MAIL_CONSUMPTION["INBOX"]
+        self._host = os.getenv("PAPERLESS_CONSUME_MAIL_HOST")
+        self._port = os.getenv("PAPERLESS_CONSUME_MAIL_PORT")
+        self._username = os.getenv("PAPERLESS_CONSUME_MAIL_USER")
+        self._password = os.getenv("PAPERLESS_CONSUME_MAIL_PASS")
+        self._inbox = os.getenv("PAPERLESS_CONSUME_MAIL_INBOX", "INBOX")
 
         self._enabled = bool(self._host)
 
         self.last_checked = datetime.datetime.now()
+        print(self._connection, self._host, self._port, self._username, self._password, self._inbox, self._enabled, self.last_checked)
 
     def pull(self):
         """

src/paperless/checks.py

@@ -84,3 +84,20 @@ def binaries_check(app_configs, **kwargs):
             check_messages.append(Warning(error.format(binary), hint))
 
     return check_messages
+
+
+@register()
+def config_check(app_configs, **kwargs):
+    warning = (
+        "It looks like you have PAPERLESS_SHARED_SECRET defined.  Note that "
+        "in the \npast, this variable was used for both API authentication "
+        "and as the mail \nkeyword.  As the API no no longer uses it, this "
+        "variable has been renamed to \nPAPERLESS_EMAIL_SECRET, so if you're "
+        "using the mail feature, you'd best update \nyour variable name.\n\n"
+        "The old variable will stop working in a few months."
+    )
+
+    if os.getenv("PAPERLESS_SHARED_SECRET"):
+        return [Warning(warning)]
+
+    return []

src/paperless/settings.py

@@ -237,20 +237,6 @@ CONSUMPTION_DIR = os.getenv("PAPERLESS_CONSUMPTION_DIR")
 # slowly, you may want to use a higher value than the default.
 CONSUMER_LOOP_TIME = int(os.getenv("PAPERLESS_CONSUMER_LOOP_TIME", 10))
 
-# If you want to use IMAP mail consumption, populate this with useful values.
-# If you leave HOST set to None, we assume you're not going to use this
-# feature.
-MAIL_CONSUMPTION = {
-    "HOST": os.getenv("PAPERLESS_CONSUME_MAIL_HOST"),
-    "PORT": os.getenv("PAPERLESS_CONSUME_MAIL_PORT"),
-    "USERNAME": os.getenv("PAPERLESS_CONSUME_MAIL_USER"),
-    "PASSWORD": os.getenv("PAPERLESS_CONSUME_MAIL_PASS"),
-    # If True, use SSL/TLS to connect
-    "USE_SSL": os.getenv("PAPERLESS_CONSUME_MAIL_USE_SSL", "y").lower() == "y",
-    # The name of the inbox on the server
-    "INBOX": os.getenv("PAPERLESS_CONSUME_MAIL_INBOX", "INBOX")
-}
-
 # This is used to encrypt the original documents and decrypt them later when
 # you want to download them.  Set it and change the permissions on this file to
 # 0600, or set it to `None` and you'll be prompted for the passphrase at
@@ -260,11 +246,6 @@ MAIL_CONSUMPTION = {
 # files.
 PASSPHRASE = os.getenv("PAPERLESS_PASSPHRASE")
 
-# If you intend to use the "API" to push files into the consumer, you'll need
-# to provide a shared secret here.  Leaving this as the default will disable
-# the API.
-SHARED_SECRET = os.getenv("PAPERLESS_SHARED_SECRET", "")
-
 # Trigger a script after every successful document consumption?
 PRE_CONSUME_SCRIPT = os.getenv("PAPERLESS_PRE_CONSUME_SCRIPT")
 POST_CONSUME_SCRIPT = os.getenv("PAPERLESS_POST_CONSUME_SCRIPT")

src/paperless/urls.py

@@ -34,18 +34,15 @@ urlpatterns = [
         name="fetch"
     ),
 
+    # File uploads
+    url(r"^push$", csrf_exempt(PushView.as_view()), name="push"),
+
     # The Django admin
     url(r"admin/", admin.site.urls),
     url(r"", admin.site.urls),  # This is going away
 
 ] + static.static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 
-if settings.SHARED_SECRET:
-    urlpatterns.insert(
-        0,
-        url(r"^push$", csrf_exempt(PushView.as_view()), name="push")
-    )
-
 # Text in each page's <h1> (and above login form).
 admin.site.site_header = 'Paperless'
 # Text at the end of each page's <title>.

src/paperless/version.py

@@ -1 +1 @@
-__version__ = (0, 5, 0)
+__version__ = (0, 6, 0)