Add better email verification

apps/submissions/views.py

@@ -25,7 +25,7 @@ from django.views.generic import CreateView
 
 from .emails import send_confirmation_email
 from .forms import SubmissionForm
-from .models import Submission
+from .models import Submission, VerifiedEmail
 
 
 class SubmitView(CreateView):
@@ -52,6 +52,16 @@ class SubmitView(CreateView):
             submission.guest_email = None
             submission.email_confirmed = True
             submission.status = Submission.Status.PROCESSING
+        elif submission.guest_email and VerifiedEmail.is_trusted(submission.guest_email):
+            # Returning guest: their email is on the trust list AND the
+            # 30-day TTL hasn't lapsed (plan.md §6). Skip `identifying` and
+            # the welcome email entirely -- straight to `processing` like
+            # an OAuth submitter. Email normalisation happens inside
+            # `is_trusted`, so `user+a@gmail.com` and `user@gmail.com`
+            # collapse to the same lookup.
+            submission.submitted_by = None
+            submission.email_confirmed = True
+            submission.status = Submission.Status.PROCESSING
         else:
             submission.submitted_by = None
             # guest_email is already on the form's cleaned_data, ModelForm
@@ -102,10 +112,9 @@ class SubmitView(CreateView):
                 self.request,
                 format_html(
                     "Submission <strong class=\"font-mono\">{slug}</strong> created. "
-                    "We've sent a confirmation link to <strong>{email}</strong> &mdash; "
+                    "We've sent you a confirmation link &mdash; check your inbox and "
                     "click it within 24 hours to add your print to the queue.",
                     slug=submission.slug,
-                    email=submission.guest_email,
                 ),
             )
         else: