From bf5350fbe8b7ef716b10844d5a0608e90ed2fcbb Mon Sep 17 00:00:00 2001
From: Max Goodman <max@reddit.com>
Date: Thu, 21 Nov 2013 15:18:23 -0800
Subject: [PATCH] Use HTTPS for password reset emails.

---
 r2/r2/lib/emailer.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/r2/r2/lib/emailer.py b/r2/r2/lib/emailer.py
index ec222f5e4..31a4382b1 100644
--- a/r2/r2/lib/emailer.py
+++ b/r2/r2/lib/emailer.py
@@ -99,7 +99,8 @@ def password_email(user):
         raise ValueError("Somebody's beating the hell out of the password reset box")
 
     token = PasswordResetToken._new(user)
-    passlink = 'http://' + g.domain + '/resetpassword/' + token._id
+    base = g.https_endpoint or g.origin
+    passlink = base + '/resetpassword/' + token._id
     g.log.info("Generated password reset link: " + passlink)
     _system_email(user.email,
                   PasswordReset(user=user,