accounts.py - This is a Python class that implements user a…

/kai/controllers/accounts.py

https://bitbucket.org/bbangert/kai/ · Python · 200 lines · 169 code · 26 blank · 5 comment · 21 complexity · 501a18a0c5ae9765f2a881112f534a61 MD5 · raw file

from datetime import datetime
import logging

from pylons import request, response, session, tmpl_context as c, url
from pylons.controllers.util import abort, redirect
from pylons.decorators import rest, secure, jsonify

from kai.lib.base import BaseController, render
from kai.lib.decorators import validate
from kai.lib.helpers import failure_flash, success_flash
from kai.lib.mail import EmailMessage
from kai.model import Human, Paste, Traceback, forms

log = logging.getLogger(__name__)


class AccountsController(BaseController):
    def __before__(self):
        c.active_tab = True
        c.active_sub = True

    @rest.dispatch_on(POST='_forgot_password')
    def forgot_password(self):
        return render('/accounts/forgot_password.mako')
    
    def verify_email(self, token):
        users = list(Human.by_email_token(self.db)[token])
        if users:
            user = users[0]
            
            # If there's a email token issue (change email address), verify
            # its still valid
            if user.email_token_issue:
                diff = datetime.utcnow() - user.email_token_issue
                if diff.days > 1:
                    failure_flash('This e-mail verification token has expired.')
                    redirect(url('home'))
            
            # Valid e-mail token, remove it and log the user in
            user.email_token = user.email_token_issue = None
            user.process_login()
            success_flash('Your email has been verified, and you have been'
                          ' logged into PylonsHQ')
            redirect(url('home'))
        else:
            # No valid e-mail token
            failure_flash('Invalid e-mail token')
            redirect(url('home'))
    
    @validate(form=forms.forgot_password_form, error_handler='forgot_password')
    @secure.authenticate_form
    def _forgot_password(self):
        user = list(Human.by_email(self.db)[self.form_result['email_address']])[0]
        user.password_token = user.generate_token()
        c.password_token = user.password_token
        user.password_token_issue = datetime.utcnow()
        user.store(self.db)
        message = EmailMessage(subject="PylonsHQ - Lost Password", 
                               body=render('/email/lost_password.mako'),
                               from_email="PylonsHQ <pylonshq@groovie.org>",
                               to=[self.form_result['email_address']])
        message.send(fail_silently=True)
        success_flash('An e-mail has been sent to your account to verify the password reset request.')
        redirect(url('account_login'))
    
    @rest.dispatch_on(POST='_change_password')
    def change_password(self, token):
        c.token = token
        users = list(Human.by_password_token(self.db)[token])
        if not users:
            failure_flash('That password token is no longer valid.')
            redirect(url('account_login'))
        
        user = users[0]
        diff = datetime.utcnow() - user.password_token_issue
        if diff.days > 1 or diff.seconds > 3600:
            failure_flash('Password token is no longer valid, please make a new password reset request.')
            redirect(url('forgot_password'))
        return render('/accounts/change_password.mako')
    
    @validate(form=forms.change_password_form, error_handler='change_password')
    @secure.authenticate_form
    def _change_password(self, token):
        users = list(Human.by_password_token(self.db)[token]) or abort(401)
        user = users[0]
        diff = datetime.utcnow() - user.password_token_issue
        if diff.days > 1 or diff.seconds > 3600:
            failure_flash('Password token is no longer valid, please make a new password reset request.')
            redirect(url('forgot_password'))
        user.password_token = user.password_token_issue = None
        user.password = user.hash_password(self.form_result['password'])
        user.store(self.db)
        success_flash('Your password has been reset successfully')
        redirect(url('account_login'))

    def logout(self):
        c.user.session_id = None
        c.user.store(self.db)
        session.clear()
        session.expire()
        session.save()
        redir = request.GET.get('redir')
        success_flash('You have logged out of your session')
        if redir:
            redirect(url(str(redir)))
        else:
            redirect(url('home'))
    
    @rest.dispatch_on(POST='_process_login')
    def login(self):
        redir = request.GET.get('redir')
        if redir and redir.startswith('/') and redir != url('account_login'):
            session['redirect'] = str(redir)
            session.save()
        return render('/accounts/login.mako')
    
    @validate(form=forms.login_form, error_handler='login')
    @secure.authenticate_form
    def _process_login(self):
        user = self.form_result['user']
        user.process_login()        
        success_flash('You have logged into PylonsHQ')
        if session.get('redirect'):
            redir_url = session.pop('redirect')
            session.save()
            redirect(url(redir_url))
        redirect(url('home'))
    
    @rest.dispatch_on(POST='_process_openid_associate')
    def openid_associate(self):
        openid_url = session.get('openid_identity')
        if not openid_url:
            redirect(url('account_register'))
        c.openid = openid_url
        return render('/accounts/associate.mako')
    
    @validate(form=forms.login_form, error_handler='login')
    def _process_openid_associate(self):
        openid_url = session.get('openid_identity')
        user = self.form_result['user']
        if user.openids:
            user.openids.append(openid_url)
        else:
            user.openids = [openid_url]
        user.process_login()
        success_flash('You have associated your OpenID to your account, and signed in')
        if session.get('redirect'):
            redir_url = session.pop('redirect')
            session.save()
            redirect(url(redir_url))
        redirect(url('home'))
    
    @rest.dispatch_on(POST='_process_openid_registration')
    def openid_register(self):
        openid_url = session.get('openid_identity')
        if not openid_url:
            redirect(url('account_register'))
        c.openid = session.get('openid_identity')
        c.defaults = {}
        return render('/accounts/register.mako')
    
    @validate(form=forms.openid_registration_form, error_handler='openid_register')
    def _process_openid_registration(self):
        new_user = Human(displayname=self.form_result['displayname'],
                         timezone = self.form_result['timezone'],
                         email=self.form_result['email_address'])
        new_user.openids = [session['openid_identity']]
        return self._finish_registration(new_user)
    
    @rest.dispatch_on(POST='_process_registration')
    def register(self):
        return render('/accounts/register.mako')

    @validate(form=forms.registration_form, error_handler='register')
    @secure.authenticate_form
    def _process_registration(self):
        new_user = Human(displayname=self.form_result['displayname'],
                         timezone = self.form_result['timezone'],
                         email=self.form_result['email_address'])
        new_user.password = Human.hash_password(self.form_result['password'])
        return self._finish_registration(new_user)
    
    def _finish_registration(self, user):
        user.email_token = c.email_token = user.generate_token()
        user.email_token_issue = datetime.utcnow()
        user.store(self.db)
        
        Paste.associate_pasties(user)
        Traceback.associate_tracebacks(user)
        
        # Send out the welcome email with the reg token
        message = EmailMessage(subject="PylonsHQ - Registration Confirmation",
                               body=render('/email/register.mako'),
                               from_email="PylonsHQ <pylonshq@groovie.org>",
                               to=[self.form_result['email_address']])
        message.send(fail_silently=True)
        
        success_flash("User account '%s' created successfully. An e-mail has"
                      " been sent to activate your account." % user.displayname)
        redirect(url('home'))
Summary ✨

This is a Python class that implements user account management for a web application, specifically PylonsHQ. It handles password reset, login, registration, and OpenID association, as well as email verification and welcome messages. The class uses a database to store user data and provides functionality for users to create accounts, log in, and recover their passwords.
Tech Fingerprint

Alerts (13)

'def' Ensure functions have docstrings for documentation
23 26 67 96 110 130 154 171
'list(' Avoid unnecessary list conversions; use generators where possible
27 53 69 84
Complexity hotspot; line 112 (total complexity: 3)
112