PageRenderTime 20ms CodeModel.GetById 11ms app.highlight 7ms RepoModel.GetById 1ms app.codeStats 0ms

/shabti/templates/authplus/+package+/controllers/accounts.py_tmpl

https://bitbucket.org/gawel/shabti
Unknown | 221 lines | 180 code | 41 blank | 0 comment | 0 complexity | 25c71a393e5dee9c7325c1759b572445 MD5 | raw file
  1from datetime import datetime
  2import logging
  3
  4from pylons import url, request, response, session, tmpl_context as c
  5from pylons.controllers.util import abort, redirect
  6from pylons.decorators import rest, secure, jsonify
  7from tw.mods.pylonshf import validate
  8
  9from {{package}}.lib.base import BaseController, render
 10from {{package}}.lib.helpers import failure_flash, success_flash
 11from {{package}}.lib.mail import EmailMessage
 12from {{package}}.model import meta
 13from {{package}}.model import *
 14from {{package}}.forms import identity
 15
 16log = logging.getLogger(__name__)
 17
 18
 19class AccountsController(BaseController):
 20    def __before__(self):
 21        c.active_tab = True
 22        c.active_sub = True
 23        c.openid = False
 24    
 25    
 26    @rest.dispatch_on(POST='_forgot_password')
 27    def forgot_password(self):
 28        return render('/accounts/forgot_password.mako')
 29    
 30    
 31    def verify_email(self, token):
 32        # users = list(User.by_email_token(self.db)[token])
 33        users = meta.Session.query(User).filter_by(email_token=token).all()
 34        if users:
 35            user = users[0]
 36            
 37            # If there's a email token issue (change email address), verify
 38            # its still valid
 39            if user.email_token_issue:
 40                diff = datetime.utcnow() - user.email_token_issue
 41                if diff.days > 1 or diff.seconds > 3600:
 42                    failure_flash('This e-mail verification token has expired.')
 43                    redirect(url('home'))
 44            user.active = True
 45            # Valid e-mail token, remove it and log the user in
 46            user.email_token = user.email_token_issue = None
 47            user.process_login()
 48            success_flash('Your email has been verified, and you have been'
 49                          ' logged into PylonsHQ')
 50            redirect(url('home'))
 51        else:
 52            # No valid e-mail token
 53            failure_flash('Invalid e-mail token')
 54            redirect(url('home'))
 55    
 56    
 57    @validate(form=identity.forgot_password_form, error_handler='forgot_password')
 58    @secure.authenticate_form
 59    def _forgot_password(self):
 60        # user = list(User.by_email(self.db)[self.form_result['email_address']])[0]
 61        user = meta.Session.query(User).by_email(self.form_result['email_address']).all()[0]
 62        user.password_token = user.generate_token()
 63        c.password_token = user.password_token
 64        user.password_token_issue = datetime.utcnow()
 65        # user.store(self.db)
 66        meta.Session.commit()
 67        message = EmailMessage(subject="PylonsHQ - Lost Password", 
 68                               body=render('/email/lost_password.mako'),
 69                               from_email="PylonsHQ <pylonshq@groovie.org>",
 70                               to=[self.form_result['email_address']])
 71        message.send(fail_silently=True)
 72        success_flash('An e-mail has been sent to your account to verify the password reset request.')
 73        redirect(url('account_login'))
 74    
 75    
 76    @rest.dispatch_on(POST='_change_password')
 77    def change_password(self, token):
 78        # users = list(User.by_password_token(self.db)[token])
 79        users = meta.Session.query(User).by_email_token(token).all()
 80        if not users:
 81            failure_flash('That password token is no longer valid.')
 82            redirect(url('account_login'))
 83        
 84        user = users[0]
 85        diff = datetime.utcnow() - user.password_token_issue
 86        if diff.days > 1 or diff.seconds > 3600:
 87            failure_flash('Password token is no longer valid, please make a new password reset request.')
 88            redirect(url('forgot_password'))
 89        return render('/accounts/change_password.mako')
 90    
 91    
 92    @validate(form=identity.change_password_form, error_handler='change_password')
 93    @secure.authenticate_form
 94    def _change_password(self, token):
 95        users = meta.Session.query(User).by_password_token(token).all() or abort(401)
 96        # users = list(User.by_password_token(self.db)[token]) or abort(401)
 97        user = users[0]
 98        diff = datetime.utcnow() - user.password_token_issue
 99        if diff.days > 1 or diff.seconds > 3600:
100            failure_flash('Password token is no longer valid, please make a new password reset request.')
101            redirect(url('forgot_password'))
102        user.password_token = user.password_token_issue = None
103        user.password = user.hash_password(self.form_result['password'])
104        # user.store(self.db)
105        meta.Session.commit()
106        success_flash('Your password has been reset successfully')
107        redirect(url('account_login'))
108    
109    
110    def logout(self):
111        if hasattr(c, 'user') and c.user:
112            c.user.session_id = None
113        # c.user.store(self.db)
114        meta.Session.commit()
115        session.clear()
116        session.save()
117        success_flash('You have logged out of your session')
118        redirect(url('home'))
119    
120    
121    @rest.dispatch_on(POST='_process_login')
122    def login(self):
123        redir = request.GET.get('redir')
124        if redir and redir.startswith('/'):
125            session['redirect'] = str(redir)
126            session.save()
127        return render('/accounts/login.mako')
128    
129    
130    @validate(form=identity.login_form, error_handler='login')
131    @secure.authenticate_form
132    def _process_login(self):
133        user = self.form_result['user']
134        user.process_login()        
135        success_flash('You have logged into PylonsHQ')
136        if session.get('redirect'):
137            redir_url = session.pop('redirect')
138            session.save()
139            redirect(url(**redir_url))
140        redirect(url('home'))
141    
142    
143    @rest.dispatch_on(POST='_process_openid_associate')
144    def openid_associate(self):
145        openid_url = session.get('openid_identity')
146        if not openid_url:
147            redirect(url('account_register'))
148        c.openid = openid_url
149        return render('/accounts/associate.mako')
150    
151    
152    @validate(form=identity.login_form, error_handler='login')
153    def _process_openid_associate(self):
154        openid_url = session.get('openid_identity')
155        user = self.form_result['user']
156        if user.openids:
157            user.openids.append(openid_url)
158        else:
159            user.openids = [openid_url]
160        user.process_login()
161        success_flash('You have associated your OpenID to your account, and signed in')
162        if session.get('redirect'):
163            redir_url = session.pop('redirect')
164            session.save()
165            redirect(url(**redir_url))
166        redirect(url('home'))
167    
168    
169    @rest.dispatch_on(POST='_process_openid_registration')
170    def openid_register(self):
171        openid_url = session.get('openid_identity')
172        if not openid_url:
173            redirect(url('account_register'))
174        c.openid = session.get('openid_identity')
175        c.defaults = {}
176        return render('/accounts/register.mako')
177    
178    
179    @validate(form=identity.openid_registration_form, error_handler='openid_register')
180    def _process_openid_registration(self):
181        new_user = User(displayname=self.form_result['displayname'],
182                         timezone = self.form_result['timezone'],
183                         email=self.form_result['email_address'])
184        new_openid = OpenID(text=session['openid_identity'])
185        new_user.openids.append(new_openid)
186        return self._finish_registration(new_user)
187    
188    
189    @rest.dispatch_on(POST='_process_registration')
190    def register(self):
191        return render('/accounts/register.mako')
192    
193    
194    @validate(form=identity.registration_form, error_handler='register')
195    @secure.authenticate_form
196    def _process_registration(self):
197        new_user = User(displayname=self.form_result['displayname'],
198                         timezone = self.form_result['timezone'],
199                         email=self.form_result['email_address'])
200        new_user.password = User.hash_password(self.form_result['password'])
201        return self._finish_registration(new_user)
202    
203    
204    def _finish_registration(self, user):
205        user.email_token = c.email_token = user.generate_token()
206        user.email_token_issue = datetime.utcnow()
207        # user.store(self.db)
208        meta.Session.commit()
209        
210        # Send out the welcome email with the reg token
211        message = EmailMessage(subject="PylonsHQ - Registration Confirmation",
212                               body=render('/email/register.mako'),
213                               from_email="PylonsHQ <pylonshq@groovie.org>",
214                               to=[self.form_result['email_address']])
215        message.send(fail_silently=True)
216        
217        success_flash("User account '%s' created successfully. An e-mail has"
218                      " been sent to activate your account." % user.displayname)
219        redirect(url('home'))
220    
221