/shabti/templates/authplus/+package+/controllers/accounts.py_tmpl
Unknown | 221 lines | 180 code | 41 blank | 0 comment | 0 complexity | 25c71a393e5dee9c7325c1759b572445 MD5 | raw file
1from datetime import datetime
2import logging
3
4from pylons import url, request, response, session, tmpl_context as c
5from pylons.controllers.util import abort, redirect
6from pylons.decorators import rest, secure, jsonify
7from tw.mods.pylonshf import validate
8
9from {{package}}.lib.base import BaseController, render
10from {{package}}.lib.helpers import failure_flash, success_flash
11from {{package}}.lib.mail import EmailMessage
12from {{package}}.model import meta
13from {{package}}.model import *
14from {{package}}.forms import identity
15
16log = logging.getLogger(__name__)
17
18
19class AccountsController(BaseController):
20 def __before__(self):
21 c.active_tab = True
22 c.active_sub = True
23 c.openid = False
24
25
26 @rest.dispatch_on(POST='_forgot_password')
27 def forgot_password(self):
28 return render('/accounts/forgot_password.mako')
29
30
31 def verify_email(self, token):
32 # users = list(User.by_email_token(self.db)[token])
33 users = meta.Session.query(User).filter_by(email_token=token).all()
34 if users:
35 user = users[0]
36
37 # If there's a email token issue (change email address), verify
38 # its still valid
39 if user.email_token_issue:
40 diff = datetime.utcnow() - user.email_token_issue
41 if diff.days > 1 or diff.seconds > 3600:
42 failure_flash('This e-mail verification token has expired.')
43 redirect(url('home'))
44 user.active = True
45 # Valid e-mail token, remove it and log the user in
46 user.email_token = user.email_token_issue = None
47 user.process_login()
48 success_flash('Your email has been verified, and you have been'
49 ' logged into PylonsHQ')
50 redirect(url('home'))
51 else:
52 # No valid e-mail token
53 failure_flash('Invalid e-mail token')
54 redirect(url('home'))
55
56
57 @validate(form=identity.forgot_password_form, error_handler='forgot_password')
58 @secure.authenticate_form
59 def _forgot_password(self):
60 # user = list(User.by_email(self.db)[self.form_result['email_address']])[0]
61 user = meta.Session.query(User).by_email(self.form_result['email_address']).all()[0]
62 user.password_token = user.generate_token()
63 c.password_token = user.password_token
64 user.password_token_issue = datetime.utcnow()
65 # user.store(self.db)
66 meta.Session.commit()
67 message = EmailMessage(subject="PylonsHQ - Lost Password",
68 body=render('/email/lost_password.mako'),
69 from_email="PylonsHQ <pylonshq@groovie.org>",
70 to=[self.form_result['email_address']])
71 message.send(fail_silently=True)
72 success_flash('An e-mail has been sent to your account to verify the password reset request.')
73 redirect(url('account_login'))
74
75
76 @rest.dispatch_on(POST='_change_password')
77 def change_password(self, token):
78 # users = list(User.by_password_token(self.db)[token])
79 users = meta.Session.query(User).by_email_token(token).all()
80 if not users:
81 failure_flash('That password token is no longer valid.')
82 redirect(url('account_login'))
83
84 user = users[0]
85 diff = datetime.utcnow() - user.password_token_issue
86 if diff.days > 1 or diff.seconds > 3600:
87 failure_flash('Password token is no longer valid, please make a new password reset request.')
88 redirect(url('forgot_password'))
89 return render('/accounts/change_password.mako')
90
91
92 @validate(form=identity.change_password_form, error_handler='change_password')
93 @secure.authenticate_form
94 def _change_password(self, token):
95 users = meta.Session.query(User).by_password_token(token).all() or abort(401)
96 # users = list(User.by_password_token(self.db)[token]) or abort(401)
97 user = users[0]
98 diff = datetime.utcnow() - user.password_token_issue
99 if diff.days > 1 or diff.seconds > 3600:
100 failure_flash('Password token is no longer valid, please make a new password reset request.')
101 redirect(url('forgot_password'))
102 user.password_token = user.password_token_issue = None
103 user.password = user.hash_password(self.form_result['password'])
104 # user.store(self.db)
105 meta.Session.commit()
106 success_flash('Your password has been reset successfully')
107 redirect(url('account_login'))
108
109
110 def logout(self):
111 if hasattr(c, 'user') and c.user:
112 c.user.session_id = None
113 # c.user.store(self.db)
114 meta.Session.commit()
115 session.clear()
116 session.save()
117 success_flash('You have logged out of your session')
118 redirect(url('home'))
119
120
121 @rest.dispatch_on(POST='_process_login')
122 def login(self):
123 redir = request.GET.get('redir')
124 if redir and redir.startswith('/'):
125 session['redirect'] = str(redir)
126 session.save()
127 return render('/accounts/login.mako')
128
129
130 @validate(form=identity.login_form, error_handler='login')
131 @secure.authenticate_form
132 def _process_login(self):
133 user = self.form_result['user']
134 user.process_login()
135 success_flash('You have logged into PylonsHQ')
136 if session.get('redirect'):
137 redir_url = session.pop('redirect')
138 session.save()
139 redirect(url(**redir_url))
140 redirect(url('home'))
141
142
143 @rest.dispatch_on(POST='_process_openid_associate')
144 def openid_associate(self):
145 openid_url = session.get('openid_identity')
146 if not openid_url:
147 redirect(url('account_register'))
148 c.openid = openid_url
149 return render('/accounts/associate.mako')
150
151
152 @validate(form=identity.login_form, error_handler='login')
153 def _process_openid_associate(self):
154 openid_url = session.get('openid_identity')
155 user = self.form_result['user']
156 if user.openids:
157 user.openids.append(openid_url)
158 else:
159 user.openids = [openid_url]
160 user.process_login()
161 success_flash('You have associated your OpenID to your account, and signed in')
162 if session.get('redirect'):
163 redir_url = session.pop('redirect')
164 session.save()
165 redirect(url(**redir_url))
166 redirect(url('home'))
167
168
169 @rest.dispatch_on(POST='_process_openid_registration')
170 def openid_register(self):
171 openid_url = session.get('openid_identity')
172 if not openid_url:
173 redirect(url('account_register'))
174 c.openid = session.get('openid_identity')
175 c.defaults = {}
176 return render('/accounts/register.mako')
177
178
179 @validate(form=identity.openid_registration_form, error_handler='openid_register')
180 def _process_openid_registration(self):
181 new_user = User(displayname=self.form_result['displayname'],
182 timezone = self.form_result['timezone'],
183 email=self.form_result['email_address'])
184 new_openid = OpenID(text=session['openid_identity'])
185 new_user.openids.append(new_openid)
186 return self._finish_registration(new_user)
187
188
189 @rest.dispatch_on(POST='_process_registration')
190 def register(self):
191 return render('/accounts/register.mako')
192
193
194 @validate(form=identity.registration_form, error_handler='register')
195 @secure.authenticate_form
196 def _process_registration(self):
197 new_user = User(displayname=self.form_result['displayname'],
198 timezone = self.form_result['timezone'],
199 email=self.form_result['email_address'])
200 new_user.password = User.hash_password(self.form_result['password'])
201 return self._finish_registration(new_user)
202
203
204 def _finish_registration(self, user):
205 user.email_token = c.email_token = user.generate_token()
206 user.email_token_issue = datetime.utcnow()
207 # user.store(self.db)
208 meta.Session.commit()
209
210 # Send out the welcome email with the reg token
211 message = EmailMessage(subject="PylonsHQ - Registration Confirmation",
212 body=render('/email/register.mako'),
213 from_email="PylonsHQ <pylonshq@groovie.org>",
214 to=[self.form_result['email_address']])
215 message.send(fail_silently=True)
216
217 success_flash("User account '%s' created successfully. An e-mail has"
218 " been sent to activate your account." % user.displayname)
219 redirect(url('home'))
220
221