def auth(*args, **kwargs):
info = get_session()
setattr(request, 'logged_in', False)
setattr(request, 'admin', None)
setattr(request, 'station', None)
setattr(request, 'player', None)
setattr(request, 'user', None)
setattr(request, 'session', info)
if not info:
return func(*args, **kwargs)
if not info.user:
return func(*args, **kwargs)
request.user = info.user
request.admin = isinstance(request.user, Admin)
request.station = isinstance(request.user, Station)
request.player = isinstance(request.user, Player)
request.logged_in = True
if request.station:
info.ttl = 5 * 24 * 60 * 60
info.update_expires()
set_cookie(info)
# force Players to read the eula if they haven't already
if 'eula' not in request.path and request.player and not (
request.user.liability and request.user.safety):
# for i in ('liability', 'safety'):
# response.set_cookie(i+'_read', '', path='/')
redirect('/eula', 303)
func_dict = func(*args, **kwargs)
if func_dict and isinstance(func_dict, dict):
if '/tag/' not in request.path:
func_dict['user'] = request.user
return func_dict
def auth(*args, **kwargs):
info = get_session()
setattr(request, 'logged_in', False)
setattr(request, 'admin', None)
setattr(request, 'station', None)
setattr(request, 'player', None)
setattr(request, 'user', None)
setattr(request, 'session', info)
if not info:
return func(*args, **kwargs)
if not info.user:
return func(*args, **kwargs)
request.user = info.user
request.admin = isinstance(request.user, Admin)
request.station = isinstance(request.user, Station)
request.player = isinstance(request.user, Player)
request.logged_in = True
if request.station:
info.ttl = 5*24*60*60
info.update_expires()
set_cookie(info)
# force Players to read the eula if they haven't already
if 'eula' not in request.path and request.player and not (request.user.liability and request.user.safety):
# for i in ('liability', 'safety'):
# response.set_cookie(i+'_read', '', path='/')
redirect('/eula', 303)
func_dict = func(*args, **kwargs)
if func_dict and isinstance(func_dict, dict):
if '/tag/' not in request.path:
func_dict['user'] = request.user
return func_dict
def do_login():
usern = request.params['username']
passw = request.params['password']
user = Account.from_username(usern)
if not user:
seterr('/login','nouser')
if not user.verify_pass(passw):
seterr('/login','nouser')
sess = get_session()
# protect against session fixation
sess.destroySelf()
sess = get_session()
sess.user = user
if isinstance(user, Station):
sess.ttl = +(5*24*60*60)
sess.update_expires()
set_cookie(sess)
loc = request.environ.get('HTTP_REFERER', '/index')
if loc == '/':
loc = '/index'
response.set_header('Location', loc)
response.status = 303
return None
if not question.check(answer):
seterr('/register','badanswer')
user = (Account.from_username(username) or Player.from_student_num(studentn) or Account.from_email(email) or
Player.from_twitter(twitter) or Player.from_cell(cell))
if user:
seterr('/register','userexists')
u = None
try:
u = Player(name=name,username=username,hashed_pass=password,language=language,student_num=studentn,
email=email,twitter=twitter,cell=cell,liability=True,safety=True)
except dberrors.DuplicateEntryError, e:
seterr('/register', 'userexists')
if hasattr(request, 'station') and not request.station and not request.admin:
sess = get_session()
sess.user = u
set_cookie(sess)
# only obliterate the form data when player is successfully created
request.session.data = None
redirect('/thanks',303)
# end of non-auth pages
@route('/thanks')
@mview('thanks')
@allow_auth
@lang
@require_auth
def view_thanks():
return dict()
@route('/forgot_password',method='GET')
@mview('forgotpass')
