def register():
form = RegisterForm()
# Make Recaptcha optional
if not (app.config.get('RECAPTCHA_PUBLIC_KEY')
and app.config.get('RECAPTCHA_PRIVATE_KEY')):
del form.recaptcha
form.fullname.description = app.config.get('FULLNAME_REASON')
form.email.description = app.config.get('EMAIL_REASON')
form.username.description = app.config.get('USERNAME_REASON')
if form.validate_on_submit():
user = register_internal(None, form.fullname.data, form.password.data)
user.username = form.username.data or None
useremail = UserEmailClaim(user=user, email=form.email.data)
db.session.add(useremail)
send_email_verify_link(useremail)
login_internal(user)
db.session.commit()
flash("You are now one of us. Welcome aboard!", category='success')
if 'next' in request.args:
return redirect(request.args['next'], code=303)
else:
return redirect(url_for('index'), code=303)
return render_form(form=form,
title='Register an account',
formid='register',
submit='Register')
def config_external_id(service, service_name, user, userid, username, fullname,
avatar, access_token, secret, token_type, next_url):
session['avatar_url'] = avatar
extid = UserExternalId.query.filter_by(service=service,
userid=userid).first()
session['userid_external'] = {
'service': service,
'userid': userid,
'username': username
}
if extid is not None:
extid.oauth_token = access_token
extid.oauth_token_secret = secret
extid.oauth_token_type = token_type
extid.username = username # For twitter: update username if it changed
login_internal(extid.user)
db.session.commit()
flash('You have logged in as %s via %s' % (username, service_name),
'success')
if not extid.user.is_profile_complete():
return url_for('profile_new', next=next_url)
else:
return
else:
if user:
flash(
'You have logged in as %s via %s. This id has been linked to your existing account'
% (username, service_name), 'success')
else:
flash(
'You have logged in as %s via %s. This is your first time here'
% (username, service_name), 'success')
# If caller wants this id connected to an existing user, do it.
if not user:
user = register_internal(None, fullname, None)
extid = UserExternalId(user=user,
service=service,
userid=userid,
username=username,
oauth_token=access_token,
oauth_token_secret=secret,
oauth_token_type=token_type)
# If the service provided a username that is valid for Lastuser and not already in use, assign
# it to this user
if valid_username(username):
if User.query.filter_by(username=username).first() is None:
user.username = username
db.session.add(extid)
login_internal(user)
db.session.commit()
# redirect the user to profile edit page to fill in more details
return url_for('profile_new', next=next_url)
def register():
form = RegisterForm()
if form.validate_on_submit():
user = register_internal(None, form.fullname.data, form.password.data)
user.username = form.username.data or None
useremail = UserEmailClaim(user=user, email=form.email.data)
db.session.add(useremail)
db.session.commit()
send_email_verify_link(useremail)
login_internal(user)
flash("You are now one of us. Welcome aboard!", category='info')
if 'next' in request.args:
return redirect(request.args['next'], code=303)
else:
return redirect(url_for('index'), code=303)
return render_form(form=form, title='Register an account', formid='register', submit='Register')
def register():
form = RegisterForm()
form.fullname.description = app.config.get("FULLNAME_REASON")
form.email.description = app.config.get("EMAIL_REASON")
form.username.description = app.config.get("USERNAME_REASON")
if form.validate_on_submit():
user = register_internal(None, form.fullname.data, form.password.data)
user.username = form.username.data or None
useremail = UserEmailClaim(user=user, email=form.email.data)
db.session.add(useremail)
db.session.commit()
send_email_verify_link(useremail)
login_internal(user)
flash("You are now one of us. Welcome aboard!", category="success")
if "next" in request.args:
return redirect(request.args["next"], code=303)
else:
return redirect(url_for("index"), code=303)
return render_form(form=form, title="Register an account", formid="register", submit="Register")
def register():
form = RegisterForm()
# Make Recaptcha optional
if not (app.config.get('RECAPTCHA_PUBLIC_KEY') and app.config.get('RECAPTCHA_PRIVATE_KEY')):
del form.recaptcha
form.fullname.description = app.config.get('FULLNAME_REASON')
form.email.description = app.config.get('EMAIL_REASON')
form.username.description = app.config.get('USERNAME_REASON')
if form.validate_on_submit():
user = register_internal(None, form.fullname.data, form.password.data)
user.username = form.username.data or None
useremail = UserEmailClaim(user=user, email=form.email.data)
db.session.add(useremail)
send_email_verify_link(useremail)
login_internal(user)
db.session.commit()
flash("You are now one of us. Welcome aboard!", category='success')
if 'next' in request.args:
return redirect(request.args['next'], code=303)
else:
return redirect(url_for('index'), code=303)
return render_form(form=form, title='Register an account', formid='register', submit='Register')
def config_external_id(service, service_name, user, userid, username, fullname, avatar, access_token, secret, token_type, next_url):
session['avatar_url'] = avatar
extid = UserExternalId.query.filter_by(service=service, userid=userid).first()
session['userid_external'] = {'service': service, 'userid': userid, 'username': username}
if extid is not None:
extid.oauth_token = access_token
extid.oauth_token_secret = secret
extid.oauth_token_type = token_type
extid.username = username # For twitter: update username if it changed
login_internal(extid.user)
db.session.commit()
flash('You have logged in as %s via %s' % (username, service_name), 'success')
if not extid.user.email:
return url_for('profile_new', next=next_url)
else:
return
else:
if user:
flash('You have logged in as %s via %s. This id has been linked to your existing account' % (username, service_name), 'success')
else:
flash('You have logged in as %s via %s. This is your first time here' % (username, service_name), 'success')
# If caller wants this id connected to an existing user, do it.
if not user:
user = register_internal(None, fullname, None)
extid = UserExternalId(user=user, service=service, userid=userid, username=username,
oauth_token=access_token, oauth_token_secret=secret,
oauth_token_type=token_type)
# If the service provided a username that is valid for Lastuser and not already in use, assign
# it to this user
if valid_username(username):
if User.query.filter_by(username=username).first() is None:
user.username = username
db.session.add(extid)
db.session.commit()
login_internal(user)
# redirect the user to profile edit page to fill in more details
return url_for('profile_new', next=next_url)
def login_openid_success(resp):
"""
Called when OpenID login succeeds
"""
openid = resp.identity_url
if openid.startswith('https://profiles.google.com/') or openid.startswith('https://www.google.com/accounts/o8/id?id='):
service = 'google'
else:
service = 'openid'
extid = UserExternalId.query.filter_by(service=service, userid=openid).first()
if extid is not None:
login_internal(extid.user)
db.session.commit()
session['userid_external'] = {'service': service, 'userid': openid}
flash("You are now logged in", category='success')
if not extid.user.is_profile_complete():
return redirect(url_for('profile_new', next=get_next_url(session=True)))
else:
return redirect(get_next_url(session=True))
else:
username = None
if resp.email:
useremail = UserEmail.query.filter_by(email=resp.email).first()
if openid.startswith('https://profiles.google.com/') or openid.startswith('https://www.google.com/accounts/o8/id?id='):
# Google id. Trust the email address.
if useremail:
# User logged in previously using a different Google OpenID endpoint
# Add this new endpoint to the existing user account
user = useremail.user
else:
# No previous record for email address, so register a new user
user = register_internal(None, resp.fullname or resp.nickname or openid, None)
user.add_email(resp.email, primary=True)
else:
# Not a Google id. Do not trust an OpenID-provided email address.
# This must be treated as a claim, not as a confirmed email address.
# Step 1. Make a new account
user = register_internal(None, resp.fullname or resp.nickname or openid, None)
# Step 2. If this email address is not already known, register a claim.
# If it is an existing registered email address, ignore it. OpenID metadata
# cannot be trusted; anyone can setup an OpenID server that will allow the user
# to claim any email address.
if not useremail:
emailclaim = UserEmailClaim(user=user, email=resp.email)
db.session.add(emailclaim)
send_email_verify_link(emailclaim)
else:
# First login and no email address provided. Create a new user account
user = register_internal(None, resp.fullname or resp.nickname or openid, None)
# Set username for Google ids
if openid.startswith('https://profiles.google.com/'):
# Use profile name as username
parts = openid.split('/')
while not parts[-1]:
parts.pop(-1)
username = parts[-1]
elif openid.startswith('https://www.google.com/accounts/o8/id?id='):
# Use email address as username
username = resp.email
# Record this OpenID/Google id for the user
extid = UserExternalId(user=user,
service=service,
userid=openid,
username=username,
oauth_token=None,
oauth_token_secret=None)
db.session.add(extid)
login_internal(user)
db.session.commit()
session['userid_external'] = {'service': service, 'userid': openid}
flash("You are now logged in.", category='success')
if not user.is_profile_complete():
return redirect(url_for('profile_new', next=get_next_url(session=True)))
else:
return redirect(get_next_url(session=True))
def login_openid_success(resp):
"""
Called when OpenID login succeeds
"""
openid = resp.identity_url
if openid.startswith('https://profiles.google.com/') or openid.startswith(
'https://www.google.com/accounts/o8/id?id='):
service = 'google'
else:
service = 'openid'
extid = UserExternalId.query.filter_by(service=service,
userid=openid).first()
if extid is not None:
login_internal(extid.user)
db.session.commit()
session['userid_external'] = {'service': service, 'userid': openid}
flash("You are now logged in", category='success')
if not extid.user.is_profile_complete():
return redirect(
url_for('profile_new', next=get_next_url(session=True)))
else:
return redirect(get_next_url(session=True))
else:
username = None
if resp.email:
useremail = UserEmail.query.filter_by(email=resp.email).first()
if openid.startswith(
'https://profiles.google.com/') or openid.startswith(
'https://www.google.com/accounts/o8/id?id='):
# Google id. Trust the email address.
if useremail:
# User logged in previously using a different Google OpenID endpoint
# Add this new endpoint to the existing user account
user = useremail.user
else:
# No previous record for email address, so register a new user
user = register_internal(
None, resp.fullname or resp.nickname or openid, None)
user.add_email(resp.email, primary=True)
else:
# Not a Google id. Do not trust an OpenID-provided email address.
# This must be treated as a claim, not as a confirmed email address.
# Step 1. Make a new account
user = register_internal(
None, resp.fullname or resp.nickname or openid, None)
# Step 2. If this email address is not already known, register a claim.
# If it is an existing registered email address, ignore it. OpenID metadata
# cannot be trusted; anyone can setup an OpenID server that will allow the user
# to claim any email address.
if not useremail:
emailclaim = UserEmailClaim(user=user, email=resp.email)
db.session.add(emailclaim)
send_email_verify_link(emailclaim)
else:
# First login and no email address provided. Create a new user account
user = register_internal(None, resp.fullname or resp.nickname
or openid, None)
# Set username for Google ids
if openid.startswith('https://profiles.google.com/'):
# Use profile name as username
parts = openid.split('/')
while not parts[-1]:
parts.pop(-1)
username = parts[-1]
elif openid.startswith('https://www.google.com/accounts/o8/id?id='):
# Use email address as username
username = resp.email
# Record this OpenID/Google id for the user
extid = UserExternalId(user=user,
service=service,
userid=openid,
username=username,
oauth_token=None,
oauth_token_secret=None)
db.session.add(extid)
login_internal(user)
db.session.commit()
session['userid_external'] = {'service': service, 'userid': openid}
flash("You are now logged in.", category='success')
if not user.is_profile_complete():
return redirect(
url_for('profile_new', next=get_next_url(session=True)))
else:
return redirect(get_next_url(session=True))
