def get(self, path): LINKS_IN = (("edit", "/_edit" + path), ("history", "/_history" + path), ("logout", "/logout" + path)) LINKS_OUT = (("history", "/_history" + path), ("log in", "/login"), ("sign up", "/signup")) vdata = dict(self.request.params) vdata["user"] = self.user vdata["path"] = path vdata["linkinfo"] = LINKS_IN if self.user else LINKS_OUT post_id = vdata.get("v") if post_id: post_rec = WikiPosts.by_id(path, post_id) else: post_rec = WikiPosts.most_recent_by_path(path) if post_rec: vdata["post"] = post_rec user_rec = Users.by_id(post_rec.user_id) vdata["username"] = user_rec.username self.render("wikiview.html", vdata=vdata) else: # We couldn't find a post record. What we do now # depends on the type of item we're trying to view. # if it's a DB reference, we're stuck so show an error. # If it's a path, we switch to edit mode. if post_id: self.error(404) else: # if user not logged in, edit page handler will redirect to login. # Do we want to have a double redixrect??? url = URL_RD_EDIT.format(path) self.redirect(url)
def post(self): username = self.request.get('username').lower() password = self.request.get('password') vdata = dict(self.request.params) submit_error = False if not username: vdata['e_username'] = "******" submit_error = True if not password: vdata['e_password'] = "******" submit_error = True if submit_error: self.render('login_form.html', vdata=vdata) else: # No form submit errors. Query for the user user_rec = Users.login(username, password) if user_rec: # found the username and the salt checked out! self.login(user_rec) self.redirect(URL_ROOT) else: vdata['e_login'] = "******" self.render('login_form.html', vdata=vdata)
def post(self): # NOTES: this kind of technique I'm using won't scale well. Need to # transition to a system where a dict is contructed dynmically. username = self.request.get('username').lower() password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') vdata = dict(self.request.params) submit_error = False if not utils.valid_username(username): vdata['e_username'] = "******" submit_error = True if utils.valid_password(password): if password != verify: vdata['e_verify'] = "Your passwords didn't match." submit_error = True else: vdata['e_password'] = "******" submit_error = True if submit_error: self.render('signup_form.html', vdata=vdata) else: #form filled out successfully, check DB for dupes user_rec = Users.by_username(username) if user_rec: # dupe!!! vdata['e_username'] = "******" self.render('signup_form.html', vdata=vdata) else: # sign up form was successful. Now, first create a password # hash and create a Users entity. new_user = Users.register(username, password, email) new_user.put() # now we want to store a cookie indicating a user. send # the "Set-Cookie" data in the redirect response :) user_id = new_user.key().id() self.set_secure_cookie('user_id', user_id) self.redirect(URL_ROOT)
def initialize(self, *a, **kw): super(BaseHandler, self).initialize(*a, **kw) uid = self.read_secure_cookie('user_id') self.user = Users.by_id(int(uid)) if uid else None