def register(self):
if request.method == u'POST':
client_key = self.generate_client_key()
secret = self.generate_client_secret()
# TODO: input sanitisation?
name = request.form.get(u"name")
description = request.form.get(u"description")
callback = request.form.get(u"callback")
pubkey = request.form.get(u"pubkey")
# TODO: redirect?
# TODO: pubkey upload
# TODO: csrf
info = {
u"client_key": client_key,
u"name": name,
u"description": description,
u"secret": secret,
u"pubkey": pubkey
}
client = Client(**info)
client['callbacks'].append(callback)
client['resource_owner_id'] = g.user['_id']
client_id = Client.insert(client)
g.user.client_ids.append(client_id)
User.get_collection().save(g.user)
return render_template(u"client.html", **info)
else:
clients = Client.get_collection().find(
{'_id': {
'$in': [ObjectId(oid) for oid in g.user.client_ids]
}})
return render_template(u"register.html", clients=clients)
def register(self):
if request.method == u'POST':
client_key = self.generate_client_key()
secret = self.generate_client_secret()
# TODO: input sanitisation?
name = request.form.get(u"name")
description = request.form.get(u"description")
callback = request.form.get(u"callback")
pubkey = request.form.get(u"pubkey")
# TODO: redirect?
# TODO: pubkey upload
# TODO: csrf
info = {
u"client_key": client_key,
u"name": name,
u"description": description,
u"secret": secret,
u"pubkey": pubkey
}
client = Client(**info)
client['callbacks'].append(callback)
client['resource_owner_id'] = g.user['_id']
client_id = Client.insert(client)
g.user.client_ids.append(client_id)
User.get_collection().save(g.user)
return render_template(u"client.html", **info)
else:
clients = Client.get_collection().find({'_id': {'$in':
[ObjectId(oid) for oid in g.user.client_ids]}})
return render_template(u"register.html", clients=clients)
def before_request():
g.user = None
if 'openid' in session:
user_dict = User.find_one({'openid':session['openid']})
if user_dict:
g.user = User()
g.user.update(user_dict)
def before_request():
g.user = None
if 'openid' in session:
user_dict = User.find_one({'openid': session['openid']})
if user_dict:
g.user = User()
g.user.update(user_dict)
def create_profile():
"""If this is the user's first login, the create_or_login function
will redirect here so that the user can set up his profile.
"""
if g.user is not None or 'openid' not in session:
return redirect(url_for('index'))
if request.method == 'POST':
name = request.form['name']
email = request.form['email']
if not name:
flash(u'Error: you have to provide a name')
elif '@' not in email:
flash(u'Error: you have to enter a valid email address')
else:
flash(u'Profile successfully created')
User.get_collection().insert(User(name, email, session['openid']))
return redirect(oid.get_next_url())
return render_template('create_profile.html', next_url=oid.get_next_url())
def create_profile():
"""If this is the user's first login, the create_or_login function
will redirect here so that the user can set up his profile.
"""
if g.user is not None or 'openid' not in session:
return redirect(url_for('index'))
if request.method == 'POST':
name = request.form['name']
email = request.form['email']
if not name:
flash(u'Error: you have to provide a name')
elif '@' not in email:
flash(u'Error: you have to enter a valid email address')
else:
flash(u'Profile successfully created')
User.get_collection().insert(User(name, email, session['openid']))
return redirect(oid.get_next_url())
return render_template('create_profile.html', next_url=oid.get_next_url())
def before_request():
"""
Jokaisen HTTP-pyynnön alussa tarkistetaan onko käyttäjä kirjautunut,
ja jos on, haetaan tietokannasta käyttäjän profiili ja liitetään se
säiekohtaiseen g-muuttujaan, jonka kautta profiiliin päästään helposti
käsiksi.
"""
g.user = None
user = users.get_current_user()
if user:
g.user = User.query(User.userid == user.user_id()).get()
def before_request():
"""
Jokaisen HTTP-pyynnön alussa tarkistetaan onko käyttäjä kirjautunut,
ja jos on, haetaan tietokannasta käyttäjän profiili ja liitetään se
säiekohtaiseen g-muuttujaan, jonka kautta profiiliin päästään helposti
käsiksi.
"""
g.user = None
user = users.get_current_user()
if user:
g.user = User.query(User.userid == user.user_id()).get()
def create_profile():
"""
Sivu profiilin luomista varten.
"""
if g.user is not None:
return redirect(url_for('index'))
if request.method == 'POST':
name = request.form['name']
email = request.form['email']
next = request.form["next"]
if not name:
flash(u"Error: you have to provide a name")
elif '@' not in email:
flash(u"Error: you have to enter a valid email address")
else:
flash(u"Profile successfully created")
new_user = User(name=name,
email=email,
userid=users.get_current_user().user_id())
new_user.put()
return redirect(next)
next = request.args.get("next", "/")
return render_template('create_profile.html', next_url=next)
def create_or_login(resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
user = User.get_collection().find_one({'openid':resp.identity_url})
if user is not None:
flash(u'Successfully signed in')
g.user = user
return redirect(oid.get_next_url())
return redirect(url_for('create_profile', next=oid.get_next_url(),
name=resp.fullname or resp.nickname,
email=resp.email))
def create_profile():
"""
Sivu profiilin luomista varten.
"""
if g.user is not None:
return redirect(url_for('index'))
if request.method == 'POST':
name = request.form['name']
email = request.form['email']
next = request.form["next"]
if not name:
flash(u"Error: you have to provide a name")
elif '@' not in email:
flash(u"Error: you have to enter a valid email address")
else:
flash(u"Profile successfully created")
new_user = User(
name=name,
email=email,
userid=users.get_current_user().user_id())
new_user.put()
return redirect(next)
next = request.args.get("next", "/")
return render_template('create_profile.html', next_url=next)
def edit_profile():
"""Updates a profile"""
if g.user is None:
abort(401)
form = dict(name=g.user.name, email=g.user.email)
if request.method == 'POST':
if 'delete' in request.form:
User.get_collection().remove(g.user)
session['openid'] = None
flash(u'Profile deleted')
return redirect(url_for('index'))
form['name'] = request.form['name']
form['email'] = request.form['email']
if not form['name']:
flash(u'Error: you have to provide a name')
elif '@' not in form['email']:
flash(u'Error: you have to enter a valid email address')
else:
flash(u'Profile successfully created')
g.user.name = form['name']
g.user.email = form['email']
uid = User.get_collection().save(g.user)
return redirect(url_for('edit_profile'))
return render_template('edit_profile.html', form=form)
def edit_profile():
"""Updates a profile"""
if g.user is None:
abort(401)
form = dict(name=g.user.name, email=g.user.email)
if request.method == 'POST':
if 'delete' in request.form:
User.get_collection().remove(g.user)
session['openid'] = None
flash(u'Profile deleted')
return redirect(url_for('index'))
form['name'] = request.form['name']
form['email'] = request.form['email']
if not form['name']:
flash(u'Error: you have to provide a name')
elif '@' not in form['email']:
flash(u'Error: you have to enter a valid email address')
else:
flash(u'Profile successfully created')
g.user.name = form['name']
g.user.email = form['email']
uid = User.get_collection().save(g.user)
return redirect(url_for('edit_profile'))
return render_template('edit_profile.html', form=form)
def create_or_login(resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
user = User.get_collection().find_one({'openid': resp.identity_url})
if user is not None:
flash(u'Successfully signed in')
g.user = user
return redirect(oid.get_next_url())
return redirect(
url_for('create_profile',
next=oid.get_next_url(),
name=resp.fullname or resp.nickname,
email=resp.email))
def create_or_login():
"""
Tätä kutsutaan kirjautumisen jälkeen.
Jos kyseessä on ensimmäinen kirjautumiskerta, ohjataan käyttäjä
profiilinluomissivulle, muuten jatketaan.
"""
user = users.get_current_user()
user_id = user.user_id()
stored_user = User.query(User.userid == user_id).get()
next = request.args.get("next", "/")
if stored_user is not None:
# Käyttäjä löytyi, ei tarvitse luoda uutta käyttäjätiliä:
flash(u"Successfully signed in")
g.user = stored_user
return redirect(next)
return redirect(url_for("create_profile", next=next,
name=user.nickname(),
email=user.email()))
def create_or_login():
"""
Tätä kutsutaan kirjautumisen jälkeen.
Jos kyseessä on ensimmäinen kirjautumiskerta, ohjataan käyttäjä
profiilinluomissivulle, muuten jatketaan.
"""
user = users.get_current_user()
user_id = user.user_id()
stored_user = User.query(User.userid == user_id).get()
next = request.args.get("next", "/")
if stored_user is not None:
# Käyttäjä löytyi, ei tarvitse luoda uutta käyttäjätiliä:
flash(u"Successfully signed in")
g.user = stored_user
return redirect(next)
return redirect(
url_for("create_profile",
next=next,
name=user.nickname(),
email=user.email()))
def protected_realm_view():
token = request.oauth.resource_owner_key
access_token = AccessToken.get_collection().find_one({'token':token})
user = User.find_one({'_id':access_token['resource_owner_id']})
return user['email']
