def register():
""" Perform registration of a new user """
disable_cache()
require.account.create()
data = AccountRegister().deserialize(request_data())
# Check if the username already exists, return an error if so
if Account.by_name(data['name']):
raise colander.Invalid(
AccountRegister.name,
_("Login name already exists, please choose a "
"different one"))
# Check if passwords match, return error if not
if not data['password1'] == data['password2']:
raise colander.Invalid(AccountRegister.password1,
_("Passwords don't match!"))
# Create the account
account = Account()
account.name = data['name']
account.fullname = data['fullname']
account.email = data['email']
account.public_email = data['public_email']
account.password = generate_password_hash(data['password1'])
db.session.add(account)
db.session.commit()
# Perform a login for the user
login_user(account, remember=True)
# Registration successful - Redirect to the front page
return jsonify(account)
def load_user_from_request(request):
api_key = request.args.get("api_key")
if api_key and len(api_key):
account = Account.by_api_key(api_key)
if account:
return account
api_key = request.headers.get("Authorization")
if api_key and len(api_key) and " " in api_key:
method, api_key = api_key.split(" ", 1)
if method.lower() == "apikey":
account = Account.by_api_key(api_key)
if account:
return account
return None
def load_user_from_request(request):
api_key = request.args.get('api_key')
if api_key and len(api_key):
account = Account.by_api_key(api_key)
if account:
return account
api_key = request.headers.get('Authorization')
if api_key and len(api_key) and ' ' in api_key:
method, api_key = api_key.split(' ', 1)
if method.lower() == 'apikey':
account = Account.by_api_key(api_key)
if account:
return account
return None
def load_user_from_request(request):
api_key = request.args.get('api_key')
if api_key and len(api_key):
account = Account.by_api_key(api_key)
if account:
return account
api_key = request.headers.get('Authorization')
if api_key and len(api_key) and ' ' in api_key:
method, api_key = api_key.split(' ', 1)
if method.lower() == 'apikey':
account = Account.by_api_key(api_key)
if account:
return account
return None
def trigger_reset():
"""
Allow user to trigger a reset of the password in case they forget it
"""
email = request_data().get('email')
# Simple check to see if the email was provided. Flash error if not
if email is None or not len(email):
return jsonify(
{
'status': 'error',
'message': _("Please enter an email address!")
},
status=400)
account = Account.by_email(email)
# If no account is found we let the user know that it's not registered
if account is None:
return jsonify(
{
'status': 'error',
'message': _("No user is registered under this address!")
},
status=400)
# Send the reset link to the email of this account
send_reset_link(account)
return jsonify({
'status':
'ok',
'message':
_("You've received an email with a link to reset your "
"password. Please check your inbox.")
})
def trigger_reset():
"""
Allow user to trigger a reset of the password in case they forget it
"""
email = request_data().get('email')
# Simple check to see if the email was provided. Flash error if not
if email is None or not len(email):
return jsonify({
'status': 'error',
'message': _("Please enter an email address!")
}, status=400)
account = Account.by_email(email)
# If no account is found we let the user know that it's not registered
if account is None:
return jsonify({
'status': 'error',
'message': _("No user is registered under this address!")
}, status=400)
# Send the reset link to the email of this account
send_reset_link(account)
return jsonify({
'status': 'ok',
'message': _("You've received an email with a link to reset your "
"password. Please check your inbox.")
})
def decode(self, cstruct):
from spendb.model import Account
if isinstance(cstruct, basestring):
return Account.by_name(cstruct)
if isinstance(cstruct, dict):
return self.decode(cstruct.get('name'))
return None
def decode(self, cstruct):
from spendb.model import Account
if isinstance(cstruct, basestring):
return Account.by_name(cstruct)
if isinstance(cstruct, dict):
return self.decode(cstruct.get("name"))
return None
def login():
data = request_data()
account = Account.by_name(data.get("login"))
if account is not None:
if check_password_hash(account.password, data.get("password")):
login_user(account, remember=True)
return jsonify({"status": "ok", "message": _("Welcome back, %(name)s!", name=account.name)})
return jsonify({"status": "error", "errors": {"password": _("Incorrect user name or password!")}}, status=400)
def register():
""" Perform registration of a new user """
require.account.create()
data = AccountRegister().deserialize(request_data())
# Check if the username already exists, return an error if so
if Account.by_name(data['name']):
raise colander.Invalid(
AccountRegister.name,
_("Login name already exists, please choose a "
"different one"))
# Check if passwords match, return error if not
if not data['password1'] == data['password2']:
raise colander.Invalid(AccountRegister.password1,
_("Passwords don't match!"))
# Create the account
account = Account()
account.name = data['name']
account.fullname = data['fullname']
account.email = data['email']
account.public_email = data['public_email']
account.password = generate_password_hash(data['password1'])
db.session.add(account)
db.session.commit()
# Perform a login for the user
login_user(account, remember=True)
# Registration successful - Redirect to the front page
return jsonify(account)
def view(account):
""" Generate a profile page for a user (from the provided name) """
account = obj_or_404(Account.by_name(account))
data = account.to_dict()
if account == current_user or current_user.admin:
data['email'] = account.email
data['public_email'] = account.public_email
data['twitter_handle'] = account.twitter_handle
data['public_twitter'] = account.public_twitter
return jsonify(data)
def view(account):
""" Generate a profile page for a user (from the provided name) """
account = obj_or_404(Account.by_name(account))
data = account.to_dict()
if account == current_user or current_user.admin:
data['email'] = account.email
data['public_email'] = account.public_email
data['twitter_handle'] = account.twitter_handle
data['public_twitter'] = account.public_twitter
return jsonify(data)
def do_reset():
email = request.args.get('email')
if email is None or not len(email):
return redirect('/login')
account = Account.by_email(email)
if account is None:
return redirect('/login')
if request.args.get('token') != account.token:
return redirect('/login')
login_user(account)
return redirect('/settings')
def login():
data = request_data()
account = Account.by_name(data.get('login'))
if account is not None:
if check_password_hash(account.password, data.get('password')):
login_user(account, remember=True)
return jsonify({
'status': 'ok',
'message': _("Welcome back, %(name)s!", name=account.name)
})
return jsonify({
'status': 'error',
'errors': {
'password': _("Incorrect user name or password!")
}
}, status=400)
def do_reset():
email = request.args.get('email')
if email is None or not len(email):
# flash_error(_("The reset link is invalid!"))
return redirect('/login')
account = Account.by_email(email)
if account is None:
# flash_error(_("No user is registered under this address!"))
return redirect('/login')
if request.args.get('token') != account.token:
# flash_error(_("The reset link is invalid!"))
return redirect('/login')
login_user(account)
# flash_success(
# _("Thanks! You have now been signed in - please change "
# "your password!"))
return redirect('/settings')
def login():
data = request_data()
account = Account.by_name(data.get('login'))
if account is not None:
if check_password_hash(account.password, data.get('password')):
login_user(account, remember=True)
return jsonify({
'status':
'ok',
'message':
_("Welcome back, %(name)s!", name=account.name)
})
return jsonify(
{
'status': 'error',
'errors': {
'password': _("Incorrect user name or password!")
}
},
status=400)
def do_reset():
email = request.args.get('email')
if email is None or not len(email):
# flash_error(_("The reset link is invalid!"))
return redirect('/login')
account = Account.by_email(email)
if account is None:
# flash_error(_("No user is registered under this address!"))
return redirect('/login')
if request.args.get('token') != account.token:
# flash_error(_("The reset link is invalid!"))
return redirect('/login')
login_user(account)
# flash_success(
# _("Thanks! You have now been signed in - please change "
# "your password!"))
return redirect('/settings')
