def login_signup_submit():
""" They've entered some information and want an account.
Do some checks and send them a confirmation email if all looks good.
"""
# TODO: How do we stop someone using this to spam someone?
if not OaConfig.open_registration:
abort(404)
form = request.form
if not ('username' in form and 'password' in form and 'confirm' in form
and 'email' in form):
flash("Please fill in all fields")
return redirect(url_for("login_signup"))
username = sanitize_username(form['username'])
password = form['password']
confirm = form['confirm']
email = form['email']
if username == "" or password == "" or confirm == "" or email == "":
flash("Please fill in all fields")
return redirect(url_for("login_signup"))
if not confirm == password:
flash("Passwords don't match")
return redirect(url_for("login_signup"))
# basic checks in case they entered their street address or something
# a fuller check is too hard or prone to failure
if "@" not in email or "." not in email:
flash("Email address doesn't appear to be valid")
return redirect(url_for("login_signup"))
existing = Users2.uid_by_uname(username)
if existing:
flash("An account with that name already exists, "
"please try another username.")
return redirect(url_for("login_signup"))
code = Users.gen_confirm_code()
newuid = Users.create(uname=username,
passwd="NOLOGIN",
email=email,
givenname=username,
familyname="",
acctstatus=1,
studentid="",
source="local",
confirm_code=code,
confirm=False)
Users2.set_password(newuid, password)
text_body = render_template(os.path.join("email", "confirmation.txt"),
code=code)
html_body = render_template(os.path.join("email", "confirmation.html"),
code=code)
send_email(email,
from_addr=None,
subject="OASIS Signup Confirmation",
text_body=text_body,
html_body=html_body)
return render_template("login_signup_submit.html", email=email)
def login_signup_submit():
""" They've entered some information and want an account.
Do some checks and send them a confirmation email if all looks good.
"""
# TODO: How do we stop someone using this to spam someone?
if not OaConfig.open_registration:
abort(404)
form = request.form
if not ('username' in form
and 'password' in form
and 'confirm' in form
and 'email' in form):
flash("Please fill in all fields")
return redirect(url_for("login_signup"))
username = sanitize_username(form['username'])
password = form['password']
confirm = form['confirm']
email = form['email']
if username == "" or password == "" or confirm == "" or email == "":
flash("Please fill in all fields")
return redirect(url_for("login_signup"))
if not confirm == password:
flash("Passwords don't match")
return redirect(url_for("login_signup"))
# basic checks in case they entered their street address or something
# a fuller check is too hard or prone to failure
if "@" not in email or "." not in email:
flash("Email address doesn't appear to be valid")
return redirect(url_for("login_signup"))
existing = Users2.uid_by_uname(username)
if existing:
flash("An account with that name already exists, "
"please try another username.")
return redirect(url_for("login_signup"))
code = Users.gen_confirm_code()
newuid = Users.create(uname=username,
passwd="NOLOGIN",
email=email,
givenname=username,
familyname="",
acctstatus=1,
studentid="",
source="local",
confirm_code=code,
confirm=False)
Users2.set_password(newuid, password)
text_body = render_template(os.path.join("email", "confirmation.txt"), code=code)
html_body = render_template(os.path.join("email", "confirmation.html"), code=code)
send_email(email,
from_addr=None,
subject="OASIS Signup Confirmation",
text_body=text_body,
html_body=html_body)
return render_template("login_signup_submit.html", email=email)
