def login_signup_submit(): """ They've entered some information and want an account. Do some checks and send them a confirmation email if all looks good. """ # TODO: How do we stop someone using this to spam someone? if not OaConfig.open_registration: abort(404) form = request.form if not ('username' in form and 'password' in form and 'confirm' in form and 'email' in form): flash("Please fill in all fields") return redirect(url_for("login_signup")) username = sanitize_username(form['username']) password = form['password'] confirm = form['confirm'] email = form['email'] if username == "" or password == "" or confirm == "" or email == "": flash("Please fill in all fields") return redirect(url_for("login_signup")) if not confirm == password: flash("Passwords don't match") return redirect(url_for("login_signup")) # basic checks in case they entered their street address or something # a fuller check is too hard or prone to failure if "@" not in email or "." not in email: flash("Email address doesn't appear to be valid") return redirect(url_for("login_signup")) existing = Users2.uid_by_uname(username) if existing: flash("An account with that name already exists, " "please try another username.") return redirect(url_for("login_signup")) code = Users.gen_confirm_code() newuid = Users.create(uname=username, passwd="NOLOGIN", email=email, givenname=username, familyname="", acctstatus=1, studentid="", source="local", confirm_code=code, confirm=False) Users2.set_password(newuid, password) text_body = render_template(os.path.join("email", "confirmation.txt"), code=code) html_body = render_template(os.path.join("email", "confirmation.html"), code=code) send_email(email, from_addr=None, subject="OASIS Signup Confirmation", text_body=text_body, html_body=html_body) return render_template("login_signup_submit.html", email=email)
def login_signup_submit(): """ They've entered some information and want an account. Do some checks and send them a confirmation email if all looks good. """ # TODO: How do we stop someone using this to spam someone? if not OaConfig.open_registration: abort(404) form = request.form if not ('username' in form and 'password' in form and 'confirm' in form and 'email' in form): flash("Please fill in all fields") return redirect(url_for("login_signup")) username = sanitize_username(form['username']) password = form['password'] confirm = form['confirm'] email = form['email'] if username == "" or password == "" or confirm == "" or email == "": flash("Please fill in all fields") return redirect(url_for("login_signup")) if not confirm == password: flash("Passwords don't match") return redirect(url_for("login_signup")) # basic checks in case they entered their street address or something # a fuller check is too hard or prone to failure if "@" not in email or "." not in email: flash("Email address doesn't appear to be valid") return redirect(url_for("login_signup")) existing = Users2.uid_by_uname(username) if existing: flash("An account with that name already exists, " "please try another username.") return redirect(url_for("login_signup")) code = Users.gen_confirm_code() newuid = Users.create(uname=username, passwd="NOLOGIN", email=email, givenname=username, familyname="", acctstatus=1, studentid="", source="local", confirm_code=code, confirm=False) Users2.set_password(newuid, password) text_body = render_template(os.path.join("email", "confirmation.txt"), code=code) html_body = render_template(os.path.join("email", "confirmation.html"), code=code) send_email(email, from_addr=None, subject="OASIS Signup Confirmation", text_body=text_body, html_body=html_body) return render_template("login_signup_submit.html", email=email)