def user():
url = __check_login('user')
if url: return redirect(url)
usererrors = []
userform = UserForm(prefix="user")
user = get_user(session['email'])
if request.method == 'GET':
# Add default values
userform.email.data = user.email
userform.first_name.data = user.short_name
userform.last_name.data = user.family_name
userform.alias.data = user.alias
elif userform.validate_on_submit():
if (validate_login(session['email'], userform.password.data)):
# Update info
user.email = userform.email.data
user.short_name = userform.first_name.data
user.family_name = userform.last_name.data
user.full_name = userform.first_name.data + " " + userform.last_name.data
user.alias = userform.alias.data if userform.alias.data != "" else None
if (userform.new_password.data):
user.password = hash_password(userform.new_password.data)
save_user(user)
flash(_(u'Information updated'))
else:
usererrors.append(_(u'Invalid password'))
if userform.errors:
for key, value in userform.errors.items():
usererrors.append(key + ': ' + value[0])
return render_template('user.html', userform=userform, usererrors=usererrors)
def login():
loginerrors = []
regerrors = []
regform = RegistrationForm(prefix="register")
loginform = LoginForm(prefix="login")
if loginform.email.data and loginform.validate_on_submit():
user = validate_login(loginform.email.data, loginform.password.data)
if (user != False):
session['email'] = user.email
session['language'] = user.preferred_language
flash(_(u'You were logged in'))
destination = url_for('troikas')
if 'destination' in session:
destination = session['destination']
session.pop('destination', None)
return redirect(destination)
else:
loginerrors.append(_(u'Invalid email/password'))
if loginform.errors:
for key, value in loginform.errors.items():
loginerrors.append(key + ': ' + value[0])
forgotform = ForgotForm()
if regform.email.data and regform.validate_on_submit():
if (user_exists(email=regform.email.data, alias=regform.alias.data)):
regerrors.append(_(u'User with given email or alias already exists'))
else:
if regform.alias.data == "": regform.alias.data = None
register(regform.first_name.data, regform.last_name.data,
regform.alias.data, regform.email.data,
regform.password.data);
session['email'] = regform.email.data
flash(_(u'Registration successful, you were logged in'))
destination = url_for('troikas')
if 'destination' in session:
destination = session['destination']
session.pop('destination', None)
return redirect(destination)
if regform.errors:
for key, value in regform.errors.items():
regerrors.append(key + ': ' + value[0])
return render_template('login.html', loginform=loginform, forgotform=forgotform,
regform=regform, loginerrors=loginerrors, regerrors=regerrors)
def login_user(user_id):
response = create_generic_response_dict()
if request.method == 'POST':
data = request.form
password = data.get("password", None)
datastore = UserStore()
user = datastore.get_user_by_id(user_id)
if user == None or password == None or not security.validate_login(user, password):
response['error'] = True
response['message'] = 'User and password combination does not validate.'
else:
auth_token = AuthTokenStore().register(user)
user_data = user.get_values_as_dict()
user_data['token'] = auth_token.get_values_as_dict()
response['data'] = user_data
response['message'] = 'User successfully logged in'
logger.info('Caught login request for user_id:' + str(user_id) + '->' + response['message'])
return jsonify(response)