def serve_create_account_request():
if user:
return redirect(get_next_page(), code=303)
try:
email = get_email_from_token()
except RedirectError as e:
return e.response
u = Users.query.filter_by(email=email).first()
if u:
set_user(u)
flash(
"Welcome back! This email address already owns an account. If you wish to add/change your password, go to the Edit Profile page.",
category="SUCCESS")
return redirect(get_next_page(), code=303)
form = CreateAccountForm()
if form.validate_on_submit():
return serve_create_account(form)
form.legal_agreement.checked = False
flash_form_errors(form)
return render_template("account/create-account.html",
active="Sign Up",
form=form,
email=email,
next_page=get_next_page())
def oauth_create_account():
if user:
return redirect(get_next_page(), code=303)
try:
data = verify_jwt(request.args.get("token", ""))
except (InvalidJWT, ExpiredJWT):
return error_page(
code=400,
message="Invalid token in request. Please contact us.",
errorname="Bad Request")
form = OAuthCreateAccountForm()
if form.email.data is None and "email" in data:
form.email.data = data["email"]
if form.username.data is None and "username" in data:
form.username.data = data["username"]
if form.real_name.data is None and "real_name" in data:
form.real_name.data = data["real_name"]
if form.validate_on_submit():
new_user = create_blank_account(form.email.data, form.username.data,
form.real_name.data,
form.subscribed.data)
if data["provider"] == "Google":
GoogleLinks.add(uid=new_user.id, gid=data["pid"])
elif data["provider"] == "GitHub":
GithubLinks.add(uid=new_user.id, gid=data["pid"])
db_commit()
set_user(new_user)
flash("Welcome!", category="SUCCESS")
return redirect(get_next_page(), code=303)
flash_form_errors(form)
form.legal_agreement.checked = False
return render_template("account/oauth-create-account.html",
active="Sign Up",
form=form,
next_page=get_next_page(),
provider=data["provider"])
def direct_login():
if user:
return redirect(get_next_page(), code=303)
try:
data = verify_jwt(request.args.get("token", ""))
except ExpiredJWT:
flash("The password reset token has expired!", category="ERROR")
return redirect("/reset-password/", code=303)
except InvalidJWT:
flash("The token provided is invalid!", category="ERROR")
return redirect("/reset-password/", code=303)
set_user(Users.query.filter_by(email=data["email"]).first())
return redirect(get_next_page(), code=303)
def serve_signup_request():
if user:
return redirect("/", code=303)
form = SignupForm()
if form.validate_on_submit():
email = form.email.data.strip()
if Users.query.filter_by(email=email).count() > 0:
link_email(email, get_next_page())
else:
verify_email(email, get_next_page())
return redirect("/signup-limbo/?email=%s" % email, code=303)
flash_form_errors(form)
return render_template("account/signup.html",
active="Sign Up",
next_page=get_next_page(),
form=form)
def serve_login(form, use_username, reauth):
if use_username:
user = Users.query.filter_by(username = form.username.data).first()
else:
user = Users.query.filter_by(email = form.email.data).first()
if not reauth:
flash("Welcome back!", category = "SUCCESS")
set_user(user)
return redirect(get_next_page(), code = 303)
def serve_login_page(form, use_username, reauth):
return render_template(
"account/login.html",
active = "Log In",
form = form,
use_username = use_username,
username = form.username.data if use_username else "",
email = "" if use_username else form.email.data,
next_page = get_next_page(),
reauth = reauth
)
def serve_login_request():
reauth = request.args.get("reauth", "") == "yes"
if user and not reauth:
return redirect(get_next_page(), code = 303)
use_username = request.args.get("id", "username") == "username"
form = UsernameLoginForm() if use_username else EmailLoginForm()
if form.validate_on_submit():
return serve_login(form, use_username, reauth)
else:
flash_form_errors(form)
return serve_login_page(form, use_username, reauth)
def reset_password():
if user:
return redirect(get_next_page(), code=303)
form = ResetPasswordForm()
if form.validate_on_submit():
email = form.email.data
send_reset_email(email)
return redirect("/reset-limbo/?email=%s" % email)
flash_form_errors(form)
return render_template("account/reset-password.html",
active="Log In",
form=form)
def serve_create_account(form):
try:
email = get_email_from_token()
except RedirectError as e:
return e.response
username = form.username.data
real_name = form.real_name.data
password = form.password.data
subscribed = form.subscribed.data
user = create_account(email, username, real_name, password, subscribed)
flash("Your new account has been created. Welcome to CS Center!",
category="SUCCESS")
set_user(user)
return redirect(get_next_page(), code=303)
def logout():
set_user(None)
flash("You are now logged out. See you later!", category = "SUCCESS")
return redirect(get_next_page(), code = 303)
def serve_reset_limbo():
if "email" not in request.args or user:
return redirect(get_next_page(), code = 303)
return render_template("account/reset-limbo.html", active = "Log In", email = request.args.get("email", ""))
def serve_signup_limbo():
if "email" not in request.args or user:
return redirect(get_next_page(), code = 303)
return render_template("account/signup-limbo.html", active = "Sign Up", email = request.args.get("email", ""))
