def piles_put(pid):
data = request.body_.read()
entity = j2m(data)
if not entity.get('emails'):
abort(400, 'No emails associated with pile')
if not entity.get('name'):
abort(400, 'No name associated with pile')
valid,badness = valid_chars(entity['name'])
if not valid:
abort(400, "Not a valid name. You can't use the characters %s" % badness)
try:
db.piles.save(entity)
except ValidationError as ve:
abort(400, str(ve))
#print "The new pile entity being saved: %s" % entity
s = session(request)
#for i,p in enumerate(s['authenticated']['piles']):
# if p['_id'] == pid:
# s['authenticated']['piles'][i] = entity
# s.save()
#print 'New auth piles: %s' % s['authenticated']['piles']
do_login(request,s['authenticated']['user']) # <-- This is a pretty lame hack, but wtf? I cant figure this shit out
return m2j(entity)
def password_do():
code = request.forms.get('code')
share = db.shares.find_one({'code':code})
if not share:
abort(400,"That is not a valid password reset code.")
user = db.users.find_one({'email':share['email']})
user['password'] = hash_password(request.forms.get('new_password'))
db.users.save(user)
do_login(request,user)
return redirect('/')
def create_do():
eml = request.forms.get('email')
pwd = request.forms.get('password')
code = request.forms.get('code')
name = request.forms.get('name')
kwargs = {"email":eml,"password":pwd,"code":code,"name":name,"errors":[]}
if not eml or '@' not in eml or not pwd:
kwargs['errors'].append("Please enter a valid username and password")
return template('create',**kwargs)
user = db.users.find_one({'email':eml})
print user
if user:
kwargs['errors'].append('That email is already in use! Maybe you want to <a class="btn small" href="/login">login</a>?')
return template('create',**kwargs)
if not name or name.lower() == 'name':
stupid = ['Jills_Mortuary--You_kill_Em_We_Chill_Em','no_fatties,please','Hey!','wonderful-bill','DataDyne-Inc.',\
'Wonderful_Me','programmers-delight','The_Colbert_Nation','WackoMan','the-ugly-duckling']
kwargs['errors'].append("You must provide a name for your pile. Like '%s' or '%s'" % (random.choice(stupid),random.choice(stupid)))
return template('create',**kwargs)
valid,invalid_char = valid_chars(name)
if not valid:
kwargs['errors'].append("That is an invalid name. Just use letters, numbers and '_-,+'. You can't use '%s'." % invalid_char)
return template('create',**kwargs)
if db.piles.find_one({'name':name}):
kwargs['errors'].append('Sorry, that pile name is already in use!')
return template('create',**kwargs)
invite = db.invites.find_one({'code':code})
if not invite:
kwargs['errors'].append("That is an invalid code or has already been used. Sorry.")
return template('create',**kwargs)
if invite.get('remaining', 1) == 1:
db.invites.remove(invite)
else:
invite['remaining'] -= 1
db.invites.save(invite)
randid = lambda: ''.join([random.choice(string.letters + string.digits) for x in xrange(6)])
pid = randid()
while db.piles.find_one({"_id":pid}):
pid = randid()
user = {'email':eml,'password':hash_password(pwd)}
pile = {'_id':pid,'emails':[eml],'name':name,'welcome':True}
db.piles.save(pile)
db.users.save(user)
do_login(request,user) # Let the login look up the piles because they might have more than one!
return redirect('/%s' % pile['name'])
def user_login():
if 'user' in session:
return redirect(url_for('user'))
if request.method == 'POST':
user, passwd = request.form['user'], request.form['passwd']
try:
auth.do_login(user, passwd)
session['user'] = user
return redirect(url_for('user'))
except auth.BadCredentials:
return render_template('login.html',
error='Incorrect user or password',
user=user)
else:
return render_template('login.html')
def login_do():
if not request.forms.get('email') or not request.forms.get('password'):
return template('login',email=request.forms['email'],errors=['No username or password'])
hashed_pwd = hash_password(request.forms['password'])
email = request.forms['email'].lower()
user_ent = db.users.find_one({"email":email,"password":hashed_pwd})
if not user_ent:
return template('login',email=request.forms['email'],errors=['Bad email or password'])
piles = list(db.piles.find({'emails':email}))
do_login(request,user_ent,piles)
print piles
if piles:
return redirect('/'+piles[0]['name'])
else:
return redirect('/broke')
def login():
return do_login()
