def account_initialization_2(request):
if request.method == HTTP_METHOD_POST:
account_id = request.path_info.split('/')[3]
username = request.POST['username'].lower().strip()
password = request.POST['pw1']
errors = {
'generic': 'There was a problem updating your data. Please try again. If you are unable to change your password please contact support.',
'collision': 'That username is already taken. Please enter different one.'
}
api = IndivoClient(settings.CONSUMER_KEY, settings.CONSUMER_SECRET, settings.INDIVO_SERVER_LOCATION)
ret = api.add_auth_system(
account_id = account_id,
data = {'system':'password',
'username': username,
'password': password})
if ret.response['response_status'] == 200:
# everything's OK, log this person in, hard redirect to change location
tokens_get_from_server(request, username, password)
return HttpResponseRedirect('/')
elif ret.response['response_status'] == 400:
return utils.render_template('ui/account_init_2', {'ERROR': errors['collision']})
else:
return utils.render_template('ui/account_init_2', {'ERROR': errors['generic']})
else:
return utils.render_template('ui/account_init_2', {})
def account_initialization_2(request):
if request.method == HTTP_METHOD_POST:
account_id = request.path_info.split('/')[3]
username = request.POST['username']
password = request.POST['pw1']
errors = {
'generic':
'There was a problem updating your data. Please try again. If you are unable to set up your account please contact support.'
}
api = IndivoClient(settings.CONSUMER_KEY, settings.CONSUMER_SECRET,
SMART_SERVER_LOCATION)
ret = api.add_auth_system(account_id=account_id,
data={
'system': 'password',
'username': username,
'password': password
})
if ret.response['response_status'] == 200:
# everything's OK, log this person in, hard redirect to change location
tokens_get_from_server(request, username, password)
return HttpResponseRedirect('/')
else:
return utils.render_template('ui/account_init_2',
{'ERROR': errors['generic']})
else:
return utils.render_template('ui/account_init_2', {})
def account_setup(request, account_id, primary_secret, secondary_secret):
"""
http://localhost/accounts/[email protected]/setup/taOFzInlYlDKLbiM
"""
api = IndivoClient(settings.CONSUMER_KEY, settings.CONSUMER_SECRET, settings.INDIVO_SERVER_LOCATION)
# is this account already initialized?
ret = api.account_info(account_id=account_id)
status = ret.response.get('response_status', 500)
if 404 == status:
return utils.render_template(LOGIN_PAGE, {'ERROR': ErrorStr('Unknown account')})
if 200 != status:
return utils.render_template('ui/error', {'error_status': status, 'error_message': ErrorStr(ret.response.get('response_data', 'Server Error'))})
account_xml = ret.response.get('response_data', '<root/>')
account = utils.parse_account_xml(account_xml)
account_state = account.get('state')
has_primary_secret = (len(primary_secret) > 0) # TODO: Get this information from the server (API missing as of now)
has_secondary_secret = (None != account.get('secret') and len(account.get('secret')) > 0)
# if the account is already active, show login IF at least one auth-system is attached
if 'active' == account_state:
if len(account['auth_systems']) > 0:
return utils.render_template(LOGIN_PAGE, {'MESSAGE': _('Your account is now active, you may log in below'), 'SETTINGS': settings})
elif 'uninitialized' != account_state:
return utils.render_template(LOGIN_PAGE, {'ERROR': ErrorStr('This account is %s' % account_state), 'SETTINGS': settings})
# received POST data, try to setup
params = {'ACCOUNT_ID': account_id, 'PRIMARY_SECRET': primary_secret, 'SECONDARY_SECRET': secondary_secret, 'SETTINGS': settings}
if HTTP_METHOD_POST == request.method:
post = request.POST
username = post.get('username', '').lower().strip()
password = post.get('pw1')
secondary_secret = post.get('secondary_secret', '')
# verify PRIMARY secret first and send back to "resend secret" page if it is wrong
ret = api.check_account_secrets(account_id=account_id, primary_secret=primary_secret)
if 200 != ret.response.get('response_status', 0):
return HttpResponseRedirect('/accounts/%s/send_secret/wrong' % account_id)
# verify SECONDARY secret as well, if there is one
if has_secondary_secret:
ret = api.check_account_secrets(account_id=account_id, primary_secret=primary_secret, parameters={'secondary_secret': secondary_secret})
if 200 != ret.response.get('response_status', 0):
params['ERROR'] = ErrorStr('Wrong confirmation code')
return utils.render_template('ui/account_init', params)
# verify passwords
error = None
if len(username) < 1:
error = ErrorStr("Username too short")
if len(password) < (settings.REGISTRATION['min_password_length'] or 8):
error = ErrorStr("Password too short")
elif password != post.get('pw2'):
error = ErrorStr("Passwords do not match")
if error is not None:
params['ERROR'] = error
return utils.render_template('ui/account_setup', params)
# secrets are ok, passwords check out: Attach the login credentials to the account
ret = api.add_auth_system(
account_id = account_id,
data = {
'system': 'password',
'username': username,
'password': password
})
if 200 == ret.response['response_status']:
# everything's OK, log this person in, hard redirect to change location
try:
tokens_get_from_server(request, username, password)
except IOError as e:
return utils.render_template(LOGIN_PAGE, {'ERROR': ErrorStr(e.strerror), 'RETURN_URL': request.POST.get('return_url', '/'), 'SETTINGS': settings})
return HttpResponseRedirect('/')
elif 400 == ret.response['response_status']:
params['ERROR'] = ErrorStr('Username already taken')
return utils.render_template('ui/account_setup', params)
params['ERROR'] = ErrorStr('account_init_error')
return utils.render_template('ui/account_setup', params)
# got no secondary_secret, go back to init step which will show a prompt for the secondary secret
if has_secondary_secret and not secondary_secret:
return HttpResponseRedirect('/accounts/%s/init/%s' % (account_id, primary_secret))
return utils.render_template('ui/account_setup', params)
