def register():
form = RegisterForm()
if form.validate_on_submit():
user = register_internal(None, form.fullname.data, form.password.data)
user.username = form.username.data or None
useremail = UserEmailClaim(user=user, email=form.email.data)
db.session.add(useremail)
db.session.commit()
send_email_verify_link(useremail)
login_internal(user)
flash("You are now one of us. Welcome aboard!", category='info')
if 'next' in request.args:
return redirect(request.args['next'], code=303)
else:
return redirect(url_for('index'), code=303)
return render_form(form=form, title='Register an account', formid='register', submit='Register')
def register():
form = RegisterForm()
if form.validate_on_submit():
user = register_internal(None, form.fullname.data, form.password.data)
if form.username.data:
user.username = form.username.data
useremail = UserEmailClaim(user=user, email=form.email.data)
db.session.add(useremail)
db.session.commit()
send_email_verify_link(useremail)
login_internal(user)
flash("You are now one of us. Welcome aboard!", category="info")
if "next" in request.args:
return redirect(request.args["next"], code=303)
else:
return redirect(url_for("index"), code=303)
return render_form(form=form, title="Register an account", formid="register", submit="Register")
def config_external_id(service, service_name, user, userid, username, fullname, avatar, access_token, secret, token_type, next_url):
session['avatar_url'] = avatar
extid = UserExternalId.query.filter_by(service=service, userid=userid).first()
session['userid_external'] = {'service': service, 'userid': userid, 'username': username}
if extid is not None:
extid.oauth_token = access_token
extid.oauth_token_secret = secret
extid.oauth_token_type = token_type
extid.username = username # For twitter: update username if it changed
db.session.commit()
login_internal(extid.user)
flash('You have logged in as %s via %s' % (username, service_name))
return
else:
# If caller wants this id connected to an existing user, do it.
if not user:
user = register_internal(None, fullname, None)
extid = UserExternalId(user=user, service=service, userid=userid, username=username,
oauth_token=access_token, oauth_token_secret=secret,
oauth_token_type=token_type)
# If the service provided a username that is valid for LastUser and not already in use, assign
# it to this user
if valid_username(username):
if User.query.filter_by(username=username).first() is None:
user.username = username
db.session.add(extid)
db.session.commit()
login_internal(user)
if user:
flash('You have logged in as %s via %s. This id has been linked to your existing account' % (username, service_name))
else:
flash('You have logged in as %s via %s. This is your first time here' % (username, service_name))
# redirect the user to profile edit page to fill in more details
return url_for('profile_edit', _external=True, next=next_url)
def login_openid_success(resp):
"""
Called when OpenID login succeeds
"""
openid = resp.identity_url
if openid.startswith('https://profiles.google.com/') or openid.startswith('https://www.google.com/accounts/o8/id?id='):
service = 'google'
else:
service = 'openid'
extid = UserExternalId.query.filter_by(service=service, userid=openid).first()
if extid is not None:
login_internal(extid.user)
session['userid_external'] = {'service': service, 'userid': openid}
flash("You are now logged in", category='info')
return redirect(get_next_url())
else:
firsttime = True
username = None
if resp.email:
useremail = UserEmail.query.filter_by(email=resp.email).first()
if openid.startswith('https://profiles.google.com/') or openid.startswith('https://www.google.com/accounts/o8/id?id='):
# Google id. Trust the email address.
if useremail:
# User logged in previously using a different Google OpenID endpoint
# Add this new endpoint to the existing user account
user = useremail.user
firsttime = False
else:
# No previous record for email address, so register a new user
user = register_internal(None, resp.fullname or resp.nickname or openid, None)
user.add_email(resp.email, primary=True)
else:
# Not a Google id. Do not trust an OpenID-provided email address.
# This must be treated as a claim, not as a confirmed email address.
# Step 1. Make a new account
user = register_internal(None, resp.fullname or resp.nickname or openid, None)
# Step 2. If this email address is not already known, register a claim.
# If it is an existing registered email address, ignore it. OpenID metadata
# cannot be trusted; anyone can setup an OpenID server that will allow the user
# to claim any email address.
if not useremail:
emailclaim = UserEmailClaim(user=user, email=resp.email)
db.session.add(emailclaim)
send_email_verify_link(emailclaim)
else:
# First login and no email address provided. Create a new user account
user = register_internal(None, resp.fullname or resp.nickname or openid, None)
# Set username for Google ids
if openid.startswith('https://profiles.google.com/'):
# Use profile name as username
parts = openid.split('/')
while not parts[-1]:
parts.pop(-1)
username = parts[-1]
elif openid.startswith('https://www.google.com/accounts/o8/id?id='):
# Use email address as username
username = resp.email
# Record this OpenID/Google id for the user
extid = UserExternalId(user = user,
service = service,
userid = openid,
username = username,
oauth_token = None,
oauth_token_secret = None)
db.session.add(extid)
db.session.commit()
login_internal(user)
session['userid_external'] = {'service': service, 'userid': openid}
if firsttime:
flash("You are now logged in. This is your first time here, so please fill in a few details about yourself", category='info')
return redirect(url_for('profile_edit', _external=True, next=get_next_url()))
else:
flash("You are now logged in.", category='info')
return redirect(get_next_url())
