def finish(self, registration):
from ututi.lib.security import sign_in_user
if not registration.location:
# if there is a university with same title we will use it.
existing = LocationTag.get_by_title(registration.university_title)
if existing is not None:
registration.location = existing
else:
registration.location = registration.create_university()
user = registration.create_user()
bind_group_invitations(user)
# TODO: integrity checks here
meta.Session.add(user)
registration.completed = True
# flush before sending any emails
meta.Session.flush()
process_registration_invitations(registration)
meta.Session.commit()
if user.is_teacher:
teacher_registered_email(user)
sign_in_user(user)
redirect(url(controller='profile', action='register_welcome'))
def _try_sign_in(self, username, password, location=None, remember=False):
# user may have registered in several Ututi
# networks using same username
locations = [user.location for user in User.get_all(username)]
if len(locations) == 0:
return {'username': _('Incorrect username.')}
if len(locations) > 1:
# if there is more than one location,
# we will want to show it in the form
c.locations = [(loc.id, loc.title) for loc in locations]
c.selected_location = location
if location is None and len(locations) == 1:
location = locations[0].id
if location is None:
# still none! that means that location is not
# unique and user did not specify it.
return {'location': _('Please select your network.')}
user = User.authenticate(location, username, password)
if user is None:
return {'password': _('Incorrect password.')}
sign_in_user(user, long_session=remember)
def login(self, location):
email = request.POST.get('login')
password = request.POST.get('password')
remember = True if request.POST.get('remember', None) else False
destination = c.came_from or location.url(action='index')
if password is not None:
user = User.authenticate(location, email, password.encode('utf-8'))
c.header = _('Wrong username or password!')
c.message = _('You seem to have entered your username and password wrong, please try again!')
if user is not None:
from ututi.lib.security import sign_in_user
sign_in_user(user, long_session=remember)
redirect(str(destination))
return render('location/login.mako')
def recovery(self, key=None):
try:
if hasattr(self, 'form_result'):
defaults = {'recovery_key': key}
user = meta.Session.query(User).filter(User.recovery_key == key).one()
user.update_password(self.form_result.get('new_password'))
user.recovery_key = None
#password reset is actually a confirmation of the email
user.email.confirmed = True
meta.Session.commit()
h.flash(_('Your password has been updated. Welcome back!'))
sign_in_user(user)
redirect(url(controller='profile', action='home'))
else:
defaults={'recovery_key': key}
return htmlfill.render(self._pswreset_form(), defaults=defaults)
except NoResultFound:
abort(404)
def _try_to_login(self, name, email, google_id=None, facebook_id=None,
fb_access_token=None):
assert bool(google_id) != bool(facebook_id)
if google_id:
user = User.get_byopenid(google_id)
elif facebook_id:
user = User.get_byfbid(facebook_id)
if user is not None:
# Existing user, log him in and proceed.
if facebook_id and not user.logo:
user.update_logo_from_facebook()
meta.Session.commit()
sign_in_user(user)
redirect(c.came_from or url(controller='home', action='index'))
else:
# Facebook needs to be asked for the email separately.
if facebook_id:
name, email = self._facebook_name_and_email(facebook_id,
fb_access_token)
if not email:
h.flash(_('Facebook did not provide your email address.'))
redirect(c.came_from or url(controller='home', action='index'))
# This user has never logged in using FB/Google before.
user = User.get_global(email)
if user is None:
h.flash(_('Login failed. Please login using your username and bind your account first.'))
redirect(url(controller='home', action='login'))
else:
# Existing user logging in using FB/Google.
if google_id:
h.flash(_('Your Google account "%s" has been linked to your existing Ututi account.') % email)
user.openid = google_id
elif facebook_id:
h.flash(_('Your Facebook account "%s" has been linked to your existing Ututi account.') % email)
user.facebook_id = facebook_id
bind_group_invitations(user)
if not user.logo:
user.update_logo_from_facebook()
meta.Session.commit()
sign_in_user(user)
redirect(c.came_from or url(controller='home', action='index'))