Exemple #1
0
class UserCreateForm(formencode.Schema):
    allow_extra_fields = True
    user_name = formencode.All(validators.PlainText(not_empty=True),
                               forms.UniqueUsername(), forms.ContainsChar())
    email = formencode.All(validators.Email(), forms.UniqueEmail())
    password = validators.String(not_empty=True)
    password_confirm = validators.String(not_empty=True)
    password_confirm = validators.String(not_empty=True)
    chained_validators = [
        validators.FieldsMatch('password', 'password_confirm')
    ]
Exemple #2
0
class ShibbolethRegisterForm(formencode.Schema):
    _tok = formencode.validators.String()
    if not config.get_bool('adhocracy.force_randomized_user_names'):
        username = formencode.All(
            formencode.validators.PlainText(not_empty=True),
            forms.UniqueUsername(), forms.ContainsChar())
    if config.get_bool('adhocracy.set_display_name_on_register'):
        display_name = formencode.validators.String(not_empty=False,
                                                    if_missing=None)
    email = formencode.All(
        formencode.validators.Email(
            not_empty=config.get_bool('adhocracy.require_email')),
        forms.UniqueEmail())
Exemple #3
0
class OpenIDUsernameForm(formencode.Schema):
    login = formencode.All(validators.PlainText(not_empty=True),
                           forms.UniqueUsername(), forms.ContainsChar())
Exemple #4
0
    def verify(self):
        if not openid_login_allowed():
            ret_abort(_("OpenID login has been disabled on this installation"),
                      code=403)

        self.consumer = create_consumer(self.openid_session)
        info = self.consumer.complete(
            request.params, h.base_url('/openid/verify', absolute=True))
        if not info.status == SUCCESS:
            return self._failure(info.identity_url, _("OpenID login failed."))
        email = None
        user_name = None
        # evaluate Simple Registration Extension data
        srep = sreg.SRegResponse.fromSuccessResponse(info)
        if srep:
            if srep.get('nickname'):
                user_name = srep.get('nickname').strip()
            if srep.get('email'):
                email = srep.get('email')
        # evaluate Attribute Exchange data
        # TBD: AXSCHEMA friendlyName
        # TBD: SignedMembership
        axrep = ax.FetchResponse.fromSuccessResponse(info)
        if axrep:
            ax_mail_schema = get_ax_mail_schema(info.identity_url)
            try:
                email = axrep.getSingle(ax_mail_schema) or email
            except ValueError:
                email = axrep.get(ax_mail_schema)[0]
            except KeyError:
                email = email

        if 'openid_session' in session:
            self.delete_session()

        oid = model.OpenID.find(info.identity_url)
        if oid:
            if c.user:
                if oid.user == c.user:
                    return self._failure(
                        info.identity_url,
                        _("You have already claimed this OpenID."))
                else:
                    return self._failure(
                        info.identity_url,
                        _("OpenID %s is already connected to an account.") %
                        (info.identity_url, oid.user.name))
            else:
                self._login(oid.user)
                # returns
        else:
            if c.user:
                oid = model.OpenID(unicode(info.identity_url), c.user)
                model.meta.Session.add(oid)
                model.meta.Session.commit()
                h.flash(_("Successfully added OpenID to user account."),
                        'success')
                redirect(h.entity_url(c.user, member='settings/login'))
            else:

                if not h.allow_user_registration():
                    h.flash(
                        _("OpenID %s doesn't belong to an existing user account "
                          "and user registration is disabled in this "
                          "installation." % info.identity_url), 'warning')
                    redirect(h.base_url('/login'))

                user_by_email = model.User.find_by_email(email)
                if user_by_email is not None:
                    if is_trusted_provider(info.identity_url):
                        # A user with the email returned by the OpenID provider
                        # exists. As we trust the OpenID provider, we log in
                        # that account and assign the OpenID to this user.
                        oid = model.OpenID(unicode(info.identity_url),
                                           user_by_email)
                        model.meta.Session.add(oid)
                        model.meta.Session.commit()
                        h.flash(
                            _("Successfully added OpenID to user account."),
                            'success')
                        self._login(user_by_email)
                    else:
                        # A user with the email returned by the OpenID provider
                        # exists. As we don't trust the OpenID provider, we
                        # demand that the user needs to login first.
                        #
                        # Note: We could store the successful OpenID
                        # authentication in the session and assign it after
                        # login. However probably more is gained if the
                        # list of trusted OpenID providers is extended.
                        h.flash(
                            _("The email address %s which was returned by the "
                              "OpenID provider already belongs to a different "
                              "user account. Please login with that account "
                              "or use the forgot password functionality, and "
                              "add the OpenID in your user profile settings "
                              "afterwards. Sorry for the inconvenience." %
                              email), 'warning')
                        redirect(h.base_url('/login'))

                try:
                    forms.UniqueUsername(not_empty=True).to_python(user_name)
                    formencode.All(validators.PlainText(not_empty=True),
                                   forms.UniqueUsername(),
                                   forms.ContainsChar())
                except:
                    session['openid_req'] = (info.identity_url, user_name,
                                             email)
                    session.save()
                    redirect(h.base_url('/openid/username'))
                user = self._create(user_name, email, info.identity_url)
                h.flash(
                    _("Successfully created new user account %s" % user_name),
                    'success')
                self._login(user, register=True)