def signup(): if not missing_session(): return go_user_home() form = SignupForm() if form.validate_on_submit(): user = User(email=form.email.data, username=form.username.data, password=form.password.data) if form.avatar.data is not None: user.avatar = form.save_avatar() try: user.save() create_session(user) return redirect(url_for('user.profile', user_id=user.id)) except Exception as e: field = str(e).split('.')[2].split('[')[0] flash('Please choose a unique ' + field, 'error') return render_template('user/signup.html', form=form, session=session)
def add_user(): try: email = request.form.get('email') password = request.form.get('password') client_id = request.form.get('client_id') try: client = Client.objects.get(client_id=client_id) except DoesNotExist: logging.info("Client not found.") return abort(400) if not client.has_password_credential_permission: return abort(400) salt = gen_salt(40) hashed_password = hashlib.sha512(password + salt).hexdigest() user = User( email=email, password=hashed_password, salt=salt ) user.save() return jsonify({"user": user.to_mongo()}) except NotUniqueError: logging.info("Duplicate user.") return abort(400) except TypeError: return abort(400) except Exception as e: logging.error(e.args[0]) return abort(500)
def load_user(username, password, client, request, *args, **kwargs): if re.match(r"[^@]+@[^@]+\.[^@]+", username): if not client.has_password_credential_permission: return None try: user = User.objects.get(email=username) except DoesNotExist: logging.info("User not found.") return None if not user.validate_password(password): return None return user elif username.isdigit(): if not client.has_facebook_credential_permission: return None try: facebook = Facebook(password) me = facebook.get('/me', params={'fields': 'id,name,email,link'}) except client.OAuthException: return None except Exception as e: logging.error(e) return None try: user = User.objects.get(facebook_id=username) user.facebook_access_token = password user.save() except DoesNotExist: facebook_id = me['id'] email = me['email'] name = me['name'] user = User( facebook_id=facebook_id, email=email, name=name, facebook_access_token=password, password=None, salt=None, ) user.save() return user else: logging.warning("Username not recognized.") return None
def post(): form = request.json res = {} try: user = User(email=form.get('email'), username=form.get('username'), first_name=form.get('first_name'), last_name=form.get('last_name'), password=form.get('password'), instructor=form.get('instructor'), admin=False) user.save() global session session, res = gen_session(user, session) except Exception as e: try: res = {'error': 'Please choose a unique ' + get_field(e.orig)} except Exception: res = {'error': 'There was an error creating your account'} return jsonify(res), 200