def update_authenticated_user():
"""Update one or multiple fields of the authenticated user."""
# Load update request data
user_info = AuthenticatedUserSchema(
strict=True,
).load(request.json, partial=False).data
if any(k in user_info for k in USER_READ_ONLY_FIELDS):
abort(httplib.FORBIDDEN,
"These fields are read-only: " + ', '.join(USER_READ_ONLY_FIELDS))
# Patch in user_id manually (do not allow requests to change id)
user_info['user_id'] = request.user.user_id
# Ensure that user name is not taken
if (user_info.get('user_name', request.user.user_name) != request.user.user_name and
local.model.user_exists(user_info['user_name'], None)):
abort(httplib.BAD_REQUEST, "User name %s is already taken." % user_info['user_name'])
# Validate user name
if not NAME_REGEX.match(user_info.get('user_name', request.user.user_name)):
abort(httplib.BAD_REQUEST, "User name characters must be alphanumeric, underscores, periods, or dashes.")
# Update user
local.model.update_user_info(user_info)
# Return updated user
return AuthenticatedUserSchema().dump(local.model.get_user(request.user.user_id)).data
def update_authenticated_user():
"""Update one or multiple fields of the authenticated user."""
# Load update request data
user_info = AuthenticatedUserSchema(strict=True).load(request.json, partial=False).data
if any(k in user_info for k in USER_READ_ONLY_FIELDS):
abort(
http.client.FORBIDDEN, "These fields are read-only: " + ', '.join(USER_READ_ONLY_FIELDS)
)
# Patch in user_id manually (do not allow requests to change id)
user_info['user_id'] = request.user.user_id
# Ensure that user name is not taken
if user_info.get(
'user_name', request.user.user_name
) != request.user.user_name and local.model.user_exists(user_info['user_name'], None):
abort(http.client.BAD_REQUEST, "User name %s is already taken." % user_info['user_name'])
# Validate user name
if not NAME_REGEX.match(user_info.get('user_name', request.user.user_name)):
abort(
http.client.BAD_REQUEST,
"User name characters must be alphanumeric, underscores, periods, or dashes.",
)
# Update user
local.model.update_user_info(user_info)
# Return updated user
return AuthenticatedUserSchema().dump(local.model.get_user(request.user.user_id)).data
def update_authenticated_user():
"""Update one or multiple fields of the authenticated user."""
# Load update request data
try:
user_info, errors = UserSchema(strict=True).load(request.json, partial=True)
except ValidationError as err:
message = ' '.join([e['detail'] for e in err.messages['errors']])
abort(httplib.BAD_REQUEST, message)
# Patch in user_id manually (do not allow requests to change id)
user_info['user_id'] = request.user.user_id
# Ensure that user name is not taken
if (user_info.get('user_name', request.user.user_name) != request.user.user_name and
local.model.user_exists(user_info['user_name'], None)):
abort(httplib.BAD_REQUEST, "User name %s is already taken." % user_info['user_name'])
# Validate user name
if not NAME_REGEX.match(user_info.get('user_name', request.user.user_name)):
abort(httplib.BAD_REQUEST, "User name characters must be alphanumeric, underscores, periods, or dashes.")
# Update user
local.model.update_user_info(user_info)
# Return updated user
return UserSchema().dump(local.model.get_user(request.user.user_id)).data
def do_signup():
if request.user:
return redirect(default_app().get_url(
'success', message="You are already logged into your account."))
success_uri = request.forms.get('success_uri')
error_uri = request.forms.get('error_uri')
username = request.forms.get('username')
password = request.forms.get('password')
email = request.forms.get('email')
errors = []
if request.forms.get('confirm_password') != password:
errors.append("Passwords do not match.")
if not spec_util.NAME_REGEX.match(username):
errors.append(
"Username must only contain letter, digits, hyphens, underscores, and periods."
)
try:
User.validate_password(password)
except UsageError as e:
errors.append(e.message)
# Only do a basic validation of email -- the only guaranteed way to check
# whether an email address is valid is by sending an actual email.
if not spec_util.BASIC_EMAIL_REGEX.match(email):
errors.append("Email address is invalid.")
if local.model.user_exists(username, email):
errors.append("User with this username or email already exists.")
if not NAME_REGEX.match(username):
errors.append(
"Username characters must be alphanumeric, underscores, periods, or dashes."
)
if errors:
return redirect_with_query(
error_uri, {
'error': ' '.join(errors),
'next': success_uri,
'email': email,
'username': username,
})
# Create unverified user
_, verification_key = local.model.add_user(username, email, password)
# Send key
send_verification_key(username, email, verification_key)
# Redirect to success page
return redirect_with_query(success_uri, {'email': email})
def do_signup():
if request.user:
return redirect(default_app().get_url('success', message="You are already logged into your account."))
success_uri = request.forms.get('success_uri')
error_uri = request.forms.get('error_uri')
username = request.forms.get('username')
password = request.forms.get('password')
email = request.forms.get('email')
errors = []
if request.forms.get('confirm_password') != password:
errors.append("Passwords do not match.")
if not spec_util.NAME_REGEX.match(username):
errors.append("Username must only contain letter, digits, hyphens, underscores, and periods.")
try:
User.validate_password(password)
except UsageError as e:
errors.append(e.message)
# Only do a basic validation of email -- the only guaranteed way to check
# whether an email address is valid is by sending an actual email.
if not spec_util.BASIC_EMAIL_REGEX.match(email):
errors.append("Email address is invalid.")
if local.model.user_exists(username, email):
errors.append("User with this username or email already exists.")
if not NAME_REGEX.match(username):
errors.append("Username characters must be alphanumeric, underscores, periods, or dashes.")
if errors:
return redirect_with_query(error_uri, {
'error': ' '.join(errors),
'next': success_uri,
'email': email,
'username': username,
})
# Create unverified user
_, verification_key = local.model.add_user(username, email, password)
# Send key
send_verification_key(username, email, verification_key)
# Redirect to success page
return redirect_with_query(success_uri, {
'email': email
})
def do_signup():
if request.user.is_authenticated:
return redirect(default_app().get_url(
'success', message="You are already logged into your account."))
success_uri = request.forms.get('success_uri')
error_uri = request.forms.get('error_uri')
username = request.forms.get('username')
email = request.forms.get('email')
first_name = request.forms.get('first_name')
last_name = request.forms.get('last_name')
password = request.forms.get('password')
affiliation = request.forms.get('affiliation')
errors = []
if request.user.is_authenticated:
errors.append("You are already logged in as %s, please log out before "
"creating a new account." % request.user.user_name)
if request.forms.get('confirm_password') != password:
errors.append("Passwords do not match.")
if not spec_util.NAME_REGEX.match(username):
errors.append(
"Username must only contain letter, digits, hyphens, underscores, and periods."
)
try:
User.validate_password(password)
except UsageError as e:
errors.append(str(e))
# Only do a basic validation of email -- the only guaranteed way to check
# whether an email address is valid is by sending an actual email.
if not spec_util.BASIC_EMAIL_REGEX.match(email):
errors.append("Email address is invalid.")
if local.model.user_exists(username, email):
errors.append("User with this username or email already exists.")
if not NAME_REGEX.match(username):
errors.append(
"Username characters must be alphanumeric, underscores, periods, or dashes."
)
if errors:
return redirect_with_query(
error_uri,
{
'error': ' '.join(errors),
'next': success_uri,
'email': email,
'username': username,
'first_name': first_name,
'last_name': last_name,
'affiliation': affiliation,
},
)
# If user leaves it blank, empty string is obtained - make it of NoneType.
if not affiliation:
affiliation = None
# Create unverified user
_, verification_key = local.model.add_user(username, email, first_name,
last_name, password,
affiliation)
# Send key
send_verification_key(username, email, verification_key)
# Redirect to success page
return redirect_with_query(success_uri, {'email': email})
def validate_name(name):
if not NAME_REGEX.match(name):
raise ValidationError('Names must match %s, was %s' %
(NAME_REGEX.pattern, name))
def do_signup():
success_uri = request.forms.get('success_uri')
error_uri = request.forms.get('error_uri')
username = request.forms.get('username')
email = request.forms.get('email')
first_name = request.forms.get('first_name')
last_name = request.forms.get('last_name')
password = request.forms.get('password')
affiliation = request.forms.get('affiliation')
token = request.forms.get('token')
errors = []
if not token:
errors.append('Google reCAPTCHA token is missing.')
else:
url = 'https://www.google.com/recaptcha/api/siteverify'
data = {
'secret': os.environ['CODALAB_RECAPTCHA_SECRET_KEY'],
'response': token,
}
res = requests.post(url, data)
try:
data = res.json()
if not data.get('success'):
errors.append('Google reCAPTCHA failed.')
except UsageError as e:
errors.append(str(e))
if request.user.is_authenticated:
errors.append("You are already logged in as %s, please log out before "
"creating a new account." % request.user.user_name)
if request.forms.get('confirm_password') != password:
errors.append("Passwords do not match.")
if not spec_util.NAME_REGEX.match(username):
errors.append(
"Username must only contain letter, digits, hyphens, underscores, and periods."
)
try:
User.validate_password(password)
except UsageError as e:
errors.append(str(e))
# Only do a basic validation of email -- the only guaranteed way to check
# whether an email address is valid is by sending an actual email.
if not spec_util.BASIC_EMAIL_REGEX.match(email):
errors.append("Email address is invalid.")
if local.model.user_exists(username, email):
errors.append("User with this username or email already exists.")
if not NAME_REGEX.match(username):
errors.append(
"Username characters must be alphanumeric, underscores, periods, or dashes."
)
if errors:
return redirect_with_query(
error_uri,
{
'error': ' '.join(errors),
'next': success_uri,
'email': email,
'username': username,
'first_name': first_name,
'last_name': last_name,
'affiliation': affiliation,
},
)
# If user leaves it blank, empty string is obtained - make it of NoneType.
if not affiliation:
affiliation = None
# Create unverified user
_, verification_key = local.model.add_user(username, email, first_name,
last_name, password,
affiliation)
# Send key
send_verification_key(username, email, verification_key)
# Redirect to success page
return redirect_with_query(success_uri, {'email': email})
def do_signup():
if request.user.is_authenticated:
return redirect(
default_app().get_url('success', message="You are already logged into your account.")
)
success_uri = request.forms.get('success_uri')
error_uri = request.forms.get('error_uri')
username = request.forms.get('username')
email = request.forms.get('email')
first_name = request.forms.get('first_name')
last_name = request.forms.get('last_name')
password = request.forms.get('password')
affiliation = request.forms.get('affiliation')
errors = []
if request.user.is_authenticated:
errors.append(
"You are already logged in as %s, please log out before "
"creating a new account." % request.user.user_name
)
if request.forms.get('confirm_password') != password:
errors.append("Passwords do not match.")
if not spec_util.NAME_REGEX.match(username):
errors.append(
"Username must only contain letter, digits, hyphens, underscores, and periods."
)
try:
User.validate_password(password)
except UsageError as e:
errors.append(e.message)
# Only do a basic validation of email -- the only guaranteed way to check
# whether an email address is valid is by sending an actual email.
if not spec_util.BASIC_EMAIL_REGEX.match(email):
errors.append("Email address is invalid.")
if local.model.user_exists(username, email):
errors.append("User with this username or email already exists.")
if not NAME_REGEX.match(username):
errors.append("Username characters must be alphanumeric, underscores, periods, or dashes.")
if errors:
return redirect_with_query(
error_uri,
{
'error': ' '.join(errors),
'next': success_uri,
'email': email,
'username': username,
'first_name': first_name,
'last_name': last_name,
'affiliation': affiliation,
},
)
# If user leaves it blank, empty string is obtained - make it of NoneType.
if not affiliation:
affiliation = None
# Create unverified user
_, verification_key = local.model.add_user(
username, email, first_name, last_name, password, affiliation
)
# Send key
send_verification_key(username, email, verification_key)
# Redirect to success page
return redirect_with_query(success_uri, {'email': email})
def validate_name(name):
if not NAME_REGEX.match(name):
raise ValidationError('Names must match %s, was %s' % (NAME_REGEX.pattern, name))