def lookup_current_user(): """Set the g.user variable to the User in the database that shares openid with the session, if one exists. Note that it gets called before all requests, but not before decorators """ g.user = None if not current_app.config.get('EVENTUM_GOOGLE_AUTH_ENABLED'): # bypass auth by mocking a super user session['gplus_id'] = SUPER_USER_GPLUS_ID try: g.user = User.objects.get(gplus_id=SUPER_USER_GPLUS_ID) except DoesNotExist: user = User(name='Super User', gplus_id=SUPER_USER_GPLUS_ID, user_type='admin', email='*****@*****.**') user.save() if 'gplus_id' in session: gplus_id = session['gplus_id'] try: g.user = User.objects().get(gplus_id=gplus_id) except DoesNotExist: pass # Fail gracefully if the user is not in the database yet
def create_profile(): """Create a profile (filling in the form with openid data), and register it in the database. **Route:** ``/admin/create-profile`` **Methods:** ``GET, POST`` """ if g.user is not None and 'gplus_id' in session: # use code=303 to avoid POSTing to the next page. return redirect(url_for('admin.index'), code=303) form = CreateProfileForm(request.form, name=request.args['name'], email=request.args['email'], next=request.args['next']) if form.validate_on_submit(): if User.objects(email=form.email.data).count() != 0: # A user with this email already exists. Override it. user = User.objects.get(email=form.email.data) user.openid = session['openid'] user.name = form.name.data flash('Account with this email already exists. Overridden.', MESSAGE_FLASH) user.register_login() user.save() else: # Retreive their user type from the whitelist then remove them. wl = Whitelist.objects().get(email=form.email.data) user_type = wl.user_type wl.redeemed = True wl.save() # Create a brand new user user = User(email=form.email.data, name=form.name.data, gplus_id=session['gplus_id'], user_type=user_type, image_url=request.args.get('image_url')) flash('Account created successfully.', MESSAGE_FLASH) user.register_login() user.save() # redirect to the next url or the root of the application ('/') if form.next.data: # use code=303 to avoid POSTing to the next page. return redirect(form.next.data, code=303) # use code=303 to avoid POSTing to the next page. return redirect('/', code=303) return render_template('eventum_auth/create_profile.html', image_url=request.args.get('image_url'), form=form)
def add(): """Add and email to the whitelist. **Route:** ``/admin/whitelist/add`` **Methods:** ``POST`` """ form = AddToWhitelistForm(request.form) if form.user_type.data == 'fake_user': if form.validate_on_submit(): fake_id = str(uuid.uuid4()) fake_email = fake_id[:10] + "@fake-users.com" filename = form.fake_user_image.data try: fake_image = Image.objects().get(filename=filename) fake_user = User(email=fake_email, gplus_id=fake_id, name=form.name.data, user_type=form.user_type.data, image=fake_image) except Image.DoesNotExist: fake_user = User(email=fake_email, gplus_id=fake_id, name=form.name.data, user_type=form.user_type.data) fake_user.save() else: current_app.logger.warning(form.errors) else: user_exists = User.objects(email=form.email.data).count() != 0 if form.validate_on_submit() and not user_exists: wl = Whitelist(email=form.email.data, user_type=form.user_type.data) wl.save() else: current_app.logger.warning(form.errors) return redirect(url_for('users.index'))
def setUp(self): # noqa """Before every test, make some example users.""" from eventum.models import User for user_config in USERS.values(): user = User(**user_config) user.save()