def promote_user(self, from_jid, nick):
ji_ref = api.actor_lookup_im(api.ROOT, from_jid.base())
if jid_ref:
# TODO(tyler): Should we tell the user who they are?
raise exception.ValidationError(
"You already have an account and are signed in.")
if not NICK_RE.match(nick):
raise exception.ValidationError(
"Invalid screen name, can only use letters or numbers, 3 to 16 "
"characters")
# Create the user. (user_create will check to see if the account has
# already been created.)
password = util.generate_uuid()[:8]
# TODO(termie): Must have a first/last name. :(
actor = api.user_create(api.ROOT, nick=nick, password=password,
given_name=nick, family_name=nick)
# link this im account to the user's account (equivalent of SIGN IN)
self.sign_in(from_jid, nick, password)
# Inform the user of their new password
welcome = '\n'.join([HELP_WELCOME_NICK % nick,
HELP_PASSWORD % password,
HELP_POST,
HELP_CHANNEL_POST,
HELP_COMMENT,
HELP_FOLLOW,
HELP_STOP,
HELP_MORE,
HELP_FOOTER])
self.send_message([from_jid], welcome)
def login_login(request):
redirect_to = request.REQUEST.get("redirect_to", "/")
redirect_to = clean.redirect_to(redirect_to)
if request.POST:
try:
login = request.POST.get("log", None)
password = request.POST.get("pwd", None)
rememberme = request.POST.get("rememberme", None)
# TODO validate
current_user = user.lookup_user_by_login(login, password)
if current_user:
if redirect_to == "/":
redirect_to = current_user.url("/overview")
# Attempt to do some cleanup on the user if necessary
api.user_cleanup(api.ROOT, current_user.nick)
# if we aren't hosted or aren't ssl just set the cookie and go home
if not settings.HOSTED_DOMAIN_ENABLED or not settings.SSL_LOGIN_ENABLED:
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, current_user, rememberme)
return response
# otherwise, we're going to have to redirect to set the cookie on
# the proper domain
sso_token = util.generate_uuid()
cache.set("sso/%s" % sso_token, (current_user.nick, rememberme), timeout=10)
sso_url = "http://%s/login/noreally" % (settings.DOMAIN)
sso_url = util.qsa(sso_url, {"redirect_to": redirect_to, "sso_token": sso_token})
return http.HttpResponseRedirect(sso_url)
else:
raise exception.ValidationError("Invalid username or password")
except:
exception.handle_exception(request)
if request.user:
if redirect_to == "/":
redirect_to = request.user.url("/overview")
return http.HttpResponseRedirect(redirect_to)
c = template.RequestContext(request, locals())
t = loader.get_template("login.html")
return http.HttpResponse(t.render(c))
def generate_user_auth_token(nick, password, timeout=(14 * 24 * 60 * 60)):
token = util.hash_generic(util.generate_uuid())
cache.set("user_auth_token/%s/%s" % (nick, token), password, timeout)
return token
