def register(): form = RegisterForm() # Make Recaptcha optional if not (app.config.get('RECAPTCHA_PUBLIC_KEY') and app.config.get('RECAPTCHA_PRIVATE_KEY')): del form.recaptcha form.fullname.description = app.config.get('FULLNAME_REASON') form.email.description = app.config.get('EMAIL_REASON') form.username.description = app.config.get('USERNAME_REASON') if form.validate_on_submit(): user = register_internal(None, form.fullname.data, form.password.data) user.username = form.username.data or None useremail = UserEmailClaim(user=user, email=form.email.data) db.session.add(useremail) send_email_verify_link(useremail) login_internal(user) db.session.commit() flash("You are now one of us. Welcome aboard!", category='success') if 'next' in request.args: return redirect(request.args['next'], code=303) else: return redirect(url_for('index'), code=303) return render_form(form=form, title='Register an account', formid='register', submit='Register')
def config_external_id(service, service_name, user, userid, username, fullname, avatar, access_token, secret, token_type, next_url): session['avatar_url'] = avatar extid = UserExternalId.query.filter_by(service=service, userid=userid).first() session['userid_external'] = { 'service': service, 'userid': userid, 'username': username } if extid is not None: extid.oauth_token = access_token extid.oauth_token_secret = secret extid.oauth_token_type = token_type extid.username = username # For twitter: update username if it changed login_internal(extid.user) db.session.commit() flash('You have logged in as %s via %s' % (username, service_name), 'success') if not extid.user.is_profile_complete(): return url_for('profile_new', next=next_url) else: return else: if user: flash( 'You have logged in as %s via %s. This id has been linked to your existing account' % (username, service_name), 'success') else: flash( 'You have logged in as %s via %s. This is your first time here' % (username, service_name), 'success') # If caller wants this id connected to an existing user, do it. if not user: user = register_internal(None, fullname, None) extid = UserExternalId(user=user, service=service, userid=userid, username=username, oauth_token=access_token, oauth_token_secret=secret, oauth_token_type=token_type) # If the service provided a username that is valid for Lastuser and not already in use, assign # it to this user if valid_username(username): if User.query.filter_by(username=username).first() is None: user.username = username db.session.add(extid) login_internal(user) db.session.commit() # redirect the user to profile edit page to fill in more details return url_for('profile_new', next=next_url)
def register(): form = RegisterForm() if form.validate_on_submit(): user = register_internal(None, form.fullname.data, form.password.data) user.username = form.username.data or None useremail = UserEmailClaim(user=user, email=form.email.data) db.session.add(useremail) db.session.commit() send_email_verify_link(useremail) login_internal(user) flash("You are now one of us. Welcome aboard!", category='info') if 'next' in request.args: return redirect(request.args['next'], code=303) else: return redirect(url_for('index'), code=303) return render_form(form=form, title='Register an account', formid='register', submit='Register')
def register(): form = RegisterForm() form.fullname.description = app.config.get("FULLNAME_REASON") form.email.description = app.config.get("EMAIL_REASON") form.username.description = app.config.get("USERNAME_REASON") if form.validate_on_submit(): user = register_internal(None, form.fullname.data, form.password.data) user.username = form.username.data or None useremail = UserEmailClaim(user=user, email=form.email.data) db.session.add(useremail) db.session.commit() send_email_verify_link(useremail) login_internal(user) flash("You are now one of us. Welcome aboard!", category="success") if "next" in request.args: return redirect(request.args["next"], code=303) else: return redirect(url_for("index"), code=303) return render_form(form=form, title="Register an account", formid="register", submit="Register")
def config_external_id(service, service_name, user, userid, username, fullname, avatar, access_token, secret, token_type, next_url): session['avatar_url'] = avatar extid = UserExternalId.query.filter_by(service=service, userid=userid).first() session['userid_external'] = {'service': service, 'userid': userid, 'username': username} if extid is not None: extid.oauth_token = access_token extid.oauth_token_secret = secret extid.oauth_token_type = token_type extid.username = username # For twitter: update username if it changed login_internal(extid.user) db.session.commit() flash('You have logged in as %s via %s' % (username, service_name), 'success') if not extid.user.email: return url_for('profile_new', next=next_url) else: return else: if user: flash('You have logged in as %s via %s. This id has been linked to your existing account' % (username, service_name), 'success') else: flash('You have logged in as %s via %s. This is your first time here' % (username, service_name), 'success') # If caller wants this id connected to an existing user, do it. if not user: user = register_internal(None, fullname, None) extid = UserExternalId(user=user, service=service, userid=userid, username=username, oauth_token=access_token, oauth_token_secret=secret, oauth_token_type=token_type) # If the service provided a username that is valid for Lastuser and not already in use, assign # it to this user if valid_username(username): if User.query.filter_by(username=username).first() is None: user.username = username db.session.add(extid) db.session.commit() login_internal(user) # redirect the user to profile edit page to fill in more details return url_for('profile_new', next=next_url)
def login_openid_success(resp): """ Called when OpenID login succeeds """ openid = resp.identity_url if openid.startswith('https://profiles.google.com/') or openid.startswith('https://www.google.com/accounts/o8/id?id='): service = 'google' else: service = 'openid' extid = UserExternalId.query.filter_by(service=service, userid=openid).first() if extid is not None: login_internal(extid.user) db.session.commit() session['userid_external'] = {'service': service, 'userid': openid} flash("You are now logged in", category='success') if not extid.user.is_profile_complete(): return redirect(url_for('profile_new', next=get_next_url(session=True))) else: return redirect(get_next_url(session=True)) else: username = None if resp.email: useremail = UserEmail.query.filter_by(email=resp.email).first() if openid.startswith('https://profiles.google.com/') or openid.startswith('https://www.google.com/accounts/o8/id?id='): # Google id. Trust the email address. if useremail: # User logged in previously using a different Google OpenID endpoint # Add this new endpoint to the existing user account user = useremail.user else: # No previous record for email address, so register a new user user = register_internal(None, resp.fullname or resp.nickname or openid, None) user.add_email(resp.email, primary=True) else: # Not a Google id. Do not trust an OpenID-provided email address. # This must be treated as a claim, not as a confirmed email address. # Step 1. Make a new account user = register_internal(None, resp.fullname or resp.nickname or openid, None) # Step 2. If this email address is not already known, register a claim. # If it is an existing registered email address, ignore it. OpenID metadata # cannot be trusted; anyone can setup an OpenID server that will allow the user # to claim any email address. if not useremail: emailclaim = UserEmailClaim(user=user, email=resp.email) db.session.add(emailclaim) send_email_verify_link(emailclaim) else: # First login and no email address provided. Create a new user account user = register_internal(None, resp.fullname or resp.nickname or openid, None) # Set username for Google ids if openid.startswith('https://profiles.google.com/'): # Use profile name as username parts = openid.split('/') while not parts[-1]: parts.pop(-1) username = parts[-1] elif openid.startswith('https://www.google.com/accounts/o8/id?id='): # Use email address as username username = resp.email # Record this OpenID/Google id for the user extid = UserExternalId(user=user, service=service, userid=openid, username=username, oauth_token=None, oauth_token_secret=None) db.session.add(extid) login_internal(user) db.session.commit() session['userid_external'] = {'service': service, 'userid': openid} flash("You are now logged in.", category='success') if not user.is_profile_complete(): return redirect(url_for('profile_new', next=get_next_url(session=True))) else: return redirect(get_next_url(session=True))
def login_openid_success(resp): """ Called when OpenID login succeeds """ openid = resp.identity_url if openid.startswith('https://profiles.google.com/') or openid.startswith( 'https://www.google.com/accounts/o8/id?id='): service = 'google' else: service = 'openid' extid = UserExternalId.query.filter_by(service=service, userid=openid).first() if extid is not None: login_internal(extid.user) db.session.commit() session['userid_external'] = {'service': service, 'userid': openid} flash("You are now logged in", category='success') if not extid.user.is_profile_complete(): return redirect( url_for('profile_new', next=get_next_url(session=True))) else: return redirect(get_next_url(session=True)) else: username = None if resp.email: useremail = UserEmail.query.filter_by(email=resp.email).first() if openid.startswith( 'https://profiles.google.com/') or openid.startswith( 'https://www.google.com/accounts/o8/id?id='): # Google id. Trust the email address. if useremail: # User logged in previously using a different Google OpenID endpoint # Add this new endpoint to the existing user account user = useremail.user else: # No previous record for email address, so register a new user user = register_internal( None, resp.fullname or resp.nickname or openid, None) user.add_email(resp.email, primary=True) else: # Not a Google id. Do not trust an OpenID-provided email address. # This must be treated as a claim, not as a confirmed email address. # Step 1. Make a new account user = register_internal( None, resp.fullname or resp.nickname or openid, None) # Step 2. If this email address is not already known, register a claim. # If it is an existing registered email address, ignore it. OpenID metadata # cannot be trusted; anyone can setup an OpenID server that will allow the user # to claim any email address. if not useremail: emailclaim = UserEmailClaim(user=user, email=resp.email) db.session.add(emailclaim) send_email_verify_link(emailclaim) else: # First login and no email address provided. Create a new user account user = register_internal(None, resp.fullname or resp.nickname or openid, None) # Set username for Google ids if openid.startswith('https://profiles.google.com/'): # Use profile name as username parts = openid.split('/') while not parts[-1]: parts.pop(-1) username = parts[-1] elif openid.startswith('https://www.google.com/accounts/o8/id?id='): # Use email address as username username = resp.email # Record this OpenID/Google id for the user extid = UserExternalId(user=user, service=service, userid=openid, username=username, oauth_token=None, oauth_token_secret=None) db.session.add(extid) login_internal(user) db.session.commit() session['userid_external'] = {'service': service, 'userid': openid} flash("You are now logged in.", category='success') if not user.is_profile_complete(): return redirect( url_for('profile_new', next=get_next_url(session=True))) else: return redirect(get_next_url(session=True))