def request_password(self):
schema = createSchema('RequestNewPasswordSchema').bind(context=self.context, request=self.request)
form = Form(schema, buttons=(button_request, button_cancel))
self.api.register_form_resources(form)
#Handle submitted information
if 'request' in self.request.POST:
controls = self.request.POST.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid_or_email = appstruct['userid_or_email']
#userid here can be either an email address or a login name
if '@' in userid_or_email:
#assume email
user = self.context['users'].get_user_by_email(userid_or_email)
else:
user = self.context['users'].get(userid_or_email)
if IUser.providedBy(user):
user.new_request_password_token(self.request)
self.api.flash_messages.add(_('Email sent.'))
url = resource_url(self.api.root, self.request)
return HTTPFound(location = url)
self.api.flash_messages.add(_('Username or email not found.'), type='error')
def set_auth_domain(self, user, domain, **kw):
assert domain == self.name
assert IUser.providedBy(user)
auth_info = get_auth_info(self.request)
reg_data = self.appstruct(auth_info)
kw['openid_username'] = reg_data['openid_username']
user.auth_domains[self.name] = kw
def request_password(self):
schema = createSchema('RequestNewPasswordSchema').bind(
context=self.context, request=self.request)
form = Form(schema, buttons=(button_request, button_cancel))
self.api.register_form_resources(form)
#Handle submitted information
if 'request' in self.request.POST:
controls = self.request.POST.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid_or_email = appstruct['userid_or_email']
#userid here can be either an email address or a login name
if '@' in userid_or_email:
#assume email
user = self.context['users'].get_user_by_email(userid_or_email)
else:
user = self.context['users'].get(userid_or_email)
if IUser.providedBy(user):
user.new_request_password_token(self.request)
self.api.flash_messages.add(_('Email sent.'))
url = resource_url(self.api.root, self.request)
return HTTPFound(location=url)
self.api.flash_messages.add(_('Username or email not found.'),
type='error')
def test_get_user(self):
root = bootstrap_and_fixture(self.config)
request = testing.DummyRequest()
obj = self._cut(root, request)
self.failIf(hasattr(request, '_user_lookup_cache'))
user = obj.get_user('admin')
from voteit.core.models.interfaces import IUser
self.failUnless(IUser.providedBy(user))
self.assertEqual(user, request._user_lookup_cache['admin'])
def test_get_user(self):
root = bootstrap_and_fixture(self.config)
request = testing.DummyRequest()
obj = self._cut(root, request)
self.failIf(hasattr(request, '_user_lookup_cache'))
user = obj.get_user('admin')
from voteit.core.models.interfaces import IUser
self.failUnless(IUser.providedBy(user))
self.assertEqual(user, request._user_lookup_cache['admin'])
def __call__(self, node, value):
if '@' in value:
#assume email
root = find_root(self.context)
user = root['users'].get_user_by_email(value)
if not IUser.providedBy(user):
msg = _(u"email_to_user_validation_error",
default=u"I couldn't find any user with this email.")
raise colander.Invalid(node, msg)
else:
userid_validator = GlobalExistingUserId(self.context)
userid_validator(node, value)
def login(self):
""" Login action used by sidebar widget for password login. """
browser_result = self.browser_check()
if browser_result:
return browser_result
#FIXME: Validation in schema, not in view
schema = createSchema(
'LoginSchema', validator=deferred_login_password_validator).bind(
context=self.context, request=self.request, api=self.api)
form = deform.Form(schema, buttons=(button_login, ))
self.api.register_form_resources(form)
users = self.context.users
POST = self.request.POST
if 'login' in POST:
controls = POST.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
# Force lowercase userid
userid = appstruct['userid'].lower()
password = appstruct['password']
came_from = appstruct['came_from']
#userid here can be either an email address or a login name
if '@' in userid:
#assume email
user = users.get_user_by_email(userid)
else:
user = users.get(userid)
if not IUser.providedBy(user):
raise HTTPForbidden(
u"Userid returned something else then a user from users folder."
)
#Password validation already handled by schema here
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
def login(self):
""" Login action used by sidebar widget for password login. """
browser_result = self.browser_check()
if browser_result:
return browser_result
#FIXME: Validation in schema, not in view
schema = createSchema('LoginSchema', validator = deferred_login_password_validator).bind(context=self.context, request=self.request, api=self.api)
form = deform.Form(schema, buttons=(button_login,))
self.api.register_form_resources(form)
users = self.context.users
POST = self.request.POST
if 'login' in POST:
controls = POST.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
# Force lowercase userid
userid = appstruct['userid'].lower()
password = appstruct['password']
came_from = appstruct['came_from']
#userid here can be either an email address or a login name
if '@' in userid:
#assume email
user = users.get_user_by_email(userid)
else:
user = users.get(userid)
if not IUser.providedBy(user):
raise HTTPForbidden(u"Userid returned something else then a user from users folder.")
#Password validation already handled by schema here
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
def __init__(self, context):
assert IUser.providedBy(context) # pragma : no cover
self.context = context
def __init__(self, context):
assert IUser.providedBy(context)
self.context = context
def facebook_register(self):
schema = createSchema('CSORegisterUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
oauth_userid = post['oauth_userid']
oauth_access_token = post['oauth_access_token']
came_from = post['came_from']
# Logged in user, connect auth token to user
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_user_by_oauth_token(
'facebook', oauth_access_token)
if other_user and user != other_user:
raise Forbidden(
_("Another user has already registered with this token."
))
#setting domain stuff
user.auth_domains['facebook'] = {
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_user_by_oauth_token(
'facebook', oauth_access_token)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
name = appstruct['userid']
del appstruct['userid']
# removing domain data from appstruct
del appstruct['oauth_userid']
del appstruct['oauth_access_token']
# add facebook as selected profile image
appstruct['profile_image_plugin'] = 'facebook_profile_image'
del appstruct['came_from']
obj = createContent('User', creators=[name], **appstruct)
self.context.users[name] = obj
#setting domain stuff
obj.auth_domains['facebook'] = {
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
openid_identifier = post['openid_identifier']
domain = post['domain']
userid = post['userid']
came_from = post['came_from']
# Logged in user, connect openid_identifier
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_auth_domain_user(
'openid', 'openid_identifier', openid_identifier)
if other_user and user != other_user:
raise Forbidden(
_("Another user has already registered with this identifier."
))
#setting domain stuff
user.auth_domains['openid'] = {
'openid_identifier': openid_identifier,
'domain': domain
}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_auth_domain_user(
'openid', 'openid_identifier', openid_identifier)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid = appstruct['userid']
email = appstruct['email']
first_name = appstruct['first_name']
last_name = appstruct['last_name']
obj = createContent('User',
creators=[userid],
email=email,
first_name=first_name,
last_name=last_name)
self.context.users[userid] = obj
#setting domain stuff
obj.auth_domains['openid'] = {
'openid_identifier': openid_identifier,
'domain': domain
}
headers = remember(self.request, userid) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def __init__(self, context):
assert IUser.providedBy(context) # pragma : no cover
self.context = context
def __init__(self, context):
assert IUser.providedBy(context)
self.context = context
def facebook_register(self):
schema = createSchema('CSORegisterUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
oauth_userid = post['oauth_userid']
oauth_access_token = post['oauth_access_token']
came_from = post['came_from']
# Logged in user, connect auth token to user
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token)
if other_user and user != other_user:
raise Forbidden(_("Another user has already registered with this token."))
#setting domain stuff
user.auth_domains['facebook'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
name = appstruct['userid']
del appstruct['userid']
# removing domain data from appstruct
del appstruct['oauth_userid']
del appstruct['oauth_access_token']
# add facebook as selected profile image
appstruct['profile_image_plugin'] = 'facebook_profile_image'
del appstruct['came_from']
obj = createContent('User', creators=[name], **appstruct)
self.context.users[name] = obj
#setting domain stuff
obj.auth_domains['facebook'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
openid_identifier = post['openid_identifier']
domain = post['domain']
userid = post['userid']
came_from = post['came_from']
# Logged in user, connect openid_identifier
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier)
if other_user and user != other_user:
raise Forbidden(_("Another user has already registered with this identifier."))
#setting domain stuff
user.auth_domains['openid'] = {'openid_identifier': openid_identifier,
'domain': domain}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid = appstruct['userid']
email = appstruct['email']
first_name = appstruct['first_name']
last_name = appstruct['last_name']
obj = createContent('User', creators=[userid], email = email, first_name = first_name, last_name = last_name)
self.context.users[userid] = obj
#setting domain stuff
obj.auth_domains['openid'] = {'openid_identifier': openid_identifier,
'domain': domain}
headers = remember(self.request, userid) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response