def signup():
if not missing_session(): return go_user_home()
form = SignupForm()
if form.validate_on_submit():
user = User(email=form.email.data,
username=form.username.data,
password=form.password.data)
if form.avatar.data is not None:
user.avatar = form.save_avatar()
try:
user.save()
create_session(user)
return redirect(url_for('user.profile', user_id=user.id))
except Exception as e:
field = str(e).split('.')[2].split('[')[0]
flash('Please choose a unique ' + field, 'error')
return render_template('user/signup.html', form=form, session=session)
def add_user():
try:
email = request.form.get('email')
password = request.form.get('password')
client_id = request.form.get('client_id')
try:
client = Client.objects.get(client_id=client_id)
except DoesNotExist:
logging.info("Client not found.")
return abort(400)
if not client.has_password_credential_permission:
return abort(400)
salt = gen_salt(40)
hashed_password = hashlib.sha512(password + salt).hexdigest()
user = User(
email=email,
password=hashed_password,
salt=salt
)
user.save()
return jsonify({"user": user.to_mongo()})
except NotUniqueError:
logging.info("Duplicate user.")
return abort(400)
except TypeError:
return abort(400)
except Exception as e:
logging.error(e.args[0])
return abort(500)
def load_user(username, password, client, request, *args, **kwargs):
if re.match(r"[^@]+@[^@]+\.[^@]+", username):
if not client.has_password_credential_permission:
return None
try:
user = User.objects.get(email=username)
except DoesNotExist:
logging.info("User not found.")
return None
if not user.validate_password(password):
return None
return user
elif username.isdigit():
if not client.has_facebook_credential_permission:
return None
try:
facebook = Facebook(password)
me = facebook.get('/me', params={'fields': 'id,name,email,link'})
except client.OAuthException:
return None
except Exception as e:
logging.error(e)
return None
try:
user = User.objects.get(facebook_id=username)
user.facebook_access_token = password
user.save()
except DoesNotExist:
facebook_id = me['id']
email = me['email']
name = me['name']
user = User(
facebook_id=facebook_id,
email=email,
name=name,
facebook_access_token=password,
password=None,
salt=None,
)
user.save()
return user
else:
logging.warning("Username not recognized.")
return None
def post():
form = request.json
res = {}
try:
user = User(email=form.get('email'),
username=form.get('username'),
first_name=form.get('first_name'),
last_name=form.get('last_name'),
password=form.get('password'),
instructor=form.get('instructor'),
admin=False)
user.save()
global session
session, res = gen_session(user, session)
except Exception as e:
try:
res = {'error': 'Please choose a unique ' + get_field(e.orig)}
except Exception:
res = {'error': 'There was an error creating your account'}
return jsonify(res), 200
