def GET(self, uid): from petition import get_num_signs user = db.select('users', what='id, lname, fname', where='id=$uid', vars=locals()) if not user: raise web.notfound() created, signed = created_by(uid).list(), signed_by(uid).list() for p in created + signed: p.signcount = get_num_signs(p.id) logged_in = (helpers.get_loggedin_userid() == int(uid)) return render.user_petitions(user[0], created, signed, logged_in)
def assert_login(i=None): # let unlogged in users also do actions like signing, wyr # if the email has verified account with us but not logged-in, redirect to login form # if the email has unverified account, make them login #and send set password email # if the email has no account, set an unverified account #and send set password email # and return user id i = i or web.input() email = i.email if helpers.get_loggedin_email(): uid = helpers.get_loggedin_userid() elif helpers.is_verified(email): login_page = do_login(email, set_state()) raise web.webapi.HTTPError('200 OK', {}, data=str(login_page)) else: #send_mail_to_set_password(email) uid = helpers.unverified_login(email, i.get('fname'), i.get('lname')) return uid
def check_permission(uid): current_uid = helpers.get_loggedin_userid() if current_uid != int(uid): query = urllib.urlencode(dict(redirect=web.ctx.homepath + web.ctx.fullpath)) raise web.seeother("/u/login?%s" % (query), absolute=True)
def check_permission(uid): current_uid = helpers.get_loggedin_userid() if current_uid != int(uid): query = urllib.urlencode( dict(redirect=web.ctx.homepath + web.ctx.fullpath)) raise web.seeother("/u/login?%s" % (query), absolute=True)