def GET_refresh_token(self, *args, **kwargs): # pylint: disable=unused-argument
"""Generate a refresh token given a username"""
username = request.GET['username']
try:
account = Account._by_name(username)
except NotFound:
account = register(username, uuid4().hex, '127.0.0.1')
# subscribe the user now because reddit does not have consistency across
# its APIs on what it considers the user to be subscribed to
if not account.has_subscribed:
Subreddit.subscribe_defaults(account)
account.has_subscribed = True
account._commit()
client_id = g.secrets['generate_refresh_token_client_id']
client = OAuth2Client.get_token(client_id)
scope = OAuth2Scope(OAuth2Scope.FULL_ACCESS)
user_id = account._id36
refresh_token = OAuth2RefreshToken._new(
client_id=client._id,
user_id=user_id,
scope=scope,
)
access_token = OAuth2AccessToken._new(
client_id=client._id,
user_id=user_id,
scope=scope,
device_id='device',
)
return json.dumps(OAuth2AccessController._make_new_token_response(access_token, refresh_token))
def handle_register(controller,
form,
responder,
name,
email,
password,
rem=None,
newsletter_subscribe=False,
sponsor=False,
signature=None,
**kwargs):
def _event(error):
g.events.login_event('register_attempt',
error_msg=error,
user_name=request.urlvars.get('url_user'),
email=request.POST.get('email'),
remember_me=rem,
newsletter=newsletter_subscribe,
signature=signature,
request=request,
context=c)
if signature and not signature.is_valid():
_event(error="SIGNATURE")
abort(403)
if responder.has_errors('user', errors.USERNAME_TOO_SHORT):
_event(error='USERNAME_TOO_SHORT')
elif responder.has_errors('user', errors.USERNAME_INVALID_CHARACTERS):
_event(error='USERNAME_INVALID_CHARACTERS')
elif responder.has_errors('user', errors.USERNAME_TAKEN_DEL):
_event(error='USERNAME_TAKEN_DEL')
elif responder.has_errors('user', errors.USERNAME_TAKEN):
_event(error='USERNAME_TAKEN')
elif responder.has_errors('email', errors.BAD_EMAIL):
_event(error='BAD_EMAIL')
elif responder.has_errors('passwd', errors.SHORT_PASSWORD):
_event(error='SHORT_PASSWORD')
elif responder.has_errors('passwd', errors.BAD_PASSWORD):
# BAD_PASSWORD is set when SHORT_PASSWORD is set
_event(error='BAD_PASSWORD')
elif responder.has_errors('passwd2', errors.BAD_PASSWORD_MATCH):
_event(error='BAD_PASSWORD_MATCH')
elif responder.has_errors('ratelimit', errors.RATELIMIT):
_event(error='RATELIMIT')
elif (not g.disable_captcha
and responder.has_errors('captcha', errors.BAD_CAPTCHA)):
_event(error='BAD_CAPTCHA')
elif newsletter_subscribe and not email:
c.errors.add(errors.NEWSLETTER_NO_EMAIL, field="email")
form.has_errors("email", errors.NEWSLETTER_NO_EMAIL)
_event(error='NEWSLETTER_NO_EMAIL')
elif sponsor and not email:
c.errors.add(errors.SPONSOR_NO_EMAIL, field="email")
form.has_errors("email", errors.SPONSOR_NO_EMAIL)
_event(error='SPONSOR_NO_EMAIL')
else:
try:
user = register(name, password, request.ip)
except AccountExists:
c.errors.add(errors.USERNAME_TAKEN, field="user")
form.has_errors("user", errors.USERNAME_TAKEN)
_event(error='USERNAME_TAKEN')
return
VRatelimit.ratelimit(rate_ip=True, prefix="rate_register_")
# anything else we know (email, languages)?
if email:
user.set_email(email)
emailer.verify_email(user)
user.pref_lang = c.lang
user._commit()
amqp.add_item('new_account', user._fullname)
hooks.get_hook("account.registered").call(user=user)
reject = hooks.get_hook("account.spotcheck").call(account=user)
if any(reject):
_event(error='ACCOUNT_SPOTCHECK')
return
if newsletter_subscribe and email:
try:
newsletter.add_subscriber(email, source="register")
except newsletter.NewsletterError as e:
g.log.warning("Failed to subscribe: %r" % e)
controller._login(responder, user, rem)
# CUSTOM: Auto Subscribe All, calling subscribe_defaults() asap
if feature.is_enabled('auto_subscribe_all'):
Subreddit.subscribe_defaults(c.user)
_event(error=None)
