def login_noreally(request): if "sso_token" in request.GET: sso_token = request.GET["sso_token"] redirect_to = request.GET["redirect_to"] redirect_to = clean.redirect_to(redirect_to) nick, rememberme = cache.get("sso/%s" % sso_token) cache.delete("sso/%s" % sso_token) actor_ref = api.actor_get(api.ROOT, nick) response = http.HttpResponseRedirect(redirect_to) response = user.set_user_cookie(response, actor_ref, rememberme) return response return http.HttpResponseRedirect("/login")
def login_login(request): redirect_to = request.REQUEST.get("redirect_to", "/") redirect_to = clean.redirect_to(redirect_to) if request.POST: try: login = request.POST.get("log", None) password = request.POST.get("pwd", None) rememberme = request.POST.get("rememberme", None) # TODO validate current_user = user.lookup_user_by_login(login, password) if current_user: if redirect_to == "/": redirect_to = current_user.url("/overview") # Attempt to do some cleanup on the user if necessary api.user_cleanup(api.ROOT, current_user.nick) # if we aren't hosted or aren't ssl just set the cookie and go home if not settings.HOSTED_DOMAIN_ENABLED or not settings.SSL_LOGIN_ENABLED: response = http.HttpResponseRedirect(redirect_to) response = user.set_user_cookie(response, current_user, rememberme) return response # otherwise, we're going to have to redirect to set the cookie on # the proper domain sso_token = util.generate_uuid() cache.set("sso/%s" % sso_token, (current_user.nick, rememberme), timeout=10) sso_url = "http://%s/login/noreally" % (settings.DOMAIN) sso_url = util.qsa(sso_url, {"redirect_to": redirect_to, "sso_token": sso_token}) return http.HttpResponseRedirect(sso_url) else: raise exception.ValidationError("Invalid username or password") except: exception.handle_exception(request) if request.user: if redirect_to == "/": redirect_to = request.user.url("/overview") return http.HttpResponseRedirect(redirect_to) c = template.RequestContext(request, locals()) t = loader.get_template("login.html") return http.HttpResponse(t.render(c))
def join_join(request): if request.user: raise exception.AlreadyLoggedInException() redirect_to = request.REQUEST.get("redirect_to", "/") # get the submitted vars nick = request.REQUEST.get("nick", "") first_name = request.REQUEST.get("first_name", "") last_name = request.REQUEST.get("last_name", "") email = request.REQUEST.get("email", "") password = request.REQUEST.get("password", "") confirm = request.REQUEST.get("confirm", "") hide = request.REQUEST.get("hide", "") if request.POST: try: # TODO validate params = util.query_dict_to_keywords(request.POST) if hide: params["privacy"] = 2 validate.email(email) if not mail.is_allowed_to_send_email_to(email): raise exception.ValidationError("Cannot send email to that address") # TODO start transaction if api.actor_lookup_email(api.ROOT, email): raise exception.ValidationError("That email address is already associated with a member.") actor_ref = api.user_create(api.ROOT, **params) actor_ref.access_level = "delete" api.post(actor_ref, nick=actor_ref.nick, message="Joined %s!" % (settings.SITE_NAME), icon="jaiku-new-user") # send off email confirmation api.activation_request_email(actor_ref, actor_ref.nick, email) # TODO end transaction welcome_url = util.qsa("/welcome", {"redirect_to": redirect_to}) # NOTE: does not provide a flash message response = http.HttpResponseRedirect(welcome_url) user.set_user_cookie(response, actor_ref) return response except: exception.handle_exception(request) # for legal section legal_component = component.include("legal", "dummy_legal") legal_html = legal_component.embed_join() # for sidebar sidebar_green_top = True area = "join" c = template.RequestContext(request, locals()) t = loader.get_template("join.html") return http.HttpResponse(t.render(c))
def actor_settings(request, nick, page='index'): """ just a static page that links to the rest""" nick = clean.nick(nick) view = api.actor_lookup_nick(api.ROOT, nick) handled = common_views.handle_view_action( request, { 'activation_activate_mobile': view.url('/settings/mobile'), 'activation_request_email': view.url('/settings/email'), 'activation_request_mobile': view.url('/settings/mobile'), 'settings_change_notify': view.url('/settings/notifications'), 'settings_change_privacy': request.path, 'settings_update_account': view.url('/settings/profile'), 'actor_remove': '/logout', #'oauth_remove_consumer': request.path, #'oauth_remove_access_token': request.path } ) if handled: return handled # TODO(tyler/termie): This conflicts with the global settings import. # Also, this seems fishy. Do none of the settings.* items work in templates? import settings # TODO(tyler): Merge this into handle_view_action, if possible if 'password' in request.POST: try: validate.nonce(request, 'change_password') password = request.POST.get('password', '') confirm = request.POST.get('confirm', '') validate.password_and_confirm(password, confirm, field = 'password') api.settings_change_password(request.user, nick, password) response = util.RedirectFlash(view.url() + '/settings/password', 'password updated') request.user.password = password # TODO(mikie): change when cookie-auth is changed user.set_user_cookie(response, request.user) return response except: exception.handle_exception(request) if page == 'feeds': try: if not settings.FEEDS_ENABLED: raise exception.DisabledFeatureError('Feeds are currently disabled') except: exception.handle_exception(request) if page == 'photo': redirect_to = view.url() + '/settings/photo' handled = common_views.common_photo_upload(request, redirect_to) if handled: return handled area = 'settings' full_page = page.capitalize() if page == 'mobile': full_page = 'Mobile Number' mobile = api.mobile_get_actor(request.user, request.user.nick) sms_notify = view.extra.get('sms_notify', False) elif page == 'im': full_page = 'IM Address' im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) elif page == 'index': email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get('email_notify', False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) elif page == 'feeds': full_page = 'Web Feeds' elif page == 'email': full_page = 'Email Address' email_notify = view.extra.get('email_notify', False) # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == 'design': handled = common_views.common_design_update(request, nick) if handled: return handled full_page = 'Look and Feel' elif page == 'notifications': email = api.email_get_actor(request.user, view.nick) email_notify = view.extra.get('email_notify', False) im_address = api.im_get_actor(request.user, view.nick) im_notify = view.extra.get('im_notify', False) mobile = api.mobile_get_actor(request.user, request.user.nick) sms_notify = view.extra.get('sms_notify', False) sms_confirm = sms_notify and not view.extra.get('sms_confirmed', False) # TODO(termie): remove this once we can actually receive sms sms_confirm = False elif page == 'profile': # check if we already have an email email = api.email_get_actor(request.user, view.nick) # otherwise look for an unconfirmed one if not email: unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick) if unconfirmeds: unconfirmed_email = unconfirmeds[0].content elif page == 'photo': avatars = display.DEFAULT_AVATARS small_photos = api.image_get_all_keys(request.user, view.nick, size='f') # TODO(tyler): Fix this avatar nonsense! own_photos = [{ 'path' : small_photo.key().name(), 'name' : small_photo.key().name()[len('image/'):-len('_f.jpg')], } for small_photo in small_photos ] elif page == 'privacy': PRIVACY_PUBLIC = api.PRIVACY_PUBLIC PRIVACY_CONTACTS = api.PRIVACY_CONTACTS elif page == 'jsbadge': full_page = 'Javascript Badges' elif page == 'badge': badges = [{'id': 'badge-stream', 'width': '200', 'height': '300', 'src': '%sglobal/themes/%s/badge.swf' % (settings.MEDIA_URL, settings.DEFAULT_THEME), 'title': 'Stream', }, {'id': 'badge-map', 'width': '200', 'height': '255', 'src': '%sglobal/themes/%s/badge-map.swf' % (settings.MEDIA_URL, settings.DEFAULT_THEME), 'title': 'Map', }, {'id': 'badge-simple', 'width': '200', 'height': '200', 'src': '%sglobal/themes/%s/badge-simple.swf' % (settings.MEDIA_URL, settings.DEFAULT_THEME), 'title': 'Simple', }, ] elif page in ['password', 'delete']: # Catch for remaining pages before we generate a 404. pass else: return common_views.common_404(request) # rendering c = template.RequestContext(request, locals()) t = loader.get_template('settings_%s.html' % page) return http.HttpResponse(t.render(c))