def register(request): """ Your classic registration view! """ register_form = auth_forms.RegistrationForm(request.POST) if request.method == 'POST' and register_form.validate(): # TODO: Make sure the user doesn't exist already users_with_username = \ request.db.User.find({ 'username': request.POST['username'].lower() }).count() if users_with_username: register_form.username.errors.append( u'Sorry, a user with that name already exists.') else: # Create the user entry = request.db.User() entry['username'] = request.POST['username'].lower() entry['email'] = request.POST['email'] entry['pw_hash'] = auth_lib.bcrypt_gen_password_hash( request.POST['password']) entry.save(validate=True) send_verification_email(entry, request) return redirect(request, "mediagoblin.auth.register_success") return render_to_response(request, 'mediagoblin/auth/register.html', {'register_form': register_form})
def new_controller_func(request, *args, **kwargs): if request.user and \ request.user.get('status') == u'needs_email_verification': return redirect(request, 'mediagoblin.auth.verify_email_notice') elif not request.user or request.user.get('status') != u'active': return exc.HTTPFound( location="%s?next=%s" % ( request.urlgen("mediagoblin.auth.login"), request.path_info)) return controller(request, *args, **kwargs)
def resend_activation(request): """ The reactivation view Resend the activation email. """ request.user['verification_key'] = unicode(uuid.uuid4()) request.user.save() send_verification_email(request.user, request) return redirect(request, 'mediagoblin.auth.resend_verification_success')
def edit_profile(request): user = request.user form = forms.EditProfileForm(request.POST, url = user.get('url'), bio = user.get('bio')) if request.method == 'POST' and form.validate(): user['url'] = request.POST['url'] user['bio'] = request.POST['bio'] user.save() return redirect(request, "index", user=user['username']) return render_to_response( request, 'mediagoblin/edit/edit_profile.html', {'user': user, 'form': form})
def media_post_comment(request): """ recieves POST from a MediaEntry() comment form, saves the comment. """ comment = request.db.MediaComment() comment['media_entry'] = ObjectId(request.matchdict['media']) comment['author'] = request.user['_id'] comment['content'] = request.POST['comment'] comment['content_html'] = cleaned_markdown_conversion(comment['content']) comment.save() messages.add_message(request, messages.SUCCESS, 'Comment posted!') return redirect(request, 'mediagoblin.user_pages.media_home', media=request.matchdict['media'], user=request.matchdict['user'])
def edit_media(request, media): if not may_edit_media(request, media): return exc.HTTPForbidden() form = forms.EditForm(request.POST, title = media['title'], slug = media['slug'], description = media['description']) if request.method == 'POST' and form.validate(): # Make sure there isn't already a MediaEntry with such a slug # and userid. existing_user_slug_entries = request.db.MediaEntry.find( {'slug': request.POST['slug'], 'uploader': media['uploader'], '_id': {'$ne': media['_id']}}).count() if existing_user_slug_entries: form.slug.errors.append( u'An entry with that slug already exists for this user.') else: media['title'] = request.POST['title'] media['description'] = request.POST.get('description') md = markdown.Markdown( safe_mode = 'escape') media['description_html'] = clean_html( md.convert( media['description'])) media['slug'] = request.POST['slug'] media.save() return redirect(request, "mediagoblin.user_pages.media_home", user=media.uploader()['username'], media=media['slug']) return render_to_response( request, 'mediagoblin/edit/edit.html', {'media': media, 'form': form})
def login(request): """ MediaGoblin login view. If you provide the POST with 'next', it'll redirect to that view. """ login_form = auth_forms.LoginForm(request.POST) login_failed = False if request.method == 'POST' and login_form.validate(): user = request.db.User.one( {'username': request.POST['username'].lower()}) if user and user.check_login(request.POST['password']): # set up login in session request.session['user_id'] = unicode(user['_id']) request.session.save() if request.POST.get('next'): return exc.HTTPFound(location=request.POST['next']) else: return redirect(request, "index") else: # Prevent detecting who's on this system by testing login # attempt timings auth_lib.fake_login_attempt() login_failed = True return render_to_response( request, 'mediagoblin/auth/login.html', { 'login_form': login_form, 'next': request.GET.get('next') or request.POST.get('next'), 'login_failed': login_failed })
def logout(request): # Maybe deleting the user_id parameter would be enough? request.session.delete() return redirect(request, "index")
def submit_start(request): """ First view for submitting a file. """ submit_form = submit_forms.SubmitStartForm(request.POST) if request.method == 'POST' and submit_form.validate(): if not (request.POST.has_key('file') and isinstance(request.POST['file'], FieldStorage) and request.POST['file'].file): submit_form.file.errors.append( u'You must provide a file.') elif not security.check_filetype(request.POST['file']): submit_form.file.errors.append( u'The file doesn\'t seem to be an image!') else: filename = request.POST['file'].filename # create entry and save in database entry = request.db.MediaEntry() entry['title'] = ( request.POST['title'] or unicode(splitext(filename)[0])) entry['description'] = request.POST.get('description') entry['description_html'] = cleaned_markdown_conversion( entry['description']) entry['media_type'] = u'image' # heh entry['uploader'] = request.user['_id'] # Save, just so we can get the entry id for the sake of using # it to generate the file path entry.save(validate=False) # Generate a slug from the title entry.generate_slug() # Now store generate the queueing related filename queue_filepath = request.app.queue_store.get_unique_filepath( ['media_entries', unicode(entry['_id']), secure_filename(filename)]) # queue appropriately queue_file = request.app.queue_store.get_file( queue_filepath, 'wb') with queue_file: queue_file.write(request.POST['file'].file.read()) # Add queued filename to the entry entry['queued_media_file'] = queue_filepath entry.save(validate=True) # queue it for processing process_media_initial.delay(unicode(entry['_id'])) return redirect(request, "mediagoblin.submit.success") return render_to_response( request, 'mediagoblin/submit/start.html', {'submit_form': submit_form})