def challenge_get(self, environ, start_response):
"""
Respond to a GET request by sending a form.
"""
redirect = (environ['tiddlyweb.query'].
get('tiddlyweb_redirect', ['/'])[0])
template = templating.get_template(environ, 'login_form.html')
headers = []
# If the current user is expired, log them out as part of this
# request by expiring their ticket.
userinfo = environ['tiddlyweb.usersign']
if 'fields' in userinfo and 'expired_user' in userinfo['fields']:
path = environ.get('tiddlyweb.config', {}).get('server_prefix', '')
cookie = Cookie.SimpleCookie()
cookie['tiddlyweb_user'] = ''
cookie['tiddlyweb_user']['path'] = '%s/' % path
cookie['tiddlyweb_user']['expires'] = '%s' % (time.ctime(time.time()-6000))
headers.append(('Set-Cookie', cookie.output(header='')))
headers.extend([('Content-Type', 'text/html'),
('Pragma', 'no-cache') ])
start_response('200 OK', headers)
return template.render(redirect=redirect,
commonVars=templating.common_vars(environ))
def _user_form(environ, start_response, role='tier1', message='', formdata=None):
# XXX add an action argument so we can choose if we are doing tier1
# or tier2 registration
form_starter = {
'name': '',
'email': '',
'country': '',
'company': '',
}
if formdata:
form_starter.update(formdata)
if role == 'tier2':
template = templating.get_template(environ, 'user_form.html')
else:
# XXX does additional information need to be sent in?
template = templating.get_template(environ, 'index.html')
start_response('200 OK', [
('Content-Type', 'text/html'),
('Pragma', 'no-cache')
])
return template.render(commonVars=templating.common_vars(environ),
message=message, form=form_starter)
def tiddler_as(self, tiddler):
logging.debug('in tiddler_as')
template = templating.get_template(self.environ, 'company.html')
open_fields = self.environ['tiddlyweb.config']['mappingsql.open_fields']
return template.render(tiddler=tiddler,
maps_api_key=self.maps_api_key,
commonVars=templating.common_vars(self.environ),
open_fields=open_fields)
def list_tiddlers(self, tiddlers):
logging.debug('in list_tiddlers')
resultcount = self.environ.get('tiddlyweb.mappingsql.count', 0) # the total number of results in the database, as opposed to the number I can see
access_count = self.environ.get('tiddlyweb.mappingsql.access_count', 0) # the number of results I have access to
index = self.environ.get('tiddlyweb.mappingsql.index', 0)
template = templating.get_template(self.environ, 'collection.html')
# Unwind the generator so we can count it in the template.
return template.render(tiddlers=list(tiddlers), resultcount=resultcount, access_count=access_count,
commonVars=templating.common_vars(self.environ), pageDistance=self.environ['tiddlyweb.config']['mappingsql.limit'], queryIndex=index)
def index(environ, start_response):
template = templating.get_template(environ, 'index.html')
start_response('200 OK', [
('Content-Type', 'text/html'),
('Pragma', 'no-cache')
])
return template.render(commonVars=templating.common_vars(environ))
def update_user_form(environ, start_response, message=None, success=False):
if message is None:
message = ''
logging.debug('in update_user_form, message: '+message)
query = environ['tiddlyweb.query']
store = environ['tiddlyweb.store']
username = query.get('username', [None])[0]
userinfo = {}
if not username:
template = templating.get_template(environ, 'user_start_update.html')
else:
# get the user info out of the store and magicuser
user = User(username)
try:
user = store.get(user)
except NoUserError:
pass
userinfo['email'] = user.usersign
try:
userinfo['tier'] = [role for role in user.list_roles() if role.startswith('tier')][0]
except IndexError:
userinfo['tier'] = ''
bag_name = environ['tiddlyweb.config'].get('magicuser.bag', 'MAGICUSER')
tiddler = Tiddler(user.usersign, bag_name)
try:
tiddler = store.get(tiddler)
except NoTiddlerError:
pass
country = tiddler.fields.get('country', '')
company = tiddler.fields.get('company', '')
name = tiddler.fields.get('name', '')
# Get the expiration time.
now = time.time()
expiration = float(tiddler.fields.get('expiry', 0))
if expiration != 0:
expiration = (expiration - now) / (24 * 60 * 60)
userinfo['country'] = country
userinfo['company'] = company
userinfo['name'] = name
userinfo['expiry'] = expiration
template = templating.get_template(environ, 'user_update.html')
start_response('200 OK', [
('Content-Type', 'text/html'),
('Pragma', 'no-cache')
])
form_starter = userinfo
logging.debug('rendering with message:'+message)
return template.render(commonVars=templating.common_vars(environ),
message=message, success=success, form=form_starter)
def update_user_form(environ, start_response, message=None, success=False):
if message is None:
message = ""
logging.debug("in update_user_form, message: " + message)
query = environ["tiddlyweb.query"]
store = environ["tiddlyweb.store"]
username = query.get("username", [None])[0]
userinfo = {}
if not username:
template = templating.get_template(environ, "user_start_update.html")
else:
# get the user info out of the store and magicuser
user = User(username)
try:
user = store.get(user)
except NoUserError:
pass
userinfo["email"] = user.usersign
try:
userinfo["tier"] = [role for role in user.list_roles() if role.startswith("tier")][0]
except IndexError:
userinfo["tier"] = ""
bag_name = environ["tiddlyweb.config"].get("magicuser.bag", "MAGICUSER")
tiddler = Tiddler(user.usersign, bag_name)
try:
tiddler = store.get(tiddler)
except NoTiddlerError:
pass
country = tiddler.fields.get("country", "")
company = tiddler.fields.get("company", "")
name = tiddler.fields.get("name", "")
# Get the expiration time.
now = time.time()
expiration = float(tiddler.fields.get("expiry", 0))
if expiration != 0:
expiration = (expiration - now) / (24 * 60 * 60)
userinfo["country"] = country
userinfo["company"] = company
userinfo["name"] = name
userinfo["expiry"] = expiration
template = templating.get_template(environ, "user_update.html")
start_response("200 OK", [("Content-Type", "text/html"), ("Pragma", "no-cache")])
form_starter = userinfo
logging.debug("rendering with message:" + message)
return template.render(
commonVars=templating.common_vars(environ), message=message, success=success, form=form_starter
)
def test_template_route(environ, start_response):
template_name = "test_" + environ["wsgiorg.routing_args"][1]["template_file"]
if "../" in template_name:
raise HTTP404("%s invalid" % template_name)
if ".html" not in template_name:
template_name = template_name + ".html"
template = templating.get_template(environ, template_name)
start_response("200 OK", [("Content-Type", "text/html"), ("Pragma", "no-cache")])
return template.render(commonVars=templating.common_vars(environ))
def _user_form(environ, start_response, role="tier1", message="", formdata=None):
# XXX add an action argument so we can choose if we are doing tier1
# or tier2 registration
form_starter = {"name": "", "email": "", "country": "", "company": ""}
if formdata:
form_starter.update(formdata)
if role == "tier2":
template = templating.get_template(environ, "user_form.html")
else:
# XXX does additional information need to be sent in?
template = templating.get_template(environ, "index.html")
start_response("200 OK", [("Content-Type", "text/html"), ("Pragma", "no-cache")])
return template.render(commonVars=templating.common_vars(environ), message=message, form=form_starter)
def tiddler_as(self, tiddler):
# query = self.environ['tiddlyweb.query']
# try:
# success = query['success'][0]
# except:
# success = None
# commonVars = templating.getCommonVars(self.environ)
# store = self.environ['tiddlyweb.store']
# userTiddler = Tiddler(commonVars['usersign']['name'])
# userTiddler.bag = self.environ['tiddlyweb.config']['userbag_bag']
# userTiddler = store.get(userTiddler)
# userFields = userTiddler.fields
# return template.render(tiddler=tiddler, commonVars=commonVars, success=success, userFields=userFields)
template = templating.get_template(self.environ, 'challenge.html')
return template.render(tiddler=tiddler,
commonVars=templating.common_vars(self.environ))
def test_template_route(environ, start_response):
template_name = 'test_'+environ['wsgiorg.routing_args'][1]['template_file']
if '../' in template_name:
raise HTTP404('%s invalid' % template_name)
if '.html' not in template_name:
template_name = template_name + '.html'
template = templating.get_template(environ, template_name)
start_response('200 OK', [
('Content-Type', 'text/html'),
('Pragma', 'no-cache')
])
return template.render(commonVars=templating.common_vars(environ))
def _validate_and_redirect(self, environ, start_response, username,
password, redirect):
"""
Check a username and password. If valid, send a cookie
to the client. If it is not, send the form again.
"""
status = '401 Unauthorized'
try:
store = environ['tiddlyweb.store']
secret = environ['tiddlyweb.config']['secret']
cookie_age = environ['tiddlyweb.config'].get('cookie_age', None)
user = User(username)
user = store.get(user)
if user.check_password(password):
uri = '%s%s' % (server_host_url(environ), redirect)
cookie_header_string = make_cookie('tiddlyweb_user',
user.usersign, mac_key=secret,
path=self._cookie_path(environ), expires=cookie_age)
logging.debug('303 to %s', uri)
start_response('303 Other',
[('Set-Cookie', cookie_header_string),
('Location', uri.encode('utf-8')),
('Pragma', 'no-cache')])
return [uri]
except KeyError:
pass
except NoUserError:
logging.debug('NoUserError for: '+username)
template = templating.get_template(environ, 'login_form.html')
start_response(status, [
('Content-Type', 'text/html'),
('Pragma', 'no-cache')
])
return template.render(redirect=redirect,
commonVars=templating.common_vars(environ), error=True)
def challenge_post(self, environ, start_response):
"""
Respond to a POST by processing data sent from a form.
The form should include a username and password. If it
does not, send the form aagain. If it does, validate
the data.
"""
query = environ['tiddlyweb.query']
redirect = query.get('tiddlyweb_redirect', ['/'])[0]
try:
username = query['username'][0]
password = query['password'][0]
return self._validate_and_redirect(environ, start_response,
username, password, redirect)
except KeyError:
template = templating.get_template(environ, 'login_form.html')
start_response('401 Unauthorized', [
('Content-Type', 'text/html')
])
return template.render(redirect=redirect, error=True,
commonVars=templating.common_vars(environ))
def index(environ, start_response):
template = templating.get_template(environ, "index.html")
start_response("200 OK", [("Content-Type", "text/html"), ("Pragma", "no-cache")])
return template.render(commonVars=templating.common_vars(environ))
def verify(environ, start_response):
logging.debug(environ["tiddlyweb.query"])
domain = get_domain(environ["HTTP_HOST"])
try:
redirect = environ["tiddlyweb.query"]["recaptcha_redirect"][0]
except (KeyError, IndexError):
redirect = environ["HTTP_REFERER"].split("?", 1)[0]
commonVars = templating.common_vars(environ)
responseVars = {}
notSpam = False
query = environ["tiddlyweb.query"]
formErrors = []
if commonVars["usersign"]["name"] == "GUEST":
# check personal info
name = query["name"][0]
if name == "":
formErrors.append('"name"')
email = query["email"][0]
if email == "":
formErrors.append('"email"')
country = query["country"][0]
if country == "":
formErrors.append('"country"')
# check captcha
challenge_field = environ["tiddlyweb.query"]["recaptcha_challenge_field"][0]
logging.debug("challenge_field: " + challenge_field)
response_field = environ["tiddlyweb.query"]["recaptcha_response_field"][0]
logging.debug("response_field: " + response_field)
private_key = "6Ld8HAgAAAAAAAyOgYXbOtqAD1yuTaOuwP8lpzX0"
ip_addr = environ["REMOTE_ADDR"]
logging.debug("ip_addr: " + ip_addr)
resp = captcha.submit(challenge_field, response_field, private_key, ip_addr)
if resp.is_valid:
responseVars["captcha"] = 1
notSpam = True
else:
responseVars["captcha"] = 0
else:
notSpam = True
# check request-specific conditions
requestType = query["requestType"][0]
if requestType == "suggest_new":
legal_name = query["legal_name"][0]
if legal_name == "":
formErrors.append('"legal_name"')
operational_country = query["operational_country"][0]
operational_state = query["operational_state"][0]
if operational_country == "":
formErrors.append('"operational_country"')
elif operational_country == "USA" and operational_state == "":
formErrors.append('"operational_state"')
# create the formErrors url parameter if there are any
validForm = True
formErrors = ",".join(formErrors)
logging.debug("formErrors: " + formErrors)
if formErrors != "":
responseVars["formError"] = formErrors
validForm = False
# email Avox now we have determined the form is correct
if notSpam and validForm:
try:
emailAvox(query, domain=domain)
emailSuccess = 1
except KeyError as detail: # the hook for server-side validation, not being used yet (see formError usage above)
responseVars["formError"] = detail.args[0]
emailSuccess = 0
# JRL: I think the checking for captcha key is unneccessary because notSpam would be False if that key was present
if (
notSpam == False
or validForm == False
or emailSuccess == 0
or (responseVars.has_key("captcha") and responseVars["captcha"] == 0)
):
responseVars["success"] = 0
else:
responseVars["success"] = 1
# create string containing sent variables
queryVars = ""
for parameter in query:
queryVars = queryVars + "&" + parameter + "=" + url_quote(query[parameter][0], "")
redirect = redirect + "?success=" + str(responseVars["success"])
if responseVars.has_key("captcha"):
redirect = redirect + "&captcha=" + str(responseVars["captcha"])
if responseVars.has_key("formError"):
redirect = redirect + "&formError=" + responseVars["formError"]
redirect = redirect + str(queryVars)
start_response("302 Found", [("Content-Type", "text/html"), ("Location", redirect), ("Pragma", "no-cache")])
return []
def verify(environ, start_response):
logging.debug(environ['tiddlyweb.query'])
domain = get_domain(environ['HTTP_HOST'])
try:
redirect = environ['tiddlyweb.query']['recaptcha_redirect'][0]
except (KeyError, IndexError):
redirect = environ['HTTP_REFERER'].split('?', 1)[0]
commonVars = templating.common_vars(environ)
responseVars = {}
notSpam = False
query = environ['tiddlyweb.query']
formErrors = []
if commonVars['usersign']['name'] == 'GUEST':
# check personal info
name = query['name'][0]
if name == '':
formErrors.append('"name"')
email = query['email'][0]
if email == '':
formErrors.append('"email"')
country = query['country'][0]
if country == '':
formErrors.append('"country"')
# check captcha
challenge_field = environ['tiddlyweb.query']['recaptcha_challenge_field'][0]
logging.debug('challenge_field: '+challenge_field)
response_field = environ['tiddlyweb.query']['recaptcha_response_field'][0]
logging.debug('response_field: '+response_field)
private_key = "6Ld8HAgAAAAAAAyOgYXbOtqAD1yuTaOuwP8lpzX0"
ip_addr = environ['REMOTE_ADDR']
logging.debug('ip_addr: '+ip_addr)
resp = captcha.submit(challenge_field, response_field, private_key, ip_addr)
if resp.is_valid:
responseVars['captcha'] = 1
notSpam = True
else:
responseVars['captcha'] = 0
else:
notSpam = True
#check request-specific conditions
requestType = query['requestType'][0]
if requestType == 'suggest_new':
legal_name = query['legal_name'][0]
if legal_name == '':
formErrors.append('"legal_name"')
operational_country = query['operational_country'][0]
operational_state = query['operational_state'][0]
if operational_country == '':
formErrors.append('"operational_country"')
elif operational_country == 'USA' and operational_state == '':
formErrors.append('"operational_state"')
#create the formErrors url parameter if there are any
validForm = True
formErrors = ','.join(formErrors)
logging.debug('formErrors: '+formErrors)
if formErrors != '':
responseVars['formError'] = formErrors
validForm = False
# email Avox now we have determined the form is correct
if notSpam and validForm:
try:
emailAvox(query,domain=domain)
emailSuccess = 1
except KeyError as detail: # the hook for server-side validation, not being used yet (see formError usage above)
responseVars['formError'] = detail.args[0]
emailSuccess = 0
# JRL: I think the checking for captcha key is unneccessary because notSpam would be False if that key was present
if notSpam == False or validForm == False or emailSuccess == 0 or (responseVars.has_key('captcha') and responseVars['captcha'] == 0):
responseVars['success'] = 0
else:
responseVars['success'] = 1
# create string containing sent variables
queryVars = ''
for parameter in query:
queryVars = queryVars + '&' + parameter + '=' + url_quote(query[parameter][0].encode('utf-8'), '')
redirect = redirect + '?success='+str(responseVars['success'])
if responseVars.has_key('captcha'):
redirect = redirect + '&captcha='+str(responseVars['captcha'])
if responseVars.has_key('formError'):
redirect = redirect +'&formError='+responseVars['formError']
redirect = redirect + str(queryVars)
start_response('302 Found', [
('Content-Type', 'text/html'),
('Location', redirect),
('Pragma', 'no-cache')
])
return []
def tiddler_as(self, tiddler):
template = templating.get_template(self.environ, 'request.html')
return template.render(tiddler=tiddler,
commonVars=templating.common_vars(self.environ))
