def age(self, bday, today):
""" shorthand for calling get_age with strings. """
def d(s):
return datetime.datetime.strptime(s, "%Y-%m-%d").date()
return get_age(d(bday), today=d(today))
def post(self):
"""Handle registration request on our site.
Note that new users can still be created via PostLogin if the user
signs in via Google/FB for the first time - this is for the
explicit registration via our own services.
"""
values = {
'birthdate': self.request_string('birthdate', default=None),
'email': self.request_string('email', default=None),
}
errors = {}
# Under-13 check (note the JavaScript on our form should never really
# send an invalid date, but just to make sure...)
birthdate = None
if values['birthdate']:
try:
birthdate = datetime.datetime.strptime(values['birthdate'],
'%Y-%m-%d')
birthdate = birthdate.date()
except ValueError:
errors['birthdate'] = "Invalid birthdate"
else:
errors['birthdate'] = "Birthdate required"
if birthdate and age_util.get_age(birthdate) < 13:
# We don't yet allow under13 users. We need to lock them out now,
# unfortunately. Set an under-13 cookie so they can't try again.
Logout.delete_all_identifying_cookies(self)
auth.cookies.set_under13_cookie(self)
self.render_json({"under13": True})
return
existing_google_user_detected = False
resend_detected = False
if values['email']:
email = values['email']
# Perform loose validation - we can't actually know if this is
# valid until we send an e-mail.
if not _email_re.search(email):
errors['email'] = "That email appears to be invalid."
else:
existing = UserData.get_from_user_input_email(email)
if existing is not None:
if existing.has_password():
# TODO(benkomalo): do something nicer and maybe ask the
# user to try and login with that e-mail?
errors['email'] = "Oops. There's already an account with that e-mail."
else:
existing_google_user_detected = True
logging.warn("User tried to register with password, "
"but has an account w/ Google login")
else:
# No full user account detected, but have they tried to
# signup before and still haven't verified their e-mail?
existing = user_models.UnverifiedUser.get_for_value(email)
resend_detected = existing is not None
else:
errors['email'] = "Please enter your email."
if existing_google_user_detected:
# TODO(benkomalo): just deny signing up with username/password for
# existing users with a Google login. In the future, we can show
# a message to ask them to sign in with their Google login
errors['email'] = (
"There is already an account with that e-mail. " +
"If it's yours, sign in with Google below.")
if len(errors) > 0:
self.render_json({'errors': errors})
return
# Success!
unverified_user = user_models.UnverifiedUser.get_or_insert_for_value(
email,
birthdate)
Signup.send_verification_email(unverified_user)
response_json = {
'success': True,
'email': email,
'resend_detected': resend_detected,
}
if App.is_dev_server:
# Send down the verification token so the client can easily
# create a link to test with.
response_json['token'] = unverified_user.randstring
# TODO(benkomalo): since users are now blocked from further access
# due to requiring verification of e-mail, we need to do something
# about migrating phantom data (we can store the phantom id in
# the UnverifiedUser object and migrate after they finish
# registering, for example)
self.render_json(response_json, camel_cased=True)
def post(self):
"""Handle registration request on our site.
Note that new users can still be created via PostLogin if the user
signs in via Google/FB for the first time - this is for the
explicit registration via our own services.
"""
values = {
'birthdate': self.request_string('birthdate', default=None),
'email': self.request_string('email', default=None),
}
errors = {}
# Under-13 check (note the JavaScript on our form should never really
# send an invalid date, but just to make sure...)
birthdate = None
if values['birthdate']:
try:
birthdate = datetime.datetime.strptime(values['birthdate'],
'%Y-%m-%d')
birthdate = birthdate.date()
except ValueError:
errors['birthdate'] = "Invalid birthdate"
else:
errors['birthdate'] = "Birthdate required"
if birthdate and age_util.get_age(birthdate) < 13:
# We don't yet allow under13 users. We need to lock them out now,
# unfortunately. Set an under-13 cookie so they can't try again.
Logout.delete_all_identifying_cookies(self)
auth.cookies.set_under13_cookie(self)
self.render_json({"under13": True})
return
existing_google_user_detected = False
resend_detected = False
if values['email']:
email = values['email']
# Perform loose validation - we can't actually know if this is
# valid until we send an e-mail.
if not _email_re.search(email):
errors['email'] = "That email appears to be invalid."
else:
existing = UserData.get_from_user_input_email(email)
if existing is not None:
if existing.has_password():
# TODO(benkomalo): do something nicer and maybe ask the
# user to try and login with that e-mail?
errors[
'email'] = "Oops. There's already an account with that e-mail."
else:
existing_google_user_detected = True
logging.warn("User tried to register with password, "
"but has an account w/ Google login")
else:
# No full user account detected, but have they tried to
# signup before and still haven't verified their e-mail?
existing = user_models.UnverifiedUser.get_for_value(email)
resend_detected = existing is not None
else:
errors['email'] = "Please enter your email."
if existing_google_user_detected:
# TODO(benkomalo): just deny signing up with username/password for
# existing users with a Google login. In the future, we can show
# a message to ask them to sign in with their Google login
errors['email'] = (
"There is already an account with that e-mail. " +
"If it's yours, sign in with Google below.")
if len(errors) > 0:
self.render_json({'errors': errors})
return
# Success!
unverified_user = user_models.UnverifiedUser.get_or_insert_for_value(
email, birthdate)
Signup.send_verification_email(unverified_user)
response_json = {
'success': True,
'email': email,
'resend_detected': resend_detected,
}
if App.is_dev_server:
# Send down the verification token so the client can easily
# create a link to test with.
response_json['token'] = unverified_user.randstring
# TODO(benkomalo): since users are now blocked from further access
# due to requiring verification of e-mail, we need to do something
# about migrating phantom data (we can store the phantom id in
# the UnverifiedUser object and migrate after they finish
# registering, for example)
self.render_json(response_json, camel_cased=True)