def signup_post(request):
dbsession = DBSession()
settings = request.registry.settings
form = Form(request, schema=schemas.Signup, obj=User())
if request.POST and form.validate():
if not validate_csrf(request):
return HTTPUnauthorized("Not authorized")
user = form.bind(User())
user.username = get_username(user.name, dbsession)
user.password = func.sha1(user.password)
cookie = facebook.get_user_from_cookie(
request.cookies, settings["facebook.app.id"], settings["facebook.app.secret"]
)
if cookie:
graph = facebook.GraphAPI(cookie["access_token"])
profile = graph.get_object("me")
user.fb_id = profile["id"]
user.fb_profile_url = profile["link"]
user.fb_access_token = cookie["access_token"]
try:
dbsession.add(user)
dbsession.commit()
headers = remember_me_header(request, user.email)
redirect_url = route_url("create_profile", request)
request.response_headerlist = headers
return {"status": 1, "url": redirect_url}
except IntegrityError:
return {"errors": {"form": "Invalid Information"}}
return {"errors": form.errors}
def login(request):
logged_in = authenticated_userid(request)
if logged_in:
return HTTPFound(location=route_url("home", request))
session = DBSession()
schema = schemas.Login()
result = {"_csrf_": request.session.get_csrf_token()}
errors = []
if request.POST:
if not validate_csrf(request):
return HTTPUnauthorized("Not authorized")
try:
form_result = schema.to_python(request.params)
user = (
session.query(User)
.filter(and_(User.email == form_result["email"], User.password == func.sha1(form_result["password"])))
.first()
)
if user:
headers = remember_me_header(request, user.email)
return HTTPFound(location=route_url("home", request), headers=headers)
else:
errors.append("form")
except validators.Invalid, e:
errors = e.error_dict
def _initTestingDB():
from carvewithus.models import DBSession
from carvewithus.models import Base
from sqlalchemy import create_engine
engine = create_engine('sqlite://')
session = DBSession()
session.configure(bind=engine)
Base.metadata.bind = engine
Base.metadata.create_all(engine)
return session
def create_trip_post(request):
try:
dbsession = request.session["dbsession"]
except KeyError:
dbsession = DBSession()
request.session["dbsession"] = dbsession
settings = request.registry.settings
form = Form(request, schema=schemas.Trip, obj=Trip())
if request.POST:
if not validate_csrf(request):
return HTTPUnauthorized("Not authorized")
try:
trip = request.session["new_trip"]
except KeyError:
user = get_user_from_email(authenticated_userid(request), dbsession)
trip = Trip()
organizer = TripMember()
organizer.user = user
organizer.admin = True
trip.members.append(organizer)
request.session["new_trip"] = trip
step = request.POST["step"]
if step == "1":
form = Form(request, schema=schemas.TripBasic, obj=Trip())
if form.validate():
trip = form.bind(trip)
return {"status": 2, "target": 2}
elif step == "2":
form = Form(request, schema=schemas.TripLogistics, obj=Trip())
if form.validate():
trip = bind_trip(form.schema.to_python(dict(request.params)), trip)
return {"status": 2, "target": 3}
elif step == "3":
try:
dbsession.add(trip)
dbsession.commit()
redirect_url = route_url("home", request)
return {"status": 1, "url": redirect_url}
except IntegrityError:
return {"errors": {"form": "Invalid Information"}}
return {"errors": form.errors}
def create_profile(request):
logged_in = authenticated_userid(request)
if not logged_in:
return HTTPFound(location=route_url("login", request))
session = DBSession()
form = Form(request, schema=schemas.CreateProfile, obj=User())
if request.POST and form.validate():
user = session.query(User).filter(User.email == logged_in).first()
user = form.bind(user)
session.merge(user)
session.commit()
return HTTPFound(location=route_url("home", request))
print form.errors
return dict(user_email=logged_in, form=FormRenderer(form))
