def signup_post(request): dbsession = DBSession() settings = request.registry.settings form = Form(request, schema=schemas.Signup, obj=User()) if request.POST and form.validate(): if not validate_csrf(request): return HTTPUnauthorized("Not authorized") user = form.bind(User()) user.username = get_username(user.name, dbsession) user.password = func.sha1(user.password) cookie = facebook.get_user_from_cookie( request.cookies, settings["facebook.app.id"], settings["facebook.app.secret"] ) if cookie: graph = facebook.GraphAPI(cookie["access_token"]) profile = graph.get_object("me") user.fb_id = profile["id"] user.fb_profile_url = profile["link"] user.fb_access_token = cookie["access_token"] try: dbsession.add(user) dbsession.commit() headers = remember_me_header(request, user.email) redirect_url = route_url("create_profile", request) request.response_headerlist = headers return {"status": 1, "url": redirect_url} except IntegrityError: return {"errors": {"form": "Invalid Information"}} return {"errors": form.errors}
def login(request): logged_in = authenticated_userid(request) if logged_in: return HTTPFound(location=route_url("home", request)) session = DBSession() schema = schemas.Login() result = {"_csrf_": request.session.get_csrf_token()} errors = [] if request.POST: if not validate_csrf(request): return HTTPUnauthorized("Not authorized") try: form_result = schema.to_python(request.params) user = ( session.query(User) .filter(and_(User.email == form_result["email"], User.password == func.sha1(form_result["password"]))) .first() ) if user: headers = remember_me_header(request, user.email) return HTTPFound(location=route_url("home", request), headers=headers) else: errors.append("form") except validators.Invalid, e: errors = e.error_dict
def _initTestingDB(): from carvewithus.models import DBSession from carvewithus.models import Base from sqlalchemy import create_engine engine = create_engine('sqlite://') session = DBSession() session.configure(bind=engine) Base.metadata.bind = engine Base.metadata.create_all(engine) return session
def create_trip_post(request): try: dbsession = request.session["dbsession"] except KeyError: dbsession = DBSession() request.session["dbsession"] = dbsession settings = request.registry.settings form = Form(request, schema=schemas.Trip, obj=Trip()) if request.POST: if not validate_csrf(request): return HTTPUnauthorized("Not authorized") try: trip = request.session["new_trip"] except KeyError: user = get_user_from_email(authenticated_userid(request), dbsession) trip = Trip() organizer = TripMember() organizer.user = user organizer.admin = True trip.members.append(organizer) request.session["new_trip"] = trip step = request.POST["step"] if step == "1": form = Form(request, schema=schemas.TripBasic, obj=Trip()) if form.validate(): trip = form.bind(trip) return {"status": 2, "target": 2} elif step == "2": form = Form(request, schema=schemas.TripLogistics, obj=Trip()) if form.validate(): trip = bind_trip(form.schema.to_python(dict(request.params)), trip) return {"status": 2, "target": 3} elif step == "3": try: dbsession.add(trip) dbsession.commit() redirect_url = route_url("home", request) return {"status": 1, "url": redirect_url} except IntegrityError: return {"errors": {"form": "Invalid Information"}} return {"errors": form.errors}
def create_profile(request): logged_in = authenticated_userid(request) if not logged_in: return HTTPFound(location=route_url("login", request)) session = DBSession() form = Form(request, schema=schemas.CreateProfile, obj=User()) if request.POST and form.validate(): user = session.query(User).filter(User.email == logged_in).first() user = form.bind(user) session.merge(user) session.commit() return HTTPFound(location=route_url("home", request)) print form.errors return dict(user_email=logged_in, form=FormRenderer(form))