def user_info_commit(context, request): user = request.user form = UserInfoForm(request.POST, user) if not form.validate(): return {'form': form} form.populate_obj(user) if not form.display_name.data: user.display_name = None user.has_trivial_display_name = False else: user.has_trivial_display_name = (user.name == reduce_display_name(user.display_name)) request.session.flash( u'Successfully updated user info.', level=u'success') return HTTPSeeOther(location=request.path_url)
def user_info_commit(context, request): user = request.user form = UserInfoForm(request.POST, user) if not form.validate(): return {'form': form} form.populate_obj(user) if not form.display_name.data: user.display_name = None user.has_trivial_display_name = False else: user.has_trivial_display_name = (user.name == reduce_display_name(user.display_name)) request.session.flash( u'Successfully updated user info.', level=u'success') return HTTPSeeOther(location=request.path_url)
def register(context, request): def clear_pending(): request.session.pop('pending_identity_email', None) request.session.pop('pending_identity_url', None) request.session.pop('pending_identity_webfinger', None) def bail(): # Abort registration; typically if the request is nonsensical clear_pending() request.session.flash('Your session expired. Please try logging in again.') return HTTPSeeOther(location=request.route_url('account.login')) # Check identity URL identity_url = request.session.get('pending_identity_url') identity_email = request.session.get('pending_identity_email') openid_q = model.session.query(IdentityURL).filter_by(url=identity_url) browserid_q = model.session.query(IdentityEmail).filter_by(email=identity_email) # Must register against (or add) exactly one ID if not identity_url and not identity_email: return bail() if identity_url and identity_email: return bail() # Cannot re-register an ID if identity_url and openid_q.count(): return bail() if identity_email and browserid_q.count(): return bail() # display_only for use with BrowserID since it can only redirect or POST, # not display a page directly (because it's all AJAX). display_only = request.params.get('display_only') if display_only: form = RegistrationForm(email=identity_email) else: form = RegistrationForm(request.POST) if display_only or not form.validate(): return render_to_response('account/register.mako', { 'form': form, 'identity_email': identity_email, 'identity_url': identity_url, 'identity_webfinger': request.session.get('pending_identity_webfinger'), }, request=request) # XXX waiting on auth_dev2 branch to merge to factor this out of controls from floof.lib.helpers import reduce_display_name if not form.display_name.data: display_name = None has_trivial_display_name = False else: display_name = form.display_name.data has_trivial_display_name = (form.username.data == reduce_display_name(display_name)) # Create db records resource = Resource(type=u'users') discussion = Discussion(resource=resource) user = User( name=form.username.data, email=form.email.data, resource=resource, timezone=form.timezone.data, display_name=display_name, has_trivial_display_name=has_trivial_display_name, ) model.session.add_all((user, resource, discussion)) base_user = model.session.query(Role).filter_by(name=u'user').one() user.roles.append(base_user) if identity_url: openid = IdentityURL(url=identity_url) user.identity_urls.append(openid) else: browserid = IdentityEmail(email=identity_email) user.identity_emails.append(browserid) model.session.flush() log.info('User #{0} registered: {1}'.format(user.id, user.name)) # Log 'em in clear_pending() auth_headers = security.forget(request) headers = security.remember( request, user, openid_url=identity_url, browserid_email=identity_email) if headers is None: log.error("Failed to log in new registrant.") # shouldn't happen else: auth_headers += headers # And off we go return HTTPSeeOther(request.route_url('root'), headers=auth_headers)
def register(context, request): def clear_pending(): request.session.pop('pending_identity_email', None) request.session.pop('pending_identity_url', None) request.session.pop('pending_identity_webfinger', None) def bail(): # Abort registration; typically if the request is nonsensical clear_pending() request.session.flash('Your session expired. Please try logging in again.') return HTTPSeeOther(location=request.route_url('account.login')) # Check identity URL identity_url = request.session.get('pending_identity_url') identity_email = request.session.get('pending_identity_email') openid_q = model.session.query(IdentityURL).filter_by(url=identity_url) persona_q = model.session.query(IdentityEmail).filter_by(email=identity_email) # Must register against (or add) exactly one ID if not identity_url and not identity_email: return bail() if identity_url and identity_email: return bail() # Cannot re-register an ID if identity_url and openid_q.count(): return bail() if identity_email and persona_q.count(): return bail() form = RegistrationForm(request.POST) if request.method != 'POST' or not form.validate(): return render_to_response('account/register.mako', { 'form': form, 'identity_email': identity_email, 'identity_url': identity_url, 'identity_webfinger': request.session.get('pending_identity_webfinger'), }, request=request) # XXX waiting on auth_dev2 branch to merge to factor this out of controls from floof.lib.helpers import reduce_display_name if not form.display_name.data: display_name = None has_trivial_display_name = False else: display_name = form.display_name.data has_trivial_display_name = (form.username.data == reduce_display_name(display_name)) # Create db records resource = Resource(type=u'users') discussion = Discussion(resource=resource) user = User( name=form.username.data, email=form.email.data, resource=resource, timezone=form.timezone.data, display_name=display_name, has_trivial_display_name=has_trivial_display_name, ) model.session.add_all((user, resource, discussion)) base_user = model.session.query(Role).filter_by(name=u'user').one() user.roles.append(base_user) if identity_url: openid = IdentityURL(url=identity_url) user.identity_urls.append(openid) else: persona_id = IdentityEmail(email=identity_email) user.identity_emails.append(persona_id) model.session.flush() log.info('User #{0} registered: {1}'.format(user.id, user.name)) # Log 'em in clear_pending() auth_headers = security.forget(request) headers = security.remember( request, user, openid_url=identity_url, persona_addr=identity_email) if headers is None: log.error("Failed to log in new registrant.") # shouldn't happen else: auth_headers += headers # And off we go return HTTPSeeOther(request.route_url('root'), headers=auth_headers)