def user_info_commit(context, request):
user = request.user
form = UserInfoForm(request.POST, user)
if not form.validate():
return {'form': form}
form.populate_obj(user)
if not form.display_name.data:
user.display_name = None
user.has_trivial_display_name = False
else:
user.has_trivial_display_name = (user.name ==
reduce_display_name(user.display_name))
request.session.flash(
u'Successfully updated user info.',
level=u'success')
return HTTPSeeOther(location=request.path_url)
def user_info_commit(context, request):
user = request.user
form = UserInfoForm(request.POST, user)
if not form.validate():
return {'form': form}
form.populate_obj(user)
if not form.display_name.data:
user.display_name = None
user.has_trivial_display_name = False
else:
user.has_trivial_display_name = (user.name ==
reduce_display_name(user.display_name))
request.session.flash(
u'Successfully updated user info.',
level=u'success')
return HTTPSeeOther(location=request.path_url)
def register(context, request):
def clear_pending():
request.session.pop('pending_identity_email', None)
request.session.pop('pending_identity_url', None)
request.session.pop('pending_identity_webfinger', None)
def bail():
# Abort registration; typically if the request is nonsensical
clear_pending()
request.session.flash('Your session expired. Please try logging in again.')
return HTTPSeeOther(location=request.route_url('account.login'))
# Check identity URL
identity_url = request.session.get('pending_identity_url')
identity_email = request.session.get('pending_identity_email')
openid_q = model.session.query(IdentityURL).filter_by(url=identity_url)
browserid_q = model.session.query(IdentityEmail).filter_by(email=identity_email)
# Must register against (or add) exactly one ID
if not identity_url and not identity_email:
return bail()
if identity_url and identity_email:
return bail()
# Cannot re-register an ID
if identity_url and openid_q.count():
return bail()
if identity_email and browserid_q.count():
return bail()
# display_only for use with BrowserID since it can only redirect or POST,
# not display a page directly (because it's all AJAX).
display_only = request.params.get('display_only')
if display_only:
form = RegistrationForm(email=identity_email)
else:
form = RegistrationForm(request.POST)
if display_only or not form.validate():
return render_to_response('account/register.mako', {
'form': form,
'identity_email': identity_email,
'identity_url': identity_url,
'identity_webfinger': request.session.get('pending_identity_webfinger'),
},
request=request)
# XXX waiting on auth_dev2 branch to merge to factor this out of controls
from floof.lib.helpers import reduce_display_name
if not form.display_name.data:
display_name = None
has_trivial_display_name = False
else:
display_name = form.display_name.data
has_trivial_display_name = (form.username.data ==
reduce_display_name(display_name))
# Create db records
resource = Resource(type=u'users')
discussion = Discussion(resource=resource)
user = User(
name=form.username.data,
email=form.email.data,
resource=resource,
timezone=form.timezone.data,
display_name=display_name,
has_trivial_display_name=has_trivial_display_name,
)
model.session.add_all((user, resource, discussion))
base_user = model.session.query(Role).filter_by(name=u'user').one()
user.roles.append(base_user)
if identity_url:
openid = IdentityURL(url=identity_url)
user.identity_urls.append(openid)
else:
browserid = IdentityEmail(email=identity_email)
user.identity_emails.append(browserid)
model.session.flush()
log.info('User #{0} registered: {1}'.format(user.id, user.name))
# Log 'em in
clear_pending()
auth_headers = security.forget(request)
headers = security.remember(
request, user, openid_url=identity_url,
browserid_email=identity_email)
if headers is None:
log.error("Failed to log in new registrant.") # shouldn't happen
else:
auth_headers += headers
# And off we go
return HTTPSeeOther(request.route_url('root'), headers=auth_headers)
def register(context, request):
def clear_pending():
request.session.pop('pending_identity_email', None)
request.session.pop('pending_identity_url', None)
request.session.pop('pending_identity_webfinger', None)
def bail():
# Abort registration; typically if the request is nonsensical
clear_pending()
request.session.flash('Your session expired. Please try logging in again.')
return HTTPSeeOther(location=request.route_url('account.login'))
# Check identity URL
identity_url = request.session.get('pending_identity_url')
identity_email = request.session.get('pending_identity_email')
openid_q = model.session.query(IdentityURL).filter_by(url=identity_url)
persona_q = model.session.query(IdentityEmail).filter_by(email=identity_email)
# Must register against (or add) exactly one ID
if not identity_url and not identity_email:
return bail()
if identity_url and identity_email:
return bail()
# Cannot re-register an ID
if identity_url and openid_q.count():
return bail()
if identity_email and persona_q.count():
return bail()
form = RegistrationForm(request.POST)
if request.method != 'POST' or not form.validate():
return render_to_response('account/register.mako', {
'form': form,
'identity_email': identity_email,
'identity_url': identity_url,
'identity_webfinger': request.session.get('pending_identity_webfinger'),
},
request=request)
# XXX waiting on auth_dev2 branch to merge to factor this out of controls
from floof.lib.helpers import reduce_display_name
if not form.display_name.data:
display_name = None
has_trivial_display_name = False
else:
display_name = form.display_name.data
has_trivial_display_name = (form.username.data ==
reduce_display_name(display_name))
# Create db records
resource = Resource(type=u'users')
discussion = Discussion(resource=resource)
user = User(
name=form.username.data,
email=form.email.data,
resource=resource,
timezone=form.timezone.data,
display_name=display_name,
has_trivial_display_name=has_trivial_display_name,
)
model.session.add_all((user, resource, discussion))
base_user = model.session.query(Role).filter_by(name=u'user').one()
user.roles.append(base_user)
if identity_url:
openid = IdentityURL(url=identity_url)
user.identity_urls.append(openid)
else:
persona_id = IdentityEmail(email=identity_email)
user.identity_emails.append(persona_id)
model.session.flush()
log.info('User #{0} registered: {1}'.format(user.id, user.name))
# Log 'em in
clear_pending()
auth_headers = security.forget(request)
headers = security.remember(
request, user, openid_url=identity_url,
persona_addr=identity_email)
if headers is None:
log.error("Failed to log in new registrant.") # shouldn't happen
else:
auth_headers += headers
# And off we go
return HTTPSeeOther(request.route_url('root'), headers=auth_headers)
