def login_noreally(request):
if "sso_token" in request.GET:
sso_token = request.GET["sso_token"]
redirect_to = request.GET["redirect_to"]
redirect_to = clean.redirect_to(redirect_to)
nick, rememberme = cache.get("sso/%s" % sso_token)
cache.delete("sso/%s" % sso_token)
actor_ref = api.actor_get(api.ROOT, nick)
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, actor_ref, rememberme)
return response
return http.HttpResponseRedirect("/login")
def login_login(request):
redirect_to = request.REQUEST.get("redirect_to", "/")
redirect_to = clean.redirect_to(redirect_to)
if request.POST:
try:
login = request.POST.get("log", None)
password = request.POST.get("pwd", None)
rememberme = request.POST.get("rememberme", None)
# TODO validate
current_user = user.lookup_user_by_login(login, password)
if current_user:
if redirect_to == "/":
redirect_to = current_user.url("/overview")
# Attempt to do some cleanup on the user if necessary
api.user_cleanup(api.ROOT, current_user.nick)
# if we aren't hosted or aren't ssl just set the cookie and go home
if not settings.HOSTED_DOMAIN_ENABLED or not settings.SSL_LOGIN_ENABLED:
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, current_user, rememberme)
return response
# otherwise, we're going to have to redirect to set the cookie on
# the proper domain
sso_token = util.generate_uuid()
cache.set("sso/%s" % sso_token, (current_user.nick, rememberme), timeout=10)
sso_url = "http://%s/login/noreally" % (settings.DOMAIN)
sso_url = util.qsa(sso_url, {"redirect_to": redirect_to, "sso_token": sso_token})
return http.HttpResponseRedirect(sso_url)
else:
raise exception.ValidationError("Invalid username or password")
except:
exception.handle_exception(request)
if request.user:
if redirect_to == "/":
redirect_to = request.user.url("/overview")
return http.HttpResponseRedirect(redirect_to)
c = template.RequestContext(request, locals())
t = loader.get_template("login.html")
return http.HttpResponse(t.render(c))
def join_join(request):
if request.user:
raise exception.AlreadyLoggedInException()
redirect_to = request.REQUEST.get("redirect_to", "/")
# get the submitted vars
nick = request.REQUEST.get("nick", "")
first_name = request.REQUEST.get("first_name", "")
last_name = request.REQUEST.get("last_name", "")
email = request.REQUEST.get("email", "")
password = request.REQUEST.get("password", "")
confirm = request.REQUEST.get("confirm", "")
hide = request.REQUEST.get("hide", "")
if request.POST:
try:
# TODO validate
params = util.query_dict_to_keywords(request.POST)
if hide:
params["privacy"] = 2
validate.email(email)
if not mail.is_allowed_to_send_email_to(email):
raise exception.ValidationError("Cannot send email to that address")
# TODO start transaction
if api.actor_lookup_email(api.ROOT, email):
raise exception.ValidationError("That email address is already associated with a member.")
actor_ref = api.user_create(api.ROOT, **params)
actor_ref.access_level = "delete"
api.post(actor_ref, nick=actor_ref.nick, message="Joined %s!" % (settings.SITE_NAME), icon="jaiku-new-user")
# send off email confirmation
api.activation_request_email(actor_ref, actor_ref.nick, email)
# TODO end transaction
welcome_url = util.qsa("/welcome", {"redirect_to": redirect_to})
# NOTE: does not provide a flash message
response = http.HttpResponseRedirect(welcome_url)
user.set_user_cookie(response, actor_ref)
return response
except:
exception.handle_exception(request)
# for legal section
legal_component = component.include("legal", "dummy_legal")
legal_html = legal_component.embed_join()
# for sidebar
sidebar_green_top = True
area = "join"
c = template.RequestContext(request, locals())
t = loader.get_template("join.html")
return http.HttpResponse(t.render(c))
def actor_settings(request, nick, page='index'):
""" just a static page that links to the rest"""
nick = clean.nick(nick)
view = api.actor_lookup_nick(api.ROOT, nick)
handled = common_views.handle_view_action(
request,
{
'activation_activate_mobile': view.url('/settings/mobile'),
'activation_request_email': view.url('/settings/email'),
'activation_request_mobile': view.url('/settings/mobile'),
'settings_change_notify': view.url('/settings/notifications'),
'settings_change_privacy': request.path,
'settings_update_account': view.url('/settings/profile'),
'actor_remove': '/logout',
#'oauth_remove_consumer': request.path,
#'oauth_remove_access_token': request.path
}
)
if handled:
return handled
# TODO(tyler/termie): This conflicts with the global settings import.
# Also, this seems fishy. Do none of the settings.* items work in templates?
import settings
# TODO(tyler): Merge this into handle_view_action, if possible
if 'password' in request.POST:
try:
validate.nonce(request, 'change_password')
password = request.POST.get('password', '')
confirm = request.POST.get('confirm', '')
validate.password_and_confirm(password, confirm, field = 'password')
api.settings_change_password(request.user, nick, password)
response = util.RedirectFlash(view.url() + '/settings/password',
'password updated')
request.user.password = password
# TODO(mikie): change when cookie-auth is changed
user.set_user_cookie(response, request.user)
return response
except:
exception.handle_exception(request)
if page == 'feeds':
try:
if not settings.FEEDS_ENABLED:
raise exception.DisabledFeatureError('Feeds are currently disabled')
except:
exception.handle_exception(request)
if page == 'photo':
redirect_to = view.url() + '/settings/photo'
handled = common_views.common_photo_upload(request, redirect_to)
if handled:
return handled
area = 'settings'
full_page = page.capitalize()
if page == 'mobile':
full_page = 'Mobile Number'
mobile = api.mobile_get_actor(request.user, request.user.nick)
sms_notify = view.extra.get('sms_notify', False)
elif page == 'im':
full_page = 'IM Address'
im_address = api.im_get_actor(request.user, view.nick)
im_notify = view.extra.get('im_notify', False)
elif page == 'index':
email = api.email_get_actor(request.user, view.nick)
email_notify = view.extra.get('email_notify', False)
im_address = api.im_get_actor(request.user, view.nick)
im_notify = view.extra.get('im_notify', False)
elif page == 'feeds':
full_page = 'Web Feeds'
elif page == 'email':
full_page = 'Email Address'
email_notify = view.extra.get('email_notify', False)
# check if we already have an email
email = api.email_get_actor(request.user, view.nick)
# otherwise look for an unconfirmed one
if not email:
unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick)
if unconfirmeds:
unconfirmed_email = unconfirmeds[0].content
elif page == 'design':
handled = common_views.common_design_update(request, nick)
if handled:
return handled
full_page = 'Look and Feel'
elif page == 'notifications':
email = api.email_get_actor(request.user, view.nick)
email_notify = view.extra.get('email_notify', False)
im_address = api.im_get_actor(request.user, view.nick)
im_notify = view.extra.get('im_notify', False)
mobile = api.mobile_get_actor(request.user, request.user.nick)
sms_notify = view.extra.get('sms_notify', False)
sms_confirm = sms_notify and not view.extra.get('sms_confirmed', False)
# TODO(termie): remove this once we can actually receive sms
sms_confirm = False
elif page == 'profile':
# check if we already have an email
email = api.email_get_actor(request.user, view.nick)
# otherwise look for an unconfirmed one
if not email:
unconfirmeds = api.activation_get_actor_email(api.ROOT, view.nick)
if unconfirmeds:
unconfirmed_email = unconfirmeds[0].content
elif page == 'photo':
avatars = display.DEFAULT_AVATARS
small_photos = api.image_get_all_keys(request.user, view.nick, size='f')
# TODO(tyler): Fix this avatar nonsense!
own_photos = [{
'path' : small_photo.key().name(),
'name' : small_photo.key().name()[len('image/'):-len('_f.jpg')],
} for small_photo in small_photos
]
elif page == 'privacy':
PRIVACY_PUBLIC = api.PRIVACY_PUBLIC
PRIVACY_CONTACTS = api.PRIVACY_CONTACTS
elif page == 'jsbadge':
full_page = 'Javascript Badges'
elif page == 'badge':
badges = [{'id': 'badge-stream',
'width': '200',
'height': '300',
'src': '%sglobal/themes/%s/badge.swf' % (settings.MEDIA_URL, settings.DEFAULT_THEME),
'title': 'Stream',
},
{'id': 'badge-map',
'width': '200',
'height': '255',
'src': '%sglobal/themes/%s/badge-map.swf' % (settings.MEDIA_URL, settings.DEFAULT_THEME),
'title': 'Map',
},
{'id': 'badge-simple',
'width': '200',
'height': '200',
'src': '%sglobal/themes/%s/badge-simple.swf' % (settings.MEDIA_URL, settings.DEFAULT_THEME),
'title': 'Simple',
},
]
elif page in ['password', 'delete']:
# Catch for remaining pages before we generate a 404.
pass
else:
return common_views.common_404(request)
# rendering
c = template.RequestContext(request, locals())
t = loader.get_template('settings_%s.html' % page)
return http.HttpResponse(t.render(c))
