def register(): form = RegisterForm() # Make Recaptcha optional if not (app.config.get('RECAPTCHA_PUBLIC_KEY') and app.config.get('RECAPTCHA_PRIVATE_KEY')): del form.recaptcha form.fullname.description = app.config.get('FULLNAME_REASON') form.email.description = app.config.get('EMAIL_REASON') form.username.description = app.config.get('USERNAME_REASON') if form.validate_on_submit(): user = register_internal(None, form.fullname.data, form.password.data) user.username = form.username.data or None useremail = UserEmailClaim(user=user, email=form.email.data) db.session.add(useremail) send_email_verify_link(useremail) login_internal(user) db.session.commit() flash("You are now one of us. Welcome aboard!", category='success') if 'next' in request.args: return redirect(request.args['next'], code=303) else: return redirect(url_for('index'), code=303) return render_form(form=form, title='Register an account', formid='register', submit='Register')
def profile_new(): form = ProfileNewForm(obj=g.user) form.fullname.description = app.config.get('FULLNAME_REASON') form.email.description = app.config.get('EMAIL_REASON') form.username.description = app.config.get('USERNAME_REASON') form.description.description = app.config.get('BIO_REASON') if form.validate_on_submit(): # Can't auto-populate here because user.email is read-only g.user.fullname = form.fullname.data g.user.username = form.username.data g.user.description = form.description.data if form.existing_email is None: useremail = UserEmailClaim(user=g.user, email=form.email.data) db.session.add(useremail) db.session.commit() send_email_verify_link(useremail) flash( "Your profile was successfully updated. We sent you an email to confirm your address", category='success') else: db.session.commit() flash("Your profile was successfully updated.", category='success') return render_redirect(get_next_url(), code=303) return render_form( form, title="Update profile", formid="profile_new", submit="Continue", message=u"Hello, %s. Please spare a minute to fill out your profile." % g.user.fullname, ajax=True)
def add_email(): form = NewEmailAddressForm() if form.validate_on_submit(): useremail = UserEmailClaim(user=g.user, email=form.email.data) db.session.add(useremail) db.session.commit() send_email_verify_link(useremail) flash("We sent you an email to confirm your address.", 'success') return render_redirect(url_for('profile'), code=303) return render_form(form=form, title="Add an email address", formid="email_add", submit="Add email", ajax=True)
def profile_edit(newprofile=False): form = ProfileForm(obj=g.user) form.fullname.description = app.config.get('FULLNAME_REASON') form.email.description = app.config.get('EMAIL_REASON') form.username.description = app.config.get('USERNAME_REASON') form.description.description = app.config.get('BIO_REASON') form.timezone.description = app.config.get('TIMEZONE_REASON') if g.user.email or newprofile is False: del form.email if form.validate_on_submit(): # Can't auto-populate here because user.email is read-only g.user.fullname = form.fullname.data g.user.username = form.username.data g.user.description = form.description.data g.user.timezone = form.timezone.data if newprofile and not g.user.email: useremail = UserEmailClaim(user=g.user, email=form.email.data) db.session.add(useremail) send_email_verify_link(useremail) db.session.commit() flash( "Your profile has been updated. We sent you an email to confirm your address", category='success') else: db.session.commit() flash("Your profile has been updated.", category='success') if newprofile: return render_redirect(get_next_url(), code=303) else: return render_redirect(url_for('profile'), code=303) if newprofile: return render_form( form, title="Update profile", formid="profile_new", submit="Continue", message= u"Hello, %s. Please spare a minute to fill out your profile." % g.user.fullname, ajax=True) else: return render_form(form, title="Edit profile", formid="profile_edit", submit="Save changes", ajax=True)
def login_openid_success(resp): """ Called when OpenID login succeeds """ openid = resp.identity_url if openid.startswith('https://profiles.google.com/') or openid.startswith( 'https://www.google.com/accounts/o8/id?id='): service = 'google' else: service = 'openid' extid = UserExternalId.query.filter_by(service=service, userid=openid).first() if extid is not None: login_internal(extid.user) db.session.commit() session['userid_external'] = {'service': service, 'userid': openid} flash("You are now logged in", category='success') if not extid.user.is_profile_complete(): return redirect( url_for('profile_new', next=get_next_url(session=True))) else: return redirect(get_next_url(session=True)) else: username = None if resp.email: useremail = UserEmail.query.filter_by(email=resp.email).first() if openid.startswith( 'https://profiles.google.com/') or openid.startswith( 'https://www.google.com/accounts/o8/id?id='): # Google id. Trust the email address. if useremail: # User logged in previously using a different Google OpenID endpoint # Add this new endpoint to the existing user account user = useremail.user else: # No previous record for email address, so register a new user user = register_internal( None, resp.fullname or resp.nickname or openid, None) user.add_email(resp.email, primary=True) else: # Not a Google id. Do not trust an OpenID-provided email address. # This must be treated as a claim, not as a confirmed email address. # Step 1. Make a new account user = register_internal( None, resp.fullname or resp.nickname or openid, None) # Step 2. If this email address is not already known, register a claim. # If it is an existing registered email address, ignore it. OpenID metadata # cannot be trusted; anyone can setup an OpenID server that will allow the user # to claim any email address. if not useremail: emailclaim = UserEmailClaim(user=user, email=resp.email) db.session.add(emailclaim) send_email_verify_link(emailclaim) else: # First login and no email address provided. Create a new user account user = register_internal(None, resp.fullname or resp.nickname or openid, None) # Set username for Google ids if openid.startswith('https://profiles.google.com/'): # Use profile name as username parts = openid.split('/') while not parts[-1]: parts.pop(-1) username = parts[-1] elif openid.startswith('https://www.google.com/accounts/o8/id?id='): # Use email address as username username = resp.email # Record this OpenID/Google id for the user extid = UserExternalId(user=user, service=service, userid=openid, username=username, oauth_token=None, oauth_token_secret=None) db.session.add(extid) login_internal(user) db.session.commit() session['userid_external'] = {'service': service, 'userid': openid} flash("You are now logged in.", category='success') if not user.is_profile_complete(): return redirect( url_for('profile_new', next=get_next_url(session=True))) else: return redirect(get_next_url(session=True))