def POST(self): # Reads the token in the HTTP request parameters token = web.input(token=None).token # Checks if the token is valid password_token = PasswordToken.get_token(token) if password_token is None or password_token.expired: raise http.Forbidden() # The fieldset is bound to the form data & the user associated with the token : the token itself is passed because it should expire when successfully used password_fieldset = user_forms.NewPasswordFieldSet(password_token).bind(password_token.user, data=web.input()) # Synchronizes the fieldset & registers a delayed login of the user (we could do it now but it's better to isolate the login process) if password_fieldset.validate(): password_fieldset.sync() http.register_hook(lambda: session.login_workflow(password_fieldset.model)) raise web.seeother("/") else: return config.views.layout(config.views.creation_form(password_fieldset))
def POST(self): # Reads the token in the HTTP request parameters token = web.input(token=None).token # Checks if the token is valid user_token = UserToken.get_token(token) if user_token is None or user_token.expired: raise http.Forbidden() # The fieldset is bound to the form data & the session : the token is passed because it contains the level user_fieldset = user_forms.NewUserFieldSet(user_token).bind(data=web.input(), session=config.orm) # Synchronizes the fieldset & registers a delayed login of the user (because the user id is not available yet) if user_fieldset.validate(): user_fieldset.sync() http.register_hook(lambda: session.login_workflow(user_fieldset.model)) raise web.seeother("/") else: return config.views.layout(config.views.creation_form(user_fieldset))
def POST(self): # Reads the token in the HTTP request parameters token = web.input(token=None).token # Checks if the token is valid user_token = UserToken.get_token(token) if user_token is None or user_token.expired: raise http.Forbidden() # The fieldset is bound to the form data & the session : the token is passed because it contains the level user_fieldset = user_forms.NewUserFieldSet(user_token).bind( data=web.input(), session=config.orm) # Synchronizes the fieldset & registers a delayed login of the user (because the user id is not available yet) if user_fieldset.validate(): user_fieldset.sync() http.register_hook( lambda: session.login_workflow(user_fieldset.model)) raise web.seeother("/") else: return config.views.layout( config.views.creation_form(user_fieldset))
def POST(self): # Reads the token in the HTTP request parameters token = web.input(token=None).token # Checks if the token is valid password_token = PasswordToken.get_token(token) if password_token is None or password_token.expired: raise http.Forbidden() # The fieldset is bound to the form data & the user associated with the token : the token itself is passed because it should expire when successfully used password_fieldset = user_forms.NewPasswordFieldSet( password_token).bind(password_token.user, data=web.input()) # Synchronizes the fieldset & registers a delayed login of the user (we could do it now but it's better to isolate the login process) if password_fieldset.validate(): password_fieldset.sync() http.register_hook( lambda: session.login_workflow(password_fieldset.model)) raise web.seeother("/") else: return config.views.layout( config.views.creation_form(password_fieldset))