def claim_user_registered(auth, node, **kwargs): """View that prompts user to enter their password in order to claim contributorship on a project. A user must be logged in. """ current_user = auth.user sign_out_url = web_url_for('auth_login', logout=True, next=request.url) if not current_user: return redirect(sign_out_url) # Logged in user should not be a contributor the project if node.is_contributor(current_user): logout_url = web_url_for('auth_logout', redirect_url=request.url) data = { 'message_short': 'Already a contributor', 'message_long': ('The logged-in user is already a contributor to this ' 'project. Would you like to <a href="{}">log out</a>?').format(logout_url) } raise HTTPError(http.BAD_REQUEST, data=data) uid, pid, token = kwargs['uid'], kwargs['pid'], kwargs['token'] unreg_user = User.load(uid) if not verify_claim_token(unreg_user, token, pid=node._primary_key): raise HTTPError(http.BAD_REQUEST) # Store the unreg_user data on the session in case the user registers # a new account session.data['unreg_user'] = { 'uid': uid, 'pid': pid, 'token': token } form = PasswordForm(request.form) if request.method == 'POST': if form.validate(): if current_user.check_password(form.password.data): node.replace_contributor(old=unreg_user, new=current_user) node.save() status.push_status_message( 'You are now a contributor to this project.', kind='success', trust=False ) return redirect(node.url) else: status.push_status_message(language.LOGIN_FAILED, kind='warning', trust=False) else: forms.push_errors_to_status(form.errors) if is_json_request(): form_ret = forms.utils.jsonify(form) user_ret = profile_utils.serialize_user(current_user, full=False) else: form_ret = form user_ret = current_user return { 'form': form_ret, 'user': user_ret, 'signOutUrl': sign_out_url }
def claim_user_registered(auth, node, **kwargs): """ View that prompts user to enter their password in order to claim being a contributor on a project. A user must be logged in. """ current_user = auth.user sign_out_url = web_url_for("auth_register", logout=True, next=request.url) if not current_user: return redirect(sign_out_url) # Logged in user should not be a contributor the project if node.is_contributor(current_user): logout_url = web_url_for("auth_logout", redirect_url=request.url) data = { "message_short": "Already a contributor", "message_long": ( "The logged-in user is already a contributor to this " 'project. Would you like to <a href="{}">log out</a>?' ).format(logout_url), } raise HTTPError(http.BAD_REQUEST, data=data) uid, pid, token = kwargs["uid"], kwargs["pid"], kwargs["token"] unreg_user = User.load(uid) if not verify_claim_token(unreg_user, token, pid=node._primary_key): error_data = { "message_short": "Invalid url.", "message_long": "The token in the URL is invalid or has expired.", } raise HTTPError(http.BAD_REQUEST, data=error_data) # Store the unreg_user data on the session in case the user registers # a new account session.data["unreg_user"] = {"uid": uid, "pid": pid, "token": token} form = PasswordForm(request.form) if request.method == "POST": if form.validate(): if current_user.check_password(form.password.data): node.replace_contributor(old=unreg_user, new=current_user) node.save() status.push_status_message("You are now a contributor to this project.", kind="success", trust=False) return redirect(node.url) else: status.push_status_message(language.LOGIN_FAILED, kind="warning", trust=False) else: forms.push_errors_to_status(form.errors) if is_json_request(): form_ret = forms.utils.jsonify(form) user_ret = profile_utils.serialize_user(current_user, full=False) else: form_ret = form user_ret = current_user return {"form": form_ret, "user": user_ret, "signOutUrl": sign_out_url}
def claim_user_registered(auth, node, **kwargs): """ View that prompts user to enter their password in order to claim being a contributor on a project. A user must be logged in. """ current_user = auth.user sign_out_url = cas.get_logout_url(service_url=cas.get_login_url( service_url=request.url)) if not current_user: return redirect(sign_out_url) # Logged in user should not be a contributor the project if hasattr(node, 'is_contributor') and node.is_contributor(current_user): data = { 'message_short': 'Already a contributor', 'message_long': ('The logged-in user is already a contributor to this ' 'project. Would you like to <a href="{}">log out</a>?' ).format(sign_out_url) } raise HTTPError(http_status.HTTP_400_BAD_REQUEST, data=data) # Logged in user is already a member of the OSF Group if hasattr(node, 'is_member') and node.is_member(current_user): data = { 'message_short': 'Already a member', 'message_long': ('The logged-in user is already a member of this OSF Group. ' 'Would you like to <a href="{}">log out</a>?' ).format(sign_out_url) } raise HTTPError(http_status.HTTP_400_BAD_REQUEST, data=data) uid, pid, token = kwargs['uid'], kwargs['pid'], kwargs['token'] unreg_user = OSFUser.load(uid) if not verify_claim_token(unreg_user, token, pid=node._primary_key): error_data = { 'message_short': 'Invalid url.', 'message_long': 'The token in the URL is invalid or has expired.' } raise HTTPError(http_status.HTTP_400_BAD_REQUEST, data=error_data) # Store the unreg_user data on the session in case the user registers # a new account session.data['unreg_user'] = {'uid': uid, 'pid': pid, 'token': token} session.save() # If a user is already validated though external auth, it is OK to claim should_claim = check_external_auth(auth.user) form = PasswordForm(request.form) if request.method == 'POST': if form.validate(): if current_user.check_password(form.password.data): should_claim = True else: status.push_status_message(language.LOGIN_FAILED, kind='warning', trust=False) else: forms.push_errors_to_status(form.errors) if should_claim: node.replace_contributor(old=unreg_user, new=current_user) node.save() if isinstance(node, OSFGroup): status.push_status_message( 'You are now a member of this OSFGroup.', kind='success', trust=False) else: status.push_status_message( 'You are now a contributor to this project.', kind='success', trust=False) return redirect(node.url) if is_json_request(): form_ret = forms.utils.jsonify(form) user_ret = profile_utils.serialize_user(current_user, full=False) else: form_ret = form user_ret = current_user return {'form': form_ret, 'user': user_ret, 'signOutUrl': sign_out_url}