def get(self):
""" Corresponds to /login """
# Make sure user isn't logged in already
if self.logged_in():
return self.redirect("/")
# Need to log in
try:
secret_key = self.request.GET['secret_key']
except KeyError:
secret_key = None
if secret_key is not None:
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey() and not User.admin_exists():
return self.redirect('/register?secret_key={0}'.format(secret_key))
elif secret_key_attempt.isEqualToAdminKey() and User.admin_exists() and SingleMultiUserMode.is_single_user_mode():
# Single user mode, login user and forward to / page
user_subobj = self.auth.store.user_model.get_by_auth_id(User.get_admin_user_id())
user = self.auth.store.user_to_dict(user_subobj)
self.auth.set_session(user)
return self.redirect('/')
# Normal user login
if SingleMultiUserMode.is_single_user_mode() or not User.admin_exists():
self.render_response('login_disabled.html')
else:
self.render_response('login.html')
def get(self):
""" Corresponds to /login """
# Make sure user isn't logged in already
if self.logged_in():
return self.redirect("/")
# Need to log in
try:
secret_key = self.request.GET['secret_key']
except KeyError:
secret_key = None
if secret_key is not None:
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey(
) and not User.admin_exists():
return self.redirect(
'/register?secret_key={0}'.format(secret_key))
elif secret_key_attempt.isEqualToAdminKey() and User.admin_exists(
) and SingleMultiUserMode.is_single_user_mode():
# Single user mode, login user and forward to / page
user_subobj = self.auth.store.user_model.get_by_auth_id(
User.get_admin_user_id())
user = self.auth.store.user_to_dict(user_subobj)
self.auth.set_session(user)
return self.redirect('/')
# Normal user login
if SingleMultiUserMode.is_single_user_mode(
) or not User.admin_exists():
self.render_response('login_disabled.html')
else:
self.render_response('login.html')
def get(self):
""" Corresponds to /login """
# Make sure user isn't logged in already
if self.logged_in():
return self.redirect("/")
# Need to log in
try:
secret_key = self.request.GET['secret_key']
except KeyError:
secret_key = None
if secret_key is not None:
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey() and not User.admin_exists():
return self.redirect('/register?secret_key={0}'.format(secret_key))
else:
# Unauthorized secret key query string param, just ignore it completely...
pass
self.render_response('login.html')
def get(self):
""" Corresponds to /login """
# Make sure user isn't logged in already
if self.logged_in():
return self.redirect("/")
# Need to log in
try:
secret_key = self.request.GET['secret_key']
except KeyError:
secret_key = None
if secret_key is not None:
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey() and not User.admin_exists():
return self.redirect('/register?secret_key={0}'.format(secret_key))
else:
# Unauthorized secret key query string param, just ignore it completely...
pass
self.render_response('login.html')
def post(self):
'''
This is where user registration takes place, both for regular users as well as admins.
An admin registers by presenting a secret token in the query string, which will be sent with the
POST data.
A user can register only if they have been approved by the admin, i.e. they are in the approved_users
list (see admin.py).
'''
logging.info(self.request.POST)
try:
secret_key = self.request.POST['secret_key']
except KeyError:
secret_key = None
if secret_key is None:
# Normal user registration
logging.info('Registering a normal user...')
user_email = self.request.POST['email']
# Just an email address here, we should first make sure they havent been approved
pending_users_list = PendingUsersList.shared_list()
# Now add to approval waitlist
if pending_users_list.is_user_approved(user_email):
success = True
approved = True
elif pending_users_list.user_exists(user_email):
success = True
approved = False
else:
success = pending_users_list.add_user_to_approval_waitlist(user_email)
approved = False
if success:
# Then create the user
_attrs = {
'email_address': user_email,
'name': self.request.POST['name'],
'password_raw': self.request.POST['password']
}
success, user = self.auth.store.user_model.create_user(user_email, **_attrs)
if success:
if approved:
context = {
'success_alert': True,
'alert_message': 'Account creation successful! Your account is approved and you can log in immediately.'
}
else:
context = {
'success_alert': True,
'alert_message': 'Account creation successful! Once an admin has approved your account, you can login.'
}
return self.render_response('login.html', **context)
else:
logging.info("Acount registration failed for: {0}".format(user))
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html', **context)
else:
context = {
'error_alert': True,
'alert_message': 'You have already requested an account.'
}
return self.render_response('login.html', **context)
else:
# Attempt to create an admin user
logging.info('Registering an admin user...')
# Check the secret key again
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey():
# Then we can attempt to create an admin
if User.admin_exists():
logging.info("Admin already exists...")
# Delete the token from the DB and redirect to login, only one admin allowed
SecretKey.clear_stored_key()
return self.redirect('/login')
else:
# CREATE THE ADMIN ALREADY
_attrs = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'password_raw': self.request.POST['password'],
'is_admin': 'YES'
}
success, user = self.auth.store.user_model.create_user(_attrs['email_address'], **_attrs)
if success:
# Invalidate the token
SecretKey.clear_stored_key()
context = {
'success_alert': True,
'alert_message': 'Account creation successful! You may now log in with your new account.'
}
return self.render_response('login.html', **context)
else:
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html', **context)
else:
# Unauthorized secret key
context = {
'error_alert': True,
'alert_message': 'Invalid secret token.'
}
return self.render_response('login.html', **context)
def post(self):
'''
This is where user registration takes place, both for regular users as well as admins.
An admin registers by presenting a secret token in the query string, which will be sent with the
POST data.
A user can register only if they have been approved by the admin, i.e. they are in the approved_users
list (see admin.py).
'''
try:
secret_key = self.request.POST['secret_key']
except KeyError:
secret_key = None
if secret_key is None:
# Normal user registration
logging.info('Registering a normal user...')
user_email = self.request.POST['email']
# Just an email address here, we should first make sure they havent been approved
pending_users_list = PendingUsersList.shared_list()
# Now add to approval waitlist
if pending_users_list.is_user_approved(user_email):
success = True
approved = True
elif pending_users_list.user_exists(user_email):
success = True
approved = False
else:
success = pending_users_list.add_user_to_approval_waitlist(
user_email)
approved = False
if success:
# Then create the user
_attrs = {
'email_address': user_email,
'name': self.request.POST['name'],
'password_raw': self.request.POST['password']
}
success, user = self.auth.store.user_model.create_user(
user_email, **_attrs)
if success:
if approved:
context = {
'success_alert':
True,
'alert_message':
'Account creation successful! Your account is approved and you can log in immediately.'
}
else:
context = {
'success_alert':
True,
'alert_message':
'Account creation successful! Once an admin has approved your account, you can login.'
}
return self.render_response('login.html', **context)
else:
logging.info(
"Acount registration failed for: {0}".format(user))
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html',
**context)
else:
context = {
'error_alert': True,
'alert_message': 'You have already requested an account.'
}
return self.render_response('login.html', **context)
else:
# Attempt to create an admin user
logging.info('Registering an admin user...')
# Check the secret key again
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey():
# Then we can attempt to create an admin
if User.admin_exists():
logging.info("Admin already exists...")
# Delete the token from the DB and redirect to login, only one admin allowed
SecretKey.clear_stored_key()
return self.redirect('/login')
else:
# CREATE THE ADMIN ALREADY
_attrs = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'password_raw': self.request.POST['password'],
'is_admin': 'YES'
}
success, user = self.auth.store.user_model.create_user(
_attrs['email_address'], **_attrs)
if success:
# Invalidate the token
SecretKey.clear_stored_key()
context = {
'success_alert':
True,
'alert_message':
'Account creation successful! You may now log in with your new account.'
}
return self.render_response('login.html', **context)
else:
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html',
**context)
else:
# Unauthorized secret key
context = {
'error_alert': True,
'alert_message': 'Invalid secret token.'
}
return self.render_response('login.html', **context)
def post(self):
'''
This is where user registration takes place, both for regular users as well as admins.
An admin registers by presenting a secret token in the query string, which will be sent with the
POST data.
A user can register only if they have been approved by the admin, i.e. they are in the approved_users
list (see admin.py).
'''
try:
secret_key = self.request.POST['secret_key']
except KeyError:
secret_key = None
if secret_key is None:
# Normal user registration
logging.info('Registering a normal user...')
user_email = self.request.POST['email']
# Just an email address here, we should first make sure they have not been approved
pending_users_list = PendingUsersList.shared_list()
# If the user does not exist, we create it.
if not bool(User.get_by_auth_id(user_email)):
_attrs = {
'email_address': user_email,
'name': self.request.POST['name'],
'password_raw': self.request.POST['password'],
'verified': False
}
success, user = self.auth.store.user_model.create_user(user_email, **_attrs)
if success:
# check if user is preapproved
if pending_users_list.is_user_approved(user_email):
success = True
approved = True
# Has the user been preapproved? If so, we just verify it.
user.verified = True
user.put()
else:
success = pending_users_list.add_user_to_approval_waitlist(user_email)
approved = False
if success:
if approved or (not pending_users_list.email_verification_required and not pending_users_list.admin_approval_required):
context = {
'success_alert': True,
'alert_message': 'Account creation successful! Your account is approved and you can log in immediately.'
}
elif pending_users_list.email_verification_required:
# Create a signup token for the user and send a verification email
token = str(uuid.uuid4())
user.signup_token = token
user.signup_token_time_created=None
user.put()
EmailConfig.send_verification_email(user_email, token)
context = {
'success_alert': True,
'alert_message': 'Account creation successful! You will recieve a verification email, please follow the instructions to activate your account.'
}
elif pending_users_list.admin_approval_required:
context = {
'success_alert': True,
'alert_message': 'Account creation successful! Once an admin has approved your account, you can login.'
}
return self.render_response('login.html', **context)
logging.info("Account registration failed for: {0}".format(user))
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html', **context)
else:
context = {
'error_alert': True,
'alert_message': 'You have already requested an account.'
}
return self.render_response('login.html', **context)
else:
# Attempt to create an admin user
logging.info('Registering an admin user...')
# Check the secret key again
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey():
# Then we can attempt to create an admin
if User.admin_exists():
logging.info("Admin already exists...")
# Redirect to login, only one admin allowed
return self.redirect('/login?secret_key={0}'.format(secret_key))
else:
# CREATE THE ADMIN ALREADY
_attrs = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'password_raw': self.request.POST['password'],
'is_admin': 'YES',
'verified': True
}
success, user = self.auth.store.user_model.create_user(_attrs['email_address'], **_attrs)
if success:
# Invalidate the token
SecretKey.clear_stored_key()
if 'user_mode' in self.request.POST:
if self.request.POST['user_mode'] == 'single':
logging.info("UserRegistrationPage: user_mode set to single")
SingleMultiUserMode.set_single_user_mode()
elif self.request.POST['user_mode'] == 'multi':
logging.info("UserRegistrationPage: user_mode set to multi")
SingleMultiUserMode.set_multi_user_mode()
else:
logging.info("UserRegistrationPage: unknown user_mode {0}".format(self.request.POST['user_mode']))
else:
logging.info("UserRegistrationPage: user_mode not set")
return self.redirect('/login?secret_key={0}'.format(secret_key))
else:
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html', **context)
else:
# Unauthorized secret key
context = {
'error_alert': True,
'alert_message': 'Invalid secret token.'
}
return self.render_response('login.html', **context)
def post(self):
'''
This is where user registration takes place, both for regular users as well as admins.
An admin registers by presenting a secret token in the query string, which will be sent with the
POST data.
A user can register only if they have been approved by the admin, i.e. they are in the approved_users
list (see admin.py).
'''
try:
secret_key = self.request.POST['secret_key']
except KeyError:
secret_key = None
if secret_key is None:
# Normal user registration
logging.info('Registering a normal user...')
user_email = self.request.POST['email']
# Just an email address here, we should first make sure they have not been approved
pending_users_list = PendingUsersList.shared_list()
# If the user does not exist, we create it.
if not bool(User.get_by_auth_id(user_email)):
_attrs = {
'email_address': user_email,
'name': self.request.POST['name'],
'password_raw': self.request.POST['password'],
'verified': False
}
success, user = self.auth.store.user_model.create_user(
user_email, **_attrs)
if success:
# check if user is preapproved
if pending_users_list.is_user_approved(user_email):
success = True
approved = True
# Has the user been preapproved? If so, we just verify it.
user.verified = True
user.put()
else:
success = pending_users_list.add_user_to_approval_waitlist(
user_email)
approved = False
if success:
if approved or (
not pending_users_list.email_verification_required
and
not pending_users_list.admin_approval_required):
context = {
'success_alert':
True,
'alert_message':
'Account creation successful! Your account is approved and you can log in immediately.'
}
elif pending_users_list.email_verification_required:
# Create a signup token for the user and send a verification email
token = str(uuid.uuid4())
user.signup_token = token
user.signup_token_time_created = None
user.put()
EmailConfig.send_verification_email(user_email, token)
context = {
'success_alert':
True,
'alert_message':
'Account creation successful! You will recieve a verification email, please follow the instructions to activate your account.'
}
elif pending_users_list.admin_approval_required:
context = {
'success_alert':
True,
'alert_message':
'Account creation successful! Once an admin has approved your account, you can login.'
}
return self.render_response('login.html', **context)
logging.info(
"Account registration failed for: {0}".format(user))
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html',
**context)
else:
context = {
'error_alert': True,
'alert_message': 'You have already requested an account.'
}
return self.render_response('login.html', **context)
else:
# Attempt to create an admin user
logging.info('Registering an admin user...')
# Check the secret key again
secret_key_attempt = SecretKey(key_string=secret_key)
if secret_key_attempt.isEqualToAdminKey():
# Then we can attempt to create an admin
if User.admin_exists():
logging.info("Admin already exists...")
# Redirect to login, only one admin allowed
return self.redirect(
'/login?secret_key={0}'.format(secret_key))
else:
# CREATE THE ADMIN ALREADY
_attrs = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'password_raw': self.request.POST['password'],
'is_admin': 'YES',
'verified': True
}
success, user = self.auth.store.user_model.create_user(
_attrs['email_address'], **_attrs)
if success:
# Invalidate the token
SecretKey.clear_stored_key()
if 'user_mode' in self.request.POST:
if self.request.POST['user_mode'] == 'single':
logging.info(
"UserRegistrationPage: user_mode set to single"
)
SingleMultiUserMode.set_single_user_mode()
elif self.request.POST['user_mode'] == 'multi':
logging.info(
"UserRegistrationPage: user_mode set to multi"
)
SingleMultiUserMode.set_multi_user_mode()
else:
logging.info(
"UserRegistrationPage: unknown user_mode {0}"
.format(self.request.POST['user_mode']))
else:
logging.info(
"UserRegistrationPage: user_mode not set")
return self.redirect(
'/login?secret_key={0}'.format(secret_key))
else:
context = {
'email_address': self.request.POST['email'],
'name': self.request.POST['name'],
'user_registration_failed': True
}
return self.render_response('user_registration.html',
**context)
else:
# Unauthorized secret key
context = {
'error_alert': True,
'alert_message': 'Invalid secret token.'
}
return self.render_response('login.html', **context)
