def register(request): # Cannot register if logged in already if request.user.is_authenticated(): return HttpResponseRedirect(reverse('login')) # The registration form form = None # Form has been submitted if request.method == 'POST': form = RegisterForm(request.POST) # Validate the registration form if form.is_valid(): user = User.create_user(form.cleaned_data['username'], form.cleaned_data['password1']) user.first_name = form.cleaned_data['first_name'] user.last_name = form.cleaned_data['last_name'] user.is_active = False user.save() profile = UserProfile.objects.create( phone_number=form.cleaned_data['phone'], user=user) stub = RegistrationStub.objects.create(user=user) # Send confirmation email hostname = _hostname(protocol="") activate_uri = reverse('activate') activate_link = '{}{}?key={}'.format(hostname, activate_uri, stub.activationCode) email_subject = "Welcome to Obietaxi!" email_to = [form.cleaned_data['username']] msg_body = "Welcome to Obietaxi! Your account has already been created with this email address, now all you need to do is confirm your accout by clicking on the link below. If there is no link, you should copy & paste the address into your browser's address bar and navigate there.\n\n{}".format( activate_link) send_email(email_to=email_to, email_subject=email_subject, email_body=msg_body) messages.add_message( request, messages.SUCCESS, "Your account has been created. Check your email for a confirmation link to complete the registration process." ) return HttpResponseRedirect(reverse('login')) # Form needs to be rendered else: form = RegisterForm() # Render the form (possibly with errors if form did not validate) return render_to_response('register.html', locals(), context_instance=RequestContext(request))
def register( request ): # Cannot register if logged in already if request.user.is_authenticated(): return HttpResponseRedirect( reverse('login') ) # The registration form form = None # Form has been submitted if request.method == 'POST': form = RegisterForm( request.POST ) # Validate the registration form if form.is_valid(): user = User.create_user( form.cleaned_data['username'], form.cleaned_data['password1'] ) user.first_name = form.cleaned_data['first_name'] user.last_name = form.cleaned_data['last_name'] user.is_active = False user.save() profile = UserProfile.objects.create( phone_number=form.cleaned_data['phone'], user=user ) stub = RegistrationStub.objects.create( user=user ) # Send confirmation email hostname = _hostname( protocol="" ) activate_uri = reverse( 'activate' ) activate_link = '{}{}?key={}'.format( hostname, activate_uri, stub.activationCode ) email_subject = "Welcome to Obietaxi!" email_to = [form.cleaned_data['username']] msg_body = "Welcome to Obietaxi! Your account has already been created with this email address, now all you need to do is confirm your accout by clicking on the link below. If there is no link, you should copy & paste the address into your browser's address bar and navigate there.\n\n{}".format( activate_link ) send_email( email_to=email_to, email_subject=email_subject, email_body=msg_body ) messages.add_message( request, messages.SUCCESS, "Your account has been created. Check your email for a confirmation link to complete the registration process." ) return HttpResponseRedirect( reverse('login') ) # Form needs to be rendered else: form = RegisterForm() # Render the form (possibly with errors if form did not validate) return render_to_response( 'register.html', locals(), context_instance=RequestContext(request) )
def forgot_password(request): ''' if the user forgot their password renders ForgotPasswordForm, or processes it if a POST request ''' if request.method == 'POST': form = ForgotPasswordForm(request.POST) if form.is_valid(): data = form.cleaned_data # Does the user in the email field even exist? try: user = User.objects.get(username=data['username']) profile = UserProfile.objects.get(user=user) except User.DoesNotExist: return HttpResponseRedirect(reverse('main_page')) # Ok, they do. Send them an email reset_string = random_string() profile.password_reset_stub = reset_string profile.save() reset_link = '%s%s?rid=%s&uid=%s' % (_hostname(), reverse('reset_password'), reset_string, str(profile.id)) email_body = render_message( 'mongologin/static/emails/forgot_password.txt', locals()) send_email(email_to=user.username, email_body=email_body, email_subject="Reset your password") messages.add_message( request, messages.SUCCESS, "An email has been sent to you with instructions on resetting your password." ) return HttpResponseRedirect(reverse('main_page')) else: form = ForgotPasswordForm() return render_to_response('forgot_password.html', locals(), context_instance=RequestContext(request))
def forgot_password( request ): ''' if the user forgot their password renders ForgotPasswordForm, or processes it if a POST request ''' if request.method == 'POST': form = ForgotPasswordForm(request.POST) if form.is_valid(): data = form.cleaned_data # Does the user in the email field even exist? try: user = User.objects.get(username=data['username']) profile = UserProfile.objects.get(user=user) except User.DoesNotExist: return HttpResponseRedirect( reverse('main_page') ) # Ok, they do. Send them an email reset_string = random_string() profile.password_reset_stub = reset_string profile.save() reset_link = '%s%s?rid=%s&uid=%s'%( _hostname(), reverse( 'reset_password' ), reset_string, str(profile.id) ) email_body = render_message( 'mongologin/static/emails/forgot_password.txt', locals() ) send_email( email_to=user.username, email_body=email_body, email_subject="Reset your password" ) messages.add_message( request, messages.SUCCESS, "An email has been sent to you with instructions on resetting your password." ) return HttpResponseRedirect( reverse('main_page') ) else: form = ForgotPasswordForm() return render_to_response( 'forgot_password.html', locals(), context_instance=RequestContext(request) )
def login_view(request): # Login form submitted if request.method == 'POST': form = LoginForm(request.POST) if form.is_valid(): data = form.cleaned_data error_msg = '' try: user = User.objects.get(username=data['username']) if user.check_password(data['password']) and user.is_active: user.backend = 'mongoengine.django.auth.MongoEngineBackend' login(request, user) # Put profile in the session request.session['profile'] = UserProfile.objects.get( user=user) return HttpResponseRedirect(reverse('user_landing')) else: return _fail_login( request, 'invalid login (note: you must Sign in with Google if that\'s how you signed up initially)' ) except User.DoesNotExist: return _fail_login( request, 'invalid login (note: you must Sign in with Google if that\'s how you signed up initially)' ) #form = LoginForm() return render_to_response('login.html', locals(), context_instance=RequestContext(request)) # Login form needs rendering else: # if request.user.is_authenticated(): if request.user.is_authenticated(): return redirect(user_show) import urllib2 from urllib import urlencode from xml.dom import minidom from xml.parsers.expat import ExpatError ######################################## def get_endpoint(): ''' Get Google's authentication endpoint. returns the url as a string ''' # Get discovery URL try: response = urllib2.urlopen(GOOGLE_GET_ENDPOINT_URL) except urllib2.URLError: return _fail_login(request, 'could not contact Google') # Parse XML response try: parsed = minidom.parseString(response.read()) except ExpatError as error: return _fail_login( request, 'invalid response from Google: {}'.format( error.strerror())) URI = parsed.getElementsByTagName('URI') if len(URI) <= 0 or len(URI[0].childNodes) <= 0: return _fail_login( request, 'could not find Google authentication server') return URI[0].childNodes[0].toxml() ######################################## endpoint = str(get_endpoint()) params = { 'openid.mode': 'checkid_setup', 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.claimed_id': 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.identity': 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.return_to': _hostname() + reverse('google_login_success'), 'openid.realm': 'http://llovett.cs.oberlin.edu:8050', 'openid.ns.ax': 'http://openid.net/srv/ax/1.0', 'openid.ax.mode': 'fetch_request', 'openid.ax.type.email': 'http://axschema.org/contact/email', 'openid.ax.type.firstname': 'http://axschema.org/namePerson/first', 'openid.ax.type.lastname': 'http://axschema.org/namePerson/last', 'openid.ax.required': 'email,firstname,lastname' } if request.user.is_authenticated(): profile = UserProfile.objects.get(user=request.user) if profile.openid_auth_stub: params[ 'openid.assoc_handle'] = profile.openid_auth_stub.association form = LoginForm() return render_to_response('login.html', locals(), context_instance=RequestContext(request))
def login_view( request ): # Login form submitted if request.method == 'POST': form = LoginForm(request.POST) if form.is_valid(): data = form.cleaned_data error_msg = '' try: user = User.objects.get( username=data['username'] ) if user.check_password( data['password'] ) and user.is_active: user.backend = 'mongoengine.django.auth.MongoEngineBackend' login( request, user ) # Put profile in the session request.session['profile'] = UserProfile.objects.get(user=user) return HttpResponseRedirect( reverse('user_landing' ) ) else: return _fail_login( request, 'invalid login (note: you must Sign in with Google if that\'s how you signed up initially)' ) except User.DoesNotExist: return _fail_login( request, 'invalid login (note: you must Sign in with Google if that\'s how you signed up initially)' ) #form = LoginForm() return render_to_response( 'login.html', locals(), context_instance=RequestContext(request) ) # Login form needs rendering else: # if request.user.is_authenticated(): if request.user.is_authenticated(): return redirect( user_show ) import urllib2 from urllib import urlencode from xml.dom import minidom from xml.parsers.expat import ExpatError ######################################## def get_endpoint(): ''' Get Google's authentication endpoint. returns the url as a string ''' # Get discovery URL try: response = urllib2.urlopen( GOOGLE_GET_ENDPOINT_URL ) except urllib2.URLError: return _fail_login( request, 'could not contact Google' ) # Parse XML response try: parsed = minidom.parseString( response.read() ) except ExpatError as error: return _fail_login( request, 'invalid response from Google: {}'.format(error.strerror()) ) URI = parsed.getElementsByTagName( 'URI' ) if len(URI) <= 0 or len(URI[0].childNodes) <= 0: return _fail_login( request, 'could not find Google authentication server' ) return URI[0].childNodes[0].toxml() ######################################## endpoint = str( get_endpoint() ) params = { 'openid.mode' : 'checkid_setup', 'openid.ns' : 'http://specs.openid.net/auth/2.0', 'openid.claimed_id' : 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.identity' : 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.return_to' : _hostname()+reverse('google_login_success'), 'openid.realm' : 'http://llovett.cs.oberlin.edu:8050', 'openid.ns.ax' : 'http://openid.net/srv/ax/1.0', 'openid.ax.mode': 'fetch_request', 'openid.ax.type.email' : 'http://axschema.org/contact/email', 'openid.ax.type.firstname' : 'http://axschema.org/namePerson/first', 'openid.ax.type.lastname' : 'http://axschema.org/namePerson/last', 'openid.ax.required' : 'email,firstname,lastname' } if request.user.is_authenticated(): profile = UserProfile.objects.get( user=request.user ) if profile.openid_auth_stub: params['openid.assoc_handle'] = profile.openid_auth_stub.association form = LoginForm() return render_to_response( 'login.html', locals(), context_instance=RequestContext(request) )