[mediagoblin.git] / mediagoblin / auth / views.py

# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import uuid

from mediagoblin import messages, mg_globals
from mediagoblin.db.models import User
from mediagoblin.tools.response import render_to_response, redirect, render_404
from mediagoblin.tools.translate import pass_to_ugettext as _
from mediagoblin.auth import lib as auth_lib
from mediagoblin.auth.lib import send_verification_email
import mediagoblin.auth as auth


def email_debug_message(request):
    """
    If the server is running in email debug mode (which is
    the current default), give a debug message to the user
    so that they have an idea where to find their email.
    """
    if mg_globals.app_config['email_debug_mode']:
        # DEBUG message, no need to translate
        messages.add_message(request, messages.DEBUG,
            u"This instance is running in email debug mode. "
            u"The email will be on the console of the server process.")


def register(request):
    """The registration view.

    Note that usernames will always be lowercased. Email domains are lowercased while
    the first part remains case-sensitive.
    """
    # Redirects to indexpage if registrations are disabled or no authentication
    # is enabled
    if not mg_globals.app_config["allow_registration"] or not mg_globals.app.auth:
        messages.add_message(
            request,
            messages.WARNING,
            _('Sorry, registration is disabled on this instance.'))
        return redirect(request, "index")

    register_form = auth.get_registration_form(request)

    if request.method == 'POST' and register_form.validate():
        # TODO: Make sure the user doesn't exist already
        extra_validation_passes = auth.extra_validation(register_form)

        if extra_validation_passes:
            # Create the user
            user = auth.create_user(register_form)

            # log the user in
            request.session['user_id'] = unicode(user.id)
            request.session.save()

            # send verification email
            email_debug_message(request)
            send_verification_email(user, request)

            # redirect the user to their homepage... there will be a
            # message waiting for them to verify their email
            return redirect(
                request, 'mediagoblin.user_pages.user_home',
                user=user.username)

    return render_to_response(
        request,
        'mediagoblin/auth/register.html',
        {'register_form': register_form})


def login(request):
    """
    MediaGoblin login view.

    If you provide the POST with 'next', it'll redirect to that view.
    """
    # Redirects to index page if no authentication is enabled
    if not mg_globals.app.auth:
        messages.add_message(
            request,
            messages.WARNING,
            _('Sorry, authentication is disabled on this instance.'))
        return redirect(request, 'index')

    login_form = auth.get_login_form(request)

    login_failed = False

    if request.method == 'POST':
        if login_form.validate():
            user = auth.get_user(login_form)

            if user and auth.check_login(user, login_form):
                # set up login in session
                request.session['user_id'] = unicode(user.id)
                request.session.save()

                if request.form.get('next'):
                    return redirect(request, location=request.form['next'])
                else:
                    return redirect(request, "index")

            # Some failure during login occured if we are here!
            # Prevent detecting who's on this system by testing login
            # attempt timings
            auth_lib.fake_login_attempt()
            login_failed = True

    return render_to_response(
        request,
        'mediagoblin/auth/login.html',
        {'login_form': login_form,
         'next': request.GET.get('next') or request.form.get('next'),
         'login_failed': login_failed,
         'allow_registration': mg_globals.app_config["allow_registration"]})


def logout(request):
    # Maybe deleting the user_id parameter would be enough?
    request.session.delete()

    return redirect(request, "index")


def verify_email(request):
    """
    Email verification view

    validates GET parameters against database and unlocks the user account, if
    you are lucky :)
    """
    # If we don't have userid and token parameters, we can't do anything; 404
    if not 'userid' in request.GET or not 'token' in request.GET:
        return render_404(request)

    user = User.query.filter_by(id=request.args['userid']).first()

    if user and user.verification_key == unicode(request.GET['token']):
        user.status = u'active'
        user.email_verified = True
        user.verification_key = None

        user.save()

        messages.add_message(
            request,
            messages.SUCCESS,
            _("Your email address has been verified. "
              "You may now login, edit your profile, and submit images!"))
    else:
        messages.add_message(
            request,
            messages.ERROR,
            _('The verification key or user id is incorrect'))

    return redirect(
        request, 'mediagoblin.user_pages.user_home',
        user=user.username)


def resend_activation(request):
    """
    The reactivation view

    Resend the activation email.
    """

    if request.user is None:
        messages.add_message(
            request,
            messages.ERROR,
            _('You must be logged in so we know who to send the email to!'))

        return redirect(request, 'mediagoblin.auth.login')

    if request.user.email_verified:
        messages.add_message(
            request,
            messages.ERROR,
            _("You've already verified your email address!"))

        return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])

    request.user.verification_key = unicode(uuid.uuid4())
    request.user.save()

    email_debug_message(request)
    send_verification_email(request.user, request)

    messages.add_message(
        request,
        messages.INFO,
        _('Resent your verification email.'))
    return redirect(
        request, 'mediagoblin.user_pages.user_home',
        user=request.user.username)
Commit	Line	Data
8e1e744d	1	# GNU MediaGoblin -- federated, autonomous media hosting
cf29e8a8	2	# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
24181820 CAW	3	#
	4	# This program is free software: you can redistribute it and/or modify
	5	# it under the terms of the GNU Affero General Public License as published by
	6	# the Free Software Foundation, either version 3 of the License, or
	7	# (at your option) any later version.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU Affero General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16
a77d952a CAW	17	import uuid
a77d952a CAW	18
70f8b2d0	19	from mediagoblin import messages, mg_globals
b0c8328e	20	from mediagoblin.db.models import User
152a3bfa	21	from mediagoblin.tools.response import render_to_response, redirect, render_404
a789b713	22	from mediagoblin.tools.translate import pass_to_ugettext as _
24181820	23	from mediagoblin.auth import lib as auth_lib
58460a83	24	from mediagoblin.auth.lib import send_verification_email
ee355966	25	import mediagoblin.auth as auth
58460a83	26
24181820	27
bf33272f E	28	def email_debug_message(request):
	29	"""
	30	If the server is running in email debug mode (which is
	31	the current default), give a debug message to the user
	32	so that they have an idea where to find their email.
	33	"""
	34	if mg_globals.app_config['email_debug_mode']:
	35	# DEBUG message, no need to translate
	36	messages.add_message(request, messages.DEBUG,
	37	u"This instance is running in email debug mode. "
	38	u"The email will be on the console of the server process.")
	39
	40
24181820	41	def register(request):
a89df961 SS	42	"""The registration view.
	43
	44	Note that usernames will always be lowercased. Email domains are lowercased while
	45	the first part remains case-sensitive.
24181820	46	"""
744f1c83 RE	47	# Redirects to indexpage if registrations are disabled or no authentication
	48	# is enabled
	49	if not mg_globals.app_config["allow_registration"] or not mg_globals.app.auth:
166dc91a CAW	50	messages.add_message(
	51	request,
	52	messages.WARNING,
4b1adc13	53	_('Sorry, registration is disabled on this instance.'))
13677ef9 RL	54	return redirect(request, "index")
13677ef9 RL	55
ee355966	56	register_form = auth.get_registration_form(request)
24181820 CAW	57
	58	if request.method == 'POST' and register_form.validate():
	59	# TODO: Make sure the user doesn't exist already
ee355966	60	extra_validation_passes = auth.extra_validation(register_form)
24181820	61
9f6ea475	62	if extra_validation_passes:
24181820	63	# Create the user
ee355966	64	user = auth.create_user(register_form)
0bc03620	65
f73f4c4b	66	# log the user in
5c2b8486	67	request.session['user_id'] = unicode(user.id)
f73f4c4b CAW	68	request.session.save()
	69
	70	# send verification email
bf33272f	71	email_debug_message(request)
0bc03620 CAW	72	send_verification_email(user, request)
0bc03620 CAW	73
dce5c9cb CAW	74	# redirect the user to their homepage... there will be a
dce5c9cb CAW	75	# message waiting for them to verify their email
0bc03620 CAW	76	return redirect(
0bc03620 CAW	77	request, 'mediagoblin.user_pages.user_home',
5a4e3ff1	78	user=user.username)
24181820	79
9038c9f9 CAW	80	return render_to_response(
9038c9f9 CAW	81	request,
c9c24934 E	82	'mediagoblin/auth/register.html',
c9c24934 E	83	{'register_form': register_form})
24181820 CAW	84
24181820 CAW	85
692fd1c9	86	def login(request):
a3776717	87	"""
8e1e744d	88	MediaGoblin login view.
a3776717 CAW	89
	90	If you provide the POST with 'next', it'll redirect to that view.
	91	"""
744f1c83 RE	92	# Redirects to index page if no authentication is enabled
	93	if not mg_globals.app.auth:
	94	messages.add_message(
	95	request,
	96	messages.WARNING,
	97	_('Sorry, authentication is disabled on this instance.'))
	98	return redirect(request, 'index')
	99
ee355966	100	login_form = auth.get_login_form(request)
692fd1c9	101
a3776717 CAW	102	login_failed = False
a3776717 CAW	103
69b56235 SS	104	if request.method == 'POST':
69b56235 SS	105	if login_form.validate():
ee355966	106	user = auth.get_user(login_form)
692fd1c9	107
ee355966	108	if user and auth.check_login(user, login_form):
69b56235 SS	109	# set up login in session
	110	request.session['user_id'] = unicode(user.id)
	111	request.session.save()
692fd1c9	112
69b56235 SS	113	if request.form.get('next'):
	114	return redirect(request, location=request.form['next'])
	115	else:
	116	return redirect(request, "index")
692fd1c9	117
69b56235	118	# Some failure during login occured if we are here!
692fd1c9 CAW	119	# Prevent detecting who's on this system by testing login
	120	# attempt timings
	121	auth_lib.fake_login_attempt()
a3776717	122	login_failed = True
692fd1c9	123
9038c9f9 CAW	124	return render_to_response(
9038c9f9 CAW	125	request,
c9c24934 E	126	'mediagoblin/auth/login.html',
c9c24934 E	127	{'login_form': login_form,
111a609d	128	'next': request.GET.get('next') or request.form.get('next'),
13bb1d67 RL	129	'login_failed': login_failed,
13bb1d67 RL	130	'allow_registration': mg_globals.app_config["allow_registration"]})
692fd1c9 CAW	131
	132
	133	def logout(request):
b97232fa CAW	134	# Maybe deleting the user_id parameter would be enough?
b97232fa CAW	135	request.session.delete()
7b31a11c	136
9150244a	137	return redirect(request, "index")
db1a438f	138
5866d1a8	139
db1a438f	140	def verify_email(request):
4c093e85 JW	141	"""
	142	Email verification view
	143
	144	validates GET parameters against database and unlocks the user account, if
	145	you are lucky :)
	146	"""
155f24f9	147	# If we don't have userid and token parameters, we can't do anything; 404
285ffedd	148	if not 'userid' in request.GET or not 'token' in request.GET:
de12b4e7	149	return render_404(request)
155f24f9	150
70f8b2d0	151	user = User.query.filter_by(id=request.args['userid']).first()
db1a438f	152
00bb9550	153	if user and user.verification_key == unicode(request.GET['token']):
7a3d00ec	154	user.status = u'active'
4facc7a0	155	user.email_verified = True
00bb9550	156	user.verification_key = None
daf02964	157
db1a438f	158	user.save()
daf02964	159
fe80cb06	160	messages.add_message(
7b31a11c CAW	161	request,
7b31a11c CAW	162	messages.SUCCESS,
4b1adc13 CAW	163	_("Your email address has been verified. "
4b1adc13 CAW	164	"You may now login, edit your profile, and submit images!"))
db1a438f	165	else:
4b1adc13 CAW	166	messages.add_message(
	167	request,
	168	messages.ERROR,
	169	_('The verification key or user id is incorrect'))
7b31a11c	170
269943a6 CAW	171	return redirect(
269943a6 CAW	172	request, 'mediagoblin.user_pages.user_home',
5a4e3ff1	173	user=user.username)
28afb47c	174
5866d1a8	175
b93a6a22 AM	176	def resend_activation(request):
	177	"""
	178	The reactivation view
	179
	180	Resend the activation email.
	181	"""
84a7e770	182
2fe69916	183	if request.user is None:
7903a14f AW	184	messages.add_message(
	185	request,
	186	messages.ERROR,
2fe69916	187	_('You must be logged in so we know who to send the email to!'))
dfa6994d	188
5dbeda8a	189	return redirect(request, 'mediagoblin.auth.login')
7903a14f	190
0ab21f98	191	if request.user.email_verified:
84a7e770 AW	192	messages.add_message(
	193	request,
	194	messages.ERROR,
2fe69916	195	_("You've already verified your email address!"))
dfa6994d	196
2fe69916	197	return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
84a7e770	198
00bb9550	199	request.user.verification_key = unicode(uuid.uuid4())
a77d952a	200	request.user.save()
dfa6994d	201
bf33272f	202	email_debug_message(request)
02d80437	203	send_verification_email(request.user, request)
b93a6a22	204
61927e6e CAW	205	messages.add_message(
	206	request,
	207	messages.INFO,
4b1adc13	208	_('Resent your verification email.'))
61927e6e CAW	209	return redirect(
61927e6e CAW	210	request, 'mediagoblin.user_pages.user_home',
5a4e3ff1	211	user=request.user.username)