Commit | Line | Data |
---|---|---|
8e1e744d | 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
cf29e8a8 | 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
24181820 CAW |
3 | # |
4 | # This program is free software: you can redistribute it and/or modify | |
5 | # it under the terms of the GNU Affero General Public License as published by | |
6 | # the Free Software Foundation, either version 3 of the License, or | |
7 | # (at your option) any later version. | |
8 | # | |
9 | # This program is distributed in the hope that it will be useful, | |
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | # GNU Affero General Public License for more details. | |
13 | # | |
14 | # You should have received a copy of the GNU Affero General Public License | |
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
16 | ||
a77d952a CAW |
17 | import uuid |
18 | ||
70f8b2d0 | 19 | from mediagoblin import messages, mg_globals |
b0c8328e | 20 | from mediagoblin.db.models import User |
152a3bfa | 21 | from mediagoblin.tools.response import render_to_response, redirect, render_404 |
a789b713 | 22 | from mediagoblin.tools.translate import pass_to_ugettext as _ |
24181820 | 23 | from mediagoblin.auth import lib as auth_lib |
58460a83 | 24 | from mediagoblin.auth.lib import send_verification_email |
ee355966 | 25 | import mediagoblin.auth as auth |
58460a83 | 26 | |
24181820 | 27 | |
bf33272f E |
28 | def email_debug_message(request): |
29 | """ | |
30 | If the server is running in email debug mode (which is | |
31 | the current default), give a debug message to the user | |
32 | so that they have an idea where to find their email. | |
33 | """ | |
34 | if mg_globals.app_config['email_debug_mode']: | |
35 | # DEBUG message, no need to translate | |
36 | messages.add_message(request, messages.DEBUG, | |
37 | u"This instance is running in email debug mode. " | |
38 | u"The email will be on the console of the server process.") | |
39 | ||
40 | ||
24181820 | 41 | def register(request): |
a89df961 SS |
42 | """The registration view. |
43 | ||
44 | Note that usernames will always be lowercased. Email domains are lowercased while | |
45 | the first part remains case-sensitive. | |
24181820 | 46 | """ |
744f1c83 RE |
47 | # Redirects to indexpage if registrations are disabled or no authentication |
48 | # is enabled | |
49 | if not mg_globals.app_config["allow_registration"] or not mg_globals.app.auth: | |
166dc91a CAW |
50 | messages.add_message( |
51 | request, | |
52 | messages.WARNING, | |
4b1adc13 | 53 | _('Sorry, registration is disabled on this instance.')) |
13677ef9 RL |
54 | return redirect(request, "index") |
55 | ||
ee355966 | 56 | register_form = auth.get_registration_form(request) |
24181820 CAW |
57 | |
58 | if request.method == 'POST' and register_form.validate(): | |
59 | # TODO: Make sure the user doesn't exist already | |
ee355966 | 60 | extra_validation_passes = auth.extra_validation(register_form) |
24181820 | 61 | |
9f6ea475 | 62 | if extra_validation_passes: |
24181820 | 63 | # Create the user |
ee355966 | 64 | user = auth.create_user(register_form) |
0bc03620 | 65 | |
f73f4c4b | 66 | # log the user in |
5c2b8486 | 67 | request.session['user_id'] = unicode(user.id) |
f73f4c4b CAW |
68 | request.session.save() |
69 | ||
70 | # send verification email | |
bf33272f | 71 | email_debug_message(request) |
0bc03620 CAW |
72 | send_verification_email(user, request) |
73 | ||
dce5c9cb CAW |
74 | # redirect the user to their homepage... there will be a |
75 | # message waiting for them to verify their email | |
0bc03620 CAW |
76 | return redirect( |
77 | request, 'mediagoblin.user_pages.user_home', | |
5a4e3ff1 | 78 | user=user.username) |
24181820 | 79 | |
9038c9f9 CAW |
80 | return render_to_response( |
81 | request, | |
c9c24934 E |
82 | 'mediagoblin/auth/register.html', |
83 | {'register_form': register_form}) | |
24181820 CAW |
84 | |
85 | ||
692fd1c9 | 86 | def login(request): |
a3776717 | 87 | """ |
8e1e744d | 88 | MediaGoblin login view. |
a3776717 CAW |
89 | |
90 | If you provide the POST with 'next', it'll redirect to that view. | |
91 | """ | |
744f1c83 RE |
92 | # Redirects to index page if no authentication is enabled |
93 | if not mg_globals.app.auth: | |
94 | messages.add_message( | |
95 | request, | |
96 | messages.WARNING, | |
97 | _('Sorry, authentication is disabled on this instance.')) | |
98 | return redirect(request, 'index') | |
99 | ||
ee355966 | 100 | login_form = auth.get_login_form(request) |
692fd1c9 | 101 | |
a3776717 CAW |
102 | login_failed = False |
103 | ||
69b56235 SS |
104 | if request.method == 'POST': |
105 | if login_form.validate(): | |
ee355966 | 106 | user = auth.get_user(login_form) |
692fd1c9 | 107 | |
ee355966 | 108 | if user and auth.check_login(user, login_form): |
69b56235 SS |
109 | # set up login in session |
110 | request.session['user_id'] = unicode(user.id) | |
111 | request.session.save() | |
692fd1c9 | 112 | |
69b56235 SS |
113 | if request.form.get('next'): |
114 | return redirect(request, location=request.form['next']) | |
115 | else: | |
116 | return redirect(request, "index") | |
692fd1c9 | 117 | |
69b56235 | 118 | # Some failure during login occured if we are here! |
692fd1c9 CAW |
119 | # Prevent detecting who's on this system by testing login |
120 | # attempt timings | |
121 | auth_lib.fake_login_attempt() | |
a3776717 | 122 | login_failed = True |
692fd1c9 | 123 | |
9038c9f9 CAW |
124 | return render_to_response( |
125 | request, | |
c9c24934 E |
126 | 'mediagoblin/auth/login.html', |
127 | {'login_form': login_form, | |
111a609d | 128 | 'next': request.GET.get('next') or request.form.get('next'), |
13bb1d67 RL |
129 | 'login_failed': login_failed, |
130 | 'allow_registration': mg_globals.app_config["allow_registration"]}) | |
692fd1c9 CAW |
131 | |
132 | ||
133 | def logout(request): | |
b97232fa CAW |
134 | # Maybe deleting the user_id parameter would be enough? |
135 | request.session.delete() | |
7b31a11c | 136 | |
9150244a | 137 | return redirect(request, "index") |
db1a438f | 138 | |
5866d1a8 | 139 | |
db1a438f | 140 | def verify_email(request): |
4c093e85 JW |
141 | """ |
142 | Email verification view | |
143 | ||
144 | validates GET parameters against database and unlocks the user account, if | |
145 | you are lucky :) | |
146 | """ | |
155f24f9 | 147 | # If we don't have userid and token parameters, we can't do anything; 404 |
285ffedd | 148 | if not 'userid' in request.GET or not 'token' in request.GET: |
de12b4e7 | 149 | return render_404(request) |
155f24f9 | 150 | |
70f8b2d0 | 151 | user = User.query.filter_by(id=request.args['userid']).first() |
db1a438f | 152 | |
00bb9550 | 153 | if user and user.verification_key == unicode(request.GET['token']): |
7a3d00ec | 154 | user.status = u'active' |
4facc7a0 | 155 | user.email_verified = True |
00bb9550 | 156 | user.verification_key = None |
daf02964 | 157 | |
db1a438f | 158 | user.save() |
daf02964 | 159 | |
fe80cb06 | 160 | messages.add_message( |
7b31a11c CAW |
161 | request, |
162 | messages.SUCCESS, | |
4b1adc13 CAW |
163 | _("Your email address has been verified. " |
164 | "You may now login, edit your profile, and submit images!")) | |
db1a438f | 165 | else: |
4b1adc13 CAW |
166 | messages.add_message( |
167 | request, | |
168 | messages.ERROR, | |
169 | _('The verification key or user id is incorrect')) | |
7b31a11c | 170 | |
269943a6 CAW |
171 | return redirect( |
172 | request, 'mediagoblin.user_pages.user_home', | |
5a4e3ff1 | 173 | user=user.username) |
28afb47c | 174 | |
5866d1a8 | 175 | |
b93a6a22 AM |
176 | def resend_activation(request): |
177 | """ | |
178 | The reactivation view | |
179 | ||
180 | Resend the activation email. | |
181 | """ | |
84a7e770 | 182 | |
2fe69916 | 183 | if request.user is None: |
7903a14f AW |
184 | messages.add_message( |
185 | request, | |
186 | messages.ERROR, | |
2fe69916 | 187 | _('You must be logged in so we know who to send the email to!')) |
dfa6994d | 188 | |
5dbeda8a | 189 | return redirect(request, 'mediagoblin.auth.login') |
7903a14f | 190 | |
0ab21f98 | 191 | if request.user.email_verified: |
84a7e770 AW |
192 | messages.add_message( |
193 | request, | |
194 | messages.ERROR, | |
2fe69916 | 195 | _("You've already verified your email address!")) |
dfa6994d | 196 | |
2fe69916 | 197 | return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username']) |
84a7e770 | 198 | |
00bb9550 | 199 | request.user.verification_key = unicode(uuid.uuid4()) |
a77d952a | 200 | request.user.save() |
dfa6994d | 201 | |
bf33272f | 202 | email_debug_message(request) |
02d80437 | 203 | send_verification_email(request.user, request) |
b93a6a22 | 204 | |
61927e6e CAW |
205 | messages.add_message( |
206 | request, | |
207 | messages.INFO, | |
4b1adc13 | 208 | _('Resent your verification email.')) |
61927e6e CAW |
209 | return redirect( |
210 | request, 'mediagoblin.user_pages.user_home', | |
5a4e3ff1 | 211 | user=request.user.username) |