projects / mediagoblin.git / blame
| Commit | Line | Data |
|---|---|---|
| 8e1e744d | 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
| cf29e8a8 | 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
| 24181820 CAW |
3 | # |
| 4 | # This program is free software: you can redistribute it and/or modify | |
| 5 | # it under the terms of the GNU Affero General Public License as published by | |
| 6 | # the Free Software Foundation, either version 3 of the License, or | |
| 7 | # (at your option) any later version. | |
| 8 | # | |
| 9 | # This program is distributed in the hope that it will be useful, | |
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 12 | # GNU Affero General Public License for more details. | |
| 13 | # | |
| 14 | # You should have received a copy of the GNU Affero General Public License | |
| 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 16 | ||
| b121d89c AB |
17 | import logging |
| 18 | ||
| e49b7e02 BP |
19 | import six |
| 20 | ||
| 342f06f7 | 21 | from itsdangerous import BadSignature |
| a77d952a | 22 | |
| 70f8b2d0 | 23 | from mediagoblin import messages, mg_globals |
| 3fb96fc9 | 24 | from mediagoblin.db.models import User, Privilege |
| 342f06f7 | 25 | from mediagoblin.tools.crypto import get_timed_signer_url |
| 5adb906a | 26 | from mediagoblin.decorators import auth_enabled, allow_registration |
| 152a3bfa | 27 | from mediagoblin.tools.response import render_to_response, redirect, render_404 |
| a789b713 | 28 | from mediagoblin.tools.translate import pass_to_ugettext as _ |
| dd39fe60 | 29 | from mediagoblin.tools.mail import email_debug_message |
| e4deacd9 | 30 | from mediagoblin.tools.pluginapi import hook_handle |
| f9e03221 | 31 | from mediagoblin.auth.tools import (send_verification_email, register_user, |
| 1d321f1c | 32 | check_login_simple) |
| bf33272f | 33 | |
| b121d89c AB |
34 | _log = logging.getLogger(__name__) |
| 35 | ||
| bf33272f | 36 | |
| 5adb906a RE |
37 | @allow_registration |
| 38 | @auth_enabled | |
| 24181820 | 39 | def register(request): |
| a89df961 SS |
40 | """The registration view. |
| 41 | ||
| 42 | Note that usernames will always be lowercased. Email domains are lowercased while | |
| 43 | the first part remains case-sensitive. | |
| 24181820 | 44 | """ |
| 5784c12d | 45 | if 'pass_auth' not in request.template_env.globals: |
| e4deacd9 | 46 | redirect_name = hook_handle('auth_no_pass_redirect') |
| 4f8f0a4e RE |
47 | if redirect_name: |
| 48 | return redirect(request, 'mediagoblin.plugins.{0}.register'.format( | |
| 49 | redirect_name)) | |
| 50 | else: | |
| 51 | return redirect(request, 'index') | |
| 5784c12d | 52 | |
| e4deacd9 | 53 | register_form = hook_handle("auth_get_registration_form", request) |
| 24181820 CAW |
54 | |
| 55 | if request.method == 'POST' and register_form.validate(): | |
| 56 | # TODO: Make sure the user doesn't exist already | |
| 5784c12d | 57 | user = register_user(request, register_form) |
| 0bc03620 | 58 | |
| 5784c12d | 59 | if user: |
| dce5c9cb CAW |
60 | # redirect the user to their homepage... there will be a |
| 61 | # message waiting for them to verify their email | |
| 0bc03620 CAW |
62 | return redirect( |
| 63 | request, 'mediagoblin.user_pages.user_home', | |
| 5a4e3ff1 | 64 | user=user.username) |
| 24181820 | 65 | |
| 9038c9f9 CAW |
66 | return render_to_response( |
| 67 | request, | |
| c9c24934 | 68 | 'mediagoblin/auth/register.html', |
| 57e8be21 | 69 | {'register_form': register_form, |
| 57e8be21 | 70 | 'post_url': request.urlgen('mediagoblin.auth.register')}) |
| 24181820 CAW |
71 | |
| 72 | ||
| 5adb906a | 73 | @auth_enabled |
| 692fd1c9 | 74 | def login(request): |
| a3776717 | 75 | """ |
| 8e1e744d | 76 | MediaGoblin login view. |
| a3776717 CAW |
77 | |
| 78 | If you provide the POST with 'next', it'll redirect to that view. | |
| 79 | """ | |
| 5784c12d | 80 | if 'pass_auth' not in request.template_env.globals: |
| e4deacd9 | 81 | redirect_name = hook_handle('auth_no_pass_redirect') |
| 4f8f0a4e RE |
82 | if redirect_name: |
| 83 | return redirect(request, 'mediagoblin.plugins.{0}.login'.format( | |
| 84 | redirect_name)) | |
| 85 | else: | |
| 86 | return redirect(request, 'index') | |
| 5784c12d | 87 | |
| e4deacd9 | 88 | login_form = hook_handle("auth_get_login_form", request) |
| 692fd1c9 | 89 | |
| a3776717 CAW |
90 | login_failed = False |
| 91 | ||
| 69b56235 | 92 | if request.method == 'POST': |
| b2c8dbcf | 93 | |
| 0578d8b3 | 94 | if login_form.validate(): |
| a2b3c623 | 95 | user = check_login_simple( |
| 96 | login_form.username.data, | |
| 97 | login_form.password.data) | |
| 692fd1c9 | 98 | |
| 1d321f1c | 99 | if user: |
| 69b56235 | 100 | # set up login in session |
| 527b7e3b | 101 | if login_form.stay_logged_in.data: |
| ef57b062 | 102 | request.session['stay_logged_in'] = True |
| e49b7e02 | 103 | request.session['user_id'] = six.text_type(user.id) |
| 69b56235 | 104 | request.session.save() |
| 692fd1c9 | 105 | |
| 69b56235 SS |
106 | if request.form.get('next'): |
| 107 | return redirect(request, location=request.form['next']) | |
| 108 | else: | |
| 109 | return redirect(request, "index") | |
| 692fd1c9 | 110 | |
| a3776717 | 111 | login_failed = True |
| b121d89c AB |
112 | remote_addr = request.access_route[-1] or request.remote_addr |
| 113 | _log.warn("Failed login attempt from %r", remote_addr) | |
| 692fd1c9 | 114 | |
| 9038c9f9 CAW |
115 | return render_to_response( |
| 116 | request, | |
| c9c24934 E |
117 | 'mediagoblin/auth/login.html', |
| 118 | {'login_form': login_form, | |
| 111a609d | 119 | 'next': request.GET.get('next') or request.form.get('next'), |
| 13bb1d67 | 120 | 'login_failed': login_failed, |
| 57e8be21 | 121 | 'post_url': request.urlgen('mediagoblin.auth.login'), |
| 13bb1d67 | 122 | 'allow_registration': mg_globals.app_config["allow_registration"]}) |
| 692fd1c9 CAW |
123 | |
| 124 | ||
| 125 | def logout(request): | |
| b97232fa CAW |
126 | # Maybe deleting the user_id parameter would be enough? |
| 127 | request.session.delete() | |
| 7b31a11c | 128 | |
| 9150244a | 129 | return redirect(request, "index") |
| db1a438f | 130 | |
| 5866d1a8 | 131 | |
| db1a438f | 132 | def verify_email(request): |
| 4c093e85 JW |
133 | """ |
| 134 | Email verification view | |
| 135 | ||
| 136 | validates GET parameters against database and unlocks the user account, if | |
| 137 | you are lucky :) | |
| 138 | """ | |
| 155f24f9 | 139 | # If we don't have userid and token parameters, we can't do anything; 404 |
| 342f06f7 | 140 | if not 'token' in request.GET: |
| de12b4e7 | 141 | return render_404(request) |
| 155f24f9 | 142 | |
| 342f06f7 RE |
143 | # Catch error if token is faked or expired |
| 144 | try: | |
| 145 | token = get_timed_signer_url("mail_verification_token") \ | |
| 146 | .loads(request.GET['token'], max_age=10*24*3600) | |
| 147 | except BadSignature: | |
| 148 | messages.add_message( | |
| 149 | request, | |
| 150 | messages.ERROR, | |
| 151 | _('The verification key or user id is incorrect.')) | |
| db1a438f | 152 | |
| 342f06f7 RE |
153 | return redirect( |
| 154 | request, | |
| 155 | 'index') | |
| 156 | ||
| 157 | user = User.query.filter_by(id=int(token)).first() | |
| 158 | ||
| 25625107 | 159 | if user and user.has_privilege(u'active') is False: |
| 00bb9550 | 160 | user.verification_key = None |
| 3fb96fc9 | 161 | user.all_privileges.append( |
| 162 | Privilege.query.filter( | |
| 163 | Privilege.privilege_name==u'active').first()) | |
| daf02964 | 164 | |
| db1a438f | 165 | user.save() |
| daf02964 | 166 | |
| fe80cb06 | 167 | messages.add_message( |
| 7b31a11c CAW |
168 | request, |
| 169 | messages.SUCCESS, | |
| 4b1adc13 CAW |
170 | _("Your email address has been verified. " |
| 171 | "You may now login, edit your profile, and submit images!")) | |
| db1a438f | 172 | else: |
| 4b1adc13 CAW |
173 | messages.add_message( |
| 174 | request, | |
| 175 | messages.ERROR, | |
| 176 | _('The verification key or user id is incorrect')) | |
| 7b31a11c | 177 | |
| 269943a6 CAW |
178 | return redirect( |
| 179 | request, 'mediagoblin.user_pages.user_home', | |
| 5a4e3ff1 | 180 | user=user.username) |
| 28afb47c | 181 | |
| 5866d1a8 | 182 | |
| b93a6a22 AM |
183 | def resend_activation(request): |
| 184 | """ | |
| 185 | The reactivation view | |
| 186 | ||
| 187 | Resend the activation email. | |
| 188 | """ | |
| 84a7e770 | 189 | |
| 2fe69916 | 190 | if request.user is None: |
| 7903a14f AW |
191 | messages.add_message( |
| 192 | request, | |
| 193 | messages.ERROR, | |
| 2fe69916 | 194 | _('You must be logged in so we know who to send the email to!')) |
| dfa6994d | 195 | |
| 5dbeda8a | 196 | return redirect(request, 'mediagoblin.auth.login') |
| 7903a14f | 197 | |
| 25625107 | 198 | if request.user.has_privilege(u'active'): |
| 84a7e770 AW |
199 | messages.add_message( |
| 200 | request, | |
| 201 | messages.ERROR, | |
| 2fe69916 | 202 | _("You've already verified your email address!")) |
| dfa6994d | 203 | |
| 5aa4ab06 | 204 | return redirect(request, "mediagoblin.user_pages.user_home", user=request.user.username) |
| 84a7e770 | 205 | |
| bf33272f | 206 | email_debug_message(request) |
| 02d80437 | 207 | send_verification_email(request.user, request) |
| b93a6a22 | 208 | |
| 61927e6e CAW |
209 | messages.add_message( |
| 210 | request, | |
| 211 | messages.INFO, | |
| 4b1adc13 | 212 | _('Resent your verification email.')) |
| 61927e6e CAW |
213 | return redirect( |
| 214 | request, 'mediagoblin.user_pages.user_home', | |
| 5a4e3ff1 | 215 | user=request.user.username) |