mediagoblin/auth/views.py

   1 # GNU MediaGoblin -- federated, autonomous media hosting
   2 # Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
   3 #
   4 # This program is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU Affero General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 from itsdangerous import BadSignature
  18
  19 from mediagoblin import messages, mg_globals
  20 from mediagoblin.db.models import User, Privilege
  21 from mediagoblin.tools.crypto import get_timed_signer_url
  22 from mediagoblin.decorators import auth_enabled, allow_registration
  23 from mediagoblin.tools.response import render_to_response, redirect, render_404
  24 from mediagoblin.tools.translate import pass_to_ugettext as _
  25 from mediagoblin.tools.mail import email_debug_message
  26 from mediagoblin.tools.pluginapi import hook_handle
  27 from mediagoblin.auth.tools import (send_verification_email, register_user,
  28                                     check_login_simple)
  29
  30
  31 @allow_registration
  32 @auth_enabled
  33 def register(request):
  34     """The registration view.
  35
  36     Note that usernames will always be lowercased. Email domains are lowercased while
  37     the first part remains case-sensitive.
  38     """
  39     if 'pass_auth' not in request.template_env.globals:
  40         redirect_name = hook_handle('auth_no_pass_redirect')
  41         if redirect_name:
  42             return redirect(request, 'mediagoblin.plugins.{0}.register'.format(
  43                 redirect_name))
  44         else:
  45             return redirect(request, 'index')
  46
  47     register_form = hook_handle("auth_get_registration_form", request)
  48
  49     if request.method == 'POST' and register_form.validate():
  50         # TODO: Make sure the user doesn't exist already
  51         user = register_user(request, register_form)
  52
  53         if user:
  54             # redirect the user to their homepage... there will be a
  55             # message waiting for them to verify their email
  56             return redirect(
  57                 request, 'mediagoblin.user_pages.user_home',
  58                 user=user.username)
  59
  60     return render_to_response(
  61         request,
  62         'mediagoblin/auth/register.html',
  63         {'register_form': register_form,
  64          'post_url': request.urlgen('mediagoblin.auth.register')})
  65
  66
  67 @auth_enabled
  68 def login(request):
  69     """
  70     MediaGoblin login view.
  71
  72     If you provide the POST with 'next', it'll redirect to that view.
  73     """
  74     if 'pass_auth' not in request.template_env.globals:
  75         redirect_name = hook_handle('auth_no_pass_redirect')
  76         if redirect_name:
  77             return redirect(request, 'mediagoblin.plugins.{0}.login'.format(
  78                 redirect_name))
  79         else:
  80             return redirect(request, 'index')
  81
  82     login_form = hook_handle("auth_get_login_form", request)
  83
  84     login_failed = False
  85
  86     if request.method == 'POST':
  87         username = login_form.username.data
  88
  89         if login_form.validate():
  90             user = check_login_simple(username, login_form.password.data)
  91
  92             if user:
  93                 # set up login in session
  94                 if login_form.stay_logged_in.data:
  95                     request.session['stay_logged_in'] = True
  96                 request.session['user_id'] = unicode(user.id)
  97                 request.session.save()
  98
  99                 if request.form.get('next'):
 100                     return redirect(request, location=request.form['next'])
 101                 else:
 102                     return redirect(request, "index")
 103
 104             login_failed = True
 105
 106     return render_to_response(
 107         request,
 108         'mediagoblin/auth/login.html',
 109         {'login_form': login_form,
 110          'next': request.GET.get('next') or request.form.get('next'),
 111          'login_failed': login_failed,
 112          'post_url': request.urlgen('mediagoblin.auth.login'),
 113          'allow_registration': mg_globals.app_config["allow_registration"]})
 114
 115
 116 def logout(request):
 117     # Maybe deleting the user_id parameter would be enough?
 118     request.session.delete()
 119
 120     return redirect(request, "index")
 121
 122
 123 def verify_email(request):
 124     """
 125     Email verification view
 126
 127     validates GET parameters against database and unlocks the user account, if
 128     you are lucky :)
 129     """
 130     # If we don't have userid and token parameters, we can't do anything; 404
 131     if not 'token' in request.GET:
 132         return render_404(request)
 133
 134     # Catch error if token is faked or expired
 135     try:
 136         token = get_timed_signer_url("mail_verification_token") \
 137                 .loads(request.GET['token'], max_age=10*24*3600)
 138     except BadSignature:
 139         messages.add_message(
 140             request,
 141             messages.ERROR,
 142             _('The verification key or user id is incorrect.'))
 143
 144         return redirect(
 145             request,
 146             'index')
 147
 148     user = User.query.filter_by(id=int(token)).first()
 149
 150     if user and user.has_privilege(u'active') is False:
 151         user.verification_key = None
 152         user.all_privileges.append(
 153             Privilege.query.filter(
 154             Privilege.privilege_name==u'active').first())
 155
 156         user.save()
 157
 158         messages.add_message(
 159             request,
 160             messages.SUCCESS,
 161             _("Your email address has been verified. "
 162               "You may now login, edit your profile, and submit images!"))
 163     else:
 164         messages.add_message(
 165             request,
 166             messages.ERROR,
 167             _('The verification key or user id is incorrect'))
 168
 169     return redirect(
 170         request, 'mediagoblin.user_pages.user_home',
 171         user=user.username)
 172
 173
 174 def resend_activation(request):
 175     """
 176     The reactivation view
 177
 178     Resend the activation email.
 179     """
 180
 181     if request.user is None:
 182         messages.add_message(
 183             request,
 184             messages.ERROR,
 185             _('You must be logged in so we know who to send the email to!'))
 186
 187         return redirect(request, 'mediagoblin.auth.login')
 188
 189     if request.user.has_privilege(u'active'):
 190         messages.add_message(
 191             request,
 192             messages.ERROR,
 193             _("You've already verified your email address!"))
 194
 195         return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
 196
 197     email_debug_message(request)
 198     send_verification_email(request.user, request)
 199
 200     messages.add_message(
 201         request,
 202         messages.INFO,
 203         _('Resent your verification email.'))
 204     return redirect(
 205         request, 'mediagoblin.user_pages.user_home',
 206         user=request.user.username)