# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+import logging
+
+import six
+
from itsdangerous import BadSignature
from mediagoblin import messages, mg_globals
-from mediagoblin.db.models import User
+from mediagoblin.db.models import User, Privilege
from mediagoblin.tools.crypto import get_timed_signer_url
from mediagoblin.decorators import auth_enabled, allow_registration
from mediagoblin.tools.response import render_to_response, redirect, render_404
from mediagoblin.auth.tools import (send_verification_email, register_user,
check_login_simple)
+_log = logging.getLogger(__name__)
+
@allow_registration
@auth_enabled
login_failed = False
if request.method == 'POST':
- username = login_form.username.data
if login_form.validate():
- user = check_login_simple(username, login_form.password.data)
+ user = check_login_simple(
+ login_form.username.data,
+ login_form.password.data)
if user:
# set up login in session
if login_form.stay_logged_in.data:
request.session['stay_logged_in'] = True
- request.session['user_id'] = unicode(user.id)
+ request.session['user_id'] = six.text_type(user.id)
request.session.save()
if request.form.get('next'):
return redirect(request, "index")
login_failed = True
+ remote_addr = request.access_route[-1] or request.remote_addr
+ _log.warn("Failed login attempt from %r", remote_addr)
return render_to_response(
request,
user = User.query.filter_by(id=int(token)).first()
- if user and user.email_verified is False:
- user.status = u'active'
- user.email_verified = True
+ if user and user.has_privilege(u'active') is False:
+ user.verification_key = None
+ user.all_privileges.append(
+ Privilege.query.filter(
+ Privilege.privilege_name==u'active').first())
+
user.save()
messages.add_message(
return redirect(request, 'mediagoblin.auth.login')
- if request.user.email_verified:
+ if request.user.has_privilege(u'active'):
messages.add_message(
request,
messages.ERROR,
_("You've already verified your email address!"))
- return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
+ return redirect(request, "mediagoblin.user_pages.user_home", user=request.user.username)
email_debug_message(request)
send_verification_email(request.user, request)