Create render_to_reponse and use it everywhere.

[mediagoblin.git] / mediagoblin / auth / views.py
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py

index 79c09f5b1b8d76bf183eb2a6c1a7611b53e4fdfb..a5112299f2fd831fd9a1ec1b0285a4c9c3945413 100644 (file)
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -14,12 +14,15 @@
  # You should have received a copy of the GNU Affero General Public License
  # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  
+import uuid
  
-from webob import Response, exc
+from webob import exc
  
+from mediagoblin.util import render_to_response
+from mediagoblin.db.util import ObjectId
  from mediagoblin.auth import lib as auth_lib
  from mediagoblin.auth import forms as auth_forms
-from mediagoblin.util import send_email
+from mediagoblin.auth.lib import send_verification_email
  
  
  def register(request):
@@ -30,8 +33,11 @@ def register(request):
  
      if request.method == 'POST' and register_form.validate():
          # TODO: Make sure the user doesn't exist already
+
          users_with_username = \
-            request.db.User.find({'username': request.POST['username']}).count()
+            request.db.User.find({
+                'username': request.POST['username'].lower()
+            }).count()
  
          if users_with_username:
              register_form.username.errors.append(
@@ -40,52 +46,27 @@ def register(request):
          else:
              # Create the user
              entry = request.db.User()
-            entry['username'] = request.POST['username']
+            entry['username'] = request.POST['username'].lower()
              entry['email'] = request.POST['email']
              entry['pw_hash'] = auth_lib.bcrypt_gen_password_hash(
                  request.POST['password'])
              entry.save(validate=True)
              
-            # TODO: Move this setting to a better place
-            EMAIL_SENDER_ADDRESS = 'mediagoblin@fakehost'
-
-            ''' TODO Index - Regarding sending of verification email
-            1.  There is no error handling in place
-            2.  Due to the distributed nature of GNU MediaGoblin, we should find a way to send some additional information about the specific GNU MediaGoblin instance in the subject line. For example "GNU MediaGoblin @ Wandborg - [...]".   
-            3.  The verification link generation does not detect and adapt to access via the HTTPS protocol.
-            '''
-            
-            # TODO (1)
-            send_email( 
-                EMAIL_SENDER_ADDRESS,
-                entry['email'],
-                'GNU MediaGoblin - Verify email', # TODO (2)
-                'http://{host}{uri}?userid={userid}&token={verification_key}'.format( # TODO (3)
-                    host = request.host,
-                    uri = request.urlgen('mediagoblin.auth.verify_email'),
-                    userid = unicode( entry['_id'] ),
-                    verification_key = entry['verification_key']
-                    ))
-            
+            send_verification_email(entry, request)
+
              # Redirect to register_success
              return exc.HTTPFound(
                  location=request.urlgen("mediagoblin.auth.register_success"))
  
      # render
-    template = request.template_env.get_template(
-        'mediagoblin/auth/register.html')
-    return Response(
-        template.render(
-            {'request': request,
-             'register_form': register_form}))
+    return render_to_response(
+            request, 'mediagoblin/auth/register.html',
+            {'register_form': register_form})
  
  
  def register_success(request):
-    template = request.template_env.get_template(
-        'mediagoblin/auth/register_success.html')
-    return Response(
-        template.render(
-            {'request': request}))
+    return render_to_response(
+            request, 'mediagoblin/auth/register_success.html', {})
  
  
  def login(request):
@@ -100,7 +81,7 @@ def login(request):
  
      if request.method == 'POST' and login_form.validate():
          user = request.db.User.one(
-            {'username': request.POST['username']})
+            {'username': request.POST['username'].lower()})
  
          if user and user.check_login(request.POST['password']):
              # set up login in session
@@ -120,14 +101,11 @@ def login(request):
              login_failed = True
  
      # render
-    template = request.template_env.get_template(
-        'mediagoblin/auth/login.html')
-    return Response(
-        template.render(
-            {'request': request,
-             'login_form': login_form,
+    return render_to_response(
+            request, 'mediagoblin/auth/login.html',
+            {'login_form': login_form,
               'next': request.GET.get('next') or request.POST.get('next'),
-             'login_failed': login_failed}))
+             'login_failed': login_failed})
  
  
  def logout(request):
@@ -137,14 +115,22 @@ def logout(request):
      return exc.HTTPFound(
          location=request.urlgen("index"))
  
+
  def verify_email(request):
-    import bson.objectid
-    user = request.db.User.find_one(
-        {'_id': bson.objectid.ObjectId( unicode( request.GET.get('userid') ) )})
+    """
+    Email verification view
  
-    verification_successful = bool
+    validates GET parameters against database and unlocks the user account, if
+    you are lucky :)
+    """
+    # If we don't have userid and token parameters, we can't do anything; 404
+    if not request.GET.has_key('userid') or not request.GET.has_key('token'):
+        return exc.HTTPNotFound()
+
+    user = request.db.User.find_one(
+        {'_id': ObjectId(unicode(request.GET['userid']))})
  
-    if user and user['verification_key'] == unicode( request.GET.get('token') ):
+    if user and user['verification_key'] == unicode(request.GET['token']):
          user['status'] = u'active'
          user['email_verified'] = True
          verification_successful = True
@@ -152,10 +138,38 @@ def verify_email(request):
      else:
          verification_successful = False
          
-    template = request.template_env.get_template(
-        'mediagoblin/auth/verify_email.html')
-    return Response(
-        template.render(
-            {'request': request,
-             'user': user,
-             'verification_successful': verification_successful}))
+    return render_to_response(
+            request, 'mediagoblin/auth/verify_email.html',
+            {'user': user,
+             'verification_successful': verification_successful})
+
+def verify_email_notice(request):
+    """
+    Verify warning view.
+
+    When the user tries to do some action that requires their account
+    to be verified beforehand, this view is called upon!
+    """
+    return render_to_response(
+            request, 'mediagoblin/auth/verification_needed.html', {})
+
+
+def resend_activation(request):
+    """
+    The reactivation view
+
+    Resend the activation email.
+    """
+
+    request.user['verification_key'] = unicode(uuid.uuid4())
+    request.user.save()
+
+    send_verification_email(request.user, request)
+
+    return exc.HTTPFound(
+        location=request.urlgen('mediagoblin.auth.resend_verification_success'))
+
+
+def resend_activation_success(request):
+    return render_to_response(
+            request, 'mediagoblin/auth/resent_verification_email.html', {})