# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+import uuid
-from webob import Response, exc
+from webob import exc
+from mediagoblin.util import render_to_response
+from mediagoblin.db.util import ObjectId
from mediagoblin.auth import lib as auth_lib
from mediagoblin.auth import forms as auth_forms
-from mediagoblin.util import send_email
+from mediagoblin.auth.lib import send_verification_email
def register(request):
if request.method == 'POST' and register_form.validate():
# TODO: Make sure the user doesn't exist already
+
users_with_username = \
- request.db.User.find({'username': request.POST['username']}).count()
+ request.db.User.find({
+ 'username': request.POST['username'].lower()
+ }).count()
if users_with_username:
register_form.username.errors.append(
else:
# Create the user
entry = request.db.User()
- entry['username'] = request.POST['username']
+ entry['username'] = request.POST['username'].lower()
entry['email'] = request.POST['email']
entry['pw_hash'] = auth_lib.bcrypt_gen_password_hash(
request.POST['password'])
entry.save(validate=True)
- # TODO: Move this setting to a better place
- EMAIL_SENDER_ADDRESS = 'mediagoblin@fakehost'
-
- ''' TODO Index - Regarding sending of verification email
- 1. There is no error handling in place
- 2. Due to the distributed nature of GNU MediaGoblin, we should find a way to send some additional information about the specific GNU MediaGoblin instance in the subject line. For example "GNU MediaGoblin @ Wandborg - [...]".
- 3. The verification link generation does not detect and adapt to access via the HTTPS protocol.
- '''
-
- # TODO (1)
- send_email(
- EMAIL_SENDER_ADDRESS,
- entry['email'],
- 'GNU MediaGoblin - Verify email', # TODO (2)
- 'http://{host}{uri}?userid={userid}&token={verification_key}'.format( # TODO (3)
- host = request.host,
- uri = request.urlgen('mediagoblin.auth.verify_email'),
- userid = unicode( entry['_id'] ),
- verification_key = entry['verification_key']
- ))
-
+ send_verification_email(entry, request)
+
# Redirect to register_success
return exc.HTTPFound(
location=request.urlgen("mediagoblin.auth.register_success"))
# render
- template = request.template_env.get_template(
- 'mediagoblin/auth/register.html')
- return Response(
- template.render(
- {'request': request,
- 'register_form': register_form}))
+ return render_to_response(
+ request, 'mediagoblin/auth/register.html',
+ {'register_form': register_form})
def register_success(request):
- template = request.template_env.get_template(
- 'mediagoblin/auth/register_success.html')
- return Response(
- template.render(
- {'request': request}))
+ return render_to_response(
+ request, 'mediagoblin/auth/register_success.html', {})
def login(request):
if request.method == 'POST' and login_form.validate():
user = request.db.User.one(
- {'username': request.POST['username']})
+ {'username': request.POST['username'].lower()})
if user and user.check_login(request.POST['password']):
# set up login in session
login_failed = True
# render
- template = request.template_env.get_template(
- 'mediagoblin/auth/login.html')
- return Response(
- template.render(
- {'request': request,
- 'login_form': login_form,
+ return render_to_response(
+ request, 'mediagoblin/auth/login.html',
+ {'login_form': login_form,
'next': request.GET.get('next') or request.POST.get('next'),
- 'login_failed': login_failed}))
+ 'login_failed': login_failed})
def logout(request):
return exc.HTTPFound(
location=request.urlgen("index"))
+
def verify_email(request):
- import bson.objectid
- user = request.db.User.find_one(
- {'_id': bson.objectid.ObjectId( unicode( request.GET.get('userid') ) )})
+ """
+ Email verification view
- verification_successful = bool
+ validates GET parameters against database and unlocks the user account, if
+ you are lucky :)
+ """
+ # If we don't have userid and token parameters, we can't do anything; 404
+ if not request.GET.has_key('userid') or not request.GET.has_key('token'):
+ return exc.HTTPNotFound()
+
+ user = request.db.User.find_one(
+ {'_id': ObjectId(unicode(request.GET['userid']))})
- if user and user['verification_key'] == unicode( request.GET.get('token') ):
+ if user and user['verification_key'] == unicode(request.GET['token']):
user['status'] = u'active'
user['email_verified'] = True
verification_successful = True
else:
verification_successful = False
- template = request.template_env.get_template(
- 'mediagoblin/auth/verify_email.html')
- return Response(
- template.render(
- {'request': request,
- 'user': user,
- 'verification_successful': verification_successful}))
+ return render_to_response(
+ request, 'mediagoblin/auth/verify_email.html',
+ {'user': user,
+ 'verification_successful': verification_successful})
+
+def verify_email_notice(request):
+ """
+ Verify warning view.
+
+ When the user tries to do some action that requires their account
+ to be verified beforehand, this view is called upon!
+ """
+ return render_to_response(
+ request, 'mediagoblin/auth/verification_needed.html', {})
+
+
+def resend_activation(request):
+ """
+ The reactivation view
+
+ Resend the activation email.
+ """
+
+ request.user['verification_key'] = unicode(uuid.uuid4())
+ request.user.save()
+
+ send_verification_email(request.user, request)
+
+ return exc.HTTPFound(
+ location=request.urlgen('mediagoblin.auth.resend_verification_success'))
+
+
+def resend_activation_success(request):
+ return render_to_response(
+ request, 'mediagoblin/auth/resent_verification_email.html', {})