if field.data is None: # should not happen, but be cautious anyway
raise wtforms.ValidationError(message)
return _normalize_field
-def send_verification_email(user, request):
+
+
+ EMAIL_VERIFICATION_TEMPLATE = (
+ u"http://{host}{uri}?"
+ u"userid={userid}&token={verification_key}")
+
+
- rendered_email = render_template(
- request, 'mediagoblin/auth/verification_email.txt',
- {'username': user.username,
- 'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
- host=request.host,
- uri=request.urlgen('mediagoblin.auth.verify_email'),
- userid=unicode(user.id),
- verification_key=user.verification_key)})
++def send_verification_email(user, request, email=None,
++ rendered_email=None):
+ """
+ Send the verification email to users to activate their accounts.
+
+ Args:
+ - user: a user object
+ - request: the request
+ """
- [user.email],
++ if not email:
++ email = user.email
++
++ if not rendered_email:
++ rendered_email = render_template(
++ request, 'mediagoblin/auth/verification_email.txt',
++ {'username': user.username,
++ 'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
++ host=request.host,
++ uri=request.urlgen('mediagoblin.auth.verify_email'),
++ userid=unicode(user.id),
++ verification_key=user.verification_key)})
+
+ # TODO: There is no error handling in place
+ send_email(
+ mg_globals.app_config['email_sender_address'],
++ [email],
+ # TODO
+ # Due to the distributed nature of GNU MediaGoblin, we should
+ # find a way to send some additional information about the
+ # specific GNU MediaGoblin instance in the subject line. For
+ # example "GNU MediaGoblin @ Wandborg - [...]".
+ 'GNU MediaGoblin - Verify your email!',
+ rendered_email)
+
+
+ def basic_extra_validation(register_form, *args):
+ users_with_username = User.query.filter_by(
+ username=register_form.data['username']).count()
+ users_with_email = User.query.filter_by(
+ email=register_form.data['email']).count()
+
+ extra_validation_passes = True
+
+ if users_with_username:
+ register_form.username.errors.append(
+ _(u'Sorry, a user with that name already exists.'))
+ extra_validation_passes = False
+ if users_with_email:
+ register_form.email.errors.append(
+ _(u'Sorry, a user with that email address already exists.'))
+ extra_validation_passes = False
+
+ return extra_validation_passes
+
+
+ def register_user(request, register_form):
+ """ Handle user registration """
+ extra_validation_passes = basic_extra_validation(register_form)
+
+ if extra_validation_passes:
+ # Create the user
+ user = User()
+ user.username = register_form.data['username']
+ user.email = register_form.data['email']
+ user.pw_hash = auth_lib.bcrypt_gen_password_hash(
+ register_form.password.data)
+ user.verification_key = unicode(uuid.uuid4())
+ user.save()
+
+ # log the user in
+ request.session['user_id'] = unicode(user.id)
+ request.session.save()
+
+ # send verification email
+ email_debug_message(request)
+ send_verification_email(user, request)
+
+ return user
+
+ return None
+
+
+ def check_login_simple(username, password, username_might_be_email=False):
+ search = (User.username == username)
+ if username_might_be_email and ('@' in username):
+ search = or_(search, User.email == username)
+ user = User.query.filter(search).first()
+ if not user:
+ _log.info("User %r not found", username)
+ auth_lib.fake_login_attempt()
+ return None
+ if not auth_lib.bcrypt_check_password(password, user.pw_hash):
+ _log.warn("Wrong password for %r", username)
+ return None
+ _log.info("Logging %r in", username)
+ return user
projects / mediagoblin.git / commitdiff