townsquare/controllers/account.py

   1 import logging, re
   2
   3 from pylons import request, response, session, tmpl_context as c, app_globals as g
   4 from pylons.controllers.util import abort, redirect_to
   5
   6 from townsquare.model.user import User
   7 from townsquare.lib.account import *
   8 from townsquare.lib import mail
   9 from townsquare.lib.base import BaseController, render
  10
  11 log = logging.getLogger(__name__)
  12
  13 class AccountController(BaseController):
  14
  15     def login(self):
  16         # Forward to home if logged in
  17         idname = session.get('account.idname')
  18         if idname is not None and len(idname):
  19             redirect_to('/') #TODO: application's root, not host's root
  20         c.field_errors = []
  21         form_valid = False
  22         if len(request.POST):
  23             c.username = request.POST.getone('username').strip()
  24             idname = c.username.lower()
  25             acc = g.db.col(Account).find_one(idname=idname)
  26             if acc is not None:
  27                 if acc.authenticate(request.POST.getone('password')):
  28                     #TODO: should use session id
  29                     session['account.idname'] = idname
  30                     session.save()
  31                     #TODO: show message (with auto-redirect) or just redirect
  32                     redirect_to('/') #TODO: application's root, not host's root
  33         return render('/account/login.mako')
  34
  35     def logout(self):
  36         session['account.idname'] = ''
  37         session.save()
  38         redirect_to('/') #TODO: application's root, not host's root
  39
  40     def register(self):
  41         # Forward to home if logged in
  42         idname = session.get('account.idname')
  43         if idname is not None and len(idname):
  44             redirect_to('/') #TODO: application's root, not host's root
  45         c.title = 'Eaaaa'
  46         c.field_errors = []
  47         form_valid = False
  48         if len(request.POST):
  49             # Process submited form data here
  50             #TODO: lots of check here
  51             c.username = request.POST.getone('username').strip()
  52             if (len(c.username) < 4 or len(c.username) > 25):
  53                 c.field_errors.append('username')
  54             if (re.match(r'^[A-Za-z0-9_]+$', c.username) == None):
  55                 c.field_errors.append('username')
  56             c.email = request.POST.getone('email')
  57             if (len(c.email) < 4):
  58                 c.field_errors.append('email')
  59             c.email_confirm = request.POST.getone('email_confirm')
  60             if (c.email_confirm != c.email or len(c.email_confirm) < 4):
  61                 c.field_errors.append('email_confirm')
  62             c.password = request.POST.getone('password')
  63             if (len(c.password) < 6):
  64                 c.field_errors.append('password')
  65             c.password_confirm = request.POST.getone('password_confirm')
  66             if (c.password_confirm != c.password or len(c.password_confirm) < 6):
  67                 c.field_errors.append('password_confirm')
  68             #TODO: custom fields (example: invitation code, referrer, introductory message)
  69             form_valid = len(c.field_errors) == 0
  70
  71         if form_valid:
  72             # Continue the registration
  73             user = Account()
  74             user.name = c.username
  75             user.email = c.email
  76             user.passkey = c.password
  77             #user.admin = True
  78             vals_valid = False
  79             try:
  80                 #user.save()
  81                 g.db.col(Account).insert(user)
  82             except NameExists:
  83                 c.field_errors.append('username')
  84             except EmailExists:
  85                 c.field_errors.append('email')
  86                 c.field_errors.append('email_confirm')
  87             else:
  88                 pass
  89             vals_valid = len(c.field_errors) == 0
  90             if vals_valid:
  91                 #TODO: prepare the content
  92                 mail.send_administration_mail(user.email, "Activation Code", "TODO: mail message here!")
  93
  94                 #TODO: redirect
  95                 return render('/account/register_succeded.mako')
  96
  97         return render('/account/register.mako')
  98
  99     def activate(self, key=None):
 100         idname = session.get('account.idname')
 101         if idname is not None and len(idname):
 102             redirect_to('/') #TODO: application's root, not host's root
 103         if (len(request.POST)):
 104             key = request.POST.getone('activation_key').strip()
 105         if key is not None:
 106             acc = g.db.col(Account).find_one(activation_key=key)
 107             if acc is not None:
 108                 if acc.activate(key):
 109                     acc.save()
 110                     return render('/account/activate_succeded.mako')
 111             #TODO: fail message
 112         return render('/account/activate.mako')
 113
 114     def invite(self):
 115         idname = session.get('account.idname')
 116         if idname is None or len(idname) == 0:
 117             redirect_to('/login') #TODO: application's root, not host's root. with redirect parameter.
 118         #TODO: check config (whom can invite, the number of invitations)
 119         #TODO: check session
 120         return render('/account/invite.mako')