townsquare/controllers/account.py

   1 import logging, re
   2
   3 from pylons import request, response, session, tmpl_context as c, app_globals as g
   4 from pylons.controllers.util import abort, redirect_to
   5
   6 from townsquare.model import user
   7 from townsquare.lib import mail
   8 from townsquare.lib.base import BaseController, render
   9
  10 log = logging.getLogger(__name__)
  11
  12 class AccountController(BaseController):
  13
  14     def login(self):
  15         # Forward to home if logged in
  16         accid = session.get('account.id')
  17         if accid is not None and len(accid):
  18             redirect_to('/') #TODO: application's root, not host's root
  19         c.field_errors = []
  20         form_valid = False
  21         if len(request.POST):
  22             c.username = request.POST.getone('username').strip()
  23             idname = c.username.lower()
  24             acc = g.db.col(user.User).find_one(idname=idname)
  25             if acc is not None:
  26                 if acc.authenticate(request.POST.getone('password')):
  27                     #TODO: should use session id
  28                     session['account.id'] = str(acc._id)
  29                     session.save()
  30                     #TODO: show message (with auto-redirect) or just redirect
  31                     redirect_to('/') #TODO: application's root, not host's root
  32         return render('/account/login.mako')
  33
  34     def logout(self):
  35         session['account.id'] = ''
  36         session.save()
  37         redirect_to('/') #TODO: application's root, not host's root
  38
  39     def register(self):
  40         # Forward to home if logged in
  41         accid = session.get('account.id')
  42         if accid is not None and len(accid):
  43             redirect_to('/') #TODO: application's root, not host's root
  44         c.title = 'Eaaaa'
  45         c.field_errors = []
  46         form_valid = False
  47         if len(request.POST):
  48             # Process submited form data here
  49             #TODO: lots of check here
  50             c.username = request.POST.getone('username').strip()
  51             if (len(c.username) < 4 or len(c.username) > 25):
  52                 c.field_errors.append('username')
  53             if (re.match(r'^[A-Za-z0-9_]+$', c.username) == None):
  54                 c.field_errors.append('username')
  55             c.email = request.POST.getone('email')
  56             if (len(c.email) < 4):
  57                 c.field_errors.append('email')
  58             c.email_confirm = request.POST.getone('email_confirm')
  59             if (c.email_confirm != c.email or len(c.email_confirm) < 4):
  60                 c.field_errors.append('email_confirm')
  61             c.password = request.POST.getone('password')
  62             if (len(c.password) < 6):
  63                 c.field_errors.append('password')
  64             c.password_confirm = request.POST.getone('password_confirm')
  65             if (c.password_confirm != c.password or len(c.password_confirm) < 6):
  66                 c.field_errors.append('password_confirm')
  67             #TODO: custom fields (example: invitation code, referrer, introductory message)
  68             form_valid = len(c.field_errors) == 0
  69
  70         if form_valid:
  71             # Continue the registration
  72             u = g.db.col(user.User).new()
  73             u.name = c.username
  74             u.email = c.email
  75             u.passkey = c.password
  76             #u.admin = True
  77             vals_valid = False
  78             try:
  79                 #user.save()
  80                 g.db.col(user.User).insert(u)
  81             except user.NameExists:
  82                 c.field_errors.append('username')
  83             except user.EmailExists:
  84                 c.field_errors.append('email')
  85                 c.field_errors.append('email_confirm')
  86             else:
  87                 pass
  88             vals_valid = len(c.field_errors) == 0
  89             if vals_valid:
  90                 #TODO: prepare the content
  91                 mail.send_administration_mail(u.email, "Activation Code", "TODO: mail message here!")
  92
  93                 #TODO: redirect
  94                 return render('/account/register_succeded.mako')
  95
  96         return render('/account/register.mako')
  97
  98     def activate(self, key=None):
  99         accid = session.get('account.id')
 100         if accid is not None and len(accid):
 101             redirect_to('/') #TODO: application's root, not host's root
 102         if (len(request.POST)):
 103             key = request.POST.getone('activation_key').strip()
 104         if key is not None:
 105             u = g.db.col(user.User).find_one(activation_key=key)
 106             if u is not None:
 107                 if u.activate(key):
 108                     u.save()
 109                     return render('/account/activate_succeded.mako')
 110             #TODO: fail message
 111         return render('/account/activate.mako')
 112
 113     def invite(self):
 114         accid = session.get('account.id')
 115         if accid is None or len(accid) == 0:
 116             redirect_to('/login') #TODO: application's root, not host's root. with redirect parameter.
 117         #TODO: check config (whom can invite, the number of invitations)
 118         #TODO: check session
 119         return render('/account/invite.mako')