mediagoblin/auth/views.py

   1 # GNU MediaGoblin -- federated, autonomous media hosting
   2 # Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
   3 #
   4 # This program is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU Affero General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 import six
  18
  19 from itsdangerous import BadSignature
  20
  21 from mediagoblin import messages, mg_globals
  22 from mediagoblin.db.models import User, Privilege
  23 from mediagoblin.tools.crypto import get_timed_signer_url
  24 from mediagoblin.decorators import auth_enabled, allow_registration
  25 from mediagoblin.tools.response import render_to_response, redirect, render_404
  26 from mediagoblin.tools.translate import pass_to_ugettext as _
  27 from mediagoblin.tools.mail import email_debug_message
  28 from mediagoblin.tools.pluginapi import hook_handle
  29 from mediagoblin.auth.tools import (send_verification_email, register_user,
  30                                     check_login_simple)
  31
  32
  33 @allow_registration
  34 @auth_enabled
  35 def register(request):
  36     """The registration view.
  37
  38     Note that usernames will always be lowercased. Email domains are lowercased while
  39     the first part remains case-sensitive.
  40     """
  41     if 'pass_auth' not in request.template_env.globals:
  42         redirect_name = hook_handle('auth_no_pass_redirect')
  43         if redirect_name:
  44             return redirect(request, 'mediagoblin.plugins.{0}.register'.format(
  45                 redirect_name))
  46         else:
  47             return redirect(request, 'index')
  48
  49     register_form = hook_handle("auth_get_registration_form", request)
  50
  51     if request.method == 'POST' and register_form.validate():
  52         # TODO: Make sure the user doesn't exist already
  53         user = register_user(request, register_form)
  54
  55         if user:
  56             # redirect the user to their homepage... there will be a
  57             # message waiting for them to verify their email
  58             return redirect(
  59                 request, 'mediagoblin.user_pages.user_home',
  60                 user=user.username)
  61
  62     return render_to_response(
  63         request,
  64         'mediagoblin/auth/register.html',
  65         {'register_form': register_form,
  66          'post_url': request.urlgen('mediagoblin.auth.register')})
  67
  68
  69 @auth_enabled
  70 def login(request):
  71     """
  72     MediaGoblin login view.
  73
  74     If you provide the POST with 'next', it'll redirect to that view.
  75     """
  76     if 'pass_auth' not in request.template_env.globals:
  77         redirect_name = hook_handle('auth_no_pass_redirect')
  78         if redirect_name:
  79             return redirect(request, 'mediagoblin.plugins.{0}.login'.format(
  80                 redirect_name))
  81         else:
  82             return redirect(request, 'index')
  83
  84     login_form = hook_handle("auth_get_login_form", request)
  85
  86     login_failed = False
  87
  88     if request.method == 'POST':
  89
  90         if login_form.validate():
  91             user = check_login_simple(
  92                 login_form.username.data,
  93                 login_form.password.data)
  94
  95             if user:
  96                 # set up login in session
  97                 if login_form.stay_logged_in.data:
  98                     request.session['stay_logged_in'] = True
  99                 request.session['user_id'] = six.text_type(user.id)
 100                 request.session.save()
 101
 102                 if request.form.get('next'):
 103                     return redirect(request, location=request.form['next'])
 104                 else:
 105                     return redirect(request, "index")
 106
 107             login_failed = True
 108
 109     return render_to_response(
 110         request,
 111         'mediagoblin/auth/login.html',
 112         {'login_form': login_form,
 113          'next': request.GET.get('next') or request.form.get('next'),
 114          'login_failed': login_failed,
 115          'post_url': request.urlgen('mediagoblin.auth.login'),
 116          'allow_registration': mg_globals.app_config["allow_registration"]})
 117
 118
 119 def logout(request):
 120     # Maybe deleting the user_id parameter would be enough?
 121     request.session.delete()
 122
 123     return redirect(request, "index")
 124
 125
 126 def verify_email(request):
 127     """
 128     Email verification view
 129
 130     validates GET parameters against database and unlocks the user account, if
 131     you are lucky :)
 132     """
 133     # If we don't have userid and token parameters, we can't do anything; 404
 134     if not 'token' in request.GET:
 135         return render_404(request)
 136
 137     # Catch error if token is faked or expired
 138     try:
 139         token = get_timed_signer_url("mail_verification_token") \
 140                 .loads(request.GET['token'], max_age=10*24*3600)
 141     except BadSignature:
 142         messages.add_message(
 143             request,
 144             messages.ERROR,
 145             _('The verification key or user id is incorrect.'))
 146
 147         return redirect(
 148             request,
 149             'index')
 150
 151     user = User.query.filter_by(id=int(token)).first()
 152
 153     if user and user.has_privilege(u'active') is False:
 154         user.verification_key = None
 155         user.all_privileges.append(
 156             Privilege.query.filter(
 157             Privilege.privilege_name==u'active').first())
 158
 159         user.save()
 160
 161         messages.add_message(
 162             request,
 163             messages.SUCCESS,
 164             _("Your email address has been verified. "
 165               "You may now login, edit your profile, and submit images!"))
 166     else:
 167         messages.add_message(
 168             request,
 169             messages.ERROR,
 170             _('The verification key or user id is incorrect'))
 171
 172     return redirect(
 173         request, 'mediagoblin.user_pages.user_home',
 174         user=user.username)
 175
 176
 177 def resend_activation(request):
 178     """
 179     The reactivation view
 180
 181     Resend the activation email.
 182     """
 183
 184     if request.user is None:
 185         messages.add_message(
 186             request,
 187             messages.ERROR,
 188             _('You must be logged in so we know who to send the email to!'))
 189
 190         return redirect(request, 'mediagoblin.auth.login')
 191
 192     if request.user.has_privilege(u'active'):
 193         messages.add_message(
 194             request,
 195             messages.ERROR,
 196             _("You've already verified your email address!"))
 197
 198         return redirect(request, "mediagoblin.user_pages.user_home", user=request.user['username'])
 199
 200     email_debug_message(request)
 201     send_verification_email(request.user, request)
 202
 203     messages.add_message(
 204         request,
 205         messages.INFO,
 206         _('Resent your verification email.'))
 207     return redirect(
 208         request, 'mediagoblin.user_pages.user_home',
 209         user=request.user.username)