Coverage for bookie.views.auth : 50%
Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
|
def login(request): """Login the user to the system
If not POSTed then show the form If error, display the form with the error message If successful, forward the user to their /recent
Note: the came_from stuff we're not using atm. We'll clean out if we keep things this way
"""
# We use the Primary Key as our identifier once someone has # authenticated rather than the username. You can change what is # returned as the userid by altering what is passed to remember.
# log the successful login
# we're always going to return a user to their own /recent after a # login location=request.route_url( 'user_bmark_recent', username=auth.username), headers=headers)
# log the right level of problem
elif auth is None: message = "Failed login" AuthLog.login(login, False, password=password)
'message': message, 'came_from': came_from, 'login': login, 'password': password, }
def logout(request): headers = forget(request) return HTTPFound(location=route_url('home', request), headers=headers)
def signup(request): """Signup merely shows the signup for to users.
We always take their signup even if we don't send out the email/invite at this time so that we can stage invites across a specific number in waves.
"""
def signup_process(request): """Process the signup request
If there are any errors drop to the same template with the error information.
"""
# if still no email, I give up! 'errors': { 'email': 'Please supply an email address to sign up.' } }
# first see if the user is already in the system 'errors': { 'email': 'The user has already signed up.' } }
new_user = UserMgr.signup_user(email, 'signup') if new_user: # then this user is able to invite someone # log it AuthLog.reactivate(new_user.username)
# and then send an email notification # @todo the email side of things settings = request.registry.settings
# Add a queue job to send the user a notification email. tasks.email_signup_user.delay( new_user.email, "Enable your Bookie account", settings, request.route_url( 'reset', username=new_user.username, reset_key=new_user.activation.code ) )
# And let the user know they're signed up. return { 'message': 'Thank you for signing up from: ' + new_user.email } else: return { 'errors': { 'email': 'There was an unknown error signing up.' } }
def reset(request): """Once deactivated, allow for changing the password via activation key""" rdict = request.matchdict params = request.params
# This is an initial request to show the activation form. username = rdict.get('username', None) activation_key = rdict.get('reset_key', None) user = ActivationMgr.get_user(username, activation_key)
if user is None: # just 404 if we don't have an activation code for this user raise HTTPNotFound()
if 'code' in params: # This is a posted form with the activation, attempt to unlock the # user's account. username = params.get('username', None) activation = params.get('code', None) password = params.get('new_password', None) new_username = params.get('new_username', None) error = None
if not UserMgr.acceptable_password(password): # Set an error message to the template. error = "Come on, pick a real password please." else: res = ActivationMgr.activate_user(username, activation, password) if res: # success so respond nicely AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our current # username, update it if new_username and new_username != username: try: user = UserMgr.get(username=username) user.username = new_username except IntegrityError, exc: error = 'There was an issue setting your new username' else: AuthLog.reactivate(username, success=False, code=activation) error = 'There was an issue attempting to activate this account.'
if error: return { 'message': error, 'user': user } else: # Log the user in and move along. headers = remember(request, user.id, max_age=60 * 60 * 24 * 30) user.last_login = datetime.utcnow()
# log the successful login AuthLog.login(user.username, True)
# we're always going to return a user to their own /recent after a # login return HTTPFound( location=request.route_url( 'user_bmark_recent', username=user.username), headers=headers)
else: LOG.error("CHECKING") LOG.error(username)
if user is None: # just 404 if we don't have an activation code for this user raise HTTPNotFound()
LOG.error(user.username) LOG.error(user.email) return { 'user': user, }
login_url = route_url('login', request) referrer = request.url if referrer == login_url: referrer = '/' # never use the login form itself as came_from came_from = request.params.get('came_from', referrer) return render_to_response( '/auth/login.mako', dict( message='', url=request.application_url + '/login', came_from=came_from, login='', password='', ), request=request) |