floof/controllers/account.py

   1 import elixir
   2 import logging
   3 from openid.consumer.consumer import Consumer
   4 from openid.extensions.sreg import SRegRequest, SRegResponse
   5 from openid.store.filestore import FileOpenIDStore
   6 from sqlalchemy.orm.exc import NoResultFound
   7
   8 from pylons import request, response, session, tmpl_context as c
   9 from pylons.controllers.util import abort, redirect_to
  10 from routes import url_for, request_config
  11
  12 from floof.lib.base import BaseController, render
  13 from floof.model.users import IdentityURL, User
  14
  15 log = logging.getLogger(__name__)
  16
  17 class AccountController(BaseController):
  18
  19     openid_store = FileOpenIDStore('/var/tmp')
  20
  21     def login(self):
  22         return render('/login.mako')
  23
  24     def login_begin(self):
  25         """Step one of logging in with OpenID; we redirect to the provider"""
  26
  27         cons = Consumer(session=session, store=self.openid_store)
  28         auth_request = cons.begin(request.params['identity_url'])
  29         sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender',
  30                                          'country', 'language', 'timezone'])
  31         auth_request.addExtension(sreg_req)
  32
  33         host = request.headers['host']
  34         protocol = request_config().protocol
  35         return_url = url_for(host=host, controller='account', action='login_finish')
  36         new_url = auth_request.redirectURL(return_to=return_url,
  37                                            realm=protocol + '://' + host)
  38         redirect_to(new_url)
  39
  40     def login_finish(self):
  41         """Step two of logging in; the OpenID provider redirects back here."""
  42
  43         cons = Consumer(session=session, store=self.openid_store)
  44         host = request.headers['host']
  45         return_url = url_for(host=host, controller='account', action='login_finish')
  46         res = cons.complete(request.params, return_url)
  47
  48         if res.status != 'success':
  49             return 'Error!  %s' % res.message
  50
  51         try:
  52             # Grab an existing user record, if one exists
  53             q = User.query.filter(User.identity_urls.any(url=res.identity_url))
  54             user = q.one()
  55         except NoResultFound:
  56             # Try to pull a name out of the SReg response
  57             sreg_res = SRegResponse.fromSuccessResponse(res)
  58             try:
  59                 username = unicode(sreg_res['nickname'])
  60             except:
  61                 username = u'Anonymous'
  62
  63             # Create db records
  64             user = User(name=username)
  65             identity_url = IdentityURL(url=res.identity_url)
  66             user.identity_urls.append(identity_url)
  67             elixir.session.commit()
  68
  69         # Remember who's logged in, and we're good to go
  70         session['user_id'] = user.id
  71         session.save()
  72
  73         # XXX send me where I came from
  74         redirect_to('/')