Cleaned up websetup a little.
[zzz-floof.git] / floof / controllers / account.py
index a32583c..0b58078 100644 (file)
@@ -1,31 +1,42 @@
+import elixir
 import logging
 from openid.consumer.consumer import Consumer
 from openid.extensions.sreg import SRegRequest, SRegResponse
 from openid.store.filestore import FileOpenIDStore
 import logging
 from openid.consumer.consumer import Consumer
 from openid.extensions.sreg import SRegRequest, SRegResponse
 from openid.store.filestore import FileOpenIDStore
+from openid.yadis.discover import DiscoveryFailure
 from sqlalchemy.orm.exc import NoResultFound
 
 from sqlalchemy.orm.exc import NoResultFound
 
-from pylons import request, response, session, tmpl_context as c
-from pylons.controllers.util import abort, redirect_to
+from pylons import request, response, session, tmpl_context as c, url
+from pylons.controllers.util import abort, redirect, redirect_to
 from routes import url_for, request_config
 
 from routes import url_for, request_config
 
-from floof import model
-from floof.model.meta import Session
 from floof.lib.base import BaseController, render
 from floof.lib.base import BaseController, render
+import floof.lib.helpers as h
+from floof.model.users import IdentityURL, User
 
 log = logging.getLogger(__name__)
 
 
 log = logging.getLogger(__name__)
 
+from floof.model import UserPage
+
 class AccountController(BaseController):
 
     openid_store = FileOpenIDStore('/var/tmp')
 
     def login(self):
 class AccountController(BaseController):
 
     openid_store = FileOpenIDStore('/var/tmp')
 
     def login(self):
-        return render('/login.mako')
+        c.bogus_identity_url = request.params.get('bogus_identity_url', None)
+        return render('/account/login.mako')
 
     def login_begin(self):
         """Step one of logging in with OpenID; we redirect to the provider"""
 
 
     def login_begin(self):
         """Step one of logging in with OpenID; we redirect to the provider"""
 
+        identity_url = request.params['identity_url']
         cons = Consumer(session=session, store=self.openid_store)
         cons = Consumer(session=session, store=self.openid_store)
-        auth_request = cons.begin(request.params['identity_url'])
+        try:
+            auth_request = cons.begin(identity_url)
+        except DiscoveryFailure:
+            redirect_to(controller='account', action='login',
+                        bogus_identity_url=identity_url)
+
         sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender',
                                          'country', 'language', 'timezone'])
         auth_request.addExtension(sreg_req)
         sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender',
                                          'country', 'language', 'timezone'])
         auth_request.addExtension(sreg_req)
@@ -35,7 +46,7 @@ class AccountController(BaseController):
         return_url = url_for(host=host, controller='account', action='login_finish')
         new_url = auth_request.redirectURL(return_to=return_url,
                                            realm=protocol + '://' + host)
         return_url = url_for(host=host, controller='account', action='login_finish')
         new_url = auth_request.redirectURL(return_to=return_url,
                                            realm=protocol + '://' + host)
-        redirect_to(new_url)
+        redirect(new_url)
 
     def login_finish(self):
         """Step two of logging in; the OpenID provider redirects back here."""
 
     def login_finish(self):
         """Step two of logging in; the OpenID provider redirects back here."""
@@ -50,26 +61,81 @@ class AccountController(BaseController):
 
         try:
             # Grab an existing user record, if one exists
 
         try:
             # Grab an existing user record, if one exists
-            q = Session.query(model.User) \
-                       .filter(model.User.identity_urls.any(url=res.identity_url))
+            q = User.query.filter(User.identity_urls.any(url=res.identity_url))
             user = q.one()
         except NoResultFound:
             user = q.one()
         except NoResultFound:
+            # Unrecognized URL.  Redirect to a registration page to ask for a
+            # nickname, etc.
+            session['register:identity_url'] = res.identity_url
+
             # Try to pull a name out of the SReg response
             sreg_res = SRegResponse.fromSuccessResponse(res)
             # Try to pull a name out of the SReg response
             sreg_res = SRegResponse.fromSuccessResponse(res)
-            try:
-                username = sreg_res['nickname']
-            except:
-                username = 'Anonymous'
-
-            # Create db records
-            user = model.User(name=username)
-            Session.add(user)
-            identity_url = model.IdentityURL(url=res.identity_url)
-            user.identity_urls.append(identity_url)
-            Session.commit()
+            if sreg_res and 'nickname' in sreg_res:
+                session['register:nickname'] = sreg_res['nickname']
+
+            session.save()
+            redirect(url('register'))
 
         # Remember who's logged in, and we're good to go
         session['user_id'] = user.id
         session.save()
 
         # Remember who's logged in, and we're good to go
         session['user_id'] = user.id
         session.save()
+        h.flash(u'You are now logged in.')
+
+        # XXX send me where I came from
+        redirect('/')
+
+    def logout(self):
+        """Log user out."""
+
+        if 'user_id' in session:
+            del session['user_id']
+            session.save()
+
+        # XXX success message
+        # XXX send me where I came from
+        redirect('/')
+
+    def register(self):
+        """Logging in with an unrecognized identity URL redirects here."""
+
+        c.identity_url = session['register:identity_url']
+        c.nickname = session.get('register:nickname', None)
+        # XXX hey, uh.  warn if this name is taken already.
+
+        return render('/account/register.mako')
+
+    def register_finish(self):
+        """Complete a new-user registration.  Create the user and log in."""
+
+        identity_url = session['register:identity_url']
+        username = request.params.get('username', None)
+
+        if not username:
+            h.flash(u'Please enter a username.')
+            return self.register()
+
+        if User.query.filter_by(name=username).count():
+            h.flash(u'This username is already taken.')
+            return self.register()
+
+        if not User.is_valid_name(username):
+            h.flash(u'This username is not valid.')
+            return self.register()
+
+        if username in ['me']:
+            h.flash(u'This username is reserved.')
+            return self.register()
+
+        # Create db records
+        user = User(name=username, display_name=username)
+        user.identity_urls.append(IdentityURL(url=identity_url))
+
+        elixir.session.commit()
+
+        # Log in
+        session['user_id'] = user.id
+        session.save()
+        h.flash(u'You are now logged in.')
 
 
-        return "Hello, %s from %s" % (user.name, res.identity_url)
+        # XXX send me where I came from
+        redirect('/')