merged suff, commented out some of my own

[zzz-floof.git] / floof / controllers / account.py
diff --git a/floof/controllers/account.py b/floof/controllers/account.py

index 1dab66d..2073d44 100644 (file)
--- a/floof/controllers/account.py
+++ b/floof/controllers/account.py
@@ -3,13 +3,15 @@ import logging
  from openid.consumer.consumer import Consumer
  from openid.extensions.sreg import SRegRequest, SRegResponse
  from openid.store.filestore import FileOpenIDStore
  from openid.consumer.consumer import Consumer
  from openid.extensions.sreg import SRegRequest, SRegResponse
  from openid.store.filestore import FileOpenIDStore
+from openid.yadis.discover import DiscoveryFailure
  from sqlalchemy.orm.exc import NoResultFound
  
  from sqlalchemy.orm.exc import NoResultFound
  
-from pylons import request, response, session, tmpl_context as c
-from pylons.controllers.util import abort, redirect_to
+from pylons import request, response, session, tmpl_context as c, url
+from pylons.controllers.util import abort, redirect, redirect_to
  from routes import url_for, request_config
  
  from floof.lib.base import BaseController, render
  from routes import url_for, request_config
  
  from floof.lib.base import BaseController, render
+import floof.lib.helpers as h
  from floof.model.users import IdentityURL, User
  
  log = logging.getLogger(__name__)
  from floof.model.users import IdentityURL, User
  
  log = logging.getLogger(__name__)
@@ -19,13 +21,20 @@ class AccountController(BaseController):
      openid_store = FileOpenIDStore('/var/tmp')
  
      def login(self):
      openid_store = FileOpenIDStore('/var/tmp')
  
      def login(self):
-        return render('/login.mako')
+        c.bogus_identity_url = request.params.get('bogus_identity_url', None)
+        return render('/account/login.mako')
  
      def login_begin(self):
          """Step one of logging in with OpenID; we redirect to the provider"""
  
  
      def login_begin(self):
          """Step one of logging in with OpenID; we redirect to the provider"""
  
+        identity_url = request.params['identity_url']
          cons = Consumer(session=session, store=self.openid_store)
          cons = Consumer(session=session, store=self.openid_store)
-        auth_request = cons.begin(request.params['identity_url'])
+        try:
+            auth_request = cons.begin(identity_url)
+        except DiscoveryFailure:
+            redirect_to(controller='account', action='login',
+                        bogus_identity_url=identity_url)
+
          sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender',
                                           'country', 'language', 'timezone'])
          auth_request.addExtension(sreg_req)
          sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender',
                                           'country', 'language', 'timezone'])
          auth_request.addExtension(sreg_req)
@@ -35,7 +44,7 @@ class AccountController(BaseController):
          return_url = url_for(host=host, controller='account', action='login_finish')
          new_url = auth_request.redirectURL(return_to=return_url,
                                             realm=protocol + '://' + host)
          return_url = url_for(host=host, controller='account', action='login_finish')
          new_url = auth_request.redirectURL(return_to=return_url,
                                             realm=protocol + '://' + host)
-        redirect_to(new_url)
+        redirect(new_url)
  
      def login_finish(self):
          """Step two of logging in; the OpenID provider redirects back here."""
  
      def login_finish(self):
          """Step two of logging in; the OpenID provider redirects back here."""
@@ -53,22 +62,72 @@ class AccountController(BaseController):
              q = User.query.filter(User.identity_urls.any(url=res.identity_url))
              user = q.one()
          except NoResultFound:
              q = User.query.filter(User.identity_urls.any(url=res.identity_url))
              user = q.one()
          except NoResultFound:
+            # Unrecognized URL.  Redirect to a registration page to ask for a
+            # nickname, etc.
+            session['register:identity_url'] = res.identity_url
+
              # Try to pull a name out of the SReg response
              sreg_res = SRegResponse.fromSuccessResponse(res)
              # Try to pull a name out of the SReg response
              sreg_res = SRegResponse.fromSuccessResponse(res)
-            try:
-                username = sreg_res['nickname']
-            except:
-                username = 'Anonymous'
+            if sreg_res and 'nickname' in sreg_res:
+                session['register:nickname'] = sreg_res['nickname']
  
  
-            # Create db records
-            user = User(name=username)
-            identity_url = IdentityURL(url=res.identity_url)
-            user.identity_urls.append(identity_url)
-            elixir.session.commit()
+            session.save()
+            redirect(url('register'))
  
          # Remember who's logged in, and we're good to go
          session['user_id'] = user.id
          session.save()
  
          # XXX send me where I came from
  
          # Remember who's logged in, and we're good to go
          session['user_id'] = user.id
          session.save()
  
          # XXX send me where I came from
-        redirect_to('/')
+        redirect('/')
+
+    def logout(self):
+        """Log user out."""
+
+        if 'user_id' in session:
+            del session['user_id']
+            session.save()
+
+        # XXX success message
+        # XXX send me where I came from
+        redirect('/')
+
+    def register(self):
+        """Logging in with an unrecognized identity URL redirects here."""
+
+        c.identity_url = session['register:identity_url']
+        c.nickname = session.get('register:nickname', None)
+        # XXX hey, uh.  warn if this name is taken already.
+
+        return render('/account/register.mako')
+
+    def register_finish(self):
+        """Complete a new-user registration.  Create the user and log in."""
+
+        identity_url = session['register:identity_url']
+        username = request.params.get('username', None)
+
+        if not username:
+            h.flash(u'Please enter a username.')
+            return self.register()
+
+        if User.query.filter_by(name=username).count():
+            h.flash(u'This username is already taken.')
+            return self.register()
+
+        if not User.is_valid_name(username):
+            h.flash(u'This username is not valid.')
+            return self.register()
+
+        # Create db records
+        user = User(name=username, display_name=username)
+        user.identity_urls.append(IdentityURL(url=identity_url))
+        elixir.session.commit()
+
+        # Log in
+        session['user_id'] = user.id
+        session.save()
+        h.flash(u'You are now logged in.')
+
+        # XXX send me where I came from
+        redirect('/')