X-Git-Url: http://git.veekun.com/zzz-floof.git/blobdiff_plain/29dd9f09e93699ac14cd80ea192794ff04cd8f35..453a7ca3b9d5e7093f843b883db58f9beb1b3aa8:/floof/controllers/account.py?ds=sidebyside diff --git a/floof/controllers/account.py b/floof/controllers/account.py index 0c53a6d..0b58078 100644 --- a/floof/controllers/account.py +++ b/floof/controllers/account.py @@ -3,29 +3,40 @@ import logging from openid.consumer.consumer import Consumer from openid.extensions.sreg import SRegRequest, SRegResponse from openid.store.filestore import FileOpenIDStore +from openid.yadis.discover import DiscoveryFailure from sqlalchemy.orm.exc import NoResultFound from pylons import request, response, session, tmpl_context as c, url -from pylons.controllers.util import abort, redirect_to +from pylons.controllers.util import abort, redirect, redirect_to from routes import url_for, request_config from floof.lib.base import BaseController, render +import floof.lib.helpers as h from floof.model.users import IdentityURL, User log = logging.getLogger(__name__) +from floof.model import UserPage + class AccountController(BaseController): openid_store = FileOpenIDStore('/var/tmp') def login(self): - return render('/login.mako') + c.bogus_identity_url = request.params.get('bogus_identity_url', None) + return render('/account/login.mako') def login_begin(self): """Step one of logging in with OpenID; we redirect to the provider""" + identity_url = request.params['identity_url'] cons = Consumer(session=session, store=self.openid_store) - auth_request = cons.begin(request.params['identity_url']) + try: + auth_request = cons.begin(identity_url) + except DiscoveryFailure: + redirect_to(controller='account', action='login', + bogus_identity_url=identity_url) + sreg_req = SRegRequest(optional=['nickname', 'email', 'dob', 'gender', 'country', 'language', 'timezone']) auth_request.addExtension(sreg_req) @@ -35,7 +46,7 @@ class AccountController(BaseController): return_url = url_for(host=host, controller='account', action='login_finish') new_url = auth_request.redirectURL(return_to=return_url, realm=protocol + '://' + host) - redirect_to(new_url) + redirect(new_url) def login_finish(self): """Step two of logging in; the OpenID provider redirects back here.""" @@ -63,20 +74,33 @@ class AccountController(BaseController): session['register:nickname'] = sreg_res['nickname'] session.save() - redirect_to(url.current(action='register')) + redirect(url('register')) # Remember who's logged in, and we're good to go session['user_id'] = user.id session.save() + h.flash(u'You are now logged in.') + + # XXX send me where I came from + redirect('/') + + def logout(self): + """Log user out.""" + if 'user_id' in session: + del session['user_id'] + session.save() + + # XXX success message # XXX send me where I came from - redirect_to('/') + redirect('/') def register(self): """Logging in with an unrecognized identity URL redirects here.""" c.identity_url = session['register:identity_url'] c.nickname = session.get('register:nickname', None) + # XXX hey, uh. warn if this name is taken already. return render('/account/register.mako') @@ -86,23 +110,32 @@ class AccountController(BaseController): identity_url = session['register:identity_url'] username = request.params.get('username', None) - # XXX how do we return errors in some useful way? - if not username: - return 'Please enter a username.' + h.flash(u'Please enter a username.') + return self.register() if User.query.filter_by(name=username).count(): - return 'That username is taken.' + h.flash(u'This username is already taken.') + return self.register() + + if not User.is_valid_name(username): + h.flash(u'This username is not valid.') + return self.register() + + if username in ['me']: + h.flash(u'This username is reserved.') + return self.register() # Create db records - user = User(name=username) + user = User(name=username, display_name=username) user.identity_urls.append(IdentityURL(url=identity_url)) + elixir.session.commit() # Log in session['user_id'] = user.id session.save() + h.flash(u'You are now logged in.') - # XXX how do we do success messages in some useful way? # XXX send me where I came from - redirect_to('/') + redirect('/')