source: OpenWorkouts-current/ow/views/user.py @ 1d92bf2

currentfeature/docs
Last change on this file since 1d92bf2 was 1d92bf2, checked in by borja <borja@…>, 5 years ago

(#37) Allow login using email address instead of username:

  • Use user uids as keys in the root folder for referencing user objects (instead of username)
  • Use uids for referencing users all over the place (auth, permissions, traversal urls, etc)
  • Replaced the username concept with nickname. This nickname will be used as a shortcut to access "public profile" pages for users
  • Reworked lots of basic methods in the OpenWorkouts root object (s/username/nickname, marked as properties some methods like users, emails, etc)
  • Added new add_user() and delete_user() helpers to the OpenWorkouts root object
  • Fixed bug in the dashboard redirect view, causing an endless loop if an authenticated user does not exist anymore when loading a page.
  • Lots of tests fixes, adaptations and catch up.
  • Property mode set to 100644
File size: 5.0 KB
Line 
1from pyramid.httpexceptions import HTTPFound
2from pyramid.view import view_config
3from pyramid.security import remember, forget
4from pyramid.response import Response
5from pyramid.i18n import TranslationStringFactory
6from pyramid_simpleform import Form, State
7
8from ..models.user import User
9from ..schemas.user import (
10    UserProfileSchema,
11    ChangePasswordSchema,
12    SignUpSchema,
13)
14from ..models.root import OpenWorkouts
15from ..views.renderers import OWFormRenderer
16
17_ = TranslationStringFactory('OpenWorkouts')
18
19
20@view_config(context=OpenWorkouts)
21def dashboard_redirect(context, request):
22    """
23    Send the user to his dashboard when accesing the root object,
24    send to the login page if the user is not logged in.
25    """
26    if request.authenticated_userid:
27        user = request.root.get_user_by_uid(request.authenticated_userid)
28        if user:
29            return HTTPFound(location=request.resource_url(user))
30        else:
31            # an authenticated user session, for an user that does not exist
32            # anymore, logout!
33            return HTTPFound(location=request.resource_url(context, 'logout'))
34    return HTTPFound(location=request.resource_url(context, 'login'))
35
36
37@view_config(
38    context=OpenWorkouts,
39    name='login',
40    renderer='ow:templates/login.pt')
41def login(context, request):
42    message = ''
43    email = ''
44    password = ''
45    return_to = request.params.get('return_to')
46    redirect_url = return_to or request.resource_url(request.root)
47
48    if 'submit' in request.POST:
49        email = request.POST.get('email', None)
50        user = context.get_user_by_email(email)
51        if user:
52            password = request.POST.get('password', None)
53            if password is not None and user.check_password(password):
54                headers = remember(request, str(user.uid))
55                redirect_url = return_to or request.resource_url(user)
56                return HTTPFound(location=redirect_url, headers=headers)
57            else:
58                message = _('Wrong password')
59        else:
60            message = _('Wrong email address')
61
62    return {
63        'message': message,
64        'email': email,
65        'password': password,
66        'redirect_url': redirect_url
67    }
68
69
70@view_config(context=OpenWorkouts, name='logout')
71def logout(context, request):
72    headers = forget(request)
73    return HTTPFound(location=request.resource_url(context), headers=headers)
74
75
76@view_config(
77    context=OpenWorkouts,
78    name='signup',
79    renderer='ow:templates/signup.pt')
80def signup(context, request):
81    state = State(emails=context.lowercase_emails,
82                  names=context.lowercase_nicknames)
83    form = Form(request, schema=SignUpSchema(), state=state)
84
85    if 'submit' in request.POST and form.validate():
86        user = form.bind(User(), exclude=['password_confirm'])
87        context.add_user(user)
88        # Send to login
89        return HTTPFound(location=request.resource_url(context))
90
91    return {
92        'form': OWFormRenderer(form)
93    }
94
95
96@view_config(
97    context=OpenWorkouts,
98    name='forgot-password',
99    renderer='ow:templates/forgot_password.pt')
100def recover_password(context, request):
101    # WIP
102    Form(request)
103
104
105@view_config(
106    context=User,
107    permission='view',
108    renderer='ow:templates/dashboard.pt')
109def dashboard(context, request):
110    """
111    Render a dashboard for the current user
112    """
113    # Add here some logic
114    return {}
115
116
117@view_config(
118    context=User,
119    permission='view',
120    name='profile',
121    renderer='ow:templates/profile.pt')
122def profile(context, request):
123    """
124    "public" profile view, showing some workouts from this user, her
125    basic info, stats, etc
126    """
127    return {}
128
129
130@view_config(
131    context=User,
132    name='picture',
133    permission='view')
134def profile_picture(context, request):
135    return Response(
136        content_type='image',
137        body_file=context.picture.open())
138
139
140@view_config(
141    context=User,
142    permission='edit',
143    name='edit',
144    renderer='ow:templates/edit_profile.pt')
145def edit_profile(context, request):
146    form = Form(request, schema=UserProfileSchema(), obj=context)
147    if 'submit' in request.POST and form.validate():
148        # No picture? do not override it
149        if not form.data['picture']:
150            del form.data['picture']
151        form.bind(context)
152        # Saved, send the user to the public view of her profile
153        return HTTPFound(location=request.resource_url(context, 'profile'))
154    # prevent crashes on the form
155    if 'picture' in form.data:
156        del form.data['picture']
157    return {'form': OWFormRenderer(form)}
158
159
160@view_config(
161    context=User,
162    permission='edit',
163    name='passwd',
164    renderer='ow:templates/change_password.pt')
165def change_password(context, request):
166    form = Form(request, schema=ChangePasswordSchema(),
167                state=State(user=context))
168    if 'submit' in request.POST and form.validate():
169        context.password = form.data['password']
170        return HTTPFound(location=request.resource_url(context, 'profile'))
171    return {'form': OWFormRenderer(form)}
Note: See TracBrowser for help on using the repository browser.