Changeset 1d92bf2 in OpenWorkouts-current for ow/views

Timestamp:

Dec 16, 2018, 1:07:04 AM (5 years ago)

Author:

borja <borja@…>

Branches:

current, feature/docs, master

Children:

6560b8f

Parents:

929097a

Message:

(#37) Allow login using email address instead of username:

• Use user uids as keys in the root folder for referencing user objects (instead of username)

• Use uids for referencing users all over the place (auth, permissions, traversal urls, etc)

• Replaced the username concept with nickname. This nickname will be used as a shortcut to access "public profile" pages for users

• Reworked lots of basic methods in the OpenWorkouts root object (s/username/nickname, marked as properties some methods like users, emails, etc)

• Added new add_user() and delete_user() helpers to the OpenWorkouts root object

• Modified views to match the new OpenWorkouts root helpers

• Fixed bug in the dashboard redirect view, causing an endless loop if an authenticated user does not exist anymore when loading a page.

• Lots of tests fixes, adaptations and catch up.

Location:

ow/views

Files:

• root.py (modified) (3 diffs)
• user.py (modified) (4 diffs)

ow/views/root.py

@@ -1 +1 @@
 from pyramid.view import view_config
-from pyramid_simpleform import Form
+from pyramid_simpleform import Form, State
 from pyramid_simpleform.renderers import FormRenderer
 from pyramid.httpexceptions import HTTPFound
@@ -18 +18 @@
     Show a list of all the users to admins
     """
-    users = context.users()
+    users = context.users
     return {'users': users}
 
@@ -31 +31 @@
     Form to add a user
     """
-    form = Form(request, schema=UserAddSchema())
+    state = State(emails=context.lowercase_emails,
+                  names=context.lowercase_nicknames)
+
+    form = Form(request, schema=UserAddSchema(), state=state)
 
     if 'submit' in request.POST and form.validate():
-        uid = request.POST['uid']
-        user = form.bind(User(), exclude=['uid'])
-        context[uid] = user
+        user = form.bind(User())
+        context[str(user.uid)] = user
         return HTTPFound(location=request.resource_url(context, 'userlist'))
 

ow/views/user.py

@@ -25 +25 @@
     """
     if request.authenticated_userid:
-        user = request.root.get_user(request.authenticated_userid)
-        return HTTPFound(location=request.resource_url(user))
+        user = request.root.get_user_by_uid(request.authenticated_userid)
+        if user:
+            return HTTPFound(location=request.resource_url(user))
+        else:
+            # an authenticated user session, for an user that does not exist
+            # anymore, logout!
+            return HTTPFound(location=request.resource_url(context, 'logout'))
     return HTTPFound(location=request.resource_url(context, 'login'))
 
@@ -36 +41 @@
 def login(context, request):
     message = ''
-    username = ''
+    email = ''
     password = ''
     return_to = request.params.get('return_to')
@@ -42 +47 @@
 
     if 'submit' in request.POST:
-        username = request.POST.get('username', None)
-        if username in request.root.all_usernames():
-            user = request.root[username]
+        email = request.POST.get('email', None)
+        user = context.get_user_by_email(email)
+        if user:
             password = request.POST.get('password', None)
             if password is not None and user.check_password(password):
-                headers = remember(request, username)
+                headers = remember(request, str(user.uid))
+                redirect_url = return_to or request.resource_url(user)
                 return HTTPFound(location=redirect_url, headers=headers)
             else:
-                message = u'Bad password'
+                message = _('Wrong password')
         else:
-            message = u'Bad username'
+            message = _('Wrong email address')
 
     return {
         'message': message,
-        'username': username,
+        'email': email,
         'password': password,
         'redirect_url': redirect_url
@@ -73 +79 @@
     renderer='ow:templates/signup.pt')
 def signup(context, request):
-    state = State(emails=context.lowercase_emails(),
-                  names=context.lowercase_usernames())
+    state = State(emails=context.lowercase_emails,
+                  names=context.lowercase_nicknames)
     form = Form(request, schema=SignUpSchema(), state=state)
 
     if 'submit' in request.POST and form.validate():
-        username = request.POST['username']
-        user = form.bind(User(), exclude=['username', 'password_confirm'])
-        context[username] = user
+        user = form.bind(User(), exclude=['password_confirm'])
+        context.add_user(user)
         # Send to login
         return HTTPFound(location=request.resource_url(context))