heckyel/mediagoblin
0
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'persona_resquash'

Browse Source
This commit is contained in:
Christopher Allan Webber
2013-08-15 17:07:14 -05:00
parent 4834ef8ec2 cd612ee689
commit 97b9b98c1e
19 changed files with 904 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mediagoblin/plugins/openid/__init__.py
View File

@@ -120,4 +120,6 @@ hooks = {
'auth_no_pass_redirect': no_pass_redirect,
('mediagoblin.auth.register',
'mediagoblin/auth/register.html'): add_to_form_context,
('mediagoblin.auth.login',
'mediagoblin/auth/login.html'): add_to_form_context
}

1
mediagoblin/plugins/openid/templates/mediagoblin/plugins/openid/login.html
View File

@@ -44,6 +44,7 @@
{% trans %}Log in to create an account!{% endtrans %}
</p>
{% endif %}
{% template_hook('login_link') %}
{% if pass_auth is defined %}
<p>
<a href="{{ request.urlgen('mediagoblin.auth.login') }}?{{ request.query_string }}">

2
mediagoblin/plugins/openid/templates/mediagoblin/plugins/openid/login_link.html
View File

@@ -17,9 +17,11 @@
#}
{% block openid_login_link %}
{% if openid_link is defined %}
<p>
<a href="{{ request.urlgen('mediagoblin.plugins.openid.login') }}?{{ request.query_string }}">
{%- trans %}Or login with OpenID!{% endtrans %}
</a>
</p>
{% endif %}
{% endblock %}

116
mediagoblin/plugins/persona/__init__.py Normal file
View File

@@ -0,0 +1,116 @@
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from pkg_resources import resource_filename
import os
from sqlalchemy import or_
from mediagoblin.auth.tools import create_basic_user
from mediagoblin.db.models import User
from mediagoblin.plugins.persona.models import PersonaUserEmails
from mediagoblin.tools import pluginapi
from mediagoblin.tools.staticdirect import PluginStatic
from mediagoblin.tools.translate import pass_to_ugettext as _
PLUGIN_DIR = os.path.dirname(__file__)
def setup_plugin():
config = pluginapi.get_config('mediagoblin.plugins.persona')
routes = [
('mediagoblin.plugins.persona.login',
'/auth/persona/login/',
'mediagoblin.plugins.persona.views:login'),
('mediagoblin.plugins.persona.register',
'/auth/persona/register/',
'mediagoblin.plugins.persona.views:register'),
('mediagoblin.plugins.persona.edit',
'/edit/persona/',
'mediagoblin.plugins.persona.views:edit'),
('mediagoblin.plugins.persona.add',
'/edit/persona/add/',
'mediagoblin.plugins.persona.views:add')]
pluginapi.register_routes(routes)
pluginapi.register_template_path(os.path.join(PLUGIN_DIR, 'templates'))
pluginapi.register_template_hooks(
{'persona_head': 'mediagoblin/plugins/persona/persona_js_head.html',
'persona_form': 'mediagoblin/plugins/persona/persona.html',
'edit_link': 'mediagoblin/plugins/persona/edit_link.html',
'login_link': 'mediagoblin/plugins/persona/login_link.html',
'register_link': 'mediagoblin/plugins/persona/register_link.html'})
def create_user(register_form):
if 'persona_email' in register_form:
username = register_form.username.data
user = User.query.filter(
or_(
User.username == username,
User.email == username,
)).first()
if not user:
user = create_basic_user(register_form)
new_entry = PersonaUserEmails()
new_entry.persona_email = register_form.persona_email.data
new_entry.user_id = user.id
new_entry.save()
return user
def extra_validation(register_form):
persona_email = register_form.persona_email.data if 'persona_email' in \
register_form else None
if persona_email:
persona_email_exists = PersonaUserEmails.query.filter_by(
persona_email=persona_email
).count()
extra_validation_passes = True
if persona_email_exists:
register_form.persona_email.errors.append(
_('Sorry, an account is already registered to that Persona'
' email.'))
extra_validation_passes = False
return extra_validation_passes
def Auth():
return True
def add_to_global_context(context):
if len(pluginapi.hook_runall('authentication')) == 1:
context['persona_auth'] = True
context['persona'] = True
return context
hooks = {
'setup': setup_plugin,
'authentication': Auth,
'auth_extra_validation': extra_validation,
'auth_create_user': create_user,
'template_global_context': add_to_global_context,
'static_setup': lambda: PluginStatic(
'coreplugin_persona',
resource_filename('mediagoblin.plugins.persona', 'static'))
}

41
mediagoblin/plugins/persona/forms.py Normal file
View File

@@ -0,0 +1,41 @@
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import wtforms
from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
from mediagoblin.auth.tools import normalize_user_or_email_field
class RegistrationForm(wtforms.Form):
username = wtforms.TextField(
_('Username'),
[wtforms.validators.Required(),
normalize_user_or_email_field(allow_email=False)])
email = wtforms.TextField(
_('Email address'),
[wtforms.validators.Required(),
normalize_user_or_email_field(allow_user=False)])
persona_email = wtforms.HiddenField(
'',
[wtforms.validators.Required(),
normalize_user_or_email_field(allow_user=False)])
class EditForm(wtforms.Form):
email = wtforms.TextField(
_('Email address'),
[wtforms.validators.Required(),
normalize_user_or_email_field(allow_user=False)])

36
mediagoblin/plugins/persona/models.py Normal file
View File

@@ -0,0 +1,36 @@
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from sqlalchemy import Column, Integer, Unicode, ForeignKey
from sqlalchemy.orm import relationship, backref
from mediagoblin.db.models import User
from mediagoblin.db.base import Base
class PersonaUserEmails(Base):
__tablename__ = "persona__user_emails"
id = Column(Integer, primary_key=True)
persona_email = Column(Unicode, nullable=False)
user_id = Column(Integer, ForeignKey(User.id), nullable=False)
# Persona's are owned by their user, so do the full thing.
user = relationship(User, backref=backref('persona_emails',
cascade='all, delete-orphan'))
MODELS = [
PersonaUserEmails
]

49
mediagoblin/plugins/persona/static/js/persona.js Normal file
View File

@@ -0,0 +1,49 @@
/**
* GNU MediaGoblin -- federated, autonomous media hosting
* Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
$(document).ready(function () {
var signinLink = document.getElementById('persona_login');
if (signinLink) {
signinLink.onclick = function() { navigator.id.request(); };
}
var signinLink1 = document.getElementById('persona_login1');
if (signinLink1) {
signinLink1.onclick = function() { navigator.id.request(); };
}
var signoutLink = document.getElementById('logout');
if (signoutLink) {
signoutLink.onclick = function() { navigator.id.logout(); };
}
navigator.id.watch({
onlogin: function(assertion) {
document.getElementById('_assertion').value = assertion;
document.getElementById('_persona_login').submit()
},
onlogout: function() {
$.ajax({
type: 'POST',
url: '/auth/logout',
success: function(res, status, xhr) { window.location.reload(); },
error: function(xhr, status, err) { alert("Logout failure: " + err); }
});
}
});
});

43
mediagoblin/plugins/persona/templates/mediagoblin/plugins/persona/edit.html Normal file
View File

@@ -0,0 +1,43 @@
{#
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% extends "mediagoblin/base.html" %}
{% import "/mediagoblin/utils/wtforms.html" as wtforms_util %}
{% block title -%}
{% trans %}Add an OpenID{% endtrans %} &mdash; {{ super() }}
{%- endblock %}
{% block mediagoblin_content %}
<form action="{{ request.urlgen('mediagoblin.plugins.persona.edit') }}"
method="POST" enctype="multipart/form-data">
{{ csrf_token }}
<div class="form_box">
<h1>{% trans %}Delete a Persona email address{% endtrans %}</h1>
<p>
<a href="javascript:;" id="persona_login">
{% trans %}Add a Persona email address{% endtrans %}
</a>
</p>
{{ wtforms_util.render_divs(form, True) }}
<div class="form_submit_buttons">
<input type="submit" value="{% trans %}Delete{% endtrans %}" class="button_form"/>
</div>
</div>
</form>
{% endblock %}

25
mediagoblin/plugins/persona/templates/mediagoblin/plugins/persona/edit_link.html Normal file
View File

@@ -0,0 +1,25 @@
{#
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% block persona_edit_link %}
<p>
<a href="{{ request.urlgen('mediagoblin.plugins.persona.edit') }}">
{% trans %}Edit your Persona email addresses{% endtrans %}
</a>
</p>
{% endblock %}

25
mediagoblin/plugins/persona/templates/mediagoblin/plugins/persona/login_link.html Normal file
View File

@@ -0,0 +1,25 @@
{#
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% block person_login_link %}
<p>
<a href="javascript:;" id="persona_login">
{% trans %}Or login with Persona!{% endtrans %}
</a>
</p>
{% endblock %}

30
mediagoblin/plugins/persona/templates/mediagoblin/plugins/persona/persona.html Normal file
View File

@@ -0,0 +1,30 @@
{#
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% block persona %}
<form id="_persona_login"
action=
{%- if edit_persona is defined -%}
"{{ request.urlgen('mediagoblin.plugins.persona.add') }}"
{%- else -%}
"{{ request.urlgen('mediagoblin.plugins.persona.login') }}"
{%- endif %}
method="POST">
{{ csrf_token }}
<input type="hidden" name="assertion" type="text" id="_assertion"/>
</form>
{% endblock %}

21
mediagoblin/plugins/persona/templates/mediagoblin/plugins/persona/persona_js_head.html Normal file
View File

@@ -0,0 +1,21 @@
{#
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
<script src="https://login.persona.org/include.js"></script>
<script type="text/javascript"
src="{{ request.staticdirect('/js/persona.js', 'coreplugin_persona') }}"></script>

25
mediagoblin/plugins/persona/templates/mediagoblin/plugins/persona/register_link.html Normal file
View File

@@ -0,0 +1,25 @@
{#
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% block persona_register_link %}
<p>
<a href="javascript:;" id="persona_login">
{% trans %}Or register with Persona!{% endtrans %}
</a>
</p>
{% endblock %}

191
mediagoblin/plugins/persona/views.py Normal file
View File

@@ -0,0 +1,191 @@
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import json
import logging
import requests
from werkzeug.exceptions import BadRequest
from mediagoblin import messages, mg_globals
from mediagoblin.auth.tools import register_user
from mediagoblin.decorators import (auth_enabled, allow_registration,
require_active_login)
from mediagoblin.tools.response import render_to_response, redirect
from mediagoblin.tools.translate import pass_to_ugettext as _
from mediagoblin.plugins.persona import forms
from mediagoblin.plugins.persona.models import PersonaUserEmails
_log = logging.getLogger(__name__)
def _get_response(request):
if 'assertion' not in request.form:
_log.debug('assertion not in request.form')
raise BadRequest()
data = {'assertion': request.form['assertion'],
'audience': request.urlgen('index', qualified=True)}
resp = requests.post('https://verifier.login.persona.org/verify',
data=data, verify=True)
if resp.ok:
verification_data = json.loads(resp.content)
if verification_data['status'] == 'okay':
return verification_data['email']
return None
@auth_enabled
def login(request):
if request.method == 'GET':
return redirect(request, 'mediagoblin.auth.login')
email = _get_response(request)
if email:
query = PersonaUserEmails.query.filter_by(
persona_email=email
).first()
user = query.user if query else None
if user:
request.session['user_id'] = unicode(user.id)
request.session.save()
return redirect(request, "index")
else:
if not mg_globals.app.auth:
messages.add_message(
request,
messages.WARNING,
_('Sorry, authentication is disabled on this instance.'))
return redirect(request, 'index')
register_form = forms.RegistrationForm(email=email,
persona_email=email)
return render_to_response(
request,
'mediagoblin/auth/register.html',
{'register_form': register_form,
'post_url': request.urlgen(
'mediagoblin.plugins.persona.register')})
return redirect(request, 'mediagoblin.auth.login')
@allow_registration
@auth_enabled
def register(request):
if request.method == 'GET':
# Need to connect to persona before registering a user. If method is
# 'GET', then this page was acessed without logging in first.
return redirect(request, 'mediagoblin.auth.login')
register_form = forms.RegistrationForm(request.form)
if register_form.validate():
user = register_user(request, register_form)
if user:
# redirect the user to their homepage... there will be a
# message waiting for them to verify their email
return redirect(
request, 'mediagoblin.user_pages.user_home',
user=user.username)
return render_to_response(
request,
'mediagoblin/auth/register.html',
{'register_form': register_form,
'post_url': request.urlgen('mediagoblin.plugins.persona.register')})
@require_active_login
def edit(request):
form = forms.EditForm(request.form)
if request.method == 'POST' and form.validate():
query = PersonaUserEmails.query.filter_by(
persona_email=form.email.data)
user = query.first().user if query.first() else None
if user and user.id == int(request.user.id):
count = len(user.persona_emails)
if count > 1 or user.pw_hash:
# User has more then one Persona email or also has a password.
query.first().delete()
messages.add_message(
request,
messages.SUCCESS,
_('The Persona email address was successfully removed.'))
return redirect(request, 'mediagoblin.edit.account')
elif not count > 1:
form.email.errors.append(
_("You can't delete your only Persona email address unless"
" you have a password set."))
else:
form.email.errors.append(
_('That Persona email address is not registered to this'
' account.'))
return render_to_response(
request,
'mediagoblin/plugins/persona/edit.html',
{'form': form,
'edit_persona': True})
@require_active_login
def add(request):
if request.method == 'GET':
return redirect(request, 'mediagoblin.plugins.persona.edit')
email = _get_response(request)
if email:
query = PersonaUserEmails.query.filter_by(
persona_email=email
).first()
user_exists = query.user if query else None
if user_exists:
messages.add_message(
request,
messages.WARNING,
_('Sorry, an account is already registered with that Persona'
' email address.'))
return redirect(request, 'mediagoblin.plugins.persona.edit')
else:
# Save the Persona Email to the user
new_entry = PersonaUserEmails()
new_entry.persona_email = email
new_entry.user_id = request.user.id
new_entry.save()
messages.add_message(
request,
messages.SUCCESS,
_('Your Person email address was saved successfully.'))
return redirect(request, 'mediagoblin.edit.account')