heckyel/mediagoblin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified auth/__init__ hooks to work better with multiple plugins. Removed auth/lib.py. And added a basic_extra_verification function that all plugins will use.

Browse Source
This commit is contained in:
Rodney Ewing 2013-05-20 08:10:19 -07:00
parent 20583e8a4d
commit c3e3882e39
3 changed files with 74 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
mediagoblin/auth/__init__.py
View File

@ -13,7 +13,7 @@
# #
# You should have received a copy of the GNU Affero General Public License # You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
from mediagoblin.tools.pluginapi import hook_handle from mediagoblin.tools.pluginapi import hook_handle, hook_runall
def check_login(user, password): def check_login(user, password):
@ -23,20 +23,22 @@ def check_login(user, password):
return False return False
def get_user(*args): def get_user(form):
return hook_handle("auth_get_user", *args) return hook_handle("auth_get_user", form)
def create_user(*args): def create_user(register_form):
return hook_handle("auth_create_user", *args) results = hook_runall("auth_create_user", register_form)
return results[0]
def extra_validation(register_form, *args): def extra_validation(register_form):
return hook_handle("auth_extra_validation", register_form, *args) from mediagoblin.auth.tools import basic_extra_validation
extra_validation_passes = basic_extra_validation(register_form)
def get_user_metadata(user): if False in hook_runall("auth_extra_validation", register_form):
return hook_handle("auth_get_user_metadata", user) extra_validation_passes = False
return extra_validation_passes
def get_login_form(request): def get_login_form(request):

83
mediagoblin/auth/lib.py
View File

@ -1,83 +0,0 @@
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from mediagoblin.tools.mail import send_email
from mediagoblin.tools.template import render_template
from mediagoblin import mg_globals
EMAIL_VERIFICATION_TEMPLATE = (
u"http://{host}{uri}?"
u"userid={userid}&token={verification_key}")
def send_verification_email(user, request):
"""
Send the verification email to users to activate their accounts.
Args:
- user: a user object
- request: the request
"""
rendered_email = render_template(
request, 'mediagoblin/auth/verification_email.txt',
{'username': user.username,
'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
host=request.host,
uri=request.urlgen('mediagoblin.auth.verify_email'),
userid=unicode(user.id),
verification_key=user.verification_key)})
# TODO: There is no error handling in place
send_email(
mg_globals.app_config['email_sender_address'],
[user.email],
# TODO
# Due to the distributed nature of GNU MediaGoblin, we should
# find a way to send some additional information about the
# specific GNU MediaGoblin instance in the subject line. For
# example "GNU MediaGoblin @ Wandborg - [...]".
'GNU MediaGoblin - Verify your email!',
rendered_email)
EMAIL_FP_VERIFICATION_TEMPLATE = (
u"http://{host}{uri}?"
u"userid={userid}&token={fp_verification_key}")
def send_fp_verification_email(user, request):
"""
Send the verification email to users to change their password.
Args:
- user: a user object
- request: the request
"""
rendered_email = render_template(
request, 'mediagoblin/auth/fp_verification_email.txt',
{'username': user.username,
'verification_url': EMAIL_FP_VERIFICATION_TEMPLATE.format(
host=request.host,
uri=request.urlgen('mediagoblin.plugins.basic_auth.verify_forgot_password'),
userid=unicode(user.id),
fp_verification_key=user.fp_verification_key)})
# TODO: There is no error handling in place
send_email(
mg_globals.app_config['email_sender_address'],
[user.email],
'GNU MediaGoblin - Change forgotten password!',
rendered_email)

65
mediagoblin/auth/tools.py
View File

@ -17,10 +17,14 @@
import logging import logging
import wtforms import wtforms
from mediagoblin import mg_globals from mediagoblin import messages, mg_globals
from mediagoblin.tools.mail import normalize_email from mediagoblin.tools.mail import normalize_email, send_email
from mediagoblin.tools.translate import lazy_pass_to_ugettext as _ from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
from mediagoblin.tools.template import render_template
from mediagoblin.tools.pluginapi import hook_handle from mediagoblin.tools.pluginapi import hook_handle
from mediagoblin.tools.response import redirect
from mediagoblin import auth
from mediagoblin.db.models import User
_log = logging.getLogger(__name__) _log = logging.getLogger(__name__)
@ -66,7 +70,7 @@ class AuthError(Exception):
def check_auth_enabled(): def check_auth_enabled():
no_auth = mg_globals.app_config['no_auth'] no_auth = mg_globals.app_config['no_auth']
auth_plugin = True if hook_handle('authentication') is not None else False auth_plugin = hook_handle('authentication')
if no_auth == 'false' and not auth_plugin: if no_auth == 'false' and not auth_plugin:
raise AuthError raise AuthError
@ -82,3 +86,58 @@ def no_auth_logout(request):
"""Log out the user if in no_auth mode""" """Log out the user if in no_auth mode"""
if not mg_globals.app.auth: if not mg_globals.app.auth:
request.session.delete() request.session.delete()
def basic_extra_validation(register_form, *args):
users_with_username = User.query.filter_by(
username=register_form.data['username']).count()
users_with_email = User.query.filter_by(
email=register_form.data['email']).count()
extra_validation_passes = True
if users_with_username:
register_form.username.errors.append(
_(u'Sorry, a user with that name already exists.'))
extra_validation_passes = False
if users_with_email:
register_form.email.errors.append(
_(u'Sorry, a user with that email address already exists.'))
extra_validation_passes = False
return extra_validation_passes
EMAIL_VERIFICATION_TEMPLATE = (
u"http://{host}{uri}?"
u"userid={userid}&token={verification_key}")
def send_verification_email(user, request):
"""
Send the verification email to users to activate their accounts.
Args:
- user: a user object
- request: the request
"""
rendered_email = render_template(
request, 'mediagoblin/auth/verification_email.txt',
{'username': user.username,
'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
host=request.host,
uri=request.urlgen('mediagoblin.auth.verify_email'),
userid=unicode(user.id),
verification_key=user.verification_key)})
# TODO: There is no error handling in place
send_email(
mg_globals.app_config['email_sender_address'],
[user.email],
# TODO
# Due to the distributed nature of GNU MediaGoblin, we should
# find a way to send some additional information about the
# specific GNU MediaGoblin instance in the subject line. For
# example "GNU MediaGoblin @ Wandborg - [...]".
'GNU MediaGoblin - Verify your email!',
rendered_email)