154 Commits

Author SHA1 Message Date
Sebastian Spaeth
950124e640 webob.HTTPFound --> MG.tools.redirect
Transition away from webob.

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
2012-12-21 08:11:40 +01:00
Sebastian Spaeth
5c2b84869f Move DBModel._id -> DBModel.id
We were refering to model._id in most of the code base as this is
what Mongo uses. However, each use of _id required a) fixup of queries:
e.g. what we did in our find() and find_one() functions moving all
'_id' to 'id'. It also required using AliasFields to make the ._id
attribute available. This all means lots of superfluous fixing and
transitioning in a SQL world.

It will also not work in the long run. Much newer code already refers
to the objects by model.id (e.g. in the oauth plugin), which will break
with Mongo. So let's be honest, rip out the _id mongoism and live with
.id as the one canonical way to address objects.

This commit modifies all users and providers of model._id to use
model.id instead. This patch works with or without Mongo removed first,
but will break Mongo usage (even more than before)

I have not bothered to fixup db.mongo.* and db.sql.convert
(which converts from Mongo to SQL)

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
2012-12-21 00:30:48 +01:00
Joar Wandborg
111a609df5 Replaced all request.POST with request.form, ...
- Fixed error handling in OAuth plugin
- Changed request.POST file fields to request.files
2012-09-29 21:08:20 +02:00
Jakob Kramer
952b97d5a0 set username default server-side 2012-03-25 21:51:09 +02:00
Elrond
84812db59d Change user search from .one to .fine_one.
When searching for a user by username, there can either be
no result or one result. There is a unique constraint on
the db.

.one in mongokit raises an error for more than one result.
But that can't happen anyway. So no problem.

.one in sqlalchemy raises an error for more than one, but
that's not a problem anyway. It also raises an error for no
result. But no result is handled by the code anyway, so no
need to raise an exception.

.find_one doesn't raise an exception for more than one
result (no problem anyway) and just returns None for no
result. The later is handled by the code.
2012-03-12 23:46:04 +01:00
Elrond
53280164e2 47: Only lowercase host part of email
According to most documentation it seems that the local
part of an email adress is/can be case sensitive. While
the host part is not.
So we lowercase only the host part of the given adress.

See: http://issues.mediagoblin.org/ticket/47
2012-02-13 23:20:04 +01:00
Christopher Allan Webber
cf29e8a824 It's 2012 all up in here 2012-02-02 09:44:13 -06:00
Elrond
0ab21f981a Dot-Notation: Some random places 2012-01-11 11:42:26 +01:00
Jef van Schendel
35149b1124 Remove fp_changed_success.html, use log in page + notification message instead 2012-01-01 19:13:23 +01:00
Jef van Schendel
992e4f8032 Change forgotten password process: different redirect, added/changed messages 2011-12-30 21:29:15 +01:00
Elrond
479e8a833b Move verification key generation to view
Instead of creating the email verication key on the db
model as a default for the field, create it in the
registration view.
Now all verification key generation is only in
auth/views.py!
2011-12-27 20:17:16 +01:00
Elrond
2d540fed8b Dot-Notation for Users.fp_token_expire 2011-12-05 21:08:58 +01:00
Elrond
dc39e4555c Dot-Notation for Users.fp_verification_key 2011-12-05 21:08:58 +01:00
Elrond
00bb95502e Dot-Notation for Users.verification_key 2011-12-05 21:08:57 +01:00
Elrond
7a3d00ec21 Dot-Notation for Users.status 2011-12-05 21:08:57 +01:00
Elrond
4facc7a0a2 Dot-Notation for Users.email_verified 2011-12-05 21:08:57 +01:00
Elrond
9047b254f3 Dot-Notation for Users.pw_hash 2011-12-05 21:08:57 +01:00
Elrond
809cbfc5ab Dot-Notation for Users.email 2011-12-05 21:08:57 +01:00
Elrond
5a4e3ff1e2 Dot-Notation for Users.username 2011-12-05 21:08:57 +01:00
Elrond
5dbeda8a0f Fix redirect to logical path
redirects should in nearly all cases go to a logical path
like 'mediagoblin.auth.login' and not to an absolute path
like "/auth/login".
2011-11-20 20:15:21 +01:00
Elrond
e51af0e620 Merge remote branch 'remotes/aaronw/bug614_verification_crash'
* remotes/aaronw/bug614_verification_crash:
  Update english translation file.
  Reverse order of sanity checks: check email_verified after making sure there's a user in the request.
  Make sure user isn't already verified before resending verification.
  Check request.user to determine if user is logged in.
  Regenerated English .po file to include new string.
  Display and error and redirect to login page if unauthenticated user tries to access resend_verification.

Conflicts:
	mediagoblin/i18n/en/LC_MESSAGES/mediagoblin.po
2011-11-20 20:00:08 +01:00
Jef van Schendel
5ab3855e1f Slight change to error wording 2011-11-20 01:46:21 +01:00
Elrond
eabe6b678a Dot-Notation for "_id"
Note: Migrations can't use "Dot Notation"!

Migrations run on pymongo, not mongokit.
So they can't use the "Dot Notation".
This isn't really a big issue, as migrations are anyway
quite mongo specific.
2011-11-15 11:32:13 +01:00
Christopher Allan Webber
ee91c2b88d Merge remote-tracking branch 'remotes/nyergler/pep8-ification'
Conflicts:
	mediagoblin/db/migrations.py
	mediagoblin/db/models.py
	mediagoblin/user_pages/views.py
	mediagoblin/util.py
2011-11-13 20:23:26 -06:00
Aaron Williamson
2fe6991660 Reverse order of sanity checks: check email_verified after making sure there's a user in the request. 2011-10-03 20:28:48 -04:00
Aaron Williamson
7903a14f98 Make sure user isn't already verified before resending verification. 2011-10-03 20:25:11 -04:00
Aaron Williamson
43199340a2 Fixed conflict in /auth/views.py. 2011-10-03 20:01:14 -04:00
Aaron Williamson
3b74ce94ff Check request.user to determine if user is logged in. 2011-10-03 19:59:28 -04:00
Aaron Williamson
84a7e7706c Display and error and redirect to login page if unauthenticated user tries to access resend_verification. 2011-10-01 19:49:56 -04:00
Nathan Yergler
285ffeddf3 has_key is deprecated, converting uses to use "in" operator. 2011-10-01 15:10:41 -07:00
Nathan Yergler
243c3843bd Whitespace and formatting cleanup.
* Removed trailing whitespace
* Line length < 80 where possible
* Honor conventions on number of blank lines
* Honor conventions about spaces around :, =
2011-10-01 15:10:02 -07:00
Aaron Williamson
91e42c467d Merge branch 'mediagoblin-upstream' into bug444_fix_utils_py_redux 2011-10-01 18:09:49 -04:00
Aaron Williamson
152a3bfaa3 Finished splitting util.py into separate files. 2011-10-01 18:05:44 -04:00
Aaron Williamson
ae3bc7fabf Moved common, translation, template, and url code out of util.py and into tools/[file].py 2011-10-01 09:31:42 -04:00
Elrond
bf33272f03 Give debug message in email debug mode
If the server is running in email debug mode (current
default), users have often asked where the mail is. So tell
them in the web browser that their mail is on the console.
2011-09-30 22:27:47 +02:00
Christopher Allan Webber
f373599bd7 Merge branch 'gullydwarf-cfdv-f357_lost_password_functionality'
Conflicts:
	mediagoblin/auth/routing.py
2011-09-08 08:12:43 -05:00
Christopher Allan Webber
f7ab66707c Renaming request.[GET|POST] as formdata instead of session; that's more accurate. 2011-09-08 08:10:27 -05:00
Christopher Allan Webber
961fe38163 Adding a small docstring 2011-09-07 23:51:41 -05:00
Christopher Allan Webber
4185e644f4 Keys in mongodb should be unicode, here... 2011-09-07 23:48:10 -05:00
Christopher Allan Webber
daf029646e Also nullify verification key after verifying in the email confirmation step 2011-09-07 23:46:41 -05:00
Christopher Allan Webber
a85a21103b If the user hasn't verified their email or account inactive give a special warning 2011-09-07 23:45:14 -05:00
Christopher Allan Webber
73fffbb8b0 Adding additional check that verification key exists, and updating indentation 2011-09-07 23:32:15 -05:00
Christopher Allan Webber
2c9e8184a4 Adjusting indentation a bit 2011-09-07 23:25:46 -05:00
Christopher Allan Webber
d1a6432645 Avoiding using '$or' query modifier since that's newer-mongo only. 2011-09-07 23:23:44 -05:00
Caleb Forbes Davis V
4bcaf9f32a for readability, and adds unit test for expired token 2011-09-05 18:57:06 -05:00
Caleb Forbes Davis V
8d1c9863b6 refactors verify_forgot_password 2011-09-05 14:06:01 -05:00
Will Kahn-Greene
12a100e4d8 508. Updates copyright/license information 2011-09-01 20:50:19 -04:00
Caleb Forbes Davis V
e1105f5dcb Generalizes error model for change password verification
- 404s instead of 'user not found' will limit leaking user profile
  information to the browser.
- Also fixed the wording on the login page to make it clear you are
  changing the password, not sending yourself your old one!
2011-08-29 00:19:54 -05:00
Caleb Forbes Davis V
24966c43bd Avoids informing browser whether the username or email is a match
- pretends to have sent the email with the URL to change the password
  regardless of whether or not the email was actually sent. This
  avoids leaking user information to the browser
2011-08-29 00:18:35 -05:00
Alejandro Villanueva
25ba955e20 Adding fotgot password functionality 2011-08-28 20:08:14 -05:00