This repository has been archived on 2024-11-20. You can view files and clone it, but cannot push or open issues or pull requests.
old-scribeengine/scribeengine/controllers/admin.py

119 lines
5.2 KiB
Python
Raw Normal View History

2010-01-15 20:55:30 +00:00
# -*- coding: utf-8 -*-
# vim: autoindent shiftwidth=4 expandtab textwidth=80 tabstop=4 softtabstop=4
###############################################################################
# ScribeEngine - Open Source Blog Software #
# --------------------------------------------------------------------------- #
# Copyright (c) 2010 Raoul Snyman #
# --------------------------------------------------------------------------- #
# This program is free software; you can redistribute it and/or modify it #
# under the terms of the GNU General Public License as published by the Free #
# Software Foundation; version 2 of the License. #
# #
# This program is distributed in the hope that it will be useful, but WITHOUT #
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or #
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for #
# more details. #
# #
# You should have received a copy of the GNU General Public License along #
# with this program; if not, write to the Free Software Foundation, Inc., 59 #
# Temple Place, Suite 330, Boston, MA 02111-1307 USA #
###############################################################################
import logging
import string
import random
from scribeengine.lib.base import *
from scribeengine.lib.validation.client import JSString, JSEmail
from scribeengine.lib.validation.server import UnicodeString, Email, FieldsMatch
from scribeengine.lib import utils
from scribeengine.model import User
from scribeengine.model.meta import Session
log = logging.getLogger(__name__)
class AdminController(BaseController):
def index(self):
h.redirect_to('/admin/login')
def register(self):
c.page_title = u'Register'
return render(u'/admin/register.mako')
@jsvalidate(u'register-form')
def register_jsschema(self):
return {
u'email': JSEmail(required=True, message=u'You haven\'t typed in an e-mail address.'),
u'password': JSString(required=True, message=u'You haven\'t typed in a password.'),
u'confirm-password': JSString(required=True, equalTo=u'password', message=u'Your passwords don\'t match.')
}
def register_schema(self):
return {
'email': Email(not_empty=True, messages={'empty': u'You haven\'t typed in an e-mail address.'}),
'password': UnicodeString(not_empty=True, messages={'empty': u'You haven\'t typed in a password.'}),
'confirm': [FieldsMatch('password', 'confirm-passsword', messages={'invalid': u'Your passwords don\'t match.'})]
}
def register_POST(self):
activation_code = u''.join(random.sample(string.letters + string.digits, 40))
user = User(
nick=c.form_values[u'nick'],
email=c.form_values[u'email'],
password=utils.hash_password(c.form_values[u'password']),
activation_key=activation_code
)
Session.add(user)
Session.commit()
h.redirect_to('/')
def login(self):
c.page_title = u'Login'
return render(u'/admin/login.mako')
@jsvalidate(u'login-form')
def login_jsschema(self):
return {
u'email': JSEmail(required=True, message=u'You haven\'t typed in an e-mail address.'),
u'password': JSString(required=True, message=u'You haven\'t typed in a password.')
}
def login_schema(self):
return {
'email': Email(not_empty=True, messages={'empty': u'You haven\'t typed in an e-mail address.'}),
'password': UnicodeString(not_empty=True, messages={'empty': u'You haven\'t typed in a password.'})
}
def login_POST(self):
log.debug('Logging in as "%s" with password "%s"', c.form_values[u'email'], c.form_values[u'password'])
user = Session.query(User).filter_by(email=c.form_values[u'email']).first()
password = utils.hash_password(c.form_values[u'password'])
log.debug(user)
if not user or user.password != password:
log.debug('Username or password are incorrect.')
h.flash.set_message(u'Your username or password are incorrect.', u'error')
h.redirect_to('/login')
elif user and user.password == password:
log.debug('Logged in successfully.')
redirect_url = str(session.get(u'redirect_url', u'/'))
session[u'REMOTE_USER'] = user.id
if u'redirect_url' in session:
del session[u'redirect_url']
session.save()
h.flash.set_message(u'You have logged in successfully.', u'success')
h.redirect_to(redirect_url)
else:
log.debug('"user" is None.')
del session[u'REMOTE_USER']
session.save()
h.flash.set_message(u'There was a problem logging you in.', u'error')
h.redirect_to('/login')
def logout(self):
del session[u'REMOTE_USER']
session.save()
h.redirect_to('/')