oly
/
maidstone-hackspace
0
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

login improvements, more to come facebook should be enabled shortly

This commit is contained in:
Oliver Marks 2016-03-01 08:57:39 +00:00
parent 2fb9a65117
commit 0b506d19f2
8 changed files with 113 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
site/authorize.py
View File

@ -159,6 +159,7 @@ def oauth(provider, state=None):
oauth_approval_prompt = "force"
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
oauth_provider.get('redirect_uri')
if state:
oauth_session = OAuth2Session(
oauth_provider.get('client_id'),
@ -183,6 +184,7 @@ def oauth(provider, state=None):
return redirect(authorization_url)
# allready authorised so lets handle the callback
oauth_provider.get('redirect_uri')
oauth_session = OAuth2Session(
oauth_provider.get('client_id'),
state=session['oauth_state'],
@ -200,46 +202,58 @@ def oauth(provider, state=None):
# Fetch a protected resource, i.e. user profile
response = oauth_session.get(oauth_provider.get('user_uri'))
oauth_user = response.json()
oauth_response = response.json()
print 'oauth response'
print oauth_response
#~ email = oauth_user.get('login') or ''
oauth_id = oauth_response.get('login') or oauth_response.get('id')
provider_id = oauth_lookup.get(provider)
user_details = site_user.fetch_oauth_login({
'username': oauth_user.get('login') or '',
oauth_user = site_user.fetch_oauth_login({
'username': oauth_id or '',
'provider': provider_id
}).get()
}).get()
if oauth_user:
user_details = site_user.get_user_details({
'id': oauth_user.get('user_id')
}).get()
# we have matched a user so login and redirect
if user_details:
print 'oauth login 1'
login_user(User(user_details.get('user_id')))
return redirect('/profile')
# we have matched a user so login and redirect
if user_details:
print user_details
# no E-Mail so lets ask the user to set there email before allowing login
#~ if not user_details.get('email'):
#~ return change_email()
login_user(User(user_details.get('user_id')))
return redirect('/profile')
flash('Your new profile has been created, and your now logged in')
print oauth_user
# create new user from oauth information
user_id = site_user.create().execute({
'email': oauth_user.get('email') or '',
'email': oauth_response.get('email') or '',
'password': 'oauth',
'profile_image': oauth_user.get('picture'),
'username': oauth_user.get('login'),
'first_name': oauth_user.get('given_name') or '',
'last_name': oauth_user.get('family_name') or ''})
'profile_image': oauth_response.get('picture'),
'username': oauth_id,
'first_name': oauth_response.get('given_name') or '',
'last_name': oauth_response.get('family_name') or ''})
# register oauth login creation
site_user.create_oauth_login().execute({
'user_id': user_id,
'username': oauth_user.get('login') or '',
'username': oauth_id or '',
'provider': provider_id})
# no E-Mail so lets ask the user to set there email before allowing login
if not user_details.get('email'):
return change_email()
login_user(User(user_id))
site_user.update_last_login().execute({'id': user_id})
return redirect('/profile')
def oauth2_github_handle_user(user):
print user
@authorize_pages.route("/change-password/<code>", methods=['GET'])
@authorize_pages.route("/change-password", methods=['GET'])
@ -332,7 +346,11 @@ def reset_password_submit():
body = "Please follow the link below to change your password.\n" + l
body += "{domain}change-password/{resetcode}".format(**{'domain':app_domain, 'resetcode': reset_code})
sendmail().send(from_address='no-reply@maidstone-hackspace.org.uk', to_address='oly@leela', subject="Reset password request", body=body)
sendmail().send(
from_address='no-reply@maidstone-hackspace.org.uk',
to_address='oly@leela',
subject="Reset password request",
body=body)
# display success page, dont give away anything about if the email is actually registered
web.template.create('Maidstone Hackspace - Password reset')
@ -344,6 +362,25 @@ def reset_password_submit():
web.template.body.append(web.page.render())
return make_response(footer())
@authorize_pages.route("/profile/email", methods=['GET'])
def change_email():
web.template.create('%s - Change Email' % site_name)
header('Members Login')
web.page.create('Set your E-Mail address')
web.form.create('Set E-Mail address for account', '/profile/email')
web.form.append(name='email', label='Valid Email', placeholder='ralf@maidstone-hackspace.org.uk', value='')
flash('An E-Mail has been sent to you please check and confirm you identity.')
sendmail().send(
from_address='no-reply@maidstone-hackspace.org.uk',
to_address='oly@leela',
subject="%s - Confirm E-Mail Address" % site_name,
body='generate link here')
web.page.section(web.form.render())
web.template.body.append(web.page.render())
return make_response(footer())
@authorize_pages.route("/login", methods=['GET'])
def login_screen():
@ -370,6 +407,11 @@ def login_screen_submit():
flash('Failed to login with that username and password, please retry.')
return login_screen()
# no E-Mail so lets ask the user to set there email before allowing login
if not user_details.get('email'):
return change_email()
#now lets verify the users password, and bail if its wrong
pw_hash = generate_password_hash(request.form.get('password'))
if check_password_hash(pw_hash, user_details.get('password')):

3
site/config/settings.py
View File

@ -8,6 +8,7 @@ port = '5000'
rel_uri = '//127.0.0.1:5000'
app_domain = 'http:%s' % rel_uri
app_email_template_path = 'templates/email/'
site_name = 'Maidstone Hackspace'
from_email = 'no-reply@maidstone-hackspace.org.uk'
@ -19,7 +20,7 @@ database = {
'type': 'mysql',
'host': '127.0.0.1',
'user': 'root',
'passwd': "",
'passwd': "mhackspace",
'db': "maidstone_hackspace",
'port': 3306}

24
site/libs/mail.py
View File

@ -14,13 +14,25 @@ class sendmail:
def __call__(self, **args):
return self
def send(self, from_address, to_address, subject, body='', html=True):
message = Message(From="me@example.com",
To=to_address,
charset=self.charset)
def template(self, path, params=None):
with open(path) as fp:
self.body = fp.read()
self.body.format(**params)
def send(self, from_address, to_address, subject, body=None, html=True):
message = Message(
From=from_address,
To=to_address,
charset=self.charset
)
if body:
self.body = body
message.Subject = "%sAn HTML Email" % self.subject_prefix
message.Html = body
message.Body = body
message.Html = self.body
message.Body = self.body
sender = Mailer(self.host)
sender.send(message)

12
site/sql/migrations/generated_column_indexes.sql
View File

@ -35,15 +35,11 @@ ALTER TABLE user_detail ADD INDEX user_id_UNIQUE (user_id ASC);
ALTER TABLE user_detail ADD INDEX member_id_UNIQUE (member_id ASC);
#user_detail_lists
#user_membership
ALTER TABLE user_membership ADD INDEX id_UNIQUE (id ASC);
ALTER TABLE user_membership ADD INDEX subscription_id_UNIQUE (subscription_id ASC);
ALTER TABLE user_membership ADD INDEX user_id_UNIQUE (user_id ASC);
#user_password_reset
ALTER TABLE user_password_reset ADD INDEX id_UNIQUE (id ASC);
ALTER TABLE user_password_reset ADD INDEX user_id_UNIQUE (user_id ASC);
ALTER TABLE user_password_reset ADD INDEX password_UNIQUE (reset_code ASC);
ALTER TABLE user_membership ADD INDEX subscription_id_UNIQUE (subscription_reference ASC);

48
site/sql/migrations/generated_columns.sql
View File

@ -35,6 +35,8 @@ ALTER TABLE pledge_amounts ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) AU
ALTER TABLE pledge_amounts CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE pledge_amounts ADD COLUMN pledge_id int(10) NULL ;
ALTER TABLE pledge_amounts CHANGE COLUMN pledge_id pledge_id int(10) NULL ;
ALTER TABLE pledge_amounts ADD COLUMN provider_id tinyint(4) NULL ;
ALTER TABLE pledge_amounts CHANGE COLUMN provider_id provider_id tinyint(4) NULL ;
ALTER TABLE pledge_amounts ADD COLUMN reference varchar(255) NULL ;
ALTER TABLE pledge_amounts CHANGE COLUMN reference reference varchar(255) NULL ;
ALTER TABLE pledge_amounts ADD COLUMN type int(11) DEFAULT 1;
@ -67,24 +69,22 @@ ALTER TABLE users ADD COLUMN email varchar(255) ;
ALTER TABLE users CHANGE COLUMN email email varchar(255) ;
ALTER TABLE users ADD COLUMN first_name varchar(45) NULL ;
ALTER TABLE users CHANGE COLUMN first_name first_name varchar(45) NULL ;
ALTER TABLE users ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) ;
ALTER TABLE users CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) ;
ALTER TABLE users ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE users CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE users ADD COLUMN last_login varchar(45) NULL ;
ALTER TABLE users CHANGE COLUMN last_login last_login varchar(45) NULL ;
ALTER TABLE users ADD COLUMN last_name varchar(45) NULL ;
ALTER TABLE users CHANGE COLUMN last_name last_name varchar(45) NULL ;
ALTER TABLE users ADD COLUMN memberid varchar(45) NULL ;
ALTER TABLE users CHANGE COLUMN memberid memberid varchar(45) NULL ;
ALTER TABLE users ADD COLUMN member_reference int(5) unsigned zerofill AUTO_INCREMENT ;
ALTER TABLE users CHANGE COLUMN member_reference member_reference int(5) unsigned zerofill AUTO_INCREMENT ;
ALTER TABLE users ADD COLUMN member_reference int(5) unsigned zerofill ;
ALTER TABLE users CHANGE COLUMN member_reference member_reference int(5) unsigned zerofill ;
ALTER TABLE users ADD COLUMN password varchar(160) NULL ;
ALTER TABLE users CHANGE COLUMN password password varchar(160) NULL ;
ALTER TABLE users ADD COLUMN profile_image varchar(255) NULL ;
ALTER TABLE users CHANGE COLUMN profile_image profile_image varchar(255) NULL ;
ALTER TABLE users ADD COLUMN status tinyint(2) NULL DEFAULT 0;
ALTER TABLE users CHANGE COLUMN status status tinyint(2) NULL DEFAULT 0;
ALTER TABLE users ADD COLUMN team_id int(11) NULL DEFAULT 0;
ALTER TABLE users CHANGE COLUMN team_id team_id int(11) NULL DEFAULT 0;
ALTER TABLE users ADD COLUMN username varchar(25) NULL ;
ALTER TABLE users CHANGE COLUMN username username varchar(25) NULL ;
@ -115,29 +115,31 @@ ALTER TABLE user_detail ADD COLUMN user_id int(11) unsigned NULL ;
ALTER TABLE user_detail CHANGE COLUMN user_id user_id int(11) unsigned NULL ;
#user_detail_lists
ALTER TABLE user_detail_lists ADD COLUMN id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE user_detail_lists CHANGE COLUMN id id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE user_detail_lists ADD COLUMN text text NULL ;
ALTER TABLE user_detail_lists CHANGE COLUMN text text text NULL ;
ALTER TABLE user_detail_lists ADD COLUMN type varchar(10) NULL ;
ALTER TABLE user_detail_lists CHANGE COLUMN type type varchar(10) NULL ;
ALTER TABLE user_detail_lists ADD COLUMN user_id int(10) unsigned ;
ALTER TABLE user_detail_lists CHANGE COLUMN user_id user_id int(10) unsigned ;
#user_membership
ALTER TABLE user_membership ADD COLUMN amount decimal(10,2) DEFAULT 0.00;
ALTER TABLE user_membership CHANGE COLUMN amount amount decimal(10,2) DEFAULT 0.00;
ALTER TABLE user_membership ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) ;
ALTER TABLE user_membership CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) ;
ALTER TABLE user_membership ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE user_membership CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE user_membership ADD COLUMN join_date datetime NULL ;
ALTER TABLE user_membership CHANGE COLUMN join_date join_date datetime NULL ;
ALTER TABLE user_membership ADD COLUMN status tinyint(4) ;
ALTER TABLE user_membership CHANGE COLUMN status status tinyint(4) ;
ALTER TABLE user_membership ADD COLUMN subscription_id varchar(45) ;
ALTER TABLE user_membership CHANGE COLUMN subscription_id subscription_id varchar(45) ;
ALTER TABLE user_membership ADD COLUMN provider_id tinyint(1) NULL ;
ALTER TABLE user_membership CHANGE COLUMN provider_id provider_id tinyint(1) NULL ;
ALTER TABLE user_membership ADD COLUMN status tinyint(1) ;
ALTER TABLE user_membership CHANGE COLUMN status status tinyint(1) ;
ALTER TABLE user_membership ADD COLUMN subscription_reference varchar(45) ;
ALTER TABLE user_membership CHANGE COLUMN subscription_reference subscription_reference varchar(45) ;
ALTER TABLE user_membership ADD COLUMN user_id int(10) unsigned ;
ALTER TABLE user_membership CHANGE COLUMN user_id user_id int(10) unsigned ;
#user_password_reset
ALTER TABLE user_password_reset ADD COLUMN created timestamp NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE user_password_reset CHANGE COLUMN created created timestamp NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE user_password_reset ADD COLUMN id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE user_password_reset CHANGE COLUMN id id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ;
ALTER TABLE user_password_reset ADD COLUMN reset_code varchar(160) NULL ;
ALTER TABLE user_password_reset CHANGE COLUMN reset_code reset_code varchar(160) NULL ;
ALTER TABLE user_password_reset ADD COLUMN user_id int(11) NULL ;
ALTER TABLE user_password_reset CHANGE COLUMN user_id user_id int(11) NULL ;

2
site/sql/migrations/generated_tables.sql
View File

@ -6,5 +6,5 @@ CREATE TABLE IF NOT EXISTS requests;
CREATE TABLE IF NOT EXISTS users;
CREATE TABLE IF NOT EXISTS user_badges;
CREATE TABLE IF NOT EXISTS user_detail;
CREATE TABLE IF NOT EXISTS user_detail_lists;
CREATE TABLE IF NOT EXISTS user_membership;
CREATE TABLE IF NOT EXISTS user_password_reset;

27
site/widgets/google_groups.py
View File

@ -12,30 +12,3 @@ class control(base_widget_extended):
self.script.append(
"""document.getElementById("forum_embed").src = "https://groups.google.com/forum/embed/?place=forum/%s" + "&showsearch=true&showpopout=true&parenturl=" + encodeURIComponent(window.location.href);""" % self.name)
return '<iframe id="forum_embed" src="javascript:void(0)" style="background-color:#fff;width:100%;" scrolling="no" frameborder="0" width="900" height="700"></iframe>'
#~ <iframe id="forum_embed"
#~ src="javascript:void(0)"
#~ scrolling="no"
#~ frameborder="0"
#~ width="900"
#~ height="700">
#~ </iframe>
#~ <script type="text/javascript">
#~ document.getElementById('forum_embed').src =
#~ 'https://groups.google.com/forum/embed/?place=forum/maidstone-hackspace'
#~ + '&showsearch=true&showpopout=true&showtabs=false'
#~ + '&parenturl=' + encodeURIComponent(window.location.href);
#~ </script>
#~ <html><body>
#~ <iframe id="forum_embed" src="javascript:void(0)"
#~ scrolling="no" frameborder="0" width="746" height="1200">
#~ </iframe>
#~ <script type="text/javascript">
#~ document.getElementById('forum_embed').src =
#~ "https://groups.google.com/forum/embed/?place=forum/sbml-discuss"
#~ + "&parenturl=" + encodeURIComponent(window.location.href);
#~ </script>
#~ </body></html>

4
site/widgets/login_box.py
View File

@ -18,8 +18,8 @@ class control(base_widget):
htm += '<div class="providers">'
if 'google' in self.oauth_enabled:
htm += '<a title="Login with Google" href="/oauth/google/login"><img src="/static/images/oauth/google.png" /></a>&nbsp;'
#~ if 'facebook' in self.oauth_enabled:
#~ htm += '<a title="Login with facebook" class="but row" href="/oauth/facebook/login">Login with Facebook</a>&nbsp;'
if 'facebook' in self.oauth_enabled:
htm += '<a title="Login with facebook" class="but row" href="/oauth/facebook/login">Login with Facebook</a>&nbsp;'
if 'github' in self.oauth_enabled:
htm += '<a title="Login with twitter" class="but row" href="/oauth/github/login">Login with GitHub</a>'
htm += '<br /></div>'