diff --git a/site/authorize.py b/site/authorize.py index 494bc60..4a7869d 100644 --- a/site/authorize.py +++ b/site/authorize.py @@ -159,6 +159,7 @@ def oauth(provider, state=None): oauth_approval_prompt = "force" os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' + oauth_provider.get('redirect_uri') if state: oauth_session = OAuth2Session( oauth_provider.get('client_id'), @@ -183,6 +184,7 @@ def oauth(provider, state=None): return redirect(authorization_url) # allready authorised so lets handle the callback + oauth_provider.get('redirect_uri') oauth_session = OAuth2Session( oauth_provider.get('client_id'), state=session['oauth_state'], @@ -200,46 +202,58 @@ def oauth(provider, state=None): # Fetch a protected resource, i.e. user profile response = oauth_session.get(oauth_provider.get('user_uri')) - oauth_user = response.json() + oauth_response = response.json() + print 'oauth response' + print oauth_response - #~ email = oauth_user.get('login') or '' + oauth_id = oauth_response.get('login') or oauth_response.get('id') provider_id = oauth_lookup.get(provider) - user_details = site_user.fetch_oauth_login({ - 'username': oauth_user.get('login') or '', + oauth_user = site_user.fetch_oauth_login({ + 'username': oauth_id or '', 'provider': provider_id - }).get() + }).get() + + if oauth_user: + user_details = site_user.get_user_details({ + 'id': oauth_user.get('user_id') + }).get() - # we have matched a user so login and redirect - if user_details: - print 'oauth login 1' - login_user(User(user_details.get('user_id'))) - return redirect('/profile') + # we have matched a user so login and redirect + if user_details: + print user_details + # no E-Mail so lets ask the user to set there email before allowing login + #~ if not user_details.get('email'): + #~ return change_email() + login_user(User(user_details.get('user_id'))) + return redirect('/profile') flash('Your new profile has been created, and your now logged in') print oauth_user # create new user from oauth information user_id = site_user.create().execute({ - 'email': oauth_user.get('email') or '', + 'email': oauth_response.get('email') or '', 'password': 'oauth', - 'profile_image': oauth_user.get('picture'), - 'username': oauth_user.get('login'), - 'first_name': oauth_user.get('given_name') or '', - 'last_name': oauth_user.get('family_name') or ''}) + 'profile_image': oauth_response.get('picture'), + 'username': oauth_id, + 'first_name': oauth_response.get('given_name') or '', + 'last_name': oauth_response.get('family_name') or ''}) # register oauth login creation site_user.create_oauth_login().execute({ 'user_id': user_id, - 'username': oauth_user.get('login') or '', + 'username': oauth_id or '', 'provider': provider_id}) + # no E-Mail so lets ask the user to set there email before allowing login + if not user_details.get('email'): + return change_email() + login_user(User(user_id)) site_user.update_last_login().execute({'id': user_id}) return redirect('/profile') -def oauth2_github_handle_user(user): - print user @authorize_pages.route("/change-password/", methods=['GET']) @authorize_pages.route("/change-password", methods=['GET']) @@ -332,7 +346,11 @@ def reset_password_submit(): body = "Please follow the link below to change your password.\n" + l body += "{domain}change-password/{resetcode}".format(**{'domain':app_domain, 'resetcode': reset_code}) - sendmail().send(from_address='no-reply@maidstone-hackspace.org.uk', to_address='oly@leela', subject="Reset password request", body=body) + sendmail().send( + from_address='no-reply@maidstone-hackspace.org.uk', + to_address='oly@leela', + subject="Reset password request", + body=body) # display success page, dont give away anything about if the email is actually registered web.template.create('Maidstone Hackspace - Password reset') @@ -344,6 +362,25 @@ def reset_password_submit(): web.template.body.append(web.page.render()) return make_response(footer()) +@authorize_pages.route("/profile/email", methods=['GET']) +def change_email(): + web.template.create('%s - Change Email' % site_name) + header('Members Login') + web.page.create('Set your E-Mail address') + + web.form.create('Set E-Mail address for account', '/profile/email') + web.form.append(name='email', label='Valid Email', placeholder='ralf@maidstone-hackspace.org.uk', value='') + + flash('An E-Mail has been sent to you please check and confirm you identity.') + sendmail().send( + from_address='no-reply@maidstone-hackspace.org.uk', + to_address='oly@leela', + subject="%s - Confirm E-Mail Address" % site_name, + body='generate link here') + + web.page.section(web.form.render()) + web.template.body.append(web.page.render()) + return make_response(footer()) @authorize_pages.route("/login", methods=['GET']) def login_screen(): @@ -370,6 +407,11 @@ def login_screen_submit(): flash('Failed to login with that username and password, please retry.') return login_screen() + # no E-Mail so lets ask the user to set there email before allowing login + if not user_details.get('email'): + return change_email() + + #now lets verify the users password, and bail if its wrong pw_hash = generate_password_hash(request.form.get('password')) if check_password_hash(pw_hash, user_details.get('password')): diff --git a/site/config/settings.py b/site/config/settings.py index ea30969..0bca0a4 100644 --- a/site/config/settings.py +++ b/site/config/settings.py @@ -8,6 +8,7 @@ port = '5000' rel_uri = '//127.0.0.1:5000' app_domain = 'http:%s' % rel_uri app_email_template_path = 'templates/email/' +site_name = 'Maidstone Hackspace' from_email = 'no-reply@maidstone-hackspace.org.uk' @@ -19,7 +20,7 @@ database = { 'type': 'mysql', 'host': '127.0.0.1', 'user': 'root', - 'passwd': "", + 'passwd': "mhackspace", 'db': "maidstone_hackspace", 'port': 3306} diff --git a/site/libs/mail.py b/site/libs/mail.py index 9a5d2b8..e1b957c 100644 --- a/site/libs/mail.py +++ b/site/libs/mail.py @@ -14,13 +14,25 @@ class sendmail: def __call__(self, **args): return self - def send(self, from_address, to_address, subject, body='', html=True): - message = Message(From="me@example.com", - To=to_address, - charset=self.charset) + def template(self, path, params=None): + with open(path) as fp: + self.body = fp.read() + self.body.format(**params) + + + def send(self, from_address, to_address, subject, body=None, html=True): + message = Message( + From=from_address, + To=to_address, + charset=self.charset + ) + + if body: + self.body = body + message.Subject = "%sAn HTML Email" % self.subject_prefix - message.Html = body - message.Body = body + message.Html = self.body + message.Body = self.body sender = Mailer(self.host) sender.send(message) diff --git a/site/sql/migrations/generated_column_indexes.sql b/site/sql/migrations/generated_column_indexes.sql index a4238b0..0f0777a 100644 --- a/site/sql/migrations/generated_column_indexes.sql +++ b/site/sql/migrations/generated_column_indexes.sql @@ -35,15 +35,11 @@ ALTER TABLE user_detail ADD INDEX user_id_UNIQUE (user_id ASC); ALTER TABLE user_detail ADD INDEX member_id_UNIQUE (member_id ASC); +#user_detail_lists + + #user_membership ALTER TABLE user_membership ADD INDEX id_UNIQUE (id ASC); -ALTER TABLE user_membership ADD INDEX subscription_id_UNIQUE (subscription_id ASC); -ALTER TABLE user_membership ADD INDEX user_id_UNIQUE (user_id ASC); - - -#user_password_reset -ALTER TABLE user_password_reset ADD INDEX id_UNIQUE (id ASC); -ALTER TABLE user_password_reset ADD INDEX user_id_UNIQUE (user_id ASC); -ALTER TABLE user_password_reset ADD INDEX password_UNIQUE (reset_code ASC); +ALTER TABLE user_membership ADD INDEX subscription_id_UNIQUE (subscription_reference ASC); diff --git a/site/sql/migrations/generated_columns.sql b/site/sql/migrations/generated_columns.sql index 8bbfbb0..5aef2bf 100644 --- a/site/sql/migrations/generated_columns.sql +++ b/site/sql/migrations/generated_columns.sql @@ -35,6 +35,8 @@ ALTER TABLE pledge_amounts ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) AU ALTER TABLE pledge_amounts CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ; ALTER TABLE pledge_amounts ADD COLUMN pledge_id int(10) NULL ; ALTER TABLE pledge_amounts CHANGE COLUMN pledge_id pledge_id int(10) NULL ; +ALTER TABLE pledge_amounts ADD COLUMN provider_id tinyint(4) NULL ; +ALTER TABLE pledge_amounts CHANGE COLUMN provider_id provider_id tinyint(4) NULL ; ALTER TABLE pledge_amounts ADD COLUMN reference varchar(255) NULL ; ALTER TABLE pledge_amounts CHANGE COLUMN reference reference varchar(255) NULL ; ALTER TABLE pledge_amounts ADD COLUMN type int(11) DEFAULT 1; @@ -67,24 +69,22 @@ ALTER TABLE users ADD COLUMN email varchar(255) ; ALTER TABLE users CHANGE COLUMN email email varchar(255) ; ALTER TABLE users ADD COLUMN first_name varchar(45) NULL ; ALTER TABLE users CHANGE COLUMN first_name first_name varchar(45) NULL ; -ALTER TABLE users ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) ; -ALTER TABLE users CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) ; +ALTER TABLE users ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ; +ALTER TABLE users CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ; ALTER TABLE users ADD COLUMN last_login varchar(45) NULL ; ALTER TABLE users CHANGE COLUMN last_login last_login varchar(45) NULL ; ALTER TABLE users ADD COLUMN last_name varchar(45) NULL ; ALTER TABLE users CHANGE COLUMN last_name last_name varchar(45) NULL ; ALTER TABLE users ADD COLUMN memberid varchar(45) NULL ; ALTER TABLE users CHANGE COLUMN memberid memberid varchar(45) NULL ; -ALTER TABLE users ADD COLUMN member_reference int(5) unsigned zerofill AUTO_INCREMENT ; -ALTER TABLE users CHANGE COLUMN member_reference member_reference int(5) unsigned zerofill AUTO_INCREMENT ; +ALTER TABLE users ADD COLUMN member_reference int(5) unsigned zerofill ; +ALTER TABLE users CHANGE COLUMN member_reference member_reference int(5) unsigned zerofill ; ALTER TABLE users ADD COLUMN password varchar(160) NULL ; ALTER TABLE users CHANGE COLUMN password password varchar(160) NULL ; ALTER TABLE users ADD COLUMN profile_image varchar(255) NULL ; ALTER TABLE users CHANGE COLUMN profile_image profile_image varchar(255) NULL ; ALTER TABLE users ADD COLUMN status tinyint(2) NULL DEFAULT 0; ALTER TABLE users CHANGE COLUMN status status tinyint(2) NULL DEFAULT 0; -ALTER TABLE users ADD COLUMN team_id int(11) NULL DEFAULT 0; -ALTER TABLE users CHANGE COLUMN team_id team_id int(11) NULL DEFAULT 0; ALTER TABLE users ADD COLUMN username varchar(25) NULL ; ALTER TABLE users CHANGE COLUMN username username varchar(25) NULL ; @@ -115,29 +115,31 @@ ALTER TABLE user_detail ADD COLUMN user_id int(11) unsigned NULL ; ALTER TABLE user_detail CHANGE COLUMN user_id user_id int(11) unsigned NULL ; +#user_detail_lists +ALTER TABLE user_detail_lists ADD COLUMN id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ; +ALTER TABLE user_detail_lists CHANGE COLUMN id id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ; +ALTER TABLE user_detail_lists ADD COLUMN text text NULL ; +ALTER TABLE user_detail_lists CHANGE COLUMN text text text NULL ; +ALTER TABLE user_detail_lists ADD COLUMN type varchar(10) NULL ; +ALTER TABLE user_detail_lists CHANGE COLUMN type type varchar(10) NULL ; +ALTER TABLE user_detail_lists ADD COLUMN user_id int(10) unsigned ; +ALTER TABLE user_detail_lists CHANGE COLUMN user_id user_id int(10) unsigned ; + + #user_membership ALTER TABLE user_membership ADD COLUMN amount decimal(10,2) DEFAULT 0.00; ALTER TABLE user_membership CHANGE COLUMN amount amount decimal(10,2) DEFAULT 0.00; -ALTER TABLE user_membership ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) ; -ALTER TABLE user_membership CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) ; +ALTER TABLE user_membership ADD COLUMN id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ; +ALTER TABLE user_membership CHANGE COLUMN id id int(10) unsigned PRIMARY KEY (`id`) AUTO_INCREMENT ; ALTER TABLE user_membership ADD COLUMN join_date datetime NULL ; ALTER TABLE user_membership CHANGE COLUMN join_date join_date datetime NULL ; -ALTER TABLE user_membership ADD COLUMN status tinyint(4) ; -ALTER TABLE user_membership CHANGE COLUMN status status tinyint(4) ; -ALTER TABLE user_membership ADD COLUMN subscription_id varchar(45) ; -ALTER TABLE user_membership CHANGE COLUMN subscription_id subscription_id varchar(45) ; +ALTER TABLE user_membership ADD COLUMN provider_id tinyint(1) NULL ; +ALTER TABLE user_membership CHANGE COLUMN provider_id provider_id tinyint(1) NULL ; +ALTER TABLE user_membership ADD COLUMN status tinyint(1) ; +ALTER TABLE user_membership CHANGE COLUMN status status tinyint(1) ; +ALTER TABLE user_membership ADD COLUMN subscription_reference varchar(45) ; +ALTER TABLE user_membership CHANGE COLUMN subscription_reference subscription_reference varchar(45) ; ALTER TABLE user_membership ADD COLUMN user_id int(10) unsigned ; ALTER TABLE user_membership CHANGE COLUMN user_id user_id int(10) unsigned ; -#user_password_reset -ALTER TABLE user_password_reset ADD COLUMN created timestamp NULL DEFAULT CURRENT_TIMESTAMP; -ALTER TABLE user_password_reset CHANGE COLUMN created created timestamp NULL DEFAULT CURRENT_TIMESTAMP; -ALTER TABLE user_password_reset ADD COLUMN id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ; -ALTER TABLE user_password_reset CHANGE COLUMN id id int(11) PRIMARY KEY (`id`) AUTO_INCREMENT ; -ALTER TABLE user_password_reset ADD COLUMN reset_code varchar(160) NULL ; -ALTER TABLE user_password_reset CHANGE COLUMN reset_code reset_code varchar(160) NULL ; -ALTER TABLE user_password_reset ADD COLUMN user_id int(11) NULL ; -ALTER TABLE user_password_reset CHANGE COLUMN user_id user_id int(11) NULL ; - - diff --git a/site/sql/migrations/generated_tables.sql b/site/sql/migrations/generated_tables.sql index 0eb7182..eb08f47 100644 --- a/site/sql/migrations/generated_tables.sql +++ b/site/sql/migrations/generated_tables.sql @@ -6,5 +6,5 @@ CREATE TABLE IF NOT EXISTS requests; CREATE TABLE IF NOT EXISTS users; CREATE TABLE IF NOT EXISTS user_badges; CREATE TABLE IF NOT EXISTS user_detail; +CREATE TABLE IF NOT EXISTS user_detail_lists; CREATE TABLE IF NOT EXISTS user_membership; -CREATE TABLE IF NOT EXISTS user_password_reset; diff --git a/site/widgets/google_groups.py b/site/widgets/google_groups.py index 2c45a7b..af7e8b8 100644 --- a/site/widgets/google_groups.py +++ b/site/widgets/google_groups.py @@ -12,30 +12,3 @@ class control(base_widget_extended): self.script.append( """document.getElementById("forum_embed").src = "https://groups.google.com/forum/embed/?place=forum/%s" + "&showsearch=true&showpopout=true&parenturl=" + encodeURIComponent(window.location.href);""" % self.name) return '' - - -#~ -#~ - - -#~ -#~ -#~ -#~ diff --git a/site/widgets/login_box.py b/site/widgets/login_box.py index 282b1da..38d4778 100644 --- a/site/widgets/login_box.py +++ b/site/widgets/login_box.py @@ -18,8 +18,8 @@ class control(base_widget): htm += '
' if 'google' in self.oauth_enabled: htm += ' ' - #~ if 'facebook' in self.oauth_enabled: - #~ htm += 'Login with Facebook ' + if 'facebook' in self.oauth_enabled: + htm += 'Login with Facebook ' if 'github' in self.oauth_enabled: htm += 'Login with GitHub' htm += '
'