add user signup flow
This commit is contained in:
@@ -1,8 +1,10 @@
|
||||
from flask import Blueprint, redirect, url_for, render_template, request, session
|
||||
from functools import wraps
|
||||
import time
|
||||
|
||||
from ..auth import digest, verify, create_session, is_logged_in
|
||||
from ..auth import digest, verify, create_session, is_logged_in, parse_username, is_password_valid
|
||||
from ..models import Users
|
||||
from ..constants import PermissionLevel
|
||||
|
||||
bp = Blueprint('users', __name__, url_prefix='/users/')
|
||||
|
||||
@@ -39,10 +41,53 @@ def log_in_post():
|
||||
session.permanent = True
|
||||
return redirect(request.form.get('return_to', default=url_for('topics.all_topics')))
|
||||
|
||||
@bp.get('/sign-up')
|
||||
@bp.get('/sign-up/')
|
||||
@redirect_if_logged_in()
|
||||
def sign_up():
|
||||
return 'stub'
|
||||
return render_template('users/sign_up.html')
|
||||
|
||||
@bp.post('/sign-up/')
|
||||
@redirect_if_logged_in()
|
||||
def sign_up_post():
|
||||
generic_error_page = redirect(url_for('.sign_up', error='The username or password you entered is invalid.'))
|
||||
user_exists_error_page = redirect(url_for('.sign_up', error='This username is already taken. Please pick another.'))
|
||||
passwords_error_page = redirect(url_for('.sign_up', error='The passwords do not match.'))
|
||||
username = request.form.get('username', default='')
|
||||
if not username:
|
||||
return generic_error_page
|
||||
if request.form.get('password', default=None) is None:
|
||||
return generic_error_page
|
||||
if len(request.form.getlist('password')) != 2:
|
||||
return passwords_error_page
|
||||
username_pair = parse_username(username)
|
||||
potential_user = Users.find({'username': username})
|
||||
if potential_user:
|
||||
return user_exists_error_page
|
||||
|
||||
if request.form.getlist('password')[0] != request.form.getlist('password')[1]:
|
||||
return passwords_error_page
|
||||
|
||||
password_hash = digest(request.form.get('password'))
|
||||
|
||||
user = Users.create({
|
||||
'username': username_pair[0],
|
||||
'password_hash': password_hash,
|
||||
'permission': PermissionLevel.GUEST.value,
|
||||
'created_at': int(time.time()),
|
||||
})
|
||||
|
||||
if username_pair[0] != username_pair[1]:
|
||||
user.update({
|
||||
'display_name': username_pair[1]
|
||||
})
|
||||
|
||||
session['remember'] = request.form.get('remember') == 'on'
|
||||
sess = create_session(user.id, not session['remember'])
|
||||
session['pyrom_session_key'] = sess.key
|
||||
if session['remember']:
|
||||
session.permanent = True
|
||||
|
||||
return redirect(url_for('topics.all_topics'))
|
||||
|
||||
@bp.get('/<username>')
|
||||
def user_page(username):
|
||||
|
||||
Reference in New Issue
Block a user