aboutsummaryrefslogtreecommitdiff
path: root/wqflask
diff options
context:
space:
mode:
authorSam2013-10-03 01:21:19 -0500
committerSam2013-10-03 01:21:19 -0500
commit91d05ab30a60671286b19e174ec0292dc6aa1af3 (patch)
treed57caba54e403221b11dfe97c2821815b1dd59f5 /wqflask
parent6c7fed36f892e92245cbfd9b89e4b8d6ff608e95 (diff)
downloadgenenetwork2-91d05ab30a60671286b19e174ec0292dc6aa1af3.tar.gz
Much more progess on logging in:
* Verifying emails now works * Redid user manager
Diffstat (limited to 'wqflask')
-rw-r--r--wqflask/wqflask/database.py3
-rw-r--r--wqflask/wqflask/model.py32
-rw-r--r--wqflask/wqflask/templates/admin/user_manager.html14
-rw-r--r--wqflask/wqflask/templates/new_security/thank_you.html32
-rw-r--r--wqflask/wqflask/templates/new_security/verified.html32
-rw-r--r--wqflask/wqflask/user_manager.py36
-rw-r--r--wqflask/wqflask/views.py23
7 files changed, 137 insertions, 35 deletions
diff --git a/wqflask/wqflask/database.py b/wqflask/wqflask/database.py
index 65ca7d0c..e55f06a7 100644
--- a/wqflask/wqflask/database.py
+++ b/wqflask/wqflask/database.py
@@ -19,7 +19,8 @@ def init_db():
# you will have to import them first before calling init_db()
#import yourapplication.models
import wqflask.model
+ print("Creating all..")
Base.metadata.create_all(bind=engine)
-
+ print("Done creating all...")
init_db() \ No newline at end of file
diff --git a/wqflask/wqflask/model.py b/wqflask/wqflask/model.py
index a3cd63a5..8e7a823e 100644
--- a/wqflask/wqflask/model.py
+++ b/wqflask/wqflask/model.py
@@ -13,7 +13,7 @@ from wqflask import app
from sqlalchemy import Column, Integer, String, Table, ForeignKey, Unicode, Boolean, DateTime, Text
from sqlalchemy.orm import relationship, backref
-from wqflask.database import Base
+from wqflask.database import Base, init_db
# Create database connection object
#db = SQLAlchemy(app)
@@ -50,13 +50,13 @@ from wqflask.database import Base
class Role(Base):
__tablename__ = "role"
- the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+ id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
name = Column(Unicode(80), unique=True, nullable=False)
description = Column(Unicode(255))
class User(Base):
__tablename__ = "user"
- the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+ id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
email_address = Column(Unicode(50), unique=True, nullable=False)
# Todo: Turn on strict mode for Mysql
@@ -65,18 +65,28 @@ class User(Base):
full_name = Column(Unicode(50))
organization = Column(Unicode(50))
- active = Column(Boolean())
- confirmed_at = Column(DateTime())
+ active = Column(Boolean(), nullable=False, default=True)
- last_login_at = Column(DateTime())
- current_login_at = Column(DateTime())
- last_login_ip = Column(Unicode(39))
- current_login_ip = Column(Unicode(39))
- login_count = Column(Integer())
+ registration_info = Column(Text) # json detailing when they were registered, etc.
+
+ confirmed = Column(Text) # json detailing when they confirmed, etc.
+
+ #last_login_at = Column(DateTime())
+ #current_login_at = Column(DateTime())
+ #last_login_ip = Column(Unicode(39))
+ #current_login_ip = Column(Unicode(39))
+ #login_count = Column(Integer())
#roles = relationship('Role', secondary=roles_users,
# backref=backref('users', lazy='dynamic'))
+class Login(Base):
+ __tablename__ = "login"
+ id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+ user = Column(Unicode(36), ForeignKey('user.id'))
+ timestamp = Column(DateTime())
+ ip_address = Column(Unicode(39))
+
# Setup Flask-Security
#user_datastore = SQLAlchemyUserDatastore(db, User, Role)
@@ -89,3 +99,5 @@ class User(Base):
#user_datastore.create_role(name="Genentech", description="Genentech Beta Project(testing)")
+
+
diff --git a/wqflask/wqflask/templates/admin/user_manager.html b/wqflask/wqflask/templates/admin/user_manager.html
index 14cd12e0..1308ff4b 100644
--- a/wqflask/wqflask/templates/admin/user_manager.html
+++ b/wqflask/wqflask/templates/admin/user_manager.html
@@ -16,20 +16,20 @@
<table class="table table-hover">
<thead>
<tr>
- <th>ID</th>
<th>Email</th>
- <th>Confirmed at</th>
+ <th>Organization</th>
<th>Active</th>
+ <th>Confirmed</th>
</tr>
</thead>
{% for user in users %}
<tr>
- <td title="{{ user.__dict__ }}">
- <a href="{{ url_for('manage_user', user_id=user.id) }}">{{ user.id }}</a>
+ <td title="{{ user.id }}">
+ <a href="{{ url_for('manage_user', user_id=user.id) }}">{{ user.email_address }}</a>
</td>
- <td>{{ user.email }}</td>
- <td>{{ user.confirmed_at }}</td>
- <td>{{ user.active }}</td>
+ <td>{{ user.organization }}</td>
+ <td>{{ 'Yes' if user.active else 'No' }}</td>
+ <td title="{{ user.confirmed }}">{{ 'True' if user.confirmed else 'False' }}</td>
</tr>
{% endfor %}
</table>
diff --git a/wqflask/wqflask/templates/new_security/thank_you.html b/wqflask/wqflask/templates/new_security/thank_you.html
new file mode 100644
index 00000000..5aa11ebf
--- /dev/null
+++ b/wqflask/wqflask/templates/new_security/thank_you.html
@@ -0,0 +1,32 @@
+{% extends "base.html" %}
+{% block title %}Register{% endblock %}
+{% block content %}
+ <header class="jumbotron subhead" id="overview">
+ <div class="container">
+ <h1>Thank you</h1>
+ <p class="lead">
+ Thanks for verifying.
+ </p>
+ </div>
+ </header>
+
+ <div class="container">
+ <div class="page-header">
+ <h1>All done</h1>
+ </div>
+
+ <p>Enjoy using the site.</p>
+
+ <p>Go to the <a href="{{ url_for("/") }}">homepage</a></p>.
+ </div>
+
+{% endblock %}
+
+{% block js %}
+ <!--<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>-->
+
+ {% include "new_security/_scripts.html" %}
+ <script type="text/javascript" src="/static/new/js_external/zxcvbn/zxcvbn-async.js"></script>
+ <script type="text/javascript" src="/static/new/javascript/password_strength.js"></script>
+{% endblock %}
+
diff --git a/wqflask/wqflask/templates/new_security/verified.html b/wqflask/wqflask/templates/new_security/verified.html
new file mode 100644
index 00000000..97cb7807
--- /dev/null
+++ b/wqflask/wqflask/templates/new_security/verified.html
@@ -0,0 +1,32 @@
+{% extends "base.html" %}
+{% block title %}Register{% endblock %}
+{% block content %}
+ <header class="jumbotron subhead" id="overview">
+ <div class="container">
+ <h1>Thank you</h1>
+ <p class="lead">
+ Thanks for verifying.
+ </p>
+ </div>
+ </header>
+
+ <div class="container">
+ <div class="page-header">
+ <h3>You are done registering</h3>
+ </div>
+
+ <p>Enjoy using the site.</p>
+
+ <p>Go to the <a href="{{ url_for("index_page") }}">homepage</a></p>.
+ </div>
+
+{% endblock %}
+
+{% block js %}
+ <!--<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>-->
+
+ {% include "new_security/_scripts.html" %}
+ <script type="text/javascript" src="/static/new/js_external/zxcvbn/zxcvbn-async.js"></script>
+ <script type="text/javascript" src="/static/new/javascript/password_strength.js"></script>
+{% endblock %}
+
diff --git a/wqflask/wqflask/user_manager.py b/wqflask/wqflask/user_manager.py
index 159a0ffc..b967c86f 100644
--- a/wqflask/wqflask/user_manager.py
+++ b/wqflask/wqflask/user_manager.py
@@ -22,7 +22,7 @@ from redis import StrictRedis
Redis = StrictRedis()
-from flask import Flask, g, render_template, url_for
+from flask import Flask, g, render_template, url_for, request
from wqflask import app
@@ -41,8 +41,11 @@ from utility import Bunch
from base.data_set import create_datasets_list
-#from app import db
-print("globals are:", globals())
+
+
+def timestamp():
+ return datetime.datetime.utcnow().isoformat()
+
class UsersManager(object):
@@ -54,7 +57,7 @@ class UsersManager(object):
class UserManager(object):
def __init__(self, kw):
- self.user_id = int(kw['user_id'])
+ self.user_id = kw['user_id']
print("In UserManager locals are:", pf(locals()))
#self.user = model.User.get(user_id)
#print("user is:", user)
@@ -73,6 +76,7 @@ class UserManager(object):
class RegisterUser(object):
def __init__(self, kw):
+ self.thank_you_mode = False
self.errors = []
self.user = Bunch()
@@ -102,12 +106,16 @@ class RegisterUser(object):
self.set_password(password)
+ self.user.registration_info = json.dumps(basic_info(), sort_keys=True)
+
self.new_user = model.User(**self.user.__dict__)
db_session.add(self.new_user)
db_session.commit()
self.send_email_verification()
+ self.thank_you_mode = True
+
def set_password(self, password):
pwfields = Bunch()
@@ -122,7 +130,7 @@ class RegisterUser(object):
pwfields.iterations = 100000
pwfields.keylength = 32
- pwfields.created_ts = datetime.datetime.utcnow().isoformat()
+ pwfields.created_ts = timestamp()
# One more check on password length
assert len(password) >= 6, "Password shouldn't be so short here"
@@ -146,8 +154,8 @@ class RegisterUser(object):
verification_code = str(uuid.uuid4())
key = "verification_code:" + verification_code
- data = json.dumps(dict(the_id=self.new_user.the_id,
- timestamp=datetime.datetime.utcnow().isoformat())
+ data = json.dumps(dict(id=self.new_user.id,
+ timestamp=timestamp())
)
Redis.set(key, data)
@@ -158,15 +166,25 @@ class RegisterUser(object):
body = render_template("email/verification.txt",
verification_code = verification_code)
send_email(to, subject, body)
-
+
+
+def basic_info():
+ return dict(timestamp = timestamp(),
+ ip_address = request.remote_addr,
+ user_agent = request.headers.get('User-Agent'))
-def verify_email(request):
+def verify_email():
print("in verify_email request.url is:", request.url)
verify_url_hmac(request.url)
verification_code = request.args['code']
data = Redis.get("verification_code:" + verification_code)
data = json.loads(data)
print("data is:", data)
+ user = model.User.query.get(data['id'])
+ user.confirmed = json.dumps(basic_info(), sort_keys=True)
+ db_session.commit()
+
+
diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py
index b552e160..fe91e014 100644
--- a/wqflask/wqflask/views.py
+++ b/wqflask/wqflask/views.py
@@ -267,15 +267,20 @@ def sharing_info_page():
template_vars = SharingInfoPage.SharingInfoPage(fd)
return template_vars
-# Take this out or secure it before going into production
+# Take this out or secure it before g[umlfoing into production
@app.route("/get_temp_data")
def get_temp_data():
temp_uuid = request.args['key']
return flask.jsonify(temp_data.TempData(temp_uuid).get_all())
-@app.route("/thank_you")
-def thank_you():
- return render_template("security/thank_you.html")
+#@app.route("/thank_you")
+#def thank_you():
+# return render_template("security/thank_you.html")
+
+@app.route("/manage/verify")
+def verify():
+ user_manager.verify_email()
+ return render_template("new_security/verified.html")
@app.route("/manage/users")
def manage_users():
@@ -292,10 +297,7 @@ def manage_groups():
template_vars = user_manager.GroupsManager(request.args)
return render_template("admin/group_manager.html", **template_vars.__dict__)
-@app.route("/manage/verify")
-def verify():
- user_manager.verify_email(request)
- return "foo"
+
@app.route("/n/register", methods=('GET', 'POST'))
@@ -310,6 +312,11 @@ def new_register():
print("Attempting to register the user...")
result = user_manager.RegisterUser(params)
errors = result.errors
+
+ if result.thank_you_mode:
+ assert not errors, "Errors while in thank you mode? That seems wrong..."
+ return render_template("new_security/thank_you.html")
+
return render_template("new_security/register_user.html", values=params, errors=errors)
#@app.route("/n/register_submit", methods=('POST',))