From 91d05ab30a60671286b19e174ec0292dc6aa1af3 Mon Sep 17 00:00:00 2001
From: Sam
Date: Thu, 3 Oct 2013 01:21:19 -0500
Subject: Much more progess on logging in:
* Verifying emails now works
* Redid user manager
---
wqflask/wqflask/database.py | 3 +-
wqflask/wqflask/model.py | 32 +++++++++++++------
wqflask/wqflask/templates/admin/user_manager.html | 14 ++++-----
.../wqflask/templates/new_security/thank_you.html | 32 +++++++++++++++++++
.../wqflask/templates/new_security/verified.html | 32 +++++++++++++++++++
wqflask/wqflask/user_manager.py | 36 ++++++++++++++++------
wqflask/wqflask/views.py | 23 +++++++++-----
7 files changed, 137 insertions(+), 35 deletions(-)
create mode 100644 wqflask/wqflask/templates/new_security/thank_you.html
create mode 100644 wqflask/wqflask/templates/new_security/verified.html
diff --git a/wqflask/wqflask/database.py b/wqflask/wqflask/database.py
index 65ca7d0c..e55f06a7 100644
--- a/wqflask/wqflask/database.py
+++ b/wqflask/wqflask/database.py
@@ -19,7 +19,8 @@ def init_db():
# you will have to import them first before calling init_db()
#import yourapplication.models
import wqflask.model
+ print("Creating all..")
Base.metadata.create_all(bind=engine)
-
+ print("Done creating all...")
init_db()
\ No newline at end of file
diff --git a/wqflask/wqflask/model.py b/wqflask/wqflask/model.py
index a3cd63a5..8e7a823e 100644
--- a/wqflask/wqflask/model.py
+++ b/wqflask/wqflask/model.py
@@ -13,7 +13,7 @@ from wqflask import app
from sqlalchemy import Column, Integer, String, Table, ForeignKey, Unicode, Boolean, DateTime, Text
from sqlalchemy.orm import relationship, backref
-from wqflask.database import Base
+from wqflask.database import Base, init_db
# Create database connection object
#db = SQLAlchemy(app)
@@ -50,13 +50,13 @@ from wqflask.database import Base
class Role(Base):
__tablename__ = "role"
- the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+ id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
name = Column(Unicode(80), unique=True, nullable=False)
description = Column(Unicode(255))
class User(Base):
__tablename__ = "user"
- the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+ id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
email_address = Column(Unicode(50), unique=True, nullable=False)
# Todo: Turn on strict mode for Mysql
@@ -65,18 +65,28 @@ class User(Base):
full_name = Column(Unicode(50))
organization = Column(Unicode(50))
- active = Column(Boolean())
- confirmed_at = Column(DateTime())
+ active = Column(Boolean(), nullable=False, default=True)
- last_login_at = Column(DateTime())
- current_login_at = Column(DateTime())
- last_login_ip = Column(Unicode(39))
- current_login_ip = Column(Unicode(39))
- login_count = Column(Integer())
+ registration_info = Column(Text) # json detailing when they were registered, etc.
+
+ confirmed = Column(Text) # json detailing when they confirmed, etc.
+
+ #last_login_at = Column(DateTime())
+ #current_login_at = Column(DateTime())
+ #last_login_ip = Column(Unicode(39))
+ #current_login_ip = Column(Unicode(39))
+ #login_count = Column(Integer())
#roles = relationship('Role', secondary=roles_users,
# backref=backref('users', lazy='dynamic'))
+class Login(Base):
+ __tablename__ = "login"
+ id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4()))
+ user = Column(Unicode(36), ForeignKey('user.id'))
+ timestamp = Column(DateTime())
+ ip_address = Column(Unicode(39))
+
# Setup Flask-Security
#user_datastore = SQLAlchemyUserDatastore(db, User, Role)
@@ -89,3 +99,5 @@ class User(Base):
#user_datastore.create_role(name="Genentech", description="Genentech Beta Project(testing)")
+
+
diff --git a/wqflask/wqflask/templates/admin/user_manager.html b/wqflask/wqflask/templates/admin/user_manager.html
index 14cd12e0..1308ff4b 100644
--- a/wqflask/wqflask/templates/admin/user_manager.html
+++ b/wqflask/wqflask/templates/admin/user_manager.html
@@ -16,20 +16,20 @@
- ID |
Email |
- Confirmed at |
+ Organization |
Active |
+ Confirmed |
{% for user in users %}
-
- {{ user.id }}
+ |
+ {{ user.email_address }}
|
- {{ user.email }} |
- {{ user.confirmed_at }} |
- {{ user.active }} |
+ {{ user.organization }} |
+ {{ 'Yes' if user.active else 'No' }} |
+ {{ 'True' if user.confirmed else 'False' }} |
{% endfor %}
diff --git a/wqflask/wqflask/templates/new_security/thank_you.html b/wqflask/wqflask/templates/new_security/thank_you.html
new file mode 100644
index 00000000..5aa11ebf
--- /dev/null
+++ b/wqflask/wqflask/templates/new_security/thank_you.html
@@ -0,0 +1,32 @@
+{% extends "base.html" %}
+{% block title %}Register{% endblock %}
+{% block content %}
+
+
+
+
+
+
Enjoy using the site.
+
+
Go to the homepage
.
+
+
+{% endblock %}
+
+{% block js %}
+
+
+ {% include "new_security/_scripts.html" %}
+
+
+{% endblock %}
+
diff --git a/wqflask/wqflask/templates/new_security/verified.html b/wqflask/wqflask/templates/new_security/verified.html
new file mode 100644
index 00000000..97cb7807
--- /dev/null
+++ b/wqflask/wqflask/templates/new_security/verified.html
@@ -0,0 +1,32 @@
+{% extends "base.html" %}
+{% block title %}Register{% endblock %}
+{% block content %}
+
+
+
+
+
+
Enjoy using the site.
+
+
Go to the homepage
.
+
+
+{% endblock %}
+
+{% block js %}
+
+
+ {% include "new_security/_scripts.html" %}
+
+
+{% endblock %}
+
diff --git a/wqflask/wqflask/user_manager.py b/wqflask/wqflask/user_manager.py
index 159a0ffc..b967c86f 100644
--- a/wqflask/wqflask/user_manager.py
+++ b/wqflask/wqflask/user_manager.py
@@ -22,7 +22,7 @@ from redis import StrictRedis
Redis = StrictRedis()
-from flask import Flask, g, render_template, url_for
+from flask import Flask, g, render_template, url_for, request
from wqflask import app
@@ -41,8 +41,11 @@ from utility import Bunch
from base.data_set import create_datasets_list
-#from app import db
-print("globals are:", globals())
+
+
+def timestamp():
+ return datetime.datetime.utcnow().isoformat()
+
class UsersManager(object):
@@ -54,7 +57,7 @@ class UsersManager(object):
class UserManager(object):
def __init__(self, kw):
- self.user_id = int(kw['user_id'])
+ self.user_id = kw['user_id']
print("In UserManager locals are:", pf(locals()))
#self.user = model.User.get(user_id)
#print("user is:", user)
@@ -73,6 +76,7 @@ class UserManager(object):
class RegisterUser(object):
def __init__(self, kw):
+ self.thank_you_mode = False
self.errors = []
self.user = Bunch()
@@ -102,12 +106,16 @@ class RegisterUser(object):
self.set_password(password)
+ self.user.registration_info = json.dumps(basic_info(), sort_keys=True)
+
self.new_user = model.User(**self.user.__dict__)
db_session.add(self.new_user)
db_session.commit()
self.send_email_verification()
+ self.thank_you_mode = True
+
def set_password(self, password):
pwfields = Bunch()
@@ -122,7 +130,7 @@ class RegisterUser(object):
pwfields.iterations = 100000
pwfields.keylength = 32
- pwfields.created_ts = datetime.datetime.utcnow().isoformat()
+ pwfields.created_ts = timestamp()
# One more check on password length
assert len(password) >= 6, "Password shouldn't be so short here"
@@ -146,8 +154,8 @@ class RegisterUser(object):
verification_code = str(uuid.uuid4())
key = "verification_code:" + verification_code
- data = json.dumps(dict(the_id=self.new_user.the_id,
- timestamp=datetime.datetime.utcnow().isoformat())
+ data = json.dumps(dict(id=self.new_user.id,
+ timestamp=timestamp())
)
Redis.set(key, data)
@@ -158,15 +166,25 @@ class RegisterUser(object):
body = render_template("email/verification.txt",
verification_code = verification_code)
send_email(to, subject, body)
-
+
+
+def basic_info():
+ return dict(timestamp = timestamp(),
+ ip_address = request.remote_addr,
+ user_agent = request.headers.get('User-Agent'))
-def verify_email(request):
+def verify_email():
print("in verify_email request.url is:", request.url)
verify_url_hmac(request.url)
verification_code = request.args['code']
data = Redis.get("verification_code:" + verification_code)
data = json.loads(data)
print("data is:", data)
+ user = model.User.query.get(data['id'])
+ user.confirmed = json.dumps(basic_info(), sort_keys=True)
+ db_session.commit()
+
+
diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py
index b552e160..fe91e014 100644
--- a/wqflask/wqflask/views.py
+++ b/wqflask/wqflask/views.py
@@ -267,15 +267,20 @@ def sharing_info_page():
template_vars = SharingInfoPage.SharingInfoPage(fd)
return template_vars
-# Take this out or secure it before going into production
+# Take this out or secure it before g[umlfoing into production
@app.route("/get_temp_data")
def get_temp_data():
temp_uuid = request.args['key']
return flask.jsonify(temp_data.TempData(temp_uuid).get_all())
-@app.route("/thank_you")
-def thank_you():
- return render_template("security/thank_you.html")
+#@app.route("/thank_you")
+#def thank_you():
+# return render_template("security/thank_you.html")
+
+@app.route("/manage/verify")
+def verify():
+ user_manager.verify_email()
+ return render_template("new_security/verified.html")
@app.route("/manage/users")
def manage_users():
@@ -292,10 +297,7 @@ def manage_groups():
template_vars = user_manager.GroupsManager(request.args)
return render_template("admin/group_manager.html", **template_vars.__dict__)
-@app.route("/manage/verify")
-def verify():
- user_manager.verify_email(request)
- return "foo"
+
@app.route("/n/register", methods=('GET', 'POST'))
@@ -310,6 +312,11 @@ def new_register():
print("Attempting to register the user...")
result = user_manager.RegisterUser(params)
errors = result.errors
+
+ if result.thank_you_mode:
+ assert not errors, "Errors while in thank you mode? That seems wrong..."
+ return render_template("new_security/thank_you.html")
+
return render_template("new_security/register_user.html", values=params, errors=errors)
#@app.route("/n/register_submit", methods=('POST',))
--
cgit v1.2.3