From 91d05ab30a60671286b19e174ec0292dc6aa1af3 Mon Sep 17 00:00:00 2001 From: Sam Date: Thu, 3 Oct 2013 01:21:19 -0500 Subject: Much more progess on logging in: * Verifying emails now works * Redid user manager --- wqflask/wqflask/database.py | 3 +- wqflask/wqflask/model.py | 32 +++++++++++++------ wqflask/wqflask/templates/admin/user_manager.html | 14 ++++----- .../wqflask/templates/new_security/thank_you.html | 32 +++++++++++++++++++ .../wqflask/templates/new_security/verified.html | 32 +++++++++++++++++++ wqflask/wqflask/user_manager.py | 36 ++++++++++++++++------ wqflask/wqflask/views.py | 23 +++++++++----- 7 files changed, 137 insertions(+), 35 deletions(-) create mode 100644 wqflask/wqflask/templates/new_security/thank_you.html create mode 100644 wqflask/wqflask/templates/new_security/verified.html (limited to 'wqflask') diff --git a/wqflask/wqflask/database.py b/wqflask/wqflask/database.py index 65ca7d0c..e55f06a7 100644 --- a/wqflask/wqflask/database.py +++ b/wqflask/wqflask/database.py @@ -19,7 +19,8 @@ def init_db(): # you will have to import them first before calling init_db() #import yourapplication.models import wqflask.model + print("Creating all..") Base.metadata.create_all(bind=engine) - + print("Done creating all...") init_db() \ No newline at end of file diff --git a/wqflask/wqflask/model.py b/wqflask/wqflask/model.py index a3cd63a5..8e7a823e 100644 --- a/wqflask/wqflask/model.py +++ b/wqflask/wqflask/model.py @@ -13,7 +13,7 @@ from wqflask import app from sqlalchemy import Column, Integer, String, Table, ForeignKey, Unicode, Boolean, DateTime, Text from sqlalchemy.orm import relationship, backref -from wqflask.database import Base +from wqflask.database import Base, init_db # Create database connection object #db = SQLAlchemy(app) @@ -50,13 +50,13 @@ from wqflask.database import Base class Role(Base): __tablename__ = "role" - the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) + id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) name = Column(Unicode(80), unique=True, nullable=False) description = Column(Unicode(255)) class User(Base): __tablename__ = "user" - the_id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) + id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) email_address = Column(Unicode(50), unique=True, nullable=False) # Todo: Turn on strict mode for Mysql @@ -65,18 +65,28 @@ class User(Base): full_name = Column(Unicode(50)) organization = Column(Unicode(50)) - active = Column(Boolean()) - confirmed_at = Column(DateTime()) + active = Column(Boolean(), nullable=False, default=True) - last_login_at = Column(DateTime()) - current_login_at = Column(DateTime()) - last_login_ip = Column(Unicode(39)) - current_login_ip = Column(Unicode(39)) - login_count = Column(Integer()) + registration_info = Column(Text) # json detailing when they were registered, etc. + + confirmed = Column(Text) # json detailing when they confirmed, etc. + + #last_login_at = Column(DateTime()) + #current_login_at = Column(DateTime()) + #last_login_ip = Column(Unicode(39)) + #current_login_ip = Column(Unicode(39)) + #login_count = Column(Integer()) #roles = relationship('Role', secondary=roles_users, # backref=backref('users', lazy='dynamic')) +class Login(Base): + __tablename__ = "login" + id = Column(Unicode(36), primary_key=True, default=lambda: unicode(uuid.uuid4())) + user = Column(Unicode(36), ForeignKey('user.id')) + timestamp = Column(DateTime()) + ip_address = Column(Unicode(39)) + # Setup Flask-Security #user_datastore = SQLAlchemyUserDatastore(db, User, Role) @@ -89,3 +99,5 @@ class User(Base): #user_datastore.create_role(name="Genentech", description="Genentech Beta Project(testing)") + + diff --git a/wqflask/wqflask/templates/admin/user_manager.html b/wqflask/wqflask/templates/admin/user_manager.html index 14cd12e0..1308ff4b 100644 --- a/wqflask/wqflask/templates/admin/user_manager.html +++ b/wqflask/wqflask/templates/admin/user_manager.html @@ -16,20 +16,20 @@ - - + + {% for user in users %} - - - - + + + {% endfor %}
ID EmailConfirmed atOrganization ActiveConfirmed
- {{ user.id }} + + {{ user.email_address }} {{ user.email }}{{ user.confirmed_at }}{{ user.active }}{{ user.organization }}{{ 'Yes' if user.active else 'No' }}{{ 'True' if user.confirmed else 'False' }}
diff --git a/wqflask/wqflask/templates/new_security/thank_you.html b/wqflask/wqflask/templates/new_security/thank_you.html new file mode 100644 index 00000000..5aa11ebf --- /dev/null +++ b/wqflask/wqflask/templates/new_security/thank_you.html @@ -0,0 +1,32 @@ +{% extends "base.html" %} +{% block title %}Register{% endblock %} +{% block content %} +
+
+

Thank you

+

+ Thanks for verifying. +

+
+
+ +
+ + +

Enjoy using the site.

+ +

Go to the homepage

. +
+ +{% endblock %} + +{% block js %} + + + {% include "new_security/_scripts.html" %} + + +{% endblock %} + diff --git a/wqflask/wqflask/templates/new_security/verified.html b/wqflask/wqflask/templates/new_security/verified.html new file mode 100644 index 00000000..97cb7807 --- /dev/null +++ b/wqflask/wqflask/templates/new_security/verified.html @@ -0,0 +1,32 @@ +{% extends "base.html" %} +{% block title %}Register{% endblock %} +{% block content %} +
+
+

Thank you

+

+ Thanks for verifying. +

+
+
+ +
+ + +

Enjoy using the site.

+ +

Go to the homepage

. +
+ +{% endblock %} + +{% block js %} + + + {% include "new_security/_scripts.html" %} + + +{% endblock %} + diff --git a/wqflask/wqflask/user_manager.py b/wqflask/wqflask/user_manager.py index 159a0ffc..b967c86f 100644 --- a/wqflask/wqflask/user_manager.py +++ b/wqflask/wqflask/user_manager.py @@ -22,7 +22,7 @@ from redis import StrictRedis Redis = StrictRedis() -from flask import Flask, g, render_template, url_for +from flask import Flask, g, render_template, url_for, request from wqflask import app @@ -41,8 +41,11 @@ from utility import Bunch from base.data_set import create_datasets_list -#from app import db -print("globals are:", globals()) + + +def timestamp(): + return datetime.datetime.utcnow().isoformat() + class UsersManager(object): @@ -54,7 +57,7 @@ class UsersManager(object): class UserManager(object): def __init__(self, kw): - self.user_id = int(kw['user_id']) + self.user_id = kw['user_id'] print("In UserManager locals are:", pf(locals())) #self.user = model.User.get(user_id) #print("user is:", user) @@ -73,6 +76,7 @@ class UserManager(object): class RegisterUser(object): def __init__(self, kw): + self.thank_you_mode = False self.errors = [] self.user = Bunch() @@ -102,12 +106,16 @@ class RegisterUser(object): self.set_password(password) + self.user.registration_info = json.dumps(basic_info(), sort_keys=True) + self.new_user = model.User(**self.user.__dict__) db_session.add(self.new_user) db_session.commit() self.send_email_verification() + self.thank_you_mode = True + def set_password(self, password): pwfields = Bunch() @@ -122,7 +130,7 @@ class RegisterUser(object): pwfields.iterations = 100000 pwfields.keylength = 32 - pwfields.created_ts = datetime.datetime.utcnow().isoformat() + pwfields.created_ts = timestamp() # One more check on password length assert len(password) >= 6, "Password shouldn't be so short here" @@ -146,8 +154,8 @@ class RegisterUser(object): verification_code = str(uuid.uuid4()) key = "verification_code:" + verification_code - data = json.dumps(dict(the_id=self.new_user.the_id, - timestamp=datetime.datetime.utcnow().isoformat()) + data = json.dumps(dict(id=self.new_user.id, + timestamp=timestamp()) ) Redis.set(key, data) @@ -158,15 +166,25 @@ class RegisterUser(object): body = render_template("email/verification.txt", verification_code = verification_code) send_email(to, subject, body) - + + +def basic_info(): + return dict(timestamp = timestamp(), + ip_address = request.remote_addr, + user_agent = request.headers.get('User-Agent')) -def verify_email(request): +def verify_email(): print("in verify_email request.url is:", request.url) verify_url_hmac(request.url) verification_code = request.args['code'] data = Redis.get("verification_code:" + verification_code) data = json.loads(data) print("data is:", data) + user = model.User.query.get(data['id']) + user.confirmed = json.dumps(basic_info(), sort_keys=True) + db_session.commit() + + diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py index b552e160..fe91e014 100644 --- a/wqflask/wqflask/views.py +++ b/wqflask/wqflask/views.py @@ -267,15 +267,20 @@ def sharing_info_page(): template_vars = SharingInfoPage.SharingInfoPage(fd) return template_vars -# Take this out or secure it before going into production +# Take this out or secure it before g[umlfoing into production @app.route("/get_temp_data") def get_temp_data(): temp_uuid = request.args['key'] return flask.jsonify(temp_data.TempData(temp_uuid).get_all()) -@app.route("/thank_you") -def thank_you(): - return render_template("security/thank_you.html") +#@app.route("/thank_you") +#def thank_you(): +# return render_template("security/thank_you.html") + +@app.route("/manage/verify") +def verify(): + user_manager.verify_email() + return render_template("new_security/verified.html") @app.route("/manage/users") def manage_users(): @@ -292,10 +297,7 @@ def manage_groups(): template_vars = user_manager.GroupsManager(request.args) return render_template("admin/group_manager.html", **template_vars.__dict__) -@app.route("/manage/verify") -def verify(): - user_manager.verify_email(request) - return "foo" + @app.route("/n/register", methods=('GET', 'POST')) @@ -310,6 +312,11 @@ def new_register(): print("Attempting to register the user...") result = user_manager.RegisterUser(params) errors = result.errors + + if result.thank_you_mode: + assert not errors, "Errors while in thank you mode? That seems wrong..." + return render_template("new_security/thank_you.html") + return render_template("new_security/register_user.html", values=params, errors=errors) #@app.route("/n/register_submit", methods=('POST',)) -- cgit v1.2.3