cablegates/pandora/user/views.py

332 lines
10 KiB
Python
Raw Normal View History

2010-02-27 10:37:00 +00:00
# -*- coding: utf-8 -*-
2010-01-25 09:20:21 +00:00
# vi:si:et:sw=4:sts=4:ts=4
2010-02-03 11:59:11 +00:00
import uuid
import hashlib
2010-01-25 09:20:21 +00:00
2010-02-03 12:05:38 +00:00
from django import forms
2010-01-25 09:20:21 +00:00
from django.contrib.auth.models import User
from django.contrib.auth import authenticate, login, logout
2010-02-06 08:24:39 +00:00
from django.shortcuts import render_to_response, get_object_or_404, get_list_or_404, redirect
2010-02-03 11:59:11 +00:00
from django.template import RequestContext, loader, Context
2010-01-25 09:20:21 +00:00
from django.utils import simplejson as json
2010-02-06 08:24:39 +00:00
from django.conf import settings
2010-02-16 10:10:53 +00:00
from django.core.mail import send_mail, BadHeaderError
2010-01-25 09:20:21 +00:00
from ox.django.shortcuts import render_to_json_response, json_response
from ox.django.decorators import login_required_json
2010-01-25 09:20:21 +00:00
import models
from api.actions import actions
2010-02-27 10:37:00 +00:00
class LoginForm(forms.Form):
username = forms.TextInput()
password = forms.TextInput()
2010-01-25 09:20:21 +00:00
2010-12-22 18:37:20 +00:00
def api_login(request):
2010-01-25 09:20:21 +00:00
'''
param data {
username: 'username',
password: 'password'
}
2010-01-25 09:20:21 +00:00
return {
status: {'code': int, 'text': string}
data: {
errors: {
2010-12-24 10:14:13 +00:00
username: 'Unknown Username',
password: 'Incorrect Password'
}
user: {
...
}
}
}
2010-01-25 09:20:21 +00:00
'''
data = json.loads(request.POST['data'])
form = LoginForm(data, request.FILES)
if form.is_valid():
if models.User.objects.filter(username=form.data['username']).count() == 0:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'username': 'Unknown Username'
}
})
2010-01-25 09:20:21 +00:00
else:
user = authenticate(username=data['username'], password=data['password'])
if user is not None:
if user.is_active:
login(request, user)
user_json = models.get_user_json(user)
response = json_response({
'user': user_json
})
else:
response = json_response({
'errors': {
'username': 'User Disabled'
}
})
else:
response = json_response({
'errors': {
'password': 'Incorrect Password'
}
})
2010-01-25 09:20:21 +00:00
else:
2010-02-10 13:10:28 +00:00
response = json_response(status=400, text='invalid data')
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2010-12-22 18:37:20 +00:00
actions.register(api_login, 'login')
2010-01-25 09:20:21 +00:00
2010-12-22 18:39:19 +00:00
def api_logout(request):
2010-01-25 09:20:21 +00:00
'''
param data {
}
return {
status: {'code': int, 'text': string}
}
2010-01-25 09:20:21 +00:00
'''
2010-12-24 10:14:13 +00:00
response = json_response(text='ok')
2010-01-25 09:20:21 +00:00
if request.user.is_authenticated():
2010-12-24 10:14:13 +00:00
response = json_response(text='logged out')
logout(request)
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
2010-12-22 18:37:20 +00:00
actions.register(api_logout, 'logout')
2010-01-25 09:20:21 +00:00
class RegisterForm(forms.Form):
username = forms.TextInput()
password = forms.TextInput()
email = forms.TextInput()
def register(request):
2010-01-25 09:20:21 +00:00
'''
param data {
username: 'username',
password: 'password',
email: 'emailaddress'
}
2010-01-25 09:20:21 +00:00
return {
status: {'code': int, 'text': string}
data: {
errors: {
2010-12-24 10:14:13 +00:00
username: 'Unknown Username',
password: 'Incorrect Password'
}
user: {
...
}
}
}
2010-01-25 09:20:21 +00:00
'''
data = json.loads(request.POST['data'])
form = RegisterForm(data, request.FILES)
if form.is_valid():
if models.User.objects.filter(username=form.data['username']).count() > 0:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'username': 'Username already exists'
}
})
elif models.User.objects.filter(email=form.data['email']).count() > 0:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'email': 'Email address already exits'
}
})
else:
first_user = models.User.objects.count() == 0
user = models.User(username=form.data['username'], email=form.data['email'])
user.set_password(form.data['password'])
#make first user admin
user.is_superuser = first_user
user.is_staff = first_user
2010-01-26 13:24:50 +00:00
user.save()
user = authenticate(username=form.data['username'],
password=form.data['password'])
login(request, user)
user_json = models.get_user_json(user)
response = json_response({
'user': user_json
}, text='account created')
else:
response = json_response(status=400, text='invalid data')
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
actions.register(register)
2010-01-25 09:20:21 +00:00
class RecoverForm(forms.Form):
username_or_email = forms.TextInput()
2010-01-25 09:20:21 +00:00
def api_recover(request):
'''
param data {
username_or_email: username
}
return {
status: {'code': int, 'text': string}
data: {
errors: {
2010-12-24 10:14:13 +00:00
username_or_email: 'Username or email address not found'
}
}
}
'''
2010-01-25 09:20:21 +00:00
data = json.loads(request.POST['data'])
form = RegisterForm(data, request.FILES)
if form.is_valid():
username = data['username_or_email']
user = None
q = models.User.objects.filter(username=username)
2010-01-25 09:20:21 +00:00
if q.count() > 0:
user = q[0]
else:
q = models.User.objects.filter(email=username)
if q.count() > 0:
user = q[0]
if user:
2010-02-03 11:59:11 +00:00
key = hashlib.sha1(str(uuid.uuid4())).hexdigest()
user_profile = user.get_profile()
user_profile.recover_key = key
user_profile.save()
2010-02-06 08:24:39 +00:00
template = loader.get_template('recover_email.txt')
context = RequestContext(request, {
2010-02-03 11:59:11 +00:00
'recover_url': request.build_absolute_uri("/r/%s" % key),
'sitename': settings.SITENAME,
})
message = template.render(context)
subject = '%s account recovery' % settings.SITENAME
user.email_user(subject, message)
2010-02-10 13:10:28 +00:00
response = json_response(text='recover email sent')
else:
response = json_response({
'errors': {
2010-12-24 10:14:13 +00:00
'username_or_email': 'Username or email address not found'
}
})
2010-01-25 09:20:21 +00:00
else:
2010-02-10 13:10:28 +00:00
response = json_response(status=400, text='invalid data')
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
actions.register(api_recover, 'recover')
2010-07-22 13:03:16 +00:00
def findUser(request):
2010-07-22 13:03:16 +00:00
'''
param data {
key: "username",
value: "foo", operator: "="
}
2010-07-22 13:03:16 +00:00
return {
'status': {'code': int, 'text': string}
'data': {
users = ['user1', 'user2']
}
}
'''
#FIXME: support other operators and keys
data = json.loads(request.POST['data'])
response = json_response(status=200, text='ok')
response['data']['users'] = [u.username for u in User.objects.filter(username__iexact=data['value'])]
return render_to_json_response(response)
actions.register(findUser)
2010-01-25 09:20:21 +00:00
2010-02-06 08:24:39 +00:00
def recover(request, key):
2010-12-22 15:17:38 +00:00
'''
recover user and redirect to settings
'''
2010-02-06 08:24:39 +00:00
qs = models.UserProfile.objects.filter(recover_key=key)
if qs.count() == 1:
user = qs[0].user
user.set_password(key)
user.save()
user_profile = user.get_profile()
user_profile.recover_key = ''
user_profile.save()
user = authenticate(username=user.username, password=key)
login(request, user)
#FIXME: set message to notify user to update password
return redirect('/#settings')
return redirect('/')
2010-02-16 10:10:53 +00:00
class ContactForm(forms.Form):
email = forms.EmailField()
subject = forms.TextInput()
message = forms.TextInput()
def contact(request):
2010-02-16 10:10:53 +00:00
'''
param data {
'email': string,
'message': string
}
2010-02-16 10:10:53 +00:00
return {
'status': {'code': int, 'text': string}
}
2010-02-16 10:10:53 +00:00
'''
data = json.loads(request.POST['data'])
form = ContactForm(data, request.FILES)
if form.is_valid():
email = data['email']
template = loader.get_template('contact_email.txt')
context = RequestContext(request, {
'sitename': settings.SITENAME,
'email': email,
'message': data['message'],
})
message = template.render(context)
subject = '%s contact: %s' % (settings.SITENAME, data['subject'])
response = json_response(text='message sent')
try:
send_mail(subject, message, email, [settings.DEFAULT_FROM_EMAIL, ])
except BadHeaderError:
response = json_response(status=400, text='invalid data')
else:
response = json_response(status=400, text='invalid data')
return render_to_json_response(response)
actions.register(contact)
2010-02-16 10:10:53 +00:00
2010-01-25 09:20:21 +00:00
@login_required_json
def preferences(request):
2010-01-25 09:20:21 +00:00
'''
param data
string
array
object
return
if data is empy or {}
if data is string:
return preference with name
if data is array:
return preferences with names
if data is object:
set key values in dict as preferences
2010-01-25 09:20:21 +00:00
'''
2010-02-10 13:10:28 +00:00
response = json_response()
2010-01-25 09:20:21 +00:00
if 'data' not in request.POST:
response['data']['preferences'] = models.get_preferences(request.user)
2010-01-25 09:20:21 +00:00
else:
data = json.loads(request.POST['data'])
if isinstance(data, basestring):
2010-01-27 05:36:21 +00:00
response['data']['preferences'] = {}
response['data']['preferences'][data] = models.get_preference(request.user, data)
2010-01-25 09:20:21 +00:00
elif isinstance(data, list):
2010-01-27 05:36:21 +00:00
response['data']['preferences'] = {}
2010-01-25 09:20:21 +00:00
for preference in data:
response['preferences'][preference] = models.get_preference(request.user, preference)
2010-01-25 09:20:21 +00:00
elif isinstance(data, dict):
if not data:
response['data']['preferences'] = models.get_preferences(request.user)
else:
del response['data']
for key in data:
models.set_preference(request.user, key, data[key])
2010-01-25 09:20:21 +00:00
return render_to_json_response(response)
actions.register(preferences)