[account,auth][m]: (fixes #2) working user accounts with registration…

…, login and logout. * TODO: issue with showing user info in top nav as mako system does not support context_processor (need to switch to jinja - see #13)
rufuspollock-okfn · Sep 17, 2011 · 6add8e1 · 6add8e1
1 parent 04b174d
commit 6add8e1
Show file tree

Hide file tree

Showing 7 changed files with 106 additions and 0 deletions.
diff --git a/bibserver/view/__init__.py b/bibserver/view/__init__.py
diff --git a/bibserver/view/account.py b/bibserver/view/account.py
@@ -0,0 +1,68 @@
+from flask import Blueprint, request, url_for, flash, redirect
+from flaskext.mako import render_template
+from flaskext.login import login_user, logout_user
+from flaskext.wtf import Form, TextField, PasswordField, validators
+
+import bibserver.dao as dao
+
+blueprint = Blueprint('account', __name__)
+
+
+@blueprint.route('/')
+def index():
+    return 'Accounts'
+
+
+class LoginForm(Form):
+    username = TextField('Username', [validators.Required()])
+    password = PasswordField('Password', [validators.Required()])
+
+@blueprint.route('/login', methods=['GET', 'POST'])
+def login():
+    form = LoginForm(request.form, csrf_enabled=False)
+    if request.method == 'POST' and form.validate():
+        password = form.password.data
+        username = form.username.data
+        user = dao.Account.get(username)
+        if user and user.check_password(password):
+            login_user(user, remember=True)
+            flash('Welcome back', 'success')
+            return redirect(url_for('home'))
+        else:
+            flash('Incorrect email/password', 'error')
+    if request.method == 'POST' and not form.validate():
+        flash('Invalid form', 'error')
+    return render_template('account/login.html', form=form)
+
+
+@blueprint.route('/logout')
+def logout():
+    logout_user()
+    flash('You are now logged out', 'success')
+    return redirect(url_for('home'))
+
+
+class RegisterForm(Form):
+    username = TextField('Username', [validators.Length(min=3, max=25)])
+    email = TextField('Email Address', [validators.Length(min=3, max=35)])
+    password = PasswordField('New Password', [
+        validators.Required(),
+        validators.EqualTo('confirm', message='Passwords must match')
+    ])
+    confirm = PasswordField('Repeat Password')
+
+@blueprint.route('/register', methods=['GET', 'POST'])
+def register():
+    # TODO: re-enable csrf
+    form = RegisterForm(request.form, csrf_enabled=False)
+    if request.method == 'POST' and form.validate():
+        account = dao.Account(id=form.username.data, email=form.email.data)
+        account.set_password(form.password.data)
+        account.save()
+        login_user(account, remember=True)
+        flash('Thanks for signing-up', 'success')
+        return redirect(url_for('home'))
+    if request.method == 'POST' and not form.validate():
+        flash('Please correct the errors', 'error')
+    return render_template('account/register.html', form=form)
+
diff --git a/bibserver/web.py b/bibserver/web.py
@@ -13,6 +13,9 @@
 import bibserver.iomanager
 import bibserver.importer
 from bibserver.core import app, login_manager
+from bibserver.view.account import blueprint as account
+
+app.register_blueprint(account, url_prefix='/account')
 
 
 # NB: the decorator appears to kill the function for normal usage

diff --git a/setup.py b/setup.py
@@ -9,6 +9,7 @@
         # need Flask-Mako from source. See README.rst.
         "Flask-Mako",
         "Flask-Login",
+        "Flask-WTF",
         "pyes==0.16",
         # need solrpy from HEAD. See README.rst.
         "solrpy",

diff --git a/templates/_formhelpers.html b/templates/_formhelpers.html
@@ -0,0 +1,14 @@
+<%def name="render_field(field, **kwargs)">
+  ${ field.label }
+  <div class="input">
+    ${ field(**kwargs) }
+    % if field.errors:
+      <ul class="errors">
+        % for error in field.errors:
+        <li>${ error }</li>
+        % endfor
+      </ul>
+    % endif
+  </div>
+</%def>
+
diff --git a/templates/account/login.html b/templates/account/login.html
@@ -0,0 +1,10 @@
+<%include file="/header.html"/>
+<%namespace name="helpers" file="/_formhelpers.html" />
+
+  <form method="post" action="">
+      ${ helpers.render_field(form.username, placeholder="your username") }
+      ${ helpers.render_field(form.password, placeholder="********") }
+    <input type="submit" value="Login" class="btn" />
+  </form>
+
+<%include file="/footer.html"/>
diff --git a/templates/account/register.html b/templates/account/register.html
@@ -0,0 +1,10 @@
+<%include file="/header.html"/>
+<%namespace name="helpers" file="/_formhelpers.html" />
+
+  <form method="post" action="${url_for('account.register')}">
+      ${ helpers.render_field(form.username, placeholder="myusername") }
+      ${ helpers.render_field(form.email, placeholder="hello@mywebsite.org") }
+      ${ helpers.render_field(form.password, placeholder="********") }
+      ${ helpers.render_field(form.confirm, placeholder="********") }
+    <input type="submit" value="Signup" class="btn" />
+  </form>