From f32dd17f3375767a11c6f99d69bea697c0ce5302 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sun, 18 Nov 2018 14:29:45 +0000 Subject: [PATCH] people: Implement simple registration process Signed-off-by: Michael Tremer --- Makefile.am | 4 +- src/backend/accounts.py | 40 +++++++++++++++++++ src/templates/auth/register-success.html | 20 ++++++++++ src/templates/auth/register.html | 51 ++++++++++++++++++++++++ src/web/__init__.py | 1 + src/web/auth.py | 21 ++++++++++ 6 files changed, 136 insertions(+), 1 deletion(-) create mode 100644 src/templates/auth/register-success.html create mode 100644 src/templates/auth/register.html diff --git a/Makefile.am b/Makefile.am index 6fe92dd2..e08b5b39 100644 --- a/Makefile.am +++ b/Makefile.am @@ -106,7 +106,9 @@ templates_DATA = \ templatesdir = $(datadir)/templates templates_auth_DATA = \ - src/templates/auth/login.html + src/templates/auth/login.html \ + src/templates/auth/register.html \ + src/templates/auth/register-success.html templates_authdir = $(templatesdir)/auth diff --git a/src/backend/accounts.py b/src/backend/accounts.py index 229e730a..0fafce5c 100644 --- a/src/backend/accounts.py +++ b/src/backend/accounts.py @@ -85,6 +85,19 @@ class Accounts(Object): if result: return result[0] + def uid_exists(self, uid): + if self.get_by_uid(uid): + return True + + res = self.db.get("SELECT 1 FROM account_activations \ + WHERE uid = %s AND expires_at > NOW()", uid) + + if res: + return True + + # Account with uid does not exist, yet + return False + def get_by_uid(self, uid): return self._search_one("(&(objectClass=person)(uid=%s))" % uid) @@ -109,6 +122,33 @@ class Accounts(Object): (|(sipAuthenticationUser=%s)(telephoneNumber=%s)(homePhone=%s)(mobile=%s)))" \ % (number, number, number, number)) + # Registration + + def create(self, uid, email, first_name, last_name): + # Check if UID is unique + if self.get_by_uid(uid): + raise ValueError("UID exists: %s" % uid) + + activation_code = util.random_string(24) + + # Account Parameters + account = { + "objectClass" : [b"top", b"person", b"inetOrgPerson"], + "userPassword" : activation_code.encode(), + "mail" : email.encode(), + + # Name + "cn" : b"%s %s" % (first_name.encode(), last_name.encode()), + "sn" : last_name.encode(), + "givenName" : first_name.encode(), + } + + # Create account on LDAP + self.ldap.add_s("uid=%s,ou=People,dc=mcfly,dc=local" % uid, ldap.modlist.addModlist(account)) + + # TODO Send email with activation code + pass + # Session stuff def _cleanup_expired_sessions(self): diff --git a/src/templates/auth/register-success.html b/src/templates/auth/register-success.html new file mode 100644 index 00000000..e8b1b204 --- /dev/null +++ b/src/templates/auth/register-success.html @@ -0,0 +1,20 @@ +{% extends "../base.html" %} + +{% block title %}{{ _("Thank You") }}{% end block %} + +{% block content %} +
+
+
+
+ + +

+ {{ _("Your account has been created.") }} + {{ _("Please check your email for next steps.") }} +

+
+
+
+
+{% end block %} diff --git a/src/templates/auth/register.html b/src/templates/auth/register.html new file mode 100644 index 00000000..f8a0f190 --- /dev/null +++ b/src/templates/auth/register.html @@ -0,0 +1,51 @@ +{% extends "../base.html" %} + +{% block title %}{{ _("Register") }}{% end block %} + +{% block content %} +
+
+

{{ _("Register New Account") }}

+ +

+ {{ _("Become a part of our community by registering an account!") }} +

+ +
+ {% raw xsrf_form_html() %} + + + +
+ +
+ +
+
+ + + +
+ +
+ + + +
+
+ +
+ +
+ + +
+
+
+{% end block %} diff --git a/src/web/__init__.py b/src/web/__init__.py index 8ea16128..e4855b4f 100644 --- a/src/web/__init__.py +++ b/src/web/__init__.py @@ -266,6 +266,7 @@ class Application(tornado.web.Application): self.add_handlers(r"people(\.dev)?\.ipfire\.org", [ (r"/", people.IndexHandler), (r"/conferences", people.ConferencesHandler), + (r"/register", auth.RegisterHandler), (r"/search", people.SearchHandler), (r"/users", people.UsersHandler), (r"/users/(\w+)", people.UserHandler), diff --git a/src/web/auth.py b/src/web/auth.py index 82e6f0d8..eaaec463 100644 --- a/src/web/auth.py +++ b/src/web/auth.py @@ -68,6 +68,27 @@ class LogoutHandler(AuthenticationMixin, base.BaseHandler): self.redirect("/") +class RegisterHandler(base.BaseHandler): + @base.blacklisted + def get(self): + self.render("auth/register.html") + + @base.blacklisted + def post(self): + uid = self.get_argument("uid") + email = self.get_argument("email") + + first_name = self.get_argument("first_name") + last_name = self.get_argument("last_name") + + # Register account + with self.db.transaction(): + self.backend.accounts.create(uid, email, + first_name=first_name, last_name=last_name) + + self.render("auth/register-success.html") + + class CacheMixin(object): def prepare(self): # Mark this as private when someone is logged in -- 2.39.2