aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/auth/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/auth/views.py')
-rw-r--r--mediagoblin/auth/views.py45
1 files changed, 17 insertions, 28 deletions
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index 5b77c122..efd3e018 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -17,13 +17,10 @@
import uuid
import datetime
-from webob import exc
-
-from mediagoblin import messages
-from mediagoblin import mg_globals
+from mediagoblin import messages, mg_globals
+from mediagoblin.db.sql.models import User
from mediagoblin.tools.response import render_to_response, redirect, render_404
from mediagoblin.tools.translate import pass_to_ugettext as _
-from mediagoblin.db.util import ObjectId, InvalidId
from mediagoblin.auth import lib as auth_lib
from mediagoblin.auth import forms as auth_forms
from mediagoblin.auth.lib import send_verification_email, \
@@ -63,10 +60,8 @@ def register(request):
em_user, em_dom = unicode(request.form['email']).split("@", 1)
em_dom = em_dom.lower()
email = em_user + "@" + em_dom
- users_with_username = request.db.User.find(
- {'username': username}).count()
- users_with_email = request.db.User.find(
- {'email': email}).count()
+ users_with_username = User.query.filter_by(username=username).count()
+ users_with_email = User.query.filter_by(email=email).count()
extra_validation_passes = True
@@ -81,16 +76,16 @@ def register(request):
if extra_validation_passes:
# Create the user
- user = request.db.User()
+ user = User()
user.username = username
user.email = email
user.pw_hash = auth_lib.bcrypt_gen_password_hash(
request.form['password'])
user.verification_key = unicode(uuid.uuid4())
- user.save(validate=True)
+ user.save()
# log the user in
- request.session['user_id'] = unicode(user._id)
+ request.session['user_id'] = unicode(user.id)
request.session.save()
# send verification email
@@ -120,16 +115,15 @@ def login(request):
login_failed = False
if request.method == 'POST' and login_form.validate():
- user = request.db.User.find_one(
- {'username': request.form['username'].lower()})
+ user = User.query.filter_by(username=request.form['username'].lower()).first()
if user and user.check_login(request.form['password']):
# set up login in session
- request.session['user_id'] = unicode(user._id)
+ request.session['user_id'] = unicode(user.id)
request.session.save()
if request.form.get('next'):
- return exc.HTTPFound(location=request.form['next'])
+ return redirect(request, location=request.form['next'])
else:
return redirect(request, "index")
@@ -166,8 +160,7 @@ def verify_email(request):
if not 'userid' in request.GET or not 'token' in request.GET:
return render_404(request)
- user = request.db.User.find_one(
- {'_id': ObjectId(unicode(request.GET['userid']))})
+ user = User.query.filter_by(id=request.args['userid']).first()
if user and user.verification_key == unicode(request.GET['token']):
user.status = u'active'
@@ -242,11 +235,9 @@ def forgot_password(request):
if request.method == 'POST' and fp_form.validate():
# '$or' not available till mongodb 1.5.3
- user = request.db.User.find_one(
- {'username': request.form['username']})
+ user = User.query.filter_by(username=request.form['username']).first()
if not user:
- user = request.db.User.find_one(
- {'email': request.form['username']})
+ user = User.query.filter_by(email=request.form['username']).first()
if user:
if user.email_verified and user.status == 'active':
@@ -305,11 +296,9 @@ def verify_forgot_password(request):
formdata_userid = formdata['vars']['userid']
formdata_vars = formdata['vars']
- # check if it's a valid Id
- try:
- user = request.db.User.find_one(
- {'_id': ObjectId(unicode(formdata_userid))})
- except InvalidId:
+ # check if it's a valid user id
+ user = User.query.filter_by(id=formdata_userid).first()
+ if not user:
return render_404(request)
# check if we have a real user and correct token
@@ -338,7 +327,7 @@ def verify_forgot_password(request):
'mediagoblin/auth/change_fp.html',
{'cp_form': cp_form})
- # in case there is a valid id but no user whit that id in the db
+ # in case there is a valid id but no user with that id in the db
# or the token expired
else:
return render_404(request)