Move signin to use AJAX. Render all flask templates with the common header. Move the header to a partial. Add account recovery.

2013-10-14 17:50:07 -04:00 · 2013-10-14 17:50:07 -04:00 · 4c15072c5a
commit 4c15072c5a
parent e182163d34
17 changed files with 653 additions and 617 deletions
--- a/endpoints/web.py
+++ b/endpoints/web.py
@ -1,9 +1,9 @@
 import logging
 import requests

-from flask import (abort, send_file, redirect, request, url_for,
-                   render_template, make_response)
-from flask.ext.login import login_user, UserMixin, login_required, logout_user
+from flask import (abort, redirect, request, url_for, render_template,
+                   make_response)
+from flask.ext.login import login_user, UserMixin, login_required
 from flask.ext.principal import identity_changed, Identity, AnonymousIdentity

 from data import model
@ -37,7 +37,7 @@ def load_user(username):
@app.route('/', methods=['GET'], defaults={'path': ''})
@app.route('/repository/<path:path>', methods=['GET'])
 def index(path):
-  return send_file('templates/index.html')
+  return render_template('index.html')


@app.route('/plans/')
@ -55,6 +55,11 @@ def user():
  return index('')


+@app.route('/signin/')
+def signin():
+  return index('')
+
+
@app.route('/status', methods=['GET'])
 def status():
  return make_response('Healthy')
@ -62,12 +67,12 @@ def status():

@app.route('/tos', methods=['GET'])
 def tos():
-  return send_file('templates/tos.html')
+  return render_template('tos.html')


@app.route('/privacy', methods=['GET'])
 def privacy():
-  return send_file('templates/privacy.html')
+  return render_template('privacy.html')


 def common_login(db_user):
@ -81,34 +86,6 @@ def common_login(db_user):
    return False


-@app.route('/signin', methods=['GET'])
-def render_signin_page():
-  return render_template('signin.html', 
-                         github_client_id=app.config['GITHUB_CLIENT_ID'])
-
-
-@app.route('/signin', methods=['POST'])
-def signin():
-  username = request.form['username']
-  password = request.form['password']
-
-  #TODO Allow email login
-  verified = model.verify_user(username, password)
-  if verified:
-    if common_login(verified):
-      return redirect(request.args.get('next') or url_for('index'))
-    else:
-      return render_template('signin.html',
-                             needs_email_verification=True,
-                             github_client_id=app.config['GITHUB_CLIENT_ID'])
-
-  else:
-    return render_template('signin.html',
-                           username=username,
-                           invalid_credentials=True,
-                           github_client_id=app.config['GITHUB_CLIENT_ID'])
-
-
@app.route('/oauth2/github/callback', methods=['GET'])
 def github_oauth_callback():
  code = request.args.get('code')
@ -183,16 +160,18 @@ def confirm_email():
  return redirect(url_for('index'))


+@app.route('/recovery', methods=['GET'])
+def confirm_recovery():
+  code = request.values['code']
+  user = model.validate_reset_code(code)
+
+  if user:
+    common_login(user)
+    return redirect(url_for('user'))
+  else:
+    abort(403)
+
+
@app.route('/reset', methods=['GET'])
 def password_reset():
  pass
-
-
-@app.route("/signout")
-@login_required
-def logout():
-    logout_user()
-
-    identity_changed.send(app, identity=AnonymousIdentity())
-
-    return redirect(url_for('index'))