X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=main.py;h=5cc7e32121ef4c50074a36ca51c4400d49292365;hb=fb7df37a905695b55bd5a1ca911219879b3b6171;hp=50a84523c246a51252238da98e7f2f39325f7946;hpb=a88b78af17c080b81fecce19f17611ca921632d3;p=cavote.git

diff --git a/main.py b/main.py
index 50a8452..5cc7e32 100755
--- a/main.py
+++ b/main.py
@@ -3,6 +3,7 @@
 
 from flask import Flask, request, session, g, redirect, url_for, abort, \
     render_template, flash
+from flaskext.openid import OpenID
 import sqlite3
 from datetime import date, time, timedelta, datetime
 import time
@@ -14,19 +15,13 @@ import hashlib
 import smtplib
 import string
 
-DATABASE = '/tmp/cavote.db'
-PASSWD_SALT = 'change this value to some random chars!'
-SECRET_KEY = '{J@uRKO,xO-PK7B,jF?>iHbxLasF9s#zjOoy=+:'
-DEBUG = True
-TITLE = u"Cavote FFDN"
-EMAIL = '"' + TITLE + '"' + ' <' + u"cavote@ffdn.org" + '>'
-VERSION = "cavote 0.1.1"
-SMTP_SERVER = "10.33.33.30"
-PATTERNS = {u'Oui/Non': [u'Oui', u'Non'], u'Oui/Non/Blanc': [u'Oui', u'Non', u'Blanc'], u'Oui/Non/Peut-Ãªtre': [u'Oui', u'Non', u'Peut-Ãªtre']}
+from settings import *
 
 app = Flask(__name__)
 app.config.from_object(__name__)
 
+oid = OpenID(app)
+
 def connect_db():
     return sqlite3.connect(app.config['DATABASE'])
 
@@ -98,11 +93,15 @@ def get_userid():
         return user.get('id')
 
 @app.route('/login', methods=['GET', 'POST'])
+@oid.loginhandler
 def login():
     if request.method == 'POST':
         user = valid_login(request.form['username'], request.form['password'])
         if user is None:
-            flash(u'Email ou mot de passe invalide.', 'error')
+            if request.form['openid']:
+                return oid.try_login(request.form['openid'], ask_for=['email', 'fullname', 'nickname'])
+            else:
+                flash(u'Email ou mot de passe invalide.', 'error')
         else:
             connect_user(user)
             flash(u'Vous Ãªtes connectÃ©. Bienvenue, %s !' % user['name'], 'success')
@@ -111,6 +110,16 @@ def login():
             return redirect(url_for('home'))
     return render_template('login.html')
 
+@oid.after_login
+def create_or_login(resp):
+    openid_url = resp.identity_url
+    user = query_db('select * from users where openid = ?', [openid_url], one=True)
+    if user is not None:
+        flash(u'Successfully signed in')
+        connect_user(user)
+        return redirect(oid.get_next_url())
+    return redirect(url_for('home'))
+
 @app.route('/logout')
 def logout():
     disconnect_user()
@@ -183,8 +192,8 @@ def user_edit(userid):
     if request.method == 'POST':
         if query_db('select * from users where email=? and id!=?', [request.form['email'], userid], one=True) is None:
             if query_db('select * from users where name=? and id!=?', [request.form['name'], userid], one=True) is None:
-                g.db.execute('update users set email = ?, name = ?, organization = ? where id = ?',
-                        [request.form['email'], request.form['name'], request.form['organization'], session['user']['id']])
+                g.db.execute('update users set email = ?, openid = ?, name = ?, organization = ? where id = ?',
+                        [request.form['email'], request.form['openid'], request.form['name'], request.form['organization'], session['user']['id']])
                 g.db.commit()
                 disconnect_user()
                 user = query_db('select * from users where id=?', [userid], one=True)
@@ -252,8 +261,9 @@ def admin_user_add():
                         if 'admin' in request.form.keys():
                             admin = 1
                         key = 'v%s' % keygen()
-                        g.db.execute('insert into users (email, name, organization, password, is_admin, key) values (?, ?, ?, ?, ?, ?)',
+                        g.db.execute('insert into users (email, openid, name, organization, password, is_admin, key) values (?, ?, ?, ?, ?, ?, ?)',
                                 [request.form['email'],
+                                    request.form['openid'],
                                     request.form['username'],
                                     request.form['organization'],
                                     '', admin, key])
@@ -316,8 +326,8 @@ def admin_user_edit(iduser):
                 admin = 0
                 if 'admin' in request.form.keys():
                     admin = 1
-                g.db.execute('update users set email = ?, name = ?, organization = ?, is_admin = ? where id = ?',
-                        [request.form['email'], request.form['name'], request.form['organization'], admin, iduser])
+                g.db.execute('update users set email = ?, name = ?, organization = ?, openid= ?, is_admin = ? where id = ?',
+                        [request.form['email'], request.form['name'], request.form['organization'], request.form['openid'], admin, iduser])
                 g.db.commit()
                 groups = request.form.getlist('groups')
                 groups.append('1')