Add github-less claim method

This commit is contained in:
rubenwardy 2018-05-29 17:42:27 +01:00
parent 52fdc8c212
commit a4b583bac5
No known key found for this signature in database
GPG Key ID: A1E29D52FF81513C
2 changed files with 69 additions and 30 deletions

@ -1,44 +1,46 @@
{% extends "base.html" %}
{% block title %}
Verify forum account
Creating an Account
{% endblock %}
{% block content %}
<div class="box box_grey">
<h2>{{ self.title() }}</h2>
<p>
Create an account by linking it to your forum account and optionally
your github account.
</p>
{% if current_user.is_authenticated %}
<div class="box-body">
<p>
Please log out to continue.
</p>
<p>
<a href="{{ url_for('user.logout', next=url_for('user_claim_page')) }}" class="button">Logout</a>
</p>
{% else %}
<p>
<b>Don't have a forum account?</b>
Unfortunately, you need a forum account to register.
This is because you also need to create forum topics for any packages
you may upload.
If you have a forum account, you'll need to prove that you own it
to get an account on ContentDB. You don't need a forum account to sign
up however.
</p>
<a href="https://forum.minetest.net/ucp.php?mode=register">
Create a Forum Account
</a>
{% endif %}
{% if current_user.is_authenticated %}
<p>
Please log out to continue.
</p>
<p>
<a href="{{ url_for('user.logout', next=url_for('user_claim_page')) }}" class="button">Logout</a>
</p>
{% else %}
<p>
<b>Don't have a forum account?</b>
You don't need one, however it's recommended to make the most
out of the Minetest community.
</p>
<a href="https://forum.minetest.net/ucp.php?mode=register">
Create a Forum Account
</a>
{% endif %}
</div>
</div>
{% if not current_user.is_authenticated %}
<div class="box box_grey">
<h2>Option 1 - Use GitHub field in forum profile</h2>
<form method="post" action="{{ url_for('user_claim_page') }}">
<form method="post" class="box-body" action="{{ url_for('user_claim_page') }}">
<input type="hidden" name="claim_type" value="github">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
@ -59,10 +61,10 @@ Verify forum account
</form>
</div>
<!--<div class="box box_grey">
<div class="box box_grey">
<h2>Option 2 - Paste verification token into signature</h2>
<form method="post" action="{{ url_for('user_claim_page') }}">
<form method="post" class="box-body" action="{{ url_for('user_claim_page') }}">
<input type="hidden" name="claim_type" value="forum">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
@ -93,6 +95,6 @@ Verify forum account
<input type="submit" value="Next">
</form>
</div>-->
</div>
{% endif %}
{% endblock %}

@ -25,9 +25,12 @@ from flask_wtf import FlaskForm
from flask_user.forms import RegisterForm
from wtforms import *
from wtforms.validators import *
from app.utils import rank_required, randomString
from app.utils import rank_required, randomString, loginUser
from app.tasks.forumtasks import checkForumAccount
from app.tasks.emails import sendVerifyEmail
from app.tasks.phpbbparser import getProfile
from werkzeug.contrib.cache import SimpleCache
cache = SimpleCache()
# Define the User profile form
class UserProfileForm(FlaskForm):
@ -120,6 +123,11 @@ def user_claim_page():
if user is not None and method == "github":
return redirect(url_for("github_signin_page"))
token = cache.get("forum_claim_key_" + request.remote_addr)
if token is None:
token = randomString(32)
cache.set("forum_claim_key_" + request.remote_addr, token, 5*60)
if request.method == "POST":
ctype = request.form.get("claim_type")
username = request.form.get("username")
@ -130,12 +138,41 @@ def user_claim_page():
task = checkForumAccount.delay(username)
return redirect(url_for("check_task", id=task.id, r=url_for("user_claim_page", username=username, method="github")))
elif ctype == "forum":
token = request.form.get("token")
flash("Unimplemented", "error")
user = User.query.filter_by(forums_username=username).first()
if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
flash("That user has already been claimed!", "error")
return redirect(url_for("user_claim_page", username=username))
# Get signature
sig = None
try:
profile = getProfile("https://forum.minetest.net", username)
sig = profile.signature
except IOError:
flash("Unable to get forum signature - does the user exist?", "error")
return redirect(url_for("user_claim_page", username=username))
# Look for key
if token in sig:
if user is None:
user = User(username)
user.forums_username = username
db.session.add(user)
db.session.commit()
if loginUser(user):
return redirect(url_for("user_profile_page", username=username))
else:
flash("Unable to login as user", "error")
return redirect(url_for("user_claim_page", username=username))
else:
flash("Could not find the key in your signature!", "error")
return redirect(url_for("user_claim_page", username=username))
else:
flash("Unknown claim type", "error")
return render_template("users/claim.html", username=username, key=randomString(32))
return render_template("users/claim.html", username=username, key=token)
@app.route("/users/verify/")
def verify_email_page():