Mercurial > public > sg101

annotate gpp/accounts/views.py @ 472:7c3816d76c6c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement rate limiting on registration and login for #224.
author Brian Neal <bgneal@gmail.com>
date Thu, 25 Aug 2011 02:23:55 +0000
parents 69d0306a6fe7
children 886cc99e8406
rev   line source
gremmie@1 1 """views for the accounts application"""
gremmie@1 2
gremmie@1 3 import datetime
bgneal@74 4 import logging
bgneal@74 5
gremmie@1 6 from django.shortcuts import render_to_response
gremmie@1 7 from django.template import RequestContext
bgneal@259 8 from django.contrib.auth.models import User
gremmie@1 9 from django.http import HttpResponseRedirect
gremmie@1 10 from django.core.urlresolvers import reverse
bgneal@6 11 from django.conf import settings
gremmie@1 12
gremmie@1 13 from accounts.models import PendingUser
gremmie@1 14 from accounts.forms import RegisterForm
bgneal@347 15 from accounts import create_new_user
bgneal@472 16 from antispam.decorators import rate_limit
gremmie@1 17
gremmie@1 18
gremmie@1 19 #######################################################################
gremmie@1 20
bgneal@472 21 @rate_limit(count=10, interval=datetime.timedelta(minutes=1))
gremmie@1 22 def register(request):
bgneal@74 23 if request.user.is_authenticated():
bgneal@74 24 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 25
bgneal@74 26 if request.method == 'POST':
bgneal@74 27 form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?'))
bgneal@74 28 if form.is_valid():
bgneal@74 29 form.save()
bgneal@74 30 return HttpResponseRedirect(reverse('accounts.views.register_thanks'))
bgneal@74 31 else:
bgneal@74 32 form = RegisterForm()
gremmie@1 33
bgneal@74 34 return render_to_response('accounts/register.html', {
bgneal@74 35 'form': form,
bgneal@74 36 },
bgneal@74 37 context_instance = RequestContext(request))
gremmie@1 38
gremmie@1 39 #######################################################################
gremmie@1 40
gremmie@1 41 def register_thanks(request):
bgneal@74 42 if request.user.is_authenticated():
bgneal@74 43 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 44
bgneal@74 45 return render_to_response('accounts/register_thanks.html',
bgneal@74 46 context_instance = RequestContext(request))
gremmie@1 47
gremmie@1 48 #######################################################################
gremmie@1 49
gremmie@1 50 def register_confirm(request, username, key):
bgneal@74 51 if request.user.is_authenticated():
bgneal@74 52 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
bgneal@316 53
bgneal@74 54 # purge expired users
gremmie@1 55
bgneal@74 56 PendingUser.objects.purge_expired()
gremmie@1 57
bgneal@74 58 ip = request.META.get('REMOTE_ADDR', '?')
bgneal@74 59 try:
bgneal@74 60 pending_user = PendingUser.objects.get(username = username)
bgneal@74 61 except PendingUser.DoesNotExist:
bgneal@316 62 logging.error('Accounts register_confirm [%s]: user does not exist: %s', ip, username)
bgneal@74 63 return render_to_response('accounts/register_failure.html', {
bgneal@74 64 'username': username,
bgneal@74 65 },
bgneal@74 66 context_instance = RequestContext(request))
gremmie@1 67
bgneal@74 68 if pending_user.key != key:
bgneal@316 69 logging.error('Accounts register_confirm [%s]: key error: %s', ip, username)
bgneal@74 70 return render_to_response('accounts/register_failure.html', {
bgneal@74 71 'username': username,
bgneal@74 72 },
bgneal@74 73 context_instance = RequestContext(request))
gremmie@1 74
bgneal@347 75 create_new_user(pending_user, ip)
gremmie@1 76
bgneal@74 77 return render_to_response('accounts/register_success.html', {
bgneal@74 78 'username': username,
bgneal@74 79 },
bgneal@74 80 context_instance = RequestContext(request))