diff options
author | Sascha Silbe <sascha-pgp@silbe.org> | 2011-02-05 19:53:52 (GMT) |
---|---|---|
committer | Sascha Silbe <sascha-pgp@silbe.org> | 2011-02-05 20:11:19 (GMT) |
commit | 9a4ab2d0cd82c69e550cffa2fd95e447c9bb5864 (patch) | |
tree | 6e573554bbbe4ba49d83e8e0fe3f290ab3226922 | |
parent | b20a4060af12daa00bfdb424a0046ab985dd7c4b (diff) |
add support for registering
-rw-r--r-- | application.py | 56 | ||||
-rw-r--r-- | templates/id_page.tmpl | 9 | ||||
-rw-r--r-- | templates/index.tmpl | 19 | ||||
-rw-r--r-- | templates/register_fail_duplicate_user_id.tmpl | 26 | ||||
-rw-r--r-- | templates/registered.tmpl | 21 |
5 files changed, 107 insertions, 24 deletions
diff --git a/application.py b/application.py index 09a29fd..4f8a86b 100644 --- a/application.py +++ b/application.py @@ -38,8 +38,6 @@ def expose(url_map, rule, **kwargs): def fetch_template(wrapped): def wrapper(self, request, *args, **kwargs): template = self._get_template(wrapped.__name__, request) - template.base_url = self._base_url - template.user = None kwargs['template'] = template return wrapped(self, request, *args, **kwargs) return wrapper @@ -57,14 +55,6 @@ class UserDatabase(object): connection = self._connect() connection.executescript("BEGIN; PRAGMA FOREIGN_KEYS=on; COMMIT;") self._create_tables(connection) - try: - self.add_user(User('Sascha_Silbe', 'Sascha Silbe', - [Key('-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQcKFtjpQHdIdfBu/bwf\nmjnvFcgaWheTyBnOvPM/vQgKdvhkvAdidtGtQPwC3uDYpBlwzWR3rxWwEEoMXO7X\nlXTje4WBTcoCM4hHI/aFL4Uz8xd40dI4qtPkzdX68wZhpJg1IepgWOkUPfZNbYVm\nfIk2Df39vh6IuxlY9pq1Aj3In+f8IooPgdP/3EWbhGo/QMdtTZv1HIIs9EtDh+5l\nh/18wOTJltck4xyGQMgEcTzyNKQL/m6OZTqyOGRXpPjMN9deGsmetwInQ3Kd17yw\n7qoUtwo2TW5eioHfZEINVJJTU0IAGfigDZrsJVGeUS8zRWCp2KcvldPNs3aRn2rb\nkwIDAQAB\n-----END PUBLIC KEY-----', True), - Key('-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUzxtfRv8aLLwGNYgkbE\nbcFN/G2+vFjgjyjJn0bkWfIbDScksCJqaIYbDZDgS2ifThk9icvjyScY2FsGgFc4\nHivwdnKJiAslorplY/Hx/GlTMaz/TI0ETiG+TCf0TeigC9KX3rAlCy2r9vL2vurc\nGFtpja1qf/LRkJSfckRnfS231Uhn3zCZl1PkDHXya/3AQMIHKu5kJnLfcg25lTp+\nJpfBB2YrX7/mBA2gwdEjDi9b+p+aQ4K5fFWMQVeh1pHL8gvd7O+blb8OTEXRJjqg\nj7cPfEVtxdhBGcK1kdGrb34/VPN56mrUgHt+Y6lBR/LyQvLHe7H59FMasTSmhJQw\n6wIDAQAB\n-----END PUBLIC KEY-----', True)], - [EmailAddr('silbe@sugarlabs.org', True), EmailAddr('sascha-foo@silbe.org', False)], - [])) - except sqlite3.IntegrityError: - pass def _connect(self): connection = sqlite3.connect(self._db_path) @@ -88,8 +78,9 @@ class UserDatabase(object): public BOOLEAN ); CREATE TABLE IF NOT EXISTS sites ( - trust_root TEXT PRIMARY KEY, - user_id TEXT NOT NULL REFERENCES users (user_id) + trust_root TEXT, + user_id TEXT NOT NULL REFERENCES users (user_id), + CONSTRAINT sites_pk PRIMARY KEY (trust_root, user_id) ); """) connection.commit() @@ -236,7 +227,8 @@ class Application(object): @fetch_template @expose(_url_map, '/id/<user_id>') def id_page(self, request, user_id, template): - template.user = self._user_db.find_user_by_id(user_id) + template.page_user = self._user_db.find_user_by_id(user_id) + template.request_user, template.key = self._check_user(request) return Response(str(template), mimetype='text/html') @expose(_url_map, '/openidserver') @@ -291,6 +283,34 @@ class Application(object): else: return Response(status=400) + @expose(_url_map, '/register') + def register_user(self, request): + user, key = self._check_user(request) + if key is None: + template = self._get_template('error', request) + template.message = 'Client certificate was not presented.' + return Response(str(template), status=400) + + if user is not None: + template = self._get_template('error', request) + template.message = 'You are already registered.' + return Response(str(template), status=400) + + if self._user_db.find_user_by_id(request.form['user_id']): + template = self._get_template('register_fail_duplicate_user_id', + request) + template.user_id = request.form['user_id'] + template.nick_name = request.form['nick_name'] + return Response(str(template), mimetype='text/html') + + key = Key(key.pem, True) + user = User(request.form['user_id'], request.form['nick_name'], + keys=[key], email_addrs=[], sites=[]) + self._user_db.add_user(user) + template = self._get_template('registered', request) + template.user = user + return Response(str(template), mimetype='text/html') + def _handle_check_id_request(self, request, user, id_request): is_authorized = self._is_authorized(user, id_request.identity, id_request.trust_root) @@ -336,7 +356,11 @@ class Application(object): if not key_pem: return None, None - return self._user_db.find_user_by_key_pem(key_pem) + user, key = self._user_db.find_user_by_key_pem(key_pem) + if user is None: + return None, Key(key_pem, False) + + return user, key def _get_public_key(self, request): # class a: pass @@ -424,4 +448,6 @@ class Application(object): def _get_template(self, name, request): # FIXME: i18n file_name = os.path.join(self._data_path, 'templates', name+'.tmpl') - return Template(file=file_name) + template = Template(file=file_name) + template.base_url = self._base_url + return template diff --git a/templates/id_page.tmpl b/templates/id_page.tmpl index 5a64150..10829f9 100644 --- a/templates/id_page.tmpl +++ b/templates/id_page.tmpl @@ -4,20 +4,19 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> #import cgi #import urllib -#set $my_identifier = $base_url + '/id/' + urllib.quote($user.user_id, safe='') <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="openid.server" href="${base_url}/openidserver"> - <meta http-equiv="x-xrds-location" content="${base_url}/yadis/${urllib.quote($user.user_id, safe='')}"> + <meta http-equiv="x-xrds-location" content="${base_url}/yadis/${urllib.quote($page_user.user_id, safe='')}"> </head> <body> - <p>This is an identity page for ${cgi.escape($user.user_id)}.</p> + <p>This is an identity page for ${cgi.escape($page_user.user_id)}.</p> -#if $user.sites +#if $request_user is not None and $request_user == $page_user and $request_user.sites <p>Approved trust roots:</p> <ul> - #for site in $user.sites: + #for site in $request_user.sites: <li><tt>${cgi.escape($site.trust_root)}</tt></li> #end for </ul> diff --git a/templates/index.tmpl b/templates/index.tmpl index 3cc854e..632aa0f 100644 --- a/templates/index.tmpl +++ b/templates/index.tmpl @@ -6,14 +6,25 @@ #import urllib <html xmlns="http://www.w3.org/1999/xhtml"> <head> - <title>foo</title> + <title>OpenID provider</title> <meta http-equiv="x-xrds-location" content="${base_url}/yadisserver"> </head> <body> - <h1>foo</h1> -#if $user is None - <p>You are not registered yet.</p> + <h1>OpenID provider</h1> +#if not $key.pem + <p>You don't have a client certificate yet.</p> +#else if $user is None + <p>You are not registered yet. Please fill out this form to register:</p> + <form action="/register" method="POST"> + <dl> + <dt><label for="register_user_id">User ID: </label></dt> + <dd><input type="text" name="user_id" id="register_user_id" /></dd> + <dt><label for="register_nick_name">Your name: </label></dt> + <dd><input type="text" name="nick_name" id="register_nick_name" /></dd> + </dl> + <input type="submit" name="register" value="Register" /> + </form> #else if not $key.confirmed <p>Your key has not been confirmed by the owner of <a href="${base_url}/id/${urllib.quote($user.user_id, safe='')}">${base_url}/id/${urllib.quote($user.user_id, safe='')}</a> yet. diff --git a/templates/register_fail_duplicate_user_id.tmpl b/templates/register_fail_duplicate_user_id.tmpl new file mode 100644 index 0000000..faa47a7 --- /dev/null +++ b/templates/register_fail_duplicate_user_id.tmpl @@ -0,0 +1,26 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html + PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +#import cgi +#import urllib +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>Registration failed</title> + <meta http-equiv="x-xrds-location" content="${base_url}/yadisserver"> + </head> + + <body> + <h1>Registration failed</h1> + <p>The user ID ${cgi.escape($user_id)} is already taken. Please try a different one:</p> + <form action="/register" method="POST"> + <dl> + <dt><label for="register_user_id">User ID: </label></dt> + <dd><input type="text" name="user_id" id="register_user_id" /></dd> + <dt><label for="register_nick_name">Your name: </label></dt> + <dd><input type="text" name="nick_name" id="register_nick_name" value="${cgi.escape($nick_name, True)}"/></dd> + </dl> + <input type="submit" name="register" value="Register" /> + </form> + </body> +</html> diff --git a/templates/registered.tmpl b/templates/registered.tmpl new file mode 100644 index 0000000..fdc0d69 --- /dev/null +++ b/templates/registered.tmpl @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html + PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +#import cgi +#import urllib +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>Successfully registered as ${cgi.escape($user.user_id)}</title> + </head> + + <body> + <h1>Registration successful</h1> + + <p> + Congratulations, you just registered as ${cgi.escape($user.user_id)}! + Your OpenID identity URL is + <tt><a href="${base_url}/id/${urllib.quote($user.user_id, safe='')}">${base_url}/id/${urllib.quote($user.user_id, safe='')}</a></tt>. + </p> + </body> +</html> |