Add github-less claim method

2018-05-29 17:42:27 +01:00 · 2018-05-29 17:42:27 +01:00 · a4b583bac5
parent 52fdc8c212
commit a4b583bac5
2 changed files with 69 additions and 30 deletions
--- a/app/templates/users/claim.html
+++ b/app/templates/users/claim.html
@ -1,16 +1,18 @@
 {% extends "base.html" %}

 {% block title %}
-Verify forum account
+Creating an Account
 {% endblock %}

 {% block content %}
 	<div class="box box_grey">
 		<h2>{{ self.title() }}</h2>

+		<div class="box-body">
 			<p>
-			Create an account by linking it to your forum account and optionally
-			your github account.
+				If you have a forum account, you'll need to prove that you own it
+				to get an account on ContentDB. You don't need a forum account to sign
+				up however.
 			</p>

 			{% if current_user.is_authenticated %}
@ -23,9 +25,8 @@ Verify forum account
 			{% else %}
 				<p>
 					<b>Don't have a forum account?</b>
-				Unfortunately, you need a forum account to register.
-				This is because you also need to create forum topics for any packages
-				you may upload.
+					You don't need one, however it's recommended to make the most
+					out of the Minetest community.
 				</p>

 				<a href="https://forum.minetest.net/ucp.php?mode=register">
@ -33,12 +34,13 @@ Verify forum account
 				</a>
 			{% endif %}
 		</div>
+	</div>

 	{% if not current_user.is_authenticated %}
 		<div class="box box_grey">
 			<h2>Option 1 - Use GitHub field in forum profile</h2>

-			<form method="post" action="{{ url_for('user_claim_page') }}">
+			<form method="post" class="box-body" action="{{ url_for('user_claim_page') }}">
 				<input type="hidden" name="claim_type" value="github">
 				<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />

@ -59,10 +61,10 @@ Verify forum account
 			</form>
 		</div>

-		<!--<div class="box box_grey">
+		<div class="box box_grey">
 			<h2>Option 2 - Paste verification token into signature</h2>

-			<form method="post" action="{{ url_for('user_claim_page') }}">
+			<form method="post" class="box-body" action="{{ url_for('user_claim_page') }}">
 				<input type="hidden" name="claim_type" value="forum">
 				<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />

@ -93,6 +95,6 @@ Verify forum account

 				<input type="submit" value="Next">
 			</form>
-		</div>-->
+		</div>
 	{% endif %}
 {% endblock %}
--- a/app/views/users.py
+++ b/app/views/users.py
@ -25,9 +25,12 @@ from flask_wtf import FlaskForm
 from flask_user.forms import RegisterForm
 from wtforms import *
 from wtforms.validators import *
-from app.utils import rank_required, randomString
+from app.utils import rank_required, randomString, loginUser
 from app.tasks.forumtasks import checkForumAccount
 from app.tasks.emails import sendVerifyEmail
+from app.tasks.phpbbparser import getProfile
+from werkzeug.contrib.cache import SimpleCache
+cache = SimpleCache()

 # Define the User profile form
 class UserProfileForm(FlaskForm):
@ -120,6 +123,11 @@ def user_claim_page():
 		if user is not None and method == "github":
 			return redirect(url_for("github_signin_page"))

+	token = cache.get("forum_claim_key_" + request.remote_addr)
+	if token is None:
+		token = randomString(32)
+		cache.set("forum_claim_key_" + request.remote_addr, token, 5*60)
+
 	if request.method == "POST":
 		ctype    = request.form.get("claim_type")
 		username = request.form.get("username")
@ -130,12 +138,41 @@ def user_claim_page():
 			task = checkForumAccount.delay(username)
 			return redirect(url_for("check_task", id=task.id, r=url_for("user_claim_page", username=username, method="github")))
 		elif ctype == "forum":
-			token = request.form.get("token")
-			flash("Unimplemented", "error")
+			user = User.query.filter_by(forums_username=username).first()
+			if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
+				flash("That user has already been claimed!", "error")
+				return redirect(url_for("user_claim_page", username=username))
+
+			# Get signature
+			sig = None
+			try:
+				profile = getProfile("https://forum.minetest.net", username)
+				sig = profile.signature
+			except IOError:
+				flash("Unable to get forum signature - does the user exist?", "error")
+				return redirect(url_for("user_claim_page", username=username))
+
+			# Look for key
+			if token in sig:
+				if user is None:
+					user = User(username)
+					user.forums_username = username
+					db.session.add(user)
+					db.session.commit()
+
+				if loginUser(user):
+					return redirect(url_for("user_profile_page", username=username))
+				else:
+					flash("Unable to login as user", "error")
+					return redirect(url_for("user_claim_page", username=username))
+
+			else:
+				flash("Could not find the key in your signature!", "error")
+				return redirect(url_for("user_claim_page", username=username))
 		else:
 			flash("Unknown claim type", "error")

-	return render_template("users/claim.html", username=username, key=randomString(32))
+	return render_template("users/claim.html", username=username, key=token)

@app.route("/users/verify/")
 def verify_email_page():