import deform from pyramid.httpexceptions import HTTPFound from pyramid.view import view_config from ordr.events import ChangeEmailNotification from ordr.models.account import TokenSubject @view_config( context='ordr.resources.account.AccountResource', permission='edit' ) def account(context, request): ''' redirect if '/account' was requested directly ''' return HTTPFound(request.resource_url(request.root)) @view_config( context='ordr.resources.account.AccountResource', permission='edit', name='settings', request_method='GET', renderer='ordr:templates/account/settings_form.jinja2' ) def settings_form(context, request): ''' show the settings form ''' prefill = { 'username': request.user.username, 'first_name': request.user.first_name, 'last_name': request.user.last_name, 'email': request.user.email, } form = context.get_settings_form(prefill=prefill) return {'form': form} @view_config( context='ordr.resources.account.AccountResource', permission='edit', name='settings', request_method='POST', renderer='ordr:templates/account/settings_form.jinja2' ) def settings_form_processing(context, request): ''' process the settings form ''' if 'change' not in request.POST: return HTTPFound(request.resource_url(request.root)) form = context.get_settings_form() data = request.POST.items() try: appstruct = form.validate(data) except deform.ValidationFailure as e: return {'form': form} # form validation successfull, change user request.user.first_name = appstruct['first_name'] request.user.last_name = appstruct['last_name'] if appstruct['email'] == request.user.email: # email was not changed return HTTPFound(request.resource_url(request.root)) # create a verify-new-email token and send email token = request.user.issue_token( request, TokenSubject.CHANGE_EMAIL, payload={'email': appstruct['email']} ) notification = ChangeEmailNotification( request, account, {'token': token}, send_to=appstruct['email'] ) request.registry.notify(notification) return HTTPFound(request.resource_url(context, 'verify')) @view_config( context='ordr.resources.account.ChangeEmailTokenResource', permission='edit', request_method='GET', renderer='ordr:templates/account/settings_mail_changed.jinja2' ) def verify_email(context, request): ''' show email verification text ''' payload = context.model.payload request.user.email = payload['email'] request.dbsession.delete(context.model) return {} @view_config( context='ordr.resources.account.AccountResource', permission='edit', name='password', request_method='GET', renderer='ordr:templates/account/password_form.jinja2' ) def password_form(context, request): ''' show the change password form ''' form = context.get_password_form() return {'form': form} @view_config( context='ordr.resources.account.AccountResource', permission='edit', name='password', request_method='POST', renderer='ordr:templates/account/password_form.jinja2' ) def password_form_processing(context, request): ''' process the change password form ''' if 'change' not in request.POST: return HTTPFound(request.resource_url(request.root)) form = context.get_password_form() data = request.POST.items() try: appstruct = form.validate(data) except deform.ValidationFailure as e: return {'form': form} # form validation successfull, change the password request.user.set_password(appstruct['password']) return HTTPFound(request.resource_url(context, 'changed')) @view_config( context='ordr.resources.account.AccountResource', permission='edit', name='changed', request_method='GET', renderer='ordr:templates/account/password_changed.jinja2' ) def password_changed(context, request): ''' the password changed message ''' return {}