platypush/platypush/backend/http/app/routes/register.py

import datetime
import re

from flask import Blueprint, request, redirect, render_template, make_response, abort

from platypush.backend.http.app import template_folder
from platypush.backend.http.utils import HttpUtils
from platypush.user import UserManager

register = Blueprint('register', __name__, template_folder=template_folder)

# Declare routes list
__routes__ = [
    register,
]


@register.route('/register', methods=['GET', 'POST'])
def register():
    """ Registration page """
    user_manager = UserManager()
    redirect_page = request.args.get('redirect')
    if not redirect_page:
        redirect_page = request.headers.get('Referer', '/')
    if re.search('(^https?://[^/]+)?/register[^?#]?', redirect_page):
        # Prevent redirect loop
        redirect_page = '/'

    session_token = request.cookies.get('session_token')

    if session_token:
        user, session = user_manager.authenticate_user_session(session_token)
        if user:
            return redirect(redirect_page, 302)  # lgtm [py/url-redirection]

    if user_manager.get_user_count() > 0:
        return redirect('/login?redirect=' + redirect_page, 302)  # lgtm [py/url-redirection]

    if request.form:
        username = request.form.get('username')
        password = request.form.get('password')
        confirm_password = request.form.get('confirm_password')
        remember = request.form.get('remember')

        if password == confirm_password:
            user_manager.create_user(username=username, password=password)
            session = user_manager.create_user_session(username=username, password=password,
                                                       expires_at=datetime.datetime.utcnow() + datetime.timedelta(days=1)
                                                       if not remember else None)

            if session:
                redirect_target = redirect(redirect_page, 302)  # lgtm [py/url-redirection]
                response = make_response(redirect_target)
                response.set_cookie('session_token', session.session_token)
                return response
        else:
            abort(400, 'Password mismatch')

    return render_template('index.html', utils=HttpUtils)


# vim:sw=4:ts=4:et: