WIP [AdminTL#83] Login: rename name to username and add name in subsc…

…ribe form - fetch more information from third-party about the user
mathben · Mar 30, 2018 · 1918c4d · 1918c4d
1 parent bd5a4ba
commit 1918c4d
Show file tree

Hide file tree

Showing 4 changed files with 77 additions and 37 deletions.
diff --git a/src/web/handlers.py b/src/web/handlers.py
@@ -115,7 +115,7 @@ def post(self):
                 user = self._db.get_user(email=username_or_email, password=password)
             # ... or by name.
             if not user:
-                user = self._db.get_user(name=username_or_email, password=password)
+                user = self._db.get_user(username=username_or_email, password=password)
 
             # If user is found, give him a secure cookie based on his user id
             if user:
@@ -128,15 +128,16 @@ def post(self):
 
         # Sign Up
         elif self.get_argument("username", default=""):
-            name = self.get_argument("username", default="")
-            if not name:
+            username = self.get_argument("username", default="")
+            if not username:
                 print("Username is empty from %s" % self.request.remote_ip, file=sys.stderr)
                 self.redirect("/login?invalid=username")
                 return
 
             email = self.get_argument("email", default=None)
+            name = self.get_argument("name", default=None)
 
-            if self._db.create_user(name, email=email, password=password):
+            if self._db.create_user(username, name=name, email=email, password=password):
                 self.redirect("/login")
                 return
             else:
@@ -169,8 +170,13 @@ def get(self):
                     return
                 # Sign up
                 else:
-                    name = google_user["name"]
+                    username = google_user.get("name")
                     email = google_user.get("email")
+                    verified_email = google_user.get("verified_email")
+                    name = google_user.get("name")
+                    given_name = google_user.get("given_name")
+                    family_name = google_user.get("family_name")
+                    locale = google_user.get("locale")
 
                     # check if email exist or name. If yes, associate it with this account
                     if self._db.user_exist(email=email):
@@ -180,7 +186,9 @@ def get(self):
                             user["google_id"] = google_id
                             self._db.update_user(user)
                     else:
-                        user = self._db.create_user(name, email, google_id=google_id)
+                        user = self._db.create_user(username, email=email, google_id=google_id,
+                                                    verified_email=verified_email, name=name, given_name=given_name,
+                                                    family_name=family_name, locale=locale)
 
                     if user:
                         self.give_cookie(user.get("user_id"), google_access_token=access_token)
@@ -232,8 +240,13 @@ def get(self):
                     return
                 # Sign up
                 else:
-                    name = facebook_user["name"]
+                    username = facebook_user.get("name")
                     email = facebook_user.get("email")
+                    name = facebook_user.get("name")
+                    given_name = facebook_user.get("first_name")
+                    last_name = facebook_user.get("last_name")
+                    locale = facebook_user.get("locale")
+
                     # check if email exist or name. If yes, associate it with this account
                     if self._db.user_exist(email=email):
                         # use this email to associate
@@ -242,7 +255,8 @@ def get(self):
                             user["facebook_id"] = facebook_id
                             self._db.update_user(user)
                     else:
-                        user = self._db.create_user(name, email, facebook_id=facebook_id)
+                        user = self._db.create_user(username, name=name, given_name=given_name, last_name=last_name,
+                                                    locale=locale, email=email, facebook_id=facebook_id)
 
                     if user:
                         self.give_cookie(user.get("user_id"), facebook_access_token=access_token)
@@ -290,9 +304,11 @@ def get(self):
                     return
                 # Sign up
                 else:
-                    # nickname = twitter_user["screen_name"]
-                    name = twitter_user["name"]
+                    username = twitter_user["screen_name"]
+                    name = twitter_user.get("name")
                     email = twitter_user.get("email")
+                    verified_email = twitter_user.get("verified")
+                    locale = twitter_user.get("lang")
 
                     # check if email exist or name. If yes, associate it with this account
                     if self._db.user_exist(email=email):
@@ -302,7 +318,8 @@ def get(self):
                             user["twitter_id"] = twitter_id
                             self._db.update_user(user)
                     else:
-                        user = self._db.create_user(name, email, twitter_id=twitter_id)
+                        user = self._db.create_user(username, email=email, name=name, verified_email=verified_email,
+                                                    locale=locale, twitter_id=twitter_id)
 
                     if user:
                         self.give_cookie(user.get("user_id"), twitter_access_token=access_token)
@@ -598,7 +615,12 @@ def get(self):
         user = self.current_user
         return_user = {
             "email": user.get("email"),
+            "username": user.get("username"),
             "name": user.get("name"),
+            "given_name": user.get("given_name"),
+            "family_name": user.get("family_name"),
+            "verified_email": user.get("verified_email"),
+            "locale": user.get("locale"),
             "password": bool(user.get("password")),
             "user_id": user.get("user_id"),
             "google_id": bool(user.get("google_id")),
@@ -622,15 +644,22 @@ class ValidateAuthHandler(base_handler.BaseHandler):
 
     @tornado.web.asynchronous
     def get(self):
-        name = self.get_argument("username", default=None)
+        username = self.get_argument("username", default=None)
+        # limitation of username
+        if username:
+            if "@" in username:
+                self.write("0")
+                self.finish()
+                return
+
         email = self.get_argument("email", default=None)
-        print("Request validate auth from %s. Name %s email %s" % (self.request.remote_ip, name, email))
+        print("Request validate auth from %s. Username %s email %s" % (self.request.remote_ip, username, email))
 
         # TODO return a json instead of a string number
-        if name:
-            self.write("0" if (self._db.user_exist(name=name) or self._db.user_exist(email=name)) else "1")
+        if username:
+            self.write("0" if (self._db.user_exist(username=username) or self._db.user_exist(email=username)) else "1")
         elif email:
-            self.write("0" if (self._db.user_exist(email=email) or self._db.user_exist(name=email)) else "1")
+            self.write("0" if (self._db.user_exist(email=email) or self._db.user_exist(username=email)) else "1")
         else:
             # Bad Request
             # TODO need to test this line with a unittest

diff --git a/src/web/partials/login.html b/src/web/partials/login.html
@@ -61,7 +61,7 @@ <h3 class="omb_authTitle"><b>Connexion</b> ou <a href="#" ng-click="show_login=f
           <!--Username or Email-->
           <div class="input-group">
             <span class="input-group-addon"><i class="fa fa-user" aria-hidden="true"></i></span>
-            <input type="text" class="form-control" name="username_or_email" placeholder="Nom ou courriel" required>
+            <input type="text" class="form-control" name="username_or_email" placeholder="Surnom ou courriel" required>
           </div>
           <br/>
 
@@ -113,14 +113,14 @@ <h3 class="omb_authTitle"><a href="#" ng-click="show_login=true;" style="text-de
           <div class="input-group"
                ng-class="{'has-success': signUpForm.username.$valid, 'has-warning': signUpForm.username.$pending, 'has-error': (signUpForm.username.$invalid && signUpForm.username.$touched) || signUpForm.username.$error.uniqueField}">
             <span class="input-group-addon"><i class="fa fa-user" aria-hidden="true"></i></span>
-            <input type="text" class="form-control" name="username" placeholder="Nom" ng-model="username" unique-field required>
+            <input type="text" class="form-control" name="username" placeholder="Surnom - Nom de connexion" ng-model="username" unique-field required>
             <span class="input-group-addon" ng-if="signUpForm.username.$touched">
               <i ng-show="signUpForm.username.$invalid" class="fa fa-times" aria-hidden="true"></i>
               <i ng-show="signUpForm.username.$pending" class="fa fa-spinner fa-pulse fa-fw" aria-hidden="true"></i>
               <i ng-show="signUpForm.username.$valid" class="fa fa-check" aria-hidden="true"></i>
             </span>
           </div>
-          <span class="help-block" ng-show="signUpForm.username.$error.uniqueField">Ce nom est déjà utilisé.</span>
+          <span class="help-block" ng-show="signUpForm.username.$error.uniqueField">Ce surnom est déjà utilisé.</span>
           <br/>
 
           <!--Email-->
@@ -160,8 +160,18 @@ <h3 class="omb_authTitle"><a href="#" ng-click="show_login=true;" style="text-de
             </span>
           </div>
           <span class="help-block" ng-show="signUpForm.pwconfirm.$error.fieldMatch && signUpForm.pwconfirm.$dirty">Le mot de passe n'est pas identique.</span>
-          <br/>
 
+          <hr/>
+
+          <!-- Name and second name -->
+          <div class="input-group">
+            <span class="input-group-addon"><i class="fa fa-info-circle" aria-hidden="true"></i></span>
+            <input type="text" class="form-control" name="name" placeholder="Prénom et nom de famille">
+          </div>
+
+          <hr/>
+
+          <!-- Create Button -->
           <button class="btn btn-lg btn-primary btn-block" type="submit" ng-disabled="signUpForm.$invalid || signUpForm.$pending"
                   onclick="password.value=hashSha256(password.value);
                     // TODO empty pwconfirm
@@ -183,9 +193,6 @@ <h3 class="omb_authTitle"><a href="#" ng-click="show_login=true;" style="text-de
           </li>
         </ul>
         </p>
-        <p>
-          Le courriel est utilisé comme identifiant, mais aucun courriel ne sera envoyé, sauf à la demande du joueur.
-        </p>
         <!--<label class="checkbox" disabled>-->
         <!--<input type="checkbox" value="remember-me">Mémoriser-->
         <!--</label>-->

diff --git a/src/web/partials/profile.html b/src/web/partials/profile.html
@@ -9,6 +9,7 @@ <h2>Fiche de personnage</h2>
   <a href="/character?id_player={{! model_profile.info.user_id }}" class="btn btn-lg btn-default" role="button">Accéder à sa fiche</a>
 
   <h2>Information personnel</h2>
+  <p>Surnom: {{! model_profile.info.username }}</p>
   <p>Nom: {{! model_profile.info.name }}</p>
   <p>Email: {{! model_profile.info.email }}</p>
   <p>ID: {{! model_profile.info.user_id }}</p>

diff --git a/src/web/py_class/db.py b/src/web/py_class/db.py
@@ -34,12 +34,13 @@ def compare_password(user_password, hash_password):
             return False
         return bcrypt.checkpw(user_password.encode('utf-8'), hash_password.encode('utf-8'))
 
-    def create_user(self, name, email=None, password=None, google_id=None, facebook_id=None, twitter_id=None,
-                    permission="Joueur"):
+    def create_user(self, username, email=None, password=None, google_id=None, facebook_id=None, twitter_id=None,
+                    name=None, permission="Joueur", given_name=None, family_name=None, verified_email=False,
+                    locale=None):
 
         # Validate no duplicate user
-        if self._db_user.contains(self._query_user.name == name):
-            print("Cannot create user %s, already exist." % name, file=sys.stderr)
+        if self._db_user.contains(self._query_user.username == username):
+            print("Cannot create user %s, already exist." % username, file=sys.stderr)
             return
         if self._db_user.contains(self._query_user.email == email):
             print("Cannot create user %s, already exist." % email, file=sys.stderr)
@@ -52,8 +53,10 @@ def create_user(self, name, email=None, password=None, google_id=None, facebook_
 
         secure_pass = self.generate_password(password) if password else None
 
-        data = {"email": email, "name": name, "password": secure_pass, "user_id": user_id, "google_id": google_id,
-                "facebook_id": facebook_id, "twitter_id": twitter_id, "permission": permission}
+        data = {"email": email, "username": username, "name": name, "given_name": given_name,
+                "family_name": family_name, "password": secure_pass, "user_id": user_id, "google_id": google_id,
+                "facebook_id": facebook_id, "twitter_id": twitter_id, "permission": permission,
+                "verified_email": verified_email, "locale": locale}
 
         eid = self._db_user.insert(data)
         return self._db_user.get(eid=eid)
@@ -64,18 +67,18 @@ def get_all_user(self, user_id=None):
             return self._db_user.all()
         return self._db_user.search(self._query_user.user_id == user_id)
 
-    def get_user(self, name=None, email=None, password=None, id_type="user", user_id=None,
+    def get_user(self, username=None, email=None, password=None, id_type="user", user_id=None,
                  force_email_no_password=False):
         # Lookup the user by it's name
-        if name:
-            _user = self._db_user.get(self._query_user.name == name)
+        if username:
+            _user = self._db_user.get(self._query_user.username == username)
             if _user:
                 # Validate password
                 ddb_password = _user.get("password")
                 if password and ddb_password and self.compare_password(password, ddb_password):
                     return _user
 
-        # If no name provided, lookup user by email
+        # If no username provided, lookup user by email
         if email:
             _user = self._db_user.get(self._query_user.email == email)
             if _user:
@@ -87,7 +90,7 @@ def get_user(self, name=None, email=None, password=None, id_type="user", user_id
                 else:
                     return _user
 
-        # If no name or email provided, lookup user by id
+        # If no username or email provided, lookup user by id
         if user_id:
             if type(user_id) is bytes:
                 user_id = user_id.decode('UTF-8')
@@ -107,14 +110,14 @@ def get_user(self, name=None, email=None, password=None, id_type="user", user_id
             _user = self._db_user.get(query == user_id)
             return _user
         else:
-            # print("Missing user name, email or id to get user.", file=sys.stderr)
+            # print("Missing user username, email or id to get user.", file=sys.stderr)
             return
 
-    def user_exist(self, email=None, user_id=None, name=None):
+    def user_exist(self, email=None, user_id=None, username=None):
         """Returns True if all the arguments given are found"""
         return not (email and not self._db_user.get(self._query_user.email == email)) and not (
                 user_id and not self._db_user.get(self._query_user.user_id == user_id)) and not (
-                name and not self._db_user.get(self._query_user.name == name))
+                username and not self._db_user.get(self._query_user.username == username))
 
     def update_user(self, user_data, character_data=None, delete_user_by_id=None, delete_character_by_id=None):
         if not isinstance(user_data, dict):