From e21e974457d70529cbb6d1d276ab4295ef29bcd1 Mon Sep 17 00:00:00 2001
From: Jan Broer <janeczku@yahoo.de>
Date: Tue, 13 Oct 2015 02:30:55 +0200
Subject: [PATCH] Add public account registration

---
 cps/config.py               |  3 +++
 cps/templates/layout.html   |  3 +++
 cps/templates/register.html | 26 +++++++++++++++++++++++
 cps/web.py                  | 41 ++++++++++++++++++++++++++++++++++++-
 4 files changed, 72 insertions(+), 1 deletion(-)
 create mode 100644 cps/templates/register.html

diff --git a/cps/config.py b/cps/config.py
index f860275a..6a22d50e 100755
--- a/cps/config.py
+++ b/cps/config.py
@@ -53,6 +53,7 @@ RANDOM_BOOKS = check_setting_int(CFG, 'General', 'RANDOM_BOOKS', 4)
 CheckSection('Advanced')
 TITLE_REGEX = check_setting_str(CFG, 'Advanced', 'TITLE_REGEX', '^(A|The|An|Der|Die|Das|Den|Ein|Eine|Einen|Dem|Des|Einem|Eines)\s+')
 DEVELOPMENT = bool(check_setting_int(CFG, 'Advanced', 'DEVELOPMENT', 0))
+PUBLIC_REG = bool(check_setting_int(CFG, 'Advanced', 'PUBLIC_REG', 0))
 
 SYS_ENCODING="UTF-8"
 
@@ -64,6 +65,7 @@ configval["PORT"] = PORT
 configval["NEWEST_BOOKS"] = NEWEST_BOOKS
 configval["DEVELOPMENT"] = DEVELOPMENT
 configval["TITLE_REGEX"] = TITLE_REGEX
+configval["PUBLIC_REG"] = PUBLIC_REG
 
 def save_config(configval):
     new_config = ConfigObj()
@@ -77,6 +79,7 @@ def save_config(configval):
     new_config['Advanced'] = {}
     new_config['Advanced']['TITLE_REGEX'] = configval["TITLE_REGEX"]
     new_config['Advanced']['DEVELOPMENT'] = int(configval["DEVELOPMENT"])
+    new_config['Advanced']['PUBLIC_REG'] = int(configval["PUBLIC_REG"])
     new_config.write()
     return "Saved"
 
diff --git a/cps/templates/layout.html b/cps/templates/layout.html
index c0610949..01fc062f 100644
--- a/cps/templates/layout.html
+++ b/cps/templates/layout.html
@@ -51,6 +51,9 @@
               <li><a href="{{url_for('logout', next=request.path)}}"><span class="glyphicon glyphicon-log-out"></span> Logout</a></li>
             {% else %}
               <li><a href="{{url_for('login', next=request.path)}}"><span class="glyphicon glyphicon-log-in"></span> Login</a></li>
+              {% if g.allow_registration %}
+              <li><a href="{{url_for('register')}}"><span class="glyphicon glyphicon-user"></span> Register</a></li>
+              {% endif %}
             {% endif %}
           </ul>
         </div><!--/.nav-collapse -->
diff --git a/cps/templates/register.html b/cps/templates/register.html
new file mode 100644
index 00000000..d3785d18
--- /dev/null
+++ b/cps/templates/register.html
@@ -0,0 +1,26 @@
+{% extends "layout.html" %}
+{% block body %}
+<div class="well col-sm-6 col-sm-offset-2">
+  <h2 style="margin-top: 0">Register a new account</h2>
+  <form method="POST" role="form">
+    <div class="form-group">
+      <label for="nickname">Username</label>
+      <input type="text" class="form-control" id="nickname" name="nickname" placeholder="Choose a username">
+    </div>
+    <div class="form-group">
+      <label for="password">Password</label>
+      <input type="password" class="form-control" id="password" name="password" placeholder="Choose a password">
+    </div>
+    <div class="form-group">
+      <label for="email">Email address</label>
+      <input type="email" class="form-control" id="email" name="email" placeholder="Your email address">
+    </div>
+    <button type="submit" class="btn btn-primary">Register</button>
+  </form>
+</div>
+  {% if error %}
+  <div class="col-sm-6 col-sm-offset-2">
+    <div class="alert alert-danger">{{error}}</div>
+  </div>
+  {% endif %}
+{% endblock %}
diff --git a/cps/web.py b/cps/web.py
index d7d08a8c..f30027c2 100755
--- a/cps/web.py
+++ b/cps/web.py
@@ -3,7 +3,7 @@
 
 import mimetypes
 mimetypes.add_type('application/xhtml+xml','.xhtml')
-from flask import Flask, render_template, session, request, redirect, url_for, send_from_directory, make_response, g, flash
+from flask import Flask, render_template, session, request, redirect, url_for, send_from_directory, make_response, g, flash, abort
 from cps import db, config, ub, helper
 import os
 from sqlalchemy.sql.expression import func
@@ -86,6 +86,7 @@ app.jinja_env.globals['url_for_other_page'] = url_for_other_page
 def before_request():
     g.user = current_user
     g.public_shelfes = ub.session.query(ub.Shelf).filter(ub.Shelf.is_public == 1).all()
+    g.allow_registration = config.PUBLIC_REG
 
 @app.route("/feed")
 def feed_index():
@@ -296,9 +297,47 @@ def get_download_link(book_id, format):
     response.headers["Content-Disposition"] = "attachment; filename=%s.%s" % (data.name, format)
     return response
 
+@app.route('/register', methods = ['GET', 'POST'])
+def register():
+    error = None
+    if not config.PUBLIC_REG:
+        abort(404)
+    if current_user is not None and current_user.is_authenticated():
+        return redirect(url_for('index'))
+
+    if request.method == "POST":
+        to_save = request.form.to_dict()
+        if not to_save["nickname"] or not to_save["email"] or not to_save["password"]:
+            flash("Please fill out all fields!", category="error")
+            return render_template('register.html', title="register")
+
+        existing_user = ub.session.query(ub.User).filter(ub.User.nickname == to_save["nickname"]).first()
+        existing_email = ub.session.query(ub.User).filter(ub.User.email == to_save["email"]).first()
+        if not existing_user and not existing_email:
+            content = ub.User()
+            content.password = generate_password_hash(to_save["password"])
+            content.nickname = to_save["nickname"]
+            content.email = to_save["email"]
+            content.role = 0
+            try:
+                ub.session.add(content)
+                ub.session.commit()
+            except:
+                ub.session.rollback()
+                flash("An unknown error occured. Please try again later.", category="error")
+                return render_template('register.html', title="register")
+            flash("Your account has been created. Please login.", category="success")
+            return redirect(url_for('login'))
+        else:
+            flash("This username or email address is already in use.", category="error")
+            return render_template('register.html', title="register")
+
+    return render_template('register.html', title="register")
+
 @app.route('/login', methods = ['GET', 'POST'])
 def login():
     error = None
+
     if current_user is not None and current_user.is_authenticated():
         return redirect(url_for('index'))