Revision 3b09ff22 invitations/invitations.py
| b/invitations/invitations.py | ||
|---|---|---|
| 1 | 1 |
# vim: set fileencoding=utf-8 : |
| 2 | 2 |
from datetime import timedelta |
| 3 | 3 |
import base64 |
| 4 |
import time |
|
| 5 |
import urllib |
|
| 4 | 6 |
|
| 5 | 7 |
from django.conf import settings |
| 6 | 8 |
from django.core.exceptions import ValidationError |
| ... | ... | |
| 34 | 36 |
validate_email(email) |
| 35 | 37 |
|
| 36 | 38 |
inv = add_invitation(request.user, name, email) |
| 37 |
queue_email(inv)
|
|
| 39 |
send_invitation(inv)
|
|
| 38 | 40 |
|
| 39 | 41 |
except Exception as e: |
| 40 | 42 |
try : |
| ... | ... | |
| 85 | 87 |
|
| 86 | 88 |
@csrf_protect |
| 87 | 89 |
def inv_demux(request): |
| 90 |
|
|
| 88 | 91 |
if request.method == 'GET': |
| 89 | 92 |
data = render_to_string('invitations.html',
|
| 90 | 93 |
{'invitations': invitations_for_user(request)},
|
| ... | ... | |
| 95 | 98 |
else: |
| 96 | 99 |
method_not_allowed(request) |
| 97 | 100 |
|
| 101 |
def login(request): |
|
| 102 |
|
|
| 103 |
if not request.method == 'GET': |
|
| 104 |
method_not_allowed(request) |
|
| 105 |
|
|
| 106 |
key = request.GET['key'] |
|
| 107 |
|
|
| 108 |
if key is None: |
|
| 109 |
return HttpResponse("Required key is missing")
|
|
| 110 |
|
|
| 111 |
PADDING = '{'
|
|
| 112 |
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING) |
|
| 113 |
cipher = AES.new(settings.INVITATION_ENCR_KEY) |
|
| 114 |
|
|
| 115 |
decoded = DecodeAES(cipher, key) |
|
| 116 |
|
|
| 117 |
users = SynnefoUser.objects.filter(auth_token = decoded) |
|
| 118 |
|
|
| 119 |
if users.count() is 0: |
|
| 120 |
return HttpResponse("Invalid key")
|
|
| 121 |
|
|
| 122 |
user = users[0] |
|
| 123 |
invitations = Invitations.objects.filter(target = user) |
|
| 124 |
|
|
| 125 |
if invitations.count() is 0: |
|
| 126 |
return HttpResponse("Non-existent invitation")
|
|
| 98 | 127 |
|
| 99 |
def queue_email(invitation): |
|
| 128 |
inv = invitations[0] |
|
| 129 |
|
|
| 130 |
valid = timedelta(days = settings.INVITATION_VALID_DAYS) |
|
| 131 |
valid_until = inv.created + valid |
|
| 132 |
|
|
| 133 |
if (time.time() - |
|
| 134 |
time.mktime(inv.created.timetuple()) - |
|
| 135 |
settings.INVITATION_VALID_DAYS * 3600) > 0: |
|
| 136 |
return HttpResponse("Invitation expired (was valid until %s)"%
|
|
| 137 |
valid_until.strftime('%A, %d %B %Y'))
|
|
| 138 |
|
|
| 139 |
inv.accepted = True |
|
| 140 |
inv.save() |
|
| 141 |
|
|
| 142 |
response = HttpResponse() |
|
| 143 |
|
|
| 144 |
response.set_cookie('X-Auth-Token', value=user.auth_token,
|
|
| 145 |
expires = valid_until.strftime('%a, %d-%b-%Y %H:%M:%S %Z'),
|
|
| 146 |
path='/') |
|
| 147 |
response['X-Auth-Token'] = user.auth_token |
|
| 148 |
response['Location'] = settings.APP_INSTALL_URL |
|
| 149 |
response.status_code = 302 |
|
| 150 |
return response |
|
| 151 |
|
|
| 152 |
|
|
| 153 |
def send_invitation(invitation): |
|
| 100 | 154 |
email = {}
|
| 101 | 155 |
email['invitee'] = invitation.target.realname |
| 102 | 156 |
email['inviter'] = invitation.source.realname |
| ... | ... | |
| 112 | 166 |
cipher = AES.new(settings.INVITATION_ENCR_KEY) |
| 113 | 167 |
encoded = EncodeAES(cipher, invitation.target.auth_token) |
| 114 | 168 |
|
| 115 |
email['url'] = settings.APP_INSTALL_URL + "/invitations/login?key=" + encoded |
|
| 169 |
url_safe = urllib.urlencode({'key': encoded})
|
|
| 170 |
|
|
| 171 |
email['url'] = settings.APP_INSTALL_URL + "/invitations/login?" + url_safe |
|
| 116 | 172 |
|
| 117 | 173 |
data = render_to_string('invitation.txt', {'email': email})
|
| 174 |
|
|
| 175 |
print data |
|
| 176 |
|
|
| 118 | 177 |
send_async( |
| 119 | 178 |
frm = "%s <%s>"%(invitation.source.realname,invitation.source.uniq), |
| 120 | 179 |
to = "%s <%s>"%(invitation.target.realname,invitation.target.uniq), |
Also available in: Unified diff