9d7d43073d
Improved core webapi, added registration link, support redirection. Use error webapi response, rather than `send_...` routines.
115 lines
3.4 KiB
Plaintext
115 lines
3.4 KiB
Plaintext
note
|
|
description: "Summary description for {CMS_USER_REGISTER_WEBAPI_HANDLER}."
|
|
date: "$Date$"
|
|
revision: "$Revision$"
|
|
|
|
class
|
|
CMS_USER_REGISTER_WEBAPI_HANDLER
|
|
|
|
inherit
|
|
CMS_WEBAPI_HANDLER
|
|
|
|
WSF_URI_HANDLER
|
|
|
|
create
|
|
make_with_auth_api
|
|
|
|
feature {NONE} -- Initialization
|
|
|
|
make_with_auth_api (a_auth_api: CMS_AUTHENTICATION_API)
|
|
do
|
|
auth_api := a_auth_api
|
|
make (a_auth_api.cms_api)
|
|
end
|
|
|
|
auth_api: CMS_AUTHENTICATION_API
|
|
|
|
feature -- Execution
|
|
|
|
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
|
|
-- Execute handler for `req' and respond in `res'.
|
|
do
|
|
if req.is_post_request_method then
|
|
register_user (req, res)
|
|
else
|
|
new_bad_request_error_response (Void, req, res).execute
|
|
end
|
|
end
|
|
|
|
register_user (req: WSF_REQUEST; res: WSF_RESPONSE)
|
|
local
|
|
f: CMS_FORM
|
|
rep: like new_response
|
|
l_user_api: CMS_USER_API
|
|
u: CMS_TEMP_USER
|
|
l_exist: BOOLEAN
|
|
|
|
l_url_activate: STRING
|
|
l_url_reject: STRING
|
|
l_token: STRING
|
|
l_captcha_passed: BOOLEAN
|
|
l_email: READABLE_STRING_8
|
|
do
|
|
if
|
|
api.has_permission ("account register") and then
|
|
req.is_post_request_method
|
|
then
|
|
create f.make (req.percent_encoded_path_info, "roccms-user-register")
|
|
f.extend_text_field ("name", Void)
|
|
f.extend_password_field ("password", Void)
|
|
f.extend_text_field ("email", Void)
|
|
f.extend_text_field ("personal_information", Void)
|
|
|
|
rep := new_response (req, res)
|
|
f.process (rep)
|
|
if
|
|
attached f.last_data as fd and then not fd.has_error and then
|
|
attached fd.string_item ("name") as l_name and then
|
|
attached fd.string_item ("password") as l_password and then
|
|
attached fd.string_item ("email") as s_email and then
|
|
attached fd.string_item ("personal_information") as l_personal_information
|
|
then
|
|
if s_email.is_valid_as_string_8 then
|
|
l_email := s_email.to_string_8
|
|
l_user_api := api.user_api
|
|
if attached l_user_api.user_by_name (l_name) or else attached l_user_api.temp_user_by_name (l_name) then
|
|
-- Username already exists.
|
|
fd.report_invalid_field ("name", "User name already exists!")
|
|
l_exist := True
|
|
end
|
|
if attached l_user_api.user_by_email (l_email) or else attached l_user_api.temp_user_by_email (l_email) then
|
|
-- Email already exists.
|
|
fd.report_invalid_field ("email", "An account is already associated with that email address!")
|
|
l_exist := True
|
|
end
|
|
if fd.has_error or l_exist then
|
|
rep := new_bad_request_error_response ("User name or email is already taken!", req, res)
|
|
else
|
|
-- New temp user
|
|
create u.make (l_name)
|
|
u.set_email (l_email)
|
|
u.set_password (l_password)
|
|
u.set_personal_information (l_personal_information)
|
|
|
|
auth_api.register_user (u, l_email, l_personal_information)
|
|
-- Until it is activated, this is not a real user.
|
|
-- add_user_links_to (u, rep)
|
|
rep.add_string_field ("status", "succeed")
|
|
rep.add_string_field ("information", "Waiting for activation")
|
|
rep.add_self (req.percent_encoded_path_info)
|
|
end
|
|
else
|
|
rep := new_access_denied_error_response ("Invalid email", req, res)
|
|
end
|
|
else
|
|
rep := new_access_denied_error_response ("There were issue with your application, invalid or missing values.", req, res)
|
|
end
|
|
else
|
|
rep := new_access_denied_error_response ("You can also contact the webmaster to ask for an account.", req, res)
|
|
end
|
|
rep.execute
|
|
end
|
|
|
|
|
|
end
|