changeset 1592:291a7026cb2b

server: handle new registration link feature, following backend implementation
author Goffi <goffi@goffi.org>
date Sun, 10 Dec 2023 18:33:00 +0100
parents f1d09a4d38dc
children c6976c5b85a1
files libervia/web/pages/register/page_meta.py libervia/web/server/pages.py libervia/web/server/server.py
diffstat 3 files changed, 94 insertions(+), 37 deletions(-) [+]
line wrap: on
line diff
--- a/libervia/web/pages/register/page_meta.py	Sun Dec 10 11:01:57 2023 +0100
+++ b/libervia/web/pages/register/page_meta.py	Sun Dec 10 18:33:00 2023 +0100
@@ -1,23 +1,35 @@
 #!/usr/bin/env python3
 
 
+from libervia.backend.core import exceptions
+from libervia.backend.tools.common import data_format
+from libervia.frontends.bridge.bridge_frontend import BridgeException
 from libervia.web.server.constants import Const as C
 from libervia.web.server import session_iface
-from twisted.internet import defer
 from libervia.backend.core.log import getLogger
 
 log = getLogger(__name__)
 
-"""SàT account registration page"""
+"""Libervia account registration page"""
 
 name = "register"
 access = C.PAGES_ACCESS_PUBLIC
 template = "login/register.html"
 
 
-def prepare_render(self, request):
+def parse_url(self, request):
+    self.get_path_args(
+        request,
+        ("registration_id",),
+    )
+
+
+async def prepare_render(self, request):
     if not self.host.options["allow_registration"]:
-        self.page_error(request, C.HTTP_FORBIDDEN)
+        try:
+            await self.host.check_registration_id(request)
+        except exceptions.NotFound:
+            self.page_error(request, C.HTTP_FORBIDDEN)
     profile = self.get_profile(request)
     if profile is not None:
         self.page_redirect("/login/logged", request)
@@ -36,14 +48,13 @@
         template_data[k] = session_data.pop_page_data(self, k)
 
 
-@defer.inlineCallbacks
-def on_data_post(self, request):
+async def on_data_post(self, request):
     type_ = self.get_posted_data(request, "type")
     if type_ == "register":
         login, email, password = self.get_posted_data(
             request, ("login", "email", "password")
         )
-        status = yield self.host.register_new_account(request, login, password, email)
+        status = await self.host.register_new_account(request, login, password, email)
         session_data = self.host.get_session_data(request, session_iface.IWebSession)
         if status == C.REGISTRATION_SUCCEED:
             # we prefill login field for login page
@@ -58,6 +69,6 @@
             for k in ("login", "email", "password"):
                 # we save fields so user doesn't have to enter them again
                 session_data.set_page_data(self, k, l[k])
-            defer.returnValue(C.POST_NO_CONFIRM)
+            return C.POST_NO_CONFIRM
     else:
         self.page_error(request, C.HTTP_BAD_REQUEST)
--- a/libervia/web/server/pages.py	Sun Dec 10 11:01:57 2023 +0100
+++ b/libervia/web/server/pages.py	Sun Dec 10 18:33:00 2023 +0100
@@ -867,13 +867,19 @@
 
         return value
 
-    def get_path_args(self, request, names, min_args=0, **kwargs):
-        """get several path arguments at once
+    def get_path_args(
+        self,
+        request: server.Request,
+        names: list[str],
+        min_args: int = 0,
+        **kwargs
+    ) -> None:
+        """Get several path arguments at once.
 
         Arguments will be put in request data.
         Missing arguments will have None value
-        @param names(list[unicode]): list of arguments to get
-        @param min_args(int): if less than min_args are found, PageError is used with
+        @param names: list of arguments to get
+        @param min_args: if less than min_args are found, PageError is used with
             C.HTTP_BAD_REQUEST
             Use 0 to ignore
         @param **kwargs: special value or optional callback to use for arguments
--- a/libervia/web/server/server.py	Sun Dec 10 11:01:57 2023 +0100
+++ b/libervia/web/server/server.py	Sun Dec 10 18:33:00 2023 +0100
@@ -980,13 +980,55 @@
         state = yield defer.ensureDeferred(self._logged(profile, request))
         defer.returnValue(state)
 
-    def register_new_account(self, request, login, password, email):
+    async def check_registration_id(self, request: server.Request) -> None:
+        """Check if a valid registration ID is found in request data
+
+        @param request: request used for account registration
+
+        @raise exceptions.NotFound: not valid registration ID has been found
+        """
+        try:
+            r_data = request.data
+            registration_id = r_data["registration_id"]
+        except (AttributeError, KeyError):
+            log.warning("Can't find registration ID")
+            raise exceptions.NotFound
+        if registration_id is None:
+            raise exceptions.NotFound
+        try:
+            registration_link_data = data_format.deserialise(
+                await self.bridge_call(
+                    "registration_link_get",
+                    registration_id
+                )
+            )
+        except BridgeException as e:
+            if e.classname == "NotFound":
+                log.warning(f"Invalid registration ID: {registration_id!r}")
+            else:
+                log.exception(f"Can't get registration ID data: {e}")
+            raise exceptions.NotFound
+        else:
+            log.info(
+                f"Using registration ID {registration_id!r} ("
+                f"{registration_link_data['recipient']})."
+            )
+
+
+    async def register_new_account(
+        self,
+        request: server.Request,
+        login: str,
+        password: str,
+        email: str
+    ) -> str:
         """Create a new account, or return error
-        @param request(server.Request): request linked to the session
-        @param login(unicode): new account requested login
-        @param email(unicode): new account email
-        @param password(unicode): new account password
-        @return(unicode): a constant indicating the state:
+
+        @param request: request linked to the session
+        @param login: new account requested login
+        @param email: new account email
+        @param password: new account password
+        @return: a constant indicating the state:
             - C.BAD_REQUEST: something is wrong in the request (bad arguments)
             - C.INVALID_INPUT: one of the data is not valid
             - C.REGISTRATION_SUCCEED: new account has been successfully registered
@@ -995,12 +1037,15 @@
         @raise PermissionError: registration is now allowed in server configuration
         """
         if not self.options["allow_registration"]:
-            log.warning(
-                _("Registration received while it is not allowed, hack attempt?")
-            )
-            raise failure.Failure(
-                exceptions.PermissionError("Registration is not allowed on this server")
-            )
+            try:
+                await self.check_registration_id(request)
+            except exceptions.NotFound:
+                log.warning(
+                    _("Registration received while it is not allowed, hack attempt?")
+                )
+                raise failure.Failure(
+                    exceptions.PermissionError("Registration is not allowed on this server")
+                )
 
         if (
             not re.match(C.REG_LOGIN_RE, login)
@@ -1009,12 +1054,10 @@
         ):
             return C.INVALID_INPUT
 
-        def registered(result):
-            return C.REGISTRATION_SUCCEED
-
-        def registering_error(failure_):
-            # FIXME: better error handling for bridge error is needed
-            status = failure_.value.fullname.split('.')[-1]
+        try:
+            await self.bridge_call("libervia_account_register", email, password, login)
+        except BridgeException as e:
+            status = e.classname
             if status == "ConflictError":
                 return C.ALREADY_EXISTS
             elif status == "InvalidCertificate":
@@ -1023,16 +1066,13 @@
                 return C.INTERNAL_ERROR
             else:
                 log.error(
-                    _("Unknown registering error status: {status}\n{traceback}").format(
-                        status=status, traceback=failure_.value.message
+                    _("Unknown registering error status: {status}\n{e}").format(
+                        status=status, e=e
                     )
                 )
                 return status
-
-        d = self.bridge_call("libervia_account_register", email, password, login)
-        d.addCallback(registered)
-        d.addErrback(registering_error)
-        return d
+        else:
+            return C.REGISTRATION_SUCCEED
 
     def addCleanup(self, callback, *args, **kwargs):
         """Add cleaning method to call when service is stopped