yes there is a lof code in here.
if you could use the existing auth.register() with
auth.settings.register_onvalidation=....
auth.settings.register_onaccept=...
you would avoid reinventing the wheel.
This in your code is not a good idea:
users = db().select(db.auth_user.id, db.auth_user.username,
db.auth_user.email, orderby=db.auth_user.id)
for user in users:
if username==user.username:
session.flash=T('Username already in use!')
redirect(URL(r=request,c='default', f="register"))
if email==user.email:
session.flash=T('Email already in use!')
redirect(URL(r=request,c='default', f="register"))
my = str(user.id+1)
because you are fetching all records just to check if you have a
duplicate username or duplicate email. There are validators for that.
Anyway the registration verification mechanism consists of storing a
uuid in registration_key field.
You email the user the url
http://.../user/verify/[uuid]
When the user visits the url, the uuid is removed from the
registration_key field.
On Sep 7, 10:04 am, Francisco Costa <[email protected]> wrote:
> It's a bit big because of all the validations, but here it goes:
>
> import re, random, os, shutil
> def create():
> first_name = request.vars.firstname
> session.first_name = first_name
>
> last_name = request.vars.lastname
> session.last_name = last_name
>
> email = request.vars.email
> session.email = email
>
> username = request.vars.username
> session.username = username
>
> password = request.vars.password
> confirm_password = request.vars.confirm_password
>
> domains = "aero", "asia", "biz", "cat", "com", "coop", \
> "edu", "gov", "info", "int", "jobs", "mil", "mobi", "museum",
> \
> "name", "net", "org", "pro", "tel", "travel"
>
> if len(email) < 8:
> session.flash=T('Please enter a valid email address')
> redirect(URL(r=request,c='default', f="register"))
>
> # Split up email address into parts.
> try:
> localpart, domainname = email.rsplit('@', 1)
> host, toplevel = domainname.rsplit('.', 1)
> except ValueError:
> session.flash=T('Please enter a valid email address')
> redirect(URL(r=request,c='default', f="register"))
>
> # Check for Country code or Generic Domain.
> if len(toplevel) != 2 and toplevel not in domains:
> session.flash=T('Please enter a valid email domain name')
> redirect(URL(r=request,c='default', f="register"))
>
> for i in '-_.%+.':
> localpart = localpart.replace(i, "")
> for i in '-_.':
> host = host.replace(i, "")
>
> if not localpart.isalnum() and not host.isalnum():
> session.flash=T('Please enter a valid email address')
> redirect(URL(r=request,c='default', f="register"))
>
> if not password==confirm_password:
> session.flash=T('Please enter the same passwords!')
> redirect(URL(r=request,c='default', f="register"))
>
> users = db().select(db.auth_user.id, db.auth_user.username,
> db.auth_user.email, orderby=db.auth_user.id)
>
> for user in users:
> if username==user.username:
> session.flash=T('Username already in use!')
> redirect(URL(r=request,c='default', f="register"))
>
> if email==user.email:
> session.flash=T('Email already in use!')
> redirect(URL(r=request,c='default', f="register"))
> my = str(user.id+1)
>
> password=db.auth_user.password.requires[0](password)[0]
>
> photo_filename=''
> photo_path=''
> photo_file=''
> photo = request.vars.photo
>
> if not photo=='':
> ext = re.compile('\.\w+$').findall(photo.filename.strip())[0]
> if ext != '.jpg' and ext != '.png':
> session.flash=T('Invalid image file')
> return photo_filename
> photo_filename = 'auth_user.picture.'+my
> +'.'+str(random.random())[2:] + ext
> photo_path = os.path.join(request.folder, 'uploads/',
> photo_filename)
> photo_file = open(photo_path,'wb')
> shutil.copyfileobj(photo.file, photo_file)
> photo_file.close()
>
> user = db.auth_user.insert(first_name=first_name,
> last_name=last_name, email=email, username=username,
> password=password, picture=photo_filename)
> mail.send(to='[email protected]', subject='new user', message="new
> user registed with email %s" %email)
>
> form='image_crop'
> session.photo_path=photo_path
>
> if photo_file=='':
> session.flash=T('Register OK')
> redirect(URL(r=request, c='default', f="login"))
> return dict(photo_filename=photo_filename, photo_file=photo_file,
> photo_path=photo_path, form=form, my=my)
