import sys
from random import randint
from flamejam import app, db, mail
from flamejam.models import User
from flamejam.utils import hash_password, verify_password
from flamejam.forms import UserLogin, UserRegistration, ResetPassword, NewPassword, SettingsForm, ContactUserForm
from flask import render_template, redirect, flash, url_for, current_app, session, request, abort, Markup
from flask.ext.login import login_required, login_user, logout_user, current_user
from flask.ext.principal import AnonymousIdentity, Identity, UserNeed, identity_changed, identity_loaded, Permission, RoleNeed, PermissionDenied
@app.route('/login', methods=['GET', 'POST'])
def login():
    login_form = UserLogin()
    register_form = UserRegistration()
    if login_form.validate_on_submit():
        username =
        password =
        remember_me =
        user = User.query.filter_by(username=username).first()
        if login_user(user, remember_me):
            flash("You were logged in.", "success")
            if user.invitations.count():
                flash(Markup('You have %s team invitations - click <a href="%s">here</a> to view them.' % (user.invitations.count(), url_for("invitations"))), "info")
            return redirect(request.args.get("next") or url_for('index'))
            # Tell Flask-Principal the identity changed
            flash("Login failed, user not validated", "error")
            return redirect(url_for("verify_status", username=username))
    elif register_form.validate_on_submit():
        username =
        password =
        email =
        new_user = User(username, password, email)
        body = render_template("emails/account/verification.txt", recipient = new_user, email_changed = False)
        mail.send_message(subject="Welcome to " + app.config["LONG_NAME"] + ", " + username, recipients=[], body=body)
        flash("Your account has been created, confirm your email to verify.", "success")
        return redirect(url_for('verify_status', username = username))
    return render_template('account/login.html', login_form = login_form, register_form = register_form)
def logout():
    flash("You were logged out.", "success")
    # Remove session keys set by Flask-Principal
    for key in ('', 'identity.auth_type'):
        session.pop(key, None)
    # Tell Flask-Principal the user is anonymous
    return redirect(url_for('index'))
# we need this so Flask Principal knows what to do when a user is loaded
def on_identity_loaded(sender, identity):
    # Set the identity user object
    identity.user = current_user
    # Add the UserNeed to the identity
    if hasattr(current_user, 'id'):
    if hasattr(current_user, 'is_admin'):
        if current_user.is_admin:
@app.route('/reset', methods=['GET', 'POST'])
def reset_request():
    if current_user.is_authenticated():
        flash("You are already logged in.", "info")
        return redirect(url_for("index"))
    error = None
    form = ResetPassword()
    if form.validate_on_submit():
        # thanks to the UsernameValidator we cam assume the username exists
        user = User.query.filter_by(
        user.token = randint(0, sys.maxint)
        body = render_template("emails/account/reset_password.txt", recipient=user)
        mail.send_message(subject=app.config["LONG_NAME"] + ": Reset your password", recipients=[], body=body)
        flash("Your password has been reset, check your email.", "success")
    return render_template('account/reset_request.html', form=form, error=error)
@app.route('/reset/<username>/<token>', methods=['GET', 'POST'])
def reset_verify(username, token):
    user = User.query.filter_by(username=username).first_or_404()
    if user.token == None:
        flash("%s's account has not requested a password reset." % user.username.capitalize(), "error")
        return redirect(url_for('index'))
    if user.getResetToken() != token:
        flash("This does not seem to be a valid reset link, if you reset your account multiple times make sure you are using the link in the last email you received!", "error")
        return redirect(url_for('index'))
    form = NewPassword()
    error = None
    if form.validate_on_submit():
        # null the reset token
        user.token = None
        # set the new password
        user.password = hash_password(
        flash("Your password was updated and you can login with it now.", "success")
        return redirect(url_for('login'))
    return render_template('account/reset_newpassword.html', user = user, form = form, error = error)
@app.route('/verify/', methods=["POST", "GET"])
def verify_send():
    if request.method == 'GET':
        return redirect(url_for('index'))
    username = request.form.get('username', "")
    user = User.query.filter_by(username = username).first_or_404()
    if user.is_verified:
        flash("%s's account is already validated." % user.username.capitalize(), "info")
        return redirect(url_for('index'))
    body=render_template("emails/account/verification.txt", recipient=user)
    mail.send_message(subject="Welcome to " + app.config["LONG_NAME"] + ", " + username, recipients=[user.new_email], body=body)
    flash("Verification has been resent, check your email", "success")
    return redirect(url_for('verify_status', username=username))
@app.route('/verify/<username>', methods=["GET"])
def verify_status(username):
    submitted = request.args.get('submitted', None)
    user = User.query.filter_by(username = username).first_or_404()
    if user.is_verified:
        flash("%s's account is already validated." % user.username.capitalize(), "info")
        return redirect(url_for('index'))
    return render_template('misc/verify_status.html', submitted=submitted, username=username)
@app.route('/verify/<username>/<verification>', methods=["GET"])
def verify(username, verification):
    user = User.query.filter_by(username = username).first_or_404()
    if user.is_verified:
        flash("%s's account is already validated." % user.username.capitalize(), "success")
        return redirect(url_for('index'))
    # verification success
    if verification == user.getVerificationHash():
        user.is_verified = True = user.new_email
        flash("Your email has been confirmed, you may now login")
        return redirect(url_for('login'))
    # verification failure
        return redirect(url_for('verify_status', username=username, submitted=True))
def profile():
    return render_template("account/profile.html", user = current_user)
def show_user(username):
    user = User.query.filter_by(is_deleted = False, username = username).first_or_404()
    return render_template("account/profile.html", user = user)
@app.route('/users/<username>/contact/', methods = ("POST", "GET"))
def contact_user(username):
    user = User.query.filter_by(is_deleted = False, username = username).first_or_404()
    if user == current_user or user.pm_mode == "disabled":
    form = ContactUserForm()
    if form.validate_on_submit():
        message =
        body = render_template("emails/account/message.txt", recipient=user, sender=current_user, message=message)
        mail.send_message(subject=app.config["LONG_NAME"] + ": New message from " + current_user.username,
            recipients=[],, body=body)
        flash("Message successfully sent", "success")
    return render_template("account/contact.html", user = user, form = form)
@app.route('/settings', methods = ["POST", "GET"])
def settings():
    user = current_user
    form = SettingsForm(obj=user)
    logout = False
    if form.validate_on_submit():
        user.ability_programmer =
        user.ability_gamedesigner =
        user.ability_2dartist =
        user.ability_3dartist =
        user.ability_composer =
        user.ability_sounddesigner =
        user.abilities_extra =
        user.real_name =
        user.about = =
        user.pm_mode =
        user.avatar =
        user.notify_new_jam =
        user.notify_jam_start =
        user.notify_jam_finish =
        user.notify_game_comment =
        user.notify_team_invitation =
        user.notify_newsletter =
        if user.location != and
            if user.setLocation(
                flash("Location was set to: " + user.location_display, "success")
                flash("Could not find the location you entered.", "error")
        if not
        if and and
            if not verify_password(user.password,
                flash("Your password is incorrect. The password was not changed.", "error")
                user.password = hash_password(
                flash("Your password was changed", "success")
        if != and
            user.new_email =
            user.is_verified = False
            same_email = User.query.filter_by(email = user.new_email).all()
            if not(len(same_email) == 0 or (len(same_email) == 1 and same_email[0] == user)):
                flash("This email address is already in use by another account.", "error")
                return redirect(url_for("settings"))
            body = render_template("emails/account/verification.txt", recipient=user, email_changed = True)
            mail.send_message(subject=app.config["LONG_NAME"] + ": eMail verification", recipients=[user.new_email], body=body)
            logout = True
            flash("Your email address has changed. Please check your inbox for the verification.", "info")
        flash("Your settings were saved.", "success")
        if logout:
            return redirect(url_for("logout"))
            return redirect(url_for("settings"))
    return render_template('account/settings.html', form = form)