Beispiel #1
0
def delete_account(request, **args):
    """Deletes a user's account and attempts to purge their sync data

    It tries the user sync node and doesn't worry overly if the delete
    request fails, as the sync data will eventually be cleaned by other
    methods
    """

    if not check_crumb(request):
        request.errors.append(_('We were unable to process your request. '
                                'Please try again.'))
        return delete_account_form(request)

    data = {'trail': [[None, _('Delete Account')]]}
    auth = request.registry["auth"]
    pwd = request.params['password']
    username = request.session.get('username')

    data['crumb'] = generate_crumb(request)
    if not auth.authenticate_user(request.user, pwd):
        request.errors.append(
                _('We were unable to authenticate your account.'))
        return delete_account_form(request)

    #if this supports a sync cluster, need to purge from there
    if "sync" in request.registry.settings.get('console.modules'):
        sync_config = \
                request.registry.settings.get('config').get_map('sync')
        auth.get_user_info(request.user, ['syncNode'])
        if request.user.get('syncNode'):
            client = SyncClient(sync_config,
                                request.user.get('syncNode'),
                                request.user.get('username'),
                                pwd)
            if not client.delete_data():
                data['alert'] = \
                  _("We were unable to delete your data on the weave node."
                    " Don't worry, it's encrypted on the node and will be"
                    " cleaned up shortly.")

    if not auth.delete_user(request.user, pwd):
        request.errors.append(_('Deleting your account failed unexpectedly. '
                          'Please try again later.'))
        return delete_account_form(request)

    log_cef('Account Deleted', 7,
            request.environ, request.registry.settings, username,
            signature='DeleteUser')
    data['username'] = None
    data['email'] = None
    data['success'] = 1
    username = None

    request.session.delete()
    return data
Beispiel #2
0
def change_email(request, **args):
    """The form and process for changing your email address.
    Not supported yet"""

    auth = request.registry["auth"]
    data = {}
    data['trail'] = [[None, _('Change Account Name')]]
    data['email'] = request.session.get('email')
    new_email = request.params.get('new_email')

    if not new_email or not check_crumb(request):
        data['crumb'] = generate_crumb(request)
        return data

    data['crumb'] = generate_crumb(request)
    if not valid_email(new_email):
        request.errors.append(_('The email address appears invalid.'))
        return data

    #because changing the email now changes the username, we need to check
    #for collisions - NOT YET
    new_username = extract_username(new_email)
    if auth.get_user_id(new_username):
        request.errors.append(
                    _('The email address you specified is already in use.'))
        return data

    if auth.update_field(request.user,
                              request.session.get('password'),
                              'mail', new_email):
        #auth.update_field(request.user,
        #                       request.session.get('password'),
        #                       'uid', extract_username(new_email)):
        data['success'] = \
          _('Your account name was succesfully changed to %s.' % new_email)
        #make sure to change our session to have the new email
        request.session['email'] = new_email
        #request.session['username'] = extract_username(new_email)
        request.session.save()
        data['email'] = new_email
        #data['username'] = new_email
    else:
        request.errors.append(
                    _('An unknown problem ocurred. Please try again later.'))

    return data
Beispiel #3
0
def change_password(request, **args):
    """Processes the change-password form"""

    if not check_crumb(request):
        request.errors.append(_('We were unable to process your request. '
                                'Please try again.'))
        return change_password_form(request)

    auth = request.registry["auth"]
    data = {'trail': [[None, _('Change Password')]]}

    password = request.params['new_password']

    #generate them a new crumb in case there's a problem
    data['crumb'] = generate_crumb(request)

    confirm = request.params.get('confirm')
    if password != confirm:
        request.errors.append(_('The new password and confirmation do not '
                                'match. Please try again.'))
        return change_password_form(request)

    username = request.session['username']
    if not valid_password(username, password):
        request.errors.append(_('Please make sure your password is at '
                                'least 8 characters long.'))
        return change_password_form(request)

    if not auth.update_password(request.user, request.session.get('password'),
                                password):
        request.errors.append(
            _('An unknown problem ocurred. Please try again later.'))
        return change_password_form(request)

    data['success'] = _('Your password was succesfully changed.')
    request.session['password'] = password
    log_cef('Password Changed', 5,
            request.environ, request.registry.settings,
            username, signature='PasswordReset')

    return data