def get(self):
""" Activate a user's account for a given `token`. """
activation_token = self.request.GET.get('token')
user = users.get_current_user()
temp_values = {}
if activation_token and not user:
user_activation = ndb.Key(users.UserActivation, activation_token).get()
if user_activation:
if user_activation.expires > datetime.now():
user = user_activation.activate_user()
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(template.render(
'ndb_users/templates/activate-success.html',
users.template_values()
))
return None
else:
temp_values['token_expired'] = True
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/activate-error.html',
users.template_values(template_values=temp_values)
))
def get(self):
""" Display a password reset form if the `token` is valid. """
token = self.request.GET.get('token')
user = users.get_current_user()
if token and not user:
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
self.response.out.write(template.render(
'ndb_users/templates/password-reset.html',
users.template_values(query_options={
'token': token
})
))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'token_invalid': True
}, query_options={
'token': token
})
))
def get(self):
""" Activate a user's account for a given `token`. """
activation_token = self.request.GET.get('token')
user = users.get_current_user()
temp_values = {}
if activation_token and not user:
user_activation = ndb.Key(users.UserActivation,
activation_token).get()
if user_activation:
if user_activation.expires > datetime.now():
user = user_activation.activate_user()
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(
template.render(
'ndb_users/templates/activate-success.html',
users.template_values()))
return None
else:
temp_values['token_expired'] = True
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/activate-error.html',
users.template_values(template_values=temp_values)))
def get(self):
user = users.get_current_user()
if user:
action = self.request.GET.get('action')
if action == 'logout':
_logout_user()
if self.request.GET.get('continue'):
self.redirect(self.request.GET.get('continue').encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/logout-success.html',
users.template_values()
))
else:
if self.request.GET.get('continue'):
self.redirect(self.request.GET.get('continue').encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/login-success.html',
users.template_values()
))
return None
# Path and serve template
self.response.out.write(template.render(
'ndb_users/templates/login.html',
users.template_values()
))
def post(self):
""" Log in a user via POST'ed `email` and `password` values. """
# Make sure required POST parameters are present
email = self.request.POST.get('email')
password = self.request.POST.get('password')
extended = bool(self.request.POST.get('extended'))
user = users.get_current_user()
if user:
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(self.request.GET['continue'].encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/login-success.html',
users.template_values(template_values={
'user': user
})
))
return None
if email and password:
# Get a User for `email` and `password`
user = ndb.Key(users.User, users._user_id_for_email(email.lower())).get()
if user:
# User found... check Password
attempt = users._password_hash(password, user.passwordSalt)
if attempt == user.passwordHash:
if users.user_verified(user):
# Success
_login_user_for_id(user.key.string_id(), extended=extended)
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(self.request.GET['continue'].encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/login-success.html',
users.template_values(template_values={
'user': user
}, user=user)
))
return None
else:
# User email not verified (send another email, if allowed)
temp_values = dict()
if not user.email_bounce_limited():
_create_activation_email_for_user_id(user.key.string_id())
else:
temp_values['email_bounce_limit'] = True
self.response.out.write(template.render(
'ndb_users/templates/login-not-verified.html',
users.template_values(template_values=temp_values)
))
return None
# Error
self.response.out.write(template.render(
'ndb_users/templates/login-error.html',
users.template_values({
'email': email,
'extended': extended
})
))
def post(self):
""" Change the logged in user's password. """
user = users.get_current_user()
if user:
current_password = self.request.POST.get('current_password')
new_password = self.request.POST.get('new_password')
new_password2 = self.request.POST.get('new_password2')
# Make sure required POST parameters are present
if not current_password or not new_password or not new_password2:
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'missing_fields': True
})
))
return None
# Check password equality
if new_password != new_password2:
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'password_mismatch': True
})
))
return None
# Check password length
if len(new_password) < 4:
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'password_too_short': True
})
))
return None
# Check `current_password` is indeed this user's password
attempt = users._password_hash(current_password, user.passwordSalt)
if attempt == user.passwordHash:
# Correct password; update to `new_password`
user.update_password(new_password)
self.response.out.write(template.render(
'ndb_users/templates/password-change-success.html',
users.template_values()
))
return None
else:
# Wrong `current_password`
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'password_incorrect': True
})
))
return None
# Not logged in
self.redirect(webapp2.uri_for('login'))
def post(self):
""" Reset the user's password for a `token` and passwords. """
token = self.request.GET.get('token')
user = users.get_current_user()
password = self.request.POST.get('password')
password2 = self.request.POST.get('password2')
if token and not user:
# Check passwords match
if password != password2:
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'password_mismatch': True
}, query_options={
'token': token
})
))
return None
# Check password length
if len(password) < 4:
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'password_too_short': True
}, query_options={
'token': token
})
))
return None
# Recover the User
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
user = user_recovery.reset_password(password)
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(template.render(
'ndb_users/templates/password-change-success.html',
users.template_values(query_options={
'token': token
})
))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'token_invalid': True
}, query_options={
'token': token
})
))
def post(self):
""" Send a recovery email, if `email` is found. """
# Require an email address...
user = users.get_current_user()
if user:
self.redirect(webapp2.uri_for('login'))
return None
email = self.request.POST.get('email')
if email:
# Get a user's key for their email address...
user = users.User.user_for_email(email)
if user:
if users.user_verified(user):
if not user.email_bounce_limited():
_create_recovery_email_for_user_id(
user.key.string_id())
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-success.html',
users.template_values()))
else:
# Bounce timeout
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(
template_values={
'email_bounce_limit': True
})))
else:
# User not verified
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(
template_values={'user_not_verified': True})))
else:
# User not found
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_email_not_found': True,
'email': email
})))
else:
# No `email` supplied in POST
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_invalid_email': True,
'email': email
})))
def post(self):
""" Send a recovery email, if `email` is found. """
# Require an email address...
user = users.get_current_user()
if user:
self.redirect(webapp2.uri_for('login'))
return None
email = self.request.POST.get('email')
if email:
# Get a user's key for their email address...
user = users.User.user_for_email(email)
if user:
if users.user_verified(user):
if not user.email_bounce_limited():
_create_recovery_email_for_user_id(user.key.string_id())
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-success.html',
users.template_values()
))
else:
# Bounce timeout
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'email_bounce_limit': True
})
))
else:
# User not verified
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'user_not_verified': True
})
))
else:
# User not found
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_email_not_found': True,
'email': email
})
))
else:
# No `email` supplied in POST
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_invalid_email': True,
'email': email
})
))
def post(self):
""" Change the logged in user's password. """
user = users.get_current_user()
if user:
current_password = self.request.POST.get('current_password')
new_password = self.request.POST.get('new_password')
new_password2 = self.request.POST.get('new_password2')
# Make sure required POST parameters are present
if not current_password or not new_password or not new_password2:
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'missing_fields': True})))
return None
# Check password equality
if new_password != new_password2:
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'password_mismatch': True})))
return None
# Check password length
if len(new_password) < 4:
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'password_too_short': True})))
return None
# Check `current_password` is indeed this user's password
attempt = users._password_hash(current_password, user.passwordSalt)
if attempt == user.passwordHash:
# Correct password; update to `new_password`
user.update_password(new_password)
self.response.out.write(
template.render(
'ndb_users/templates/password-change-success.html',
users.template_values()))
return None
else:
# Wrong `current_password`
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'password_incorrect': True})))
return None
# Not logged in
self.redirect(webapp2.uri_for('login'))
def get(self):
""" Display the Signup/Create Account template. """
# Ensure user not logged in
user = users.get_current_user()
self.response.out.write(
template.render('ndb_users/templates/create.html',
users.template_values()))
def get(self):
""" Display the Signup/Create Account template. """
# Ensure user not logged in
user = users.get_current_user()
self.response.out.write(template.render(
'ndb_users/templates/create.html',
users.template_values()
))
def post(self):
""" Reset the user's password for a `token` and passwords. """
token = self.request.GET.get('token')
user = users.get_current_user()
password = self.request.POST.get('password')
password2 = self.request.POST.get('password2')
if token and not user:
# Check passwords match
if password != password2:
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(
template_values={'password_mismatch': True},
query_options={'token': token})))
return None
# Check password length
if len(password) < 4:
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(
template_values={'password_too_short': True},
query_options={'token': token})))
return None
# Recover the User
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
user = user_recovery.reset_password(password)
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(
template.render(
'ndb_users/templates/password-change-success.html',
users.template_values(
query_options={'token': token})))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={'token_invalid': True},
query_options={'token': token})))
def get(self):
""" Display a change password form, if user is logged in. """
user = users.get_current_user()
if user:
self.response.out.write(
template.render('ndb_users/templates/password-change.html',
users.template_values()))
return None
# No logged in user
self.redirect(webapp2.uri_for('login'))
def get(self):
""" Display a change password form, if user is logged in. """
user = users.get_current_user()
if user:
self.response.out.write(template.render(
'ndb_users/templates/password-change.html',
users.template_values()
))
return None
# No logged in user
self.redirect(webapp2.uri_for('login'))
def get(self):
""" Display a password reset form if the `token` is valid. """
token = self.request.GET.get('token')
user = users.get_current_user()
if token and not user:
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
self.response.out.write(
template.render(
'ndb_users/templates/password-reset.html',
users.template_values(
query_options={'token': token})))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={'token_invalid': True},
query_options={'token': token})))
def get(self):
""" Display the password recovery form, asking for a user's email. """
user = users.get_current_user()
if not user:
self.response.out.write(
template.render('ndb_users/templates/password-forgot.html',
users.template_values()))
else:
continue_uri = self.request.GET.get('continue')
if continue_uri:
self.redirect(continue_uri.encode('ascii'))
else:
self.redirect(webapp2.uri_for('login'))
def get(self):
""" Display the password recovery form, asking for a user's email. """
user = users.get_current_user()
if not user:
self.response.out.write(template.render(
'ndb_users/templates/password-forgot.html',
users.template_values()
))
else:
continue_uri = self.request.GET.get('continue')
if continue_uri:
self.redirect(continue_uri.encode('ascii'))
else:
self.redirect(webapp2.uri_for('login'))
def get(self):
user = users.get_current_user()
if user:
action = self.request.GET.get('action')
if action == 'logout':
_logout_user()
if self.request.GET.get('continue'):
self.redirect(
self.request.GET.get('continue').encode('ascii'))
self.response.out.write(
template.render('ndb_users/templates/logout-success.html',
users.template_values()))
else:
if self.request.GET.get('continue'):
self.redirect(
self.request.GET.get('continue').encode('ascii'))
self.response.out.write(
template.render('ndb_users/templates/login-success.html',
users.template_values()))
return None
# Path and serve template
self.response.out.write(
template.render('ndb_users/templates/login.html',
users.template_values()))
def post(self):
""" Create a new User with `email` and `password` (confirmed by
`password2 `). """
email = self.request.POST.get('email')
password = self.request.POST.get('password')
password2 = self.request.POST.get('password2')
# Make sure required POST parameters are present
if not email or not password or not password2:
self.response.out.write(
template.render(
'ndb_users/templates/create-error.html',
users.template_values(
template_values={
'request': {
'email': email,
'password': password,
'password2': password2
}
})))
return None
# Check password equality
if password != password2:
self.response.out.write(
template.render(
'ndb_users/templates/create-error.html',
users.template_values(
template_values={
'request': {
'email': email,
'password': password,
'password2': password2
},
'passwordMismatch': True
})))
return None
# Check password length
if len(password) < 4:
self.response.out.write(
template.render(
'ndb_users/templates/create-error.html',
users.template_values(
template_values={
'request': {
'email': email,
'password': password,
'password2': password2
},
'passwordTooShort': True
})))
return None
# Check `email` against regular expression
if not mail.is_email_valid(email):
self.response.out.write(
template.render(
'ndb_users/templates/create-error.html',
users.template_values(
template_values={
'request': {
'email': email,
'password': password,
'password2': password2
},
'emailInvalid': True
})))
return None
# Try finding a User with this email...
user_found = users.User.query(users.User.email == email).count(1)
if user_found < 1:
# Create a User
new_user_key = users.User.create_user(email, password)
if NDB_USERS_ENFORCE_EMAIL_VERIFICATION:
_create_activation_email_for_user_id(new_user_key.string_id())
else:
# Log this user in!
_login_user_for_id(new_user_key.string_id())
if self.request.GET.get('continue'):
self.redirect(
self.request.GET.get('continue').encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/create-success.html',
users.template_values(template_values={
'email_verification':
NDB_USERS_ENFORCE_EMAIL_VERIFICATION
})))
return None
else:
# Already exists
self.response.out.write(
template.render(
'ndb_users/templates/create-error.html',
users.template_values(
template_values={
'request': {
'email': email,
'password': password,
'password2': password2
},
'emailExists': True
})))
return None
def post(self):
""" Create a new User with `email` and `password` (confirmed by
`password2 `). """
email = self.request.POST.get('email')
password = self.request.POST.get('password')
password2 = self.request.POST.get('password2')
# Make sure required POST parameters are present
if not email or not password or not password2:
self.response.out.write(template.render(
'ndb_users/templates/create-error.html',
users.template_values(template_values={
'request': {
'email': email,
'password': password,
'password2': password2
}
})
))
return None
# Check password equality
if password != password2:
self.response.out.write(template.render(
'ndb_users/templates/create-error.html',
users.template_values(template_values={
'request': {
'email': email,
'password': password,
'password2': password2
}, 'passwordMismatch': True
})
))
return None
# Check password length
if len(password) < 4:
self.response.out.write(template.render(
'ndb_users/templates/create-error.html',
users.template_values(template_values={
'request': {
'email': email,
'password': password,
'password2': password2
}, 'passwordTooShort': True
})
))
return None
# Check `email` against regular expression
if not mail.is_email_valid(email):
self.response.out.write(template.render(
'ndb_users/templates/create-error.html',
users.template_values(template_values={
'request': {
'email': email,
'password': password,
'password2': password2
}, 'emailInvalid': True
})
))
return None
# Try finding a User with this email...
user_found = users.User.query(users.User.email==email).count(1)
if user_found < 1:
# Create a User
new_user_key = users.User.create_user(email, password)
if NDB_USERS_ENFORCE_EMAIL_VERIFICATION:
_create_activation_email_for_user_id(new_user_key.string_id())
else:
# Log this user in!
_login_user_for_id(new_user_key.string_id())
if self.request.GET.get('continue'):
self.redirect(self.request.GET.get('continue').encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/create-success.html',
users.template_values(template_values={
'email_verification': NDB_USERS_ENFORCE_EMAIL_VERIFICATION
})
))
return None
else:
# Already exists
self.response.out.write(template.render(
'ndb_users/templates/create-error.html',
users.template_values(template_values={
'request': {
'email': email,
'password': password,
'password2': password2
}, 'emailExists': True
})
))
return None
def post(self):
""" Log in a user via POST'ed `email` and `password` values. """
# Make sure required POST parameters are present
email = self.request.POST.get('email')
password = self.request.POST.get('password')
extended = bool(self.request.POST.get('extended'))
user = users.get_current_user()
if user:
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(self.request.GET['continue'].encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/login-success.html',
users.template_values(template_values={'user': user})))
return None
if email and password:
# Get a User for `email` and `password`
user = ndb.Key(users.User,
users._user_id_for_email(email.lower())).get()
if user:
# User found... check Password
attempt = users._password_hash(password, user.passwordSalt)
if attempt == user.passwordHash:
if users.user_verified(user):
# Success
_login_user_for_id(user.key.string_id(),
extended=extended)
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(
self.request.GET['continue'].encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/login-success.html',
users.template_values(
template_values={'user':
user}, user=user)))
return None
else:
# User email not verified (send another email, if allowed)
temp_values = dict()
if not user.email_bounce_limited():
_create_activation_email_for_user_id(
user.key.string_id())
else:
temp_values['email_bounce_limit'] = True
self.response.out.write(
template.render(
'ndb_users/templates/login-not-verified.html',
users.template_values(
template_values=temp_values)))
return None
# Error
self.response.out.write(
template.render(
'ndb_users/templates/login-error.html',
users.template_values({
'email': email,
'extended': extended
})))
