def get(self): """ Activate a user's account for a given `token`. """ activation_token = self.request.GET.get('token') user = users.get_current_user() temp_values = {} if activation_token and not user: user_activation = ndb.Key(users.UserActivation, activation_token).get() if user_activation: if user_activation.expires > datetime.now(): user = user_activation.activate_user() if user: _login_user_for_id(user.key.string_id()) self.response.out.write(template.render( 'ndb_users/templates/activate-success.html', users.template_values() )) return None else: temp_values['token_expired'] = True continue_uri = self.request.GET.get('continue') if user and continue_uri: self.redirect(continue_uri.encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/activate-error.html', users.template_values(template_values=temp_values) ))
def get(self): """ Display a password reset form if the `token` is valid. """ token = self.request.GET.get('token') user = users.get_current_user() if token and not user: user_recovery = ndb.Key(users.UserRecovery, token).get() if user_recovery: if user_recovery.expires > datetime.now(): self.response.out.write(template.render( 'ndb_users/templates/password-reset.html', users.template_values(query_options={ 'token': token }) )) return None continue_uri = self.request.GET.get('continue') if user and continue_uri: self.redirect(continue_uri.encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/password-reset-error.html', users.template_values(template_values={ 'token_invalid': True }, query_options={ 'token': token }) ))
def get(self): """ Activate a user's account for a given `token`. """ activation_token = self.request.GET.get('token') user = users.get_current_user() temp_values = {} if activation_token and not user: user_activation = ndb.Key(users.UserActivation, activation_token).get() if user_activation: if user_activation.expires > datetime.now(): user = user_activation.activate_user() if user: _login_user_for_id(user.key.string_id()) self.response.out.write( template.render( 'ndb_users/templates/activate-success.html', users.template_values())) return None else: temp_values['token_expired'] = True continue_uri = self.request.GET.get('continue') if user and continue_uri: self.redirect(continue_uri.encode('ascii')) self.response.out.write( template.render( 'ndb_users/templates/activate-error.html', users.template_values(template_values=temp_values)))
def get(self): user = users.get_current_user() if user: action = self.request.GET.get('action') if action == 'logout': _logout_user() if self.request.GET.get('continue'): self.redirect(self.request.GET.get('continue').encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/logout-success.html', users.template_values() )) else: if self.request.GET.get('continue'): self.redirect(self.request.GET.get('continue').encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/login-success.html', users.template_values() )) return None # Path and serve template self.response.out.write(template.render( 'ndb_users/templates/login.html', users.template_values() ))
def post(self): """ Log in a user via POST'ed `email` and `password` values. """ # Make sure required POST parameters are present email = self.request.POST.get('email') password = self.request.POST.get('password') extended = bool(self.request.POST.get('extended')) user = users.get_current_user() if user: # Redirect if requested if self.request.GET.get('continue'): self.redirect(self.request.GET['continue'].encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/login-success.html', users.template_values(template_values={ 'user': user }) )) return None if email and password: # Get a User for `email` and `password` user = ndb.Key(users.User, users._user_id_for_email(email.lower())).get() if user: # User found... check Password attempt = users._password_hash(password, user.passwordSalt) if attempt == user.passwordHash: if users.user_verified(user): # Success _login_user_for_id(user.key.string_id(), extended=extended) # Redirect if requested if self.request.GET.get('continue'): self.redirect(self.request.GET['continue'].encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/login-success.html', users.template_values(template_values={ 'user': user }, user=user) )) return None else: # User email not verified (send another email, if allowed) temp_values = dict() if not user.email_bounce_limited(): _create_activation_email_for_user_id(user.key.string_id()) else: temp_values['email_bounce_limit'] = True self.response.out.write(template.render( 'ndb_users/templates/login-not-verified.html', users.template_values(template_values=temp_values) )) return None # Error self.response.out.write(template.render( 'ndb_users/templates/login-error.html', users.template_values({ 'email': email, 'extended': extended }) ))
def post(self): """ Change the logged in user's password. """ user = users.get_current_user() if user: current_password = self.request.POST.get('current_password') new_password = self.request.POST.get('new_password') new_password2 = self.request.POST.get('new_password2') # Make sure required POST parameters are present if not current_password or not new_password or not new_password2: self.response.out.write(template.render( 'ndb_users/templates/password-change-error.html', users.template_values(template_values={ 'missing_fields': True }) )) return None # Check password equality if new_password != new_password2: self.response.out.write(template.render( 'ndb_users/templates/password-change-error.html', users.template_values(template_values={ 'password_mismatch': True }) )) return None # Check password length if len(new_password) < 4: self.response.out.write(template.render( 'ndb_users/templates/password-change-error.html', users.template_values(template_values={ 'password_too_short': True }) )) return None # Check `current_password` is indeed this user's password attempt = users._password_hash(current_password, user.passwordSalt) if attempt == user.passwordHash: # Correct password; update to `new_password` user.update_password(new_password) self.response.out.write(template.render( 'ndb_users/templates/password-change-success.html', users.template_values() )) return None else: # Wrong `current_password` self.response.out.write(template.render( 'ndb_users/templates/password-change-error.html', users.template_values(template_values={ 'password_incorrect': True }) )) return None # Not logged in self.redirect(webapp2.uri_for('login'))
def post(self): """ Reset the user's password for a `token` and passwords. """ token = self.request.GET.get('token') user = users.get_current_user() password = self.request.POST.get('password') password2 = self.request.POST.get('password2') if token and not user: # Check passwords match if password != password2: self.response.out.write(template.render( 'ndb_users/templates/password-reset-error.html', users.template_values(template_values={ 'password_mismatch': True }, query_options={ 'token': token }) )) return None # Check password length if len(password) < 4: self.response.out.write(template.render( 'ndb_users/templates/password-reset-error.html', users.template_values(template_values={ 'password_too_short': True }, query_options={ 'token': token }) )) return None # Recover the User user_recovery = ndb.Key(users.UserRecovery, token).get() if user_recovery: if user_recovery.expires > datetime.now(): user = user_recovery.reset_password(password) if user: _login_user_for_id(user.key.string_id()) self.response.out.write(template.render( 'ndb_users/templates/password-change-success.html', users.template_values(query_options={ 'token': token }) )) return None continue_uri = self.request.GET.get('continue') if user and continue_uri: self.redirect(continue_uri.encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/password-reset-error.html', users.template_values(template_values={ 'token_invalid': True }, query_options={ 'token': token }) ))
def post(self): """ Send a recovery email, if `email` is found. """ # Require an email address... user = users.get_current_user() if user: self.redirect(webapp2.uri_for('login')) return None email = self.request.POST.get('email') if email: # Get a user's key for their email address... user = users.User.user_for_email(email) if user: if users.user_verified(user): if not user.email_bounce_limited(): _create_recovery_email_for_user_id( user.key.string_id()) self.response.out.write( template.render( 'ndb_users/templates/password-forgot-success.html', users.template_values())) else: # Bounce timeout self.response.out.write( template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values( template_values={ 'email_bounce_limit': True }))) else: # User not verified self.response.out.write( template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values( template_values={'user_not_verified': True}))) else: # User not found self.response.out.write( template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values(template_values={ 'error_email_not_found': True, 'email': email }))) else: # No `email` supplied in POST self.response.out.write( template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values(template_values={ 'error_invalid_email': True, 'email': email })))
def post(self): """ Send a recovery email, if `email` is found. """ # Require an email address... user = users.get_current_user() if user: self.redirect(webapp2.uri_for('login')) return None email = self.request.POST.get('email') if email: # Get a user's key for their email address... user = users.User.user_for_email(email) if user: if users.user_verified(user): if not user.email_bounce_limited(): _create_recovery_email_for_user_id(user.key.string_id()) self.response.out.write(template.render( 'ndb_users/templates/password-forgot-success.html', users.template_values() )) else: # Bounce timeout self.response.out.write(template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values(template_values={ 'email_bounce_limit': True }) )) else: # User not verified self.response.out.write(template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values(template_values={ 'user_not_verified': True }) )) else: # User not found self.response.out.write(template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values(template_values={ 'error_email_not_found': True, 'email': email }) )) else: # No `email` supplied in POST self.response.out.write(template.render( 'ndb_users/templates/password-forgot-error.html', users.template_values(template_values={ 'error_invalid_email': True, 'email': email }) ))
def post(self): """ Change the logged in user's password. """ user = users.get_current_user() if user: current_password = self.request.POST.get('current_password') new_password = self.request.POST.get('new_password') new_password2 = self.request.POST.get('new_password2') # Make sure required POST parameters are present if not current_password or not new_password or not new_password2: self.response.out.write( template.render( 'ndb_users/templates/password-change-error.html', users.template_values( template_values={'missing_fields': True}))) return None # Check password equality if new_password != new_password2: self.response.out.write( template.render( 'ndb_users/templates/password-change-error.html', users.template_values( template_values={'password_mismatch': True}))) return None # Check password length if len(new_password) < 4: self.response.out.write( template.render( 'ndb_users/templates/password-change-error.html', users.template_values( template_values={'password_too_short': True}))) return None # Check `current_password` is indeed this user's password attempt = users._password_hash(current_password, user.passwordSalt) if attempt == user.passwordHash: # Correct password; update to `new_password` user.update_password(new_password) self.response.out.write( template.render( 'ndb_users/templates/password-change-success.html', users.template_values())) return None else: # Wrong `current_password` self.response.out.write( template.render( 'ndb_users/templates/password-change-error.html', users.template_values( template_values={'password_incorrect': True}))) return None # Not logged in self.redirect(webapp2.uri_for('login'))
def get(self): """ Display the Signup/Create Account template. """ # Ensure user not logged in user = users.get_current_user() self.response.out.write( template.render('ndb_users/templates/create.html', users.template_values()))
def get(self): """ Display the Signup/Create Account template. """ # Ensure user not logged in user = users.get_current_user() self.response.out.write(template.render( 'ndb_users/templates/create.html', users.template_values() ))
def post(self): """ Reset the user's password for a `token` and passwords. """ token = self.request.GET.get('token') user = users.get_current_user() password = self.request.POST.get('password') password2 = self.request.POST.get('password2') if token and not user: # Check passwords match if password != password2: self.response.out.write( template.render( 'ndb_users/templates/password-reset-error.html', users.template_values( template_values={'password_mismatch': True}, query_options={'token': token}))) return None # Check password length if len(password) < 4: self.response.out.write( template.render( 'ndb_users/templates/password-reset-error.html', users.template_values( template_values={'password_too_short': True}, query_options={'token': token}))) return None # Recover the User user_recovery = ndb.Key(users.UserRecovery, token).get() if user_recovery: if user_recovery.expires > datetime.now(): user = user_recovery.reset_password(password) if user: _login_user_for_id(user.key.string_id()) self.response.out.write( template.render( 'ndb_users/templates/password-change-success.html', users.template_values( query_options={'token': token}))) return None continue_uri = self.request.GET.get('continue') if user and continue_uri: self.redirect(continue_uri.encode('ascii')) self.response.out.write( template.render( 'ndb_users/templates/password-reset-error.html', users.template_values(template_values={'token_invalid': True}, query_options={'token': token})))
def get(self): """ Display a change password form, if user is logged in. """ user = users.get_current_user() if user: self.response.out.write( template.render('ndb_users/templates/password-change.html', users.template_values())) return None # No logged in user self.redirect(webapp2.uri_for('login'))
def get(self): """ Display a change password form, if user is logged in. """ user = users.get_current_user() if user: self.response.out.write(template.render( 'ndb_users/templates/password-change.html', users.template_values() )) return None # No logged in user self.redirect(webapp2.uri_for('login'))
def get(self): """ Display a password reset form if the `token` is valid. """ token = self.request.GET.get('token') user = users.get_current_user() if token and not user: user_recovery = ndb.Key(users.UserRecovery, token).get() if user_recovery: if user_recovery.expires > datetime.now(): self.response.out.write( template.render( 'ndb_users/templates/password-reset.html', users.template_values( query_options={'token': token}))) return None continue_uri = self.request.GET.get('continue') if user and continue_uri: self.redirect(continue_uri.encode('ascii')) self.response.out.write( template.render( 'ndb_users/templates/password-reset-error.html', users.template_values(template_values={'token_invalid': True}, query_options={'token': token})))
def get(self): """ Display the password recovery form, asking for a user's email. """ user = users.get_current_user() if not user: self.response.out.write( template.render('ndb_users/templates/password-forgot.html', users.template_values())) else: continue_uri = self.request.GET.get('continue') if continue_uri: self.redirect(continue_uri.encode('ascii')) else: self.redirect(webapp2.uri_for('login'))
def get(self): """ Display the password recovery form, asking for a user's email. """ user = users.get_current_user() if not user: self.response.out.write(template.render( 'ndb_users/templates/password-forgot.html', users.template_values() )) else: continue_uri = self.request.GET.get('continue') if continue_uri: self.redirect(continue_uri.encode('ascii')) else: self.redirect(webapp2.uri_for('login'))
def get(self): user = users.get_current_user() if user: action = self.request.GET.get('action') if action == 'logout': _logout_user() if self.request.GET.get('continue'): self.redirect( self.request.GET.get('continue').encode('ascii')) self.response.out.write( template.render('ndb_users/templates/logout-success.html', users.template_values())) else: if self.request.GET.get('continue'): self.redirect( self.request.GET.get('continue').encode('ascii')) self.response.out.write( template.render('ndb_users/templates/login-success.html', users.template_values())) return None # Path and serve template self.response.out.write( template.render('ndb_users/templates/login.html', users.template_values()))
def post(self): """ Create a new User with `email` and `password` (confirmed by `password2 `). """ email = self.request.POST.get('email') password = self.request.POST.get('password') password2 = self.request.POST.get('password2') # Make sure required POST parameters are present if not email or not password or not password2: self.response.out.write( template.render( 'ndb_users/templates/create-error.html', users.template_values( template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 } }))) return None # Check password equality if password != password2: self.response.out.write( template.render( 'ndb_users/templates/create-error.html', users.template_values( template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'passwordMismatch': True }))) return None # Check password length if len(password) < 4: self.response.out.write( template.render( 'ndb_users/templates/create-error.html', users.template_values( template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'passwordTooShort': True }))) return None # Check `email` against regular expression if not mail.is_email_valid(email): self.response.out.write( template.render( 'ndb_users/templates/create-error.html', users.template_values( template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'emailInvalid': True }))) return None # Try finding a User with this email... user_found = users.User.query(users.User.email == email).count(1) if user_found < 1: # Create a User new_user_key = users.User.create_user(email, password) if NDB_USERS_ENFORCE_EMAIL_VERIFICATION: _create_activation_email_for_user_id(new_user_key.string_id()) else: # Log this user in! _login_user_for_id(new_user_key.string_id()) if self.request.GET.get('continue'): self.redirect( self.request.GET.get('continue').encode('ascii')) self.response.out.write( template.render( 'ndb_users/templates/create-success.html', users.template_values(template_values={ 'email_verification': NDB_USERS_ENFORCE_EMAIL_VERIFICATION }))) return None else: # Already exists self.response.out.write( template.render( 'ndb_users/templates/create-error.html', users.template_values( template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'emailExists': True }))) return None
def post(self): """ Create a new User with `email` and `password` (confirmed by `password2 `). """ email = self.request.POST.get('email') password = self.request.POST.get('password') password2 = self.request.POST.get('password2') # Make sure required POST parameters are present if not email or not password or not password2: self.response.out.write(template.render( 'ndb_users/templates/create-error.html', users.template_values(template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 } }) )) return None # Check password equality if password != password2: self.response.out.write(template.render( 'ndb_users/templates/create-error.html', users.template_values(template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'passwordMismatch': True }) )) return None # Check password length if len(password) < 4: self.response.out.write(template.render( 'ndb_users/templates/create-error.html', users.template_values(template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'passwordTooShort': True }) )) return None # Check `email` against regular expression if not mail.is_email_valid(email): self.response.out.write(template.render( 'ndb_users/templates/create-error.html', users.template_values(template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'emailInvalid': True }) )) return None # Try finding a User with this email... user_found = users.User.query(users.User.email==email).count(1) if user_found < 1: # Create a User new_user_key = users.User.create_user(email, password) if NDB_USERS_ENFORCE_EMAIL_VERIFICATION: _create_activation_email_for_user_id(new_user_key.string_id()) else: # Log this user in! _login_user_for_id(new_user_key.string_id()) if self.request.GET.get('continue'): self.redirect(self.request.GET.get('continue').encode('ascii')) self.response.out.write(template.render( 'ndb_users/templates/create-success.html', users.template_values(template_values={ 'email_verification': NDB_USERS_ENFORCE_EMAIL_VERIFICATION }) )) return None else: # Already exists self.response.out.write(template.render( 'ndb_users/templates/create-error.html', users.template_values(template_values={ 'request': { 'email': email, 'password': password, 'password2': password2 }, 'emailExists': True }) )) return None
def post(self): """ Log in a user via POST'ed `email` and `password` values. """ # Make sure required POST parameters are present email = self.request.POST.get('email') password = self.request.POST.get('password') extended = bool(self.request.POST.get('extended')) user = users.get_current_user() if user: # Redirect if requested if self.request.GET.get('continue'): self.redirect(self.request.GET['continue'].encode('ascii')) self.response.out.write( template.render( 'ndb_users/templates/login-success.html', users.template_values(template_values={'user': user}))) return None if email and password: # Get a User for `email` and `password` user = ndb.Key(users.User, users._user_id_for_email(email.lower())).get() if user: # User found... check Password attempt = users._password_hash(password, user.passwordSalt) if attempt == user.passwordHash: if users.user_verified(user): # Success _login_user_for_id(user.key.string_id(), extended=extended) # Redirect if requested if self.request.GET.get('continue'): self.redirect( self.request.GET['continue'].encode('ascii')) self.response.out.write( template.render( 'ndb_users/templates/login-success.html', users.template_values( template_values={'user': user}, user=user))) return None else: # User email not verified (send another email, if allowed) temp_values = dict() if not user.email_bounce_limited(): _create_activation_email_for_user_id( user.key.string_id()) else: temp_values['email_bounce_limit'] = True self.response.out.write( template.render( 'ndb_users/templates/login-not-verified.html', users.template_values( template_values=temp_values))) return None # Error self.response.out.write( template.render( 'ndb_users/templates/login-error.html', users.template_values({ 'email': email, 'extended': extended })))