def change_password(self):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm(request.form)
if request.method == "POST" and form.validate():
user = request.nereid_user
# Confirm the current password
password = form.old_password.data
password += user.salt or ""
if isinstance(password, unicode):
password = password.encode("utf-8")
password_sha = hashlib.sha1(password).hexdigest()
if password_sha == user.password:
self.write(request.nereid_user.id, {"password": form.password.data})
flash(_("Your password has been successfully changed! " "Please login again"))
session.pop("user")
return redirect(url_for("nereid.website.login"))
else:
flash(_("The current password you entered is invalid"))
return render_template("change-password.jinja", change_password_form=form)
def new_password(self):
"""Create a new password
.. tip::
Unlike change password this does not demand the old password.
And hence this method will check in the session for a parameter
called allow_new_password which has to be True. This acts as a
security against attempts to POST to this method and changing
password.
The allow_new_password flag is popped on successful saving
This is intended to be used when a user requests for a password reset.
"""
form = NewPasswordForm(request.form)
if request.method == "POST" and form.validate():
if not session.get("allow_new_password", False):
current_app.logger.debug("New password not allowed in session")
abort(403)
self.write(request.nereid_user.id, {"password": form.password.data})
session.pop("allow_new_password")
flash(_("Your password has been successfully changed! " "Please login again"))
session.pop("user")
return redirect(url_for("nereid.website.login"))
return render_template("new-password.jinja", password_form=form)
def new_password(cls):
"""Create a new password
.. tip::
Unlike change password this does not demand the old password.
And hence this method will check in the session for a parameter
called allow_new_password which has to be True. This acts as a
security against attempts to POST to this method and changing
password.
The allow_new_password flag is popped on successful saving
This is intended to be used when a user requests for a password reset.
"""
form = NewPasswordForm(request.form)
if request.method == 'POST' and form.validate():
if not session.get('allow_new_password', False):
current_app.logger.debug('New password not allowed in session')
abort(403)
cls.write(
[request.nereid_user],
{'password': form.password.data}
)
session.pop('allow_new_password')
flash(_(
'Your password has been successfully changed! '
'Please login again'))
session.pop('user')
return redirect(url_for('nereid.website.login'))
return render_template('new-password.jinja', password_form=form)
def change_password(cls):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm(request.form)
if request.method == 'POST' and form.validate():
if request.nereid_user.match_password(form.old_password.data):
cls.write(
[request.nereid_user],
{'password': form.password.data}
)
flash(
_('Your password has been successfully changed! '
'Please login again')
)
session.pop('user')
return redirect(url_for('nereid.website.login'))
else:
flash(_("The current password you entered is invalid"))
return render_template(
'change-password.jinja', change_password_form=form
)
def new_password(cls):
"""Create a new password
.. tip::
Unlike change password this does not demand the old password.
And hence this method will check in the session for a parameter
called allow_new_password which has to be True. This acts as a
security against attempts to POST to this method and changing
password.
The allow_new_password flag is popped on successful saving
This is intended to be used when a user requests for a password reset.
"""
form = NewPasswordForm(request.form)
if request.method == 'POST' and form.validate():
if not session.get('allow_new_password', False):
current_app.logger.debug('New password not allowed in session')
abort(403)
cls.write([request.nereid_user], {'password': form.password.data})
session.pop('allow_new_password')
flash(
_('Your password has been successfully changed! '
'Please login again'))
session.pop('user')
return redirect(url_for('nereid.website.login'))
return render_template('new-password.jinja', password_form=form)
def logout(cls):
"Log the user out"
session.pop('user', None)
logout.send()
flash(
_('You have been logged out successfully. Thanks for visiting us'))
return redirect(
request.args.get('next', url_for('nereid.website.home')))
def logout(cls):
"Log the user out"
session.pop('user', None)
logout.send()
flash(
_('You have been logged out successfully. Thanks for visiting us')
)
return redirect(
request.args.get('next', url_for('nereid.website.home'))
)
def change_password(cls):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm(request.form)
if request.method == 'POST' and form.validate():
if request.nereid_user.match_password(form.old_password.data):
cls.write([request.nereid_user],
{'password': form.password.data})
flash(
_('Your password has been successfully changed! '
'Please login again'))
session.pop('user')
return redirect(url_for('nereid.website.login'))
else:
flash(_("The current password you entered is invalid"))
return render_template('change-password.jinja',
change_password_form=form)
def logout(cls):
"Log the user out"
session.pop("user", None)
logout.send()
flash(_("You have been logged out successfully. Thanks for visiting us"))
return redirect(request.args.get("next", url_for("nereid.website.home")))
class NereidUser:
"******"
__name__ = "nereid.user"
linkedin_auth = fields.Boolean('LinkedIn Auth')
@classmethod
@route("/auth/linkedin", methods=["GET"])
def linkedin_login(cls):
"""The URL to which a new request to authenticate to linedin begins
Usually issues a redirect.
"""
linkedin = request.nereid_website.get_linkedin_oauth_client()
if linkedin is None:
return redirect(request.referrer
or url_for('nereid.website.login'))
return linkedin.authorize(callback=url_for(
'nereid.user.linkedin_authorized_login',
next=request.args.get('next') or request.referrer or None,
_external=True))
@classmethod
@route("/auth/linkedin_authorized_login", methods=["GET"])
def linkedin_authorized_login(cls):
"""Authorized handler to which linkedin will redirect the user to
after the login attempt is made.
"""
Party = Pool().get('party.party')
linkedin = request.nereid_website.get_linkedin_oauth_client()
if linkedin is None:
return redirect(request.referrer
or url_for('nereid.website.login'))
try:
if 'oauth_verifier' in request.args:
data = linkedin.handle_oauth1_response()
elif 'code' in request.args:
data = linkedin.handle_oauth2_response()
else:
data = linkedin.handle_unknown_response()
linkedin.free_request_token()
except Exception, exc:
current_app.logger.error("LinkedIn login failed %s" % exc)
flash(
_("We cannot talk to linkedin at this time. Please try again"))
return redirect(request.referrer
or url_for('nereid.website.login'))
if data is None:
flash(
_("Access was denied to linkedin: %(reason)s",
reason=request.args['error_reason']))
failed_login.send(form=data)
return redirect(url_for('nereid.website.login'))
# Write the oauth token to the session
session['linkedin_oauth_token'] = (data['oauth_token'],
data['oauth_token_secret'])
# Find the information from facebook
me = linkedin.get('http://api.linkedin.com/v1/people/~?format=json')
email = linkedin.get(
'http://api.linkedin.com/v1/people/~/email-address?format=json')
session.pop('linkedin_oauth_token')
# Find the user
with Transaction().set_context(active_test=False):
users = cls.search([
('email', '=', email.data),
('company', '=', request.nereid_website.company.id),
])
if not users:
current_app.logger.debug("No LinkedIn user with email %s" %
email.data)
name = u'%s %s' % (me.data['firstName'], me.data['lastName'])
current_app.logger.debug("Registering new user %s" % name)
user, = cls.create([{
'party': Party.create([{
'name': name
}])[0].id,
'display_name': name,
'email': email.data,
'linkedin_auth': True,
'active': True,
}])
flash(_('Thanks for registering with us using linkedin'))
else:
user, = users
# Add the user to session and trigger signals
session['user'] = user.id
if not user.linkedin_auth:
cls.write([user], {'linkedin_auth': True})
flash(_("You are now logged in. Welcome %(name)s", name=user.rec_name))
login.send()
if request.is_xhr:
return 'OK'
return redirect(
request.values.get('next', url_for('nereid.website.home')))
