def post(self):
new_password = self.request.get("new_password")
new_verify_password = self.request.get("verify_new_password")
a_password = self.request.get("old_password")
the_RU = check_user_id_cookie(self.request)
if the_RU:
is_valid_new_password = passwordValid.valid_password(new_password)
does_new_passwords_match = passwordValid.password_match(new_password, new_verify_password)
is_password_correct = passwordValid.valid_pw(the_RU.name, a_password, the_RU.password_hashed)
final_new_password_error = ""
final_new_verify_password_error = ""
final_old_password_error = ""
if not (is_valid_new_password):
final_new_password_error = "Invalid password"
if not (does_new_passwords_match):
final_new_verify_password_error = "Password doesn't match"
if not (is_password_correct):
final_old_password_error = "Invalid password"
if is_valid_new_password and does_new_passwords_match and is_password_correct:
the_RU.password_hashed = passwordValid.make_pw_hash(
the_RU.name, new_password
) # the function returns hash|salt
the_RU.put()
time.sleep(0.1) # to delay so db table gets displayed correct
self.render(
"profile.html",
a_name=the_RU.name,
an_email=the_RU.email,
changed_message="Your password has been changed",
)
else:
self.render(
"editPassword.html",
a_name=the_RU.name,
new_password_error=final_new_password_error,
verify_error=final_new_verify_password_error,
password_error=final_old_password_error,
)
else: # either user_id_cookie_value, username, or the_RU is None (see check_user_id_cookie())
self.redirect("/logout")
def post(self):
new_password = self.request.get("new_password")
new_verify_password = self.request.get("verify_new_password")
a_password = self.request.get("old_password")
the_RU = check_user_id_cookie(self.request)
if the_RU:
is_valid_new_password = passwordValid.valid_password(new_password)
does_new_passwords_match = passwordValid.password_match(
new_password, new_verify_password)
is_password_correct = passwordValid.valid_pw(
the_RU.name, a_password, the_RU.password_hashed)
final_new_password_error = ""
final_new_verify_password_error = ""
final_old_password_error = ""
if not (is_valid_new_password):
final_new_password_error = "Invalid password"
if not (does_new_passwords_match):
final_new_verify_password_error = "Password doesn't match"
if not (is_password_correct):
final_old_password_error = "Invalid password"
if is_valid_new_password and does_new_passwords_match and is_password_correct:
the_RU.password_hashed = passwordValid.make_pw_hash(
the_RU.name,
new_password) # the function returns hash|salt
the_RU.put()
time.sleep(0.1) # to delay so db table gets displayed correct
self.render("profile.html",
a_name=the_RU.name,
an_email=the_RU.email,
changed_message="Your password has been changed")
else:
self.render("editPassword.html",
a_name=the_RU.name,
new_password_error=final_new_password_error,
verify_error=final_new_verify_password_error,
password_error=final_old_password_error)
else: # either user_id_cookie_value, username, or the_RU is None (see check_user_id_cookie())
self.redirect("/logout")
def post(self):
#secure_value # this is the (name + pw + salt) hexdigested and then pipe salt with format "hexdigestedValue|salt"
username_input = self.request.get('username')
password_input = self.request.get('password')
verify_input = self.request.get('verify')
email_input = self.request.get('email')
verify_email_input = self.request.get('verify_email')
is_valid_username = passwordValid.valid_username(username_input)
is_valid_password = passwordValid.valid_password(password_input)
if len(email_input) > 0:
is_valid_email = passwordValid.valid_email(email_input)
else:
is_valid_email = False
does_password_match = passwordValid.password_match(
password_input, verify_input)
does_email_match = passwordValid.email_match(email_input,
verify_email_input)
final_username_error = ""
final_password_error = ""
final_verify_error = ""
final_email_error = ""
final_verify_email_error = ""
if not (is_valid_username):
final_username_error = "Invalid username"
if not (is_valid_password):
final_password_error = "Invalid password"
if not (does_password_match):
final_verify_error = "Password doesn't match"
if not (is_valid_email):
final_email_error = "Invalid e-mail"
if not (does_email_match):
final_verify_email_error = "E-mail doesn't match"
if is_valid_username and is_valid_password and does_password_match and is_valid_email and does_email_match:
# check if user already exist
user_already_exists = False
existing_user = dataFunctions.retrieveUser(username_input)
if existing_user:
user_already_exists = True
if user_already_exists:
#write error message out
final_username_error = "User already exist"
self.write_form(username_input, final_username_error,
final_password_error, final_verify_error,
email_input, final_email_error,
verify_email_input, final_verify_email_error)
else: # ok to register new user
# username_and_password = username_input + password_input
secure_password = passwordValid.make_pw_hash(
username_input,
password_input) # the function returns hash|salt
secure_username = passwordValid.make_secure_val(
username_input) # the function returns username_input|hash
ru = RegisteredUsers(
name=username_input,
password_hashed=secure_password,
email=email_input) # save the hashed password in database
ru.put()
time.sleep(0.1) # to delay so db table gets displayed correct
self.response.headers.add_header(
'Set-Cookie', 'user_id=%s; Path=/' % str(secure_username)
) #sending secure_username back to browser
self.redirect("/frontpage")
else:
# check if user already exist
user_already_exists = False
all_reg_users = db.GqlQuery(
"SELECT * FROM RegisteredUsers ORDER BY created DESC")
if all_reg_users:
for users in all_reg_users:
if users.name == username_input:
user_already_exists = True
break
if user_already_exists:
#write error message out
final_username_error = "User already exist"
final_password_error = ""
final_email_error = ""
self.write_form(username_input, final_username_error,
final_password_error, final_verify_error,
email_input, final_email_error, verify_email_input,
final_verify_email_error)
def post(self):
# secure_value # this is the (name + pw + salt) hexdigested and then pipe salt with format "hexdigestedValue|salt"
username_input = self.request.get("username")
password_input = self.request.get("password")
verify_input = self.request.get("verify")
email_input = self.request.get("email")
verify_email_input = self.request.get("verify_email")
is_valid_username = passwordValid.valid_username(username_input)
is_valid_password = passwordValid.valid_password(password_input)
if len(email_input) > 0:
is_valid_email = passwordValid.valid_email(email_input)
else:
is_valid_email = False
does_password_match = passwordValid.password_match(password_input, verify_input)
does_email_match = passwordValid.email_match(email_input, verify_email_input)
final_username_error = ""
final_password_error = ""
final_verify_error = ""
final_email_error = ""
final_verify_email_error = ""
if not (is_valid_username):
final_username_error = "Invalid username"
if not (is_valid_password):
final_password_error = "Invalid password"
if not (does_password_match):
final_verify_error = "Password doesn't match"
if not (is_valid_email):
final_email_error = "Invalid e-mail"
if not (does_email_match):
final_verify_email_error = "E-mail doesn't match"
if is_valid_username and is_valid_password and does_password_match and is_valid_email and does_email_match:
# check if user already exist
user_already_exists = False
existing_user = dataFunctions.retrieveUser(username_input)
if existing_user:
user_already_exists = True
if user_already_exists:
# write error message out
final_username_error = "User already exist"
self.write_form(
username_input,
final_username_error,
final_password_error,
final_verify_error,
email_input,
final_email_error,
verify_email_input,
final_verify_email_error,
)
else: # ok to register new user
# username_and_password = username_input + password_input
secure_password = passwordValid.make_pw_hash(
username_input, password_input
) # the function returns hash|salt
secure_username = passwordValid.make_secure_val(
username_input
) # the function returns username_input|hash
ru = RegisteredUsers(
name=username_input, password_hashed=secure_password, email=email_input
) # save the hashed password in database
ru.put()
time.sleep(0.1) # to delay so db table gets displayed correct
self.response.headers.add_header(
"Set-Cookie", "user_id=%s; Path=/" % str(secure_username)
) # sending secure_username back to browser
self.redirect("/frontpage")
else:
# check if user already exist
user_already_exists = False
all_reg_users = db.GqlQuery("SELECT * FROM RegisteredUsers ORDER BY created DESC")
if all_reg_users:
for users in all_reg_users:
if users.name == username_input:
user_already_exists = True
break
if user_already_exists:
# write error message out
final_username_error = "User already exist"
final_password_error = ""
final_email_error = ""
self.write_form(
username_input,
final_username_error,
final_password_error,
final_verify_error,
email_input,
final_email_error,
verify_email_input,
final_verify_email_error,
)