def create_member(cls, id, name, fullname, password, email, active=True, admin=False, temp_password=False, secretquestion=None, secretanswer=None): if cls.get_member_from_name(name): return "Member already exists" if temp_password: # The = is so we can easily search for / identify temporary passwords; temporary passwords are case insensitive password = "******" + cls.normalize_password(password).lower() else: password = cls.hash(name, password) lookupname = cls.make_lookup_name(name) if id: id = strings.replaceany(id, kiwioptions.KIWI_ID_IGNORE_CHARS, "") if cls.get_member_from_id(id): return "Duplicate unique id" else: # Generate a unique numeric ID from the time that can't possibly be considered a privacy violation # BOGUS: Can still get bitten by a race condition d = datetime.datetime.utcnow() id = "%06d%d%07d" % (d.hour * d.minute * d.second, ord(name[0]), d.microsecond) while cls.get_member_from_id(id): id = str(int(id)+1) # BOGUS: Random? m = Member(id=str(id), lookupname=lookupname, name=name, fullname=fullname, password=password, email=email, admin=admin, active=active) m.put() return None
def make_lookup_name(cls, name): # When we look up a name, we normally ignore whitespace and case # The actual set of ignored characters is customizable (e.g., to ignore "." like Gmail does) return strings.replaceany(name, kiwioptions.KIWI_NAME_LOOKUP_IGNORE_CHARS, "").lower()