def api_token_issue_view(self): if ( "user_id" not in self.request.session or self.request.session["user_id"] == None or self.request.session["user_id"] not in self.request.root.users or self.request.root.users[self.request.session["user_id"]] == None ): return { "error": "No valid authenticated session present, cannot issue token." } else: user = self.request.root.users[self.request.session["user_id"]] coder = Coding() token = jwt.encode({ 'user_id': user.__name__, 'username': user.username, 'auth_date': str(int(round(time.time() * 1000.0))), 'unique_id': coder.generateUniqueCode() }, self.request.registry._settings["api.session_secret"], algorithm='HS512') user.api_token = token logging.info("API: Issued authentication token to %s" % user.username) return { "token": token }
def __init__(self): coding = Coding() self.__name__ = coding.generateUniqueCode() self.name = self.description = None self.cost = 0 self.total_released = 0 self.allocated = PersistentList() self.exclusive = False self.unlimited = False self.locked_down = False
def __init__(self): coding = Coding() self.__name__ = self.id_code = coding.generateUniqueCode() self.owner = None self.payment = None self.issue_date = None self.creation_date = datetime.now() self.guest_info = None self.change_enabled = False self.tick_type = None self.addons = PersistentMapping() self.checked_in = False self.checkin_data = None self.notes = ""
def user_add_view(self): if "submit" in self.request.POST: username = self.request.POST["username"].lower().replace(" ","") password = self.request.POST["password"] userprefix = self.request.POST["userprefix"].lower().replace(" ","") numberusers = int(float(self.request.POST["numberusers"])) startingpoint = int(float(self.request.POST["startingnumber"])) group_key = self.request.POST["group"] single = (self.request.POST["singleuser"] == "single") # Check username not already in use error = True if single: if username in self.request.root.users: self.request.session.flash("A user with this username already exists.", "error") elif group_key not in self.request.root.groups: self.request.session.flash("The group selected is invalid, please try again.", "error") elif len(password) < 6: self.request.session.flash("The password you entered is too short, please enter a longer one.", "error") elif len(username) < 3: self.request.session.flash("Please enter a username longer than 2 letters.", "error") else: error = False # Otherwise we're good, create user group = self.request.root.groups[group_key] user = User() user.username = user.__name__ = username user.password_salt = Coding().generateUniqueCode() user.password = salt_password(password, user.password_salt) user.__parent__ = group group.members.append(user) self.request.root.users[user.__name__] = user self.request.session.flash("User %s has been added successfully!" % username, "info") return HTTPFound(location=self.request.route_path("admin_accounts")) else: if len(userprefix) < 2: self.request.session.flash("Please enter a prefix of 2 or more characters.", "error") elif numberusers <= 1: self.request.session.flash("Please enter a number of users greater than 1.", "error") elif startingpoint < 0: self.request.session.flash("Please enter a starting point number greater than or equal to 0.", "error") elif group_key not in self.request.root.groups: self.request.session.flash("The group selected is invalid, please try again.", "error") else: error = False creds = {} coding = Coding() group = self.request.root.groups[group_key] # Otherwise we're good, create lots of users and passwords for i in range(numberusers): password = coding.genRandomString(size=6).lower() username = ("%s%i%s" % (userprefix, (i + startingpoint), coding.genRandomString(size=2))).lower() creds[username] = password # Create the user newuser = User() newuser.username = newuser.__name__ = username newuser.password_salt = coding.generateUniqueCode() newuser.password = salt_password(password, newuser.password_salt) newuser.__parent__ = group group.members.append(newuser) self.request.root.users[newuser.__name__] = newuser # Confirm a success self.request.session.flash("Successfully added %i users to %s!" % (numberusers, group.name), "info") # - Forward to showing the full list of users that were added self.request.session["added_users"] = creds return HTTPFound(location=self.request.route_path("admin_user_add_list")) # Respond to a thrown error if error: return { "groups": sorted(self.request.root.groups.values(), key=lambda x: x.name), "username": username, "selgroup": group_key, "single": single, "userprefix": userprefix, "numberusers": numberusers, "startingnumber": startingpoint, } return { "groups": sorted(self.request.root.groups.values(), key=lambda x: x.name), "username": None, "selgroup": None, "single": True, "userprefix": None, "numberusers": 0, "startingnumber": 0, }