Beispiel #1
0
    def __register(self, api):
        """ Check incoming parameters and register user """
        # Validate email
        email = self.request.get(constants.VAR_NAME_EMAIL)
        logging.info('User registering: ' + str(email))
        if not User.isEmailValid(email) or User.isAlreadyRegistered(email):
            logging.error('Email mismatched or already registered')
            self.set_error(constants.STATUS_BAD_REQUEST,
                           self.gettext('REGISTER_ERROR'),
                           url=self.request.url)
            return

        # Validate password
        password = self.request.get(constants.VAR_NAME_PASSWORD)
        if not User.isPasswordValid(password):
            logging.error('Invalid password')
            self.set_error(constants.STATUS_BAD_REQUEST,
                           self.gettext('REGISTER_ERROR'),
                           url=self.request.url)
            return

        # Calculate password hash
        salt_and_key = CryptoUtil.get_salt_and_key(password)
        salt = salt_and_key[0]
        key = salt_and_key[1]

        # Create and store user object
        user = User(key_name=email)
        user.email = email.lower()
        user.salt = salt
        user.password = key
        user.verified = False
        user.put()

        # Send email for verification
        self.__send_verification(email)

        if api == '':
            # Display message
            template_values = {
                'message': self.gettext('PLEASE_CHECK_YOUR_EMAIL')
            }
            template = self.jinja2_env.get_template('staticmessage.html')
            self.response.out.write(template.render(template_values))

        self.ok()
Beispiel #2
0
 def __send_verification(self, email):
     """ Send verification email to recipient """
     user = User.getUser(email.lower())
     if user is None or user.verified:
         self.set_error(constants.STATUS_BAD_REQUEST, message=None, url="/")
         return
     user.verificationCode = b64encode(CryptoUtil.get_verify_code(), "*$")
     template_values = {
         'user_email': self.user_email,
         'code': user.verificationCode,
         'url': constants.VERIFICATION_URL
     }
     template = self.jinja2_env.get_template('verificationemail.jinja')
     message = mail.EmailMessage()
     message.sender = constants.SENDER_ADDRESS
     message.to = user.email
     message.subject = 'Please verify your address'
     message.body = template.render(template_values)
     message.send()
     user.put()
Beispiel #3
0
 def generate_id():
     '''
     Generates the sessionid user for authentication during the lifetime of the session. The output is hex_encoded
     '''
     return ''.join('%02x' % ord(byte) for byte in CryptoUtil.get_sessionId())
Beispiel #4
0
    def __login(self):
        """ Validate incoming parameters and log in user if all is ok """
        # Validate email and get user from db
        email = self.request.get(constants.VAR_NAME_EMAIL)
        logging.info('User logging in: ' + str(email))
        if not User.isEmailValid(email) or not User.isAlreadyRegistered(email):
            logging.error('Email mismatched or not registered')
            self.set_error(constants.STATUS_BAD_REQUEST,
                           self.gettext('LOGIN_ERROR'), url=self.request.url)
            return
        user = User.getUser(email.lower())

        # Calculate password hash
        password = self.request.get(constants.VAR_NAME_PASSWORD)
        if not User.isPasswordValid(password):
            logging.error('Invalid password')
            self.set_error(constants.STATUS_BAD_REQUEST,
                           self.gettext('LOGIN_ERROR'), url=self.request.url)
            return
        key = CryptoUtil.getKey(password, user.salt)

        # Validate password
        if not user.password == key:
            logging.error('Incorrect password for email')
            self.set_error(constants.STATUS_BAD_REQUEST,
                           self.gettext('LOGIN_ERROR'), url=self.request.url)
            return

        # Check remember me
        remember_string = self.request.get('remember').lower()
        remember = remember_string != '' and remember_string != 'false'
        if remember:
            token_id = LoginToken.generate_id()
            token = LoginToken()
            token.tokenid = token_id
            token.ip = self.request.remote_addr
            token.user = email
            token.put()
            cookie_value = token.get_cookie_value()
            delta = timedelta(days=constants.PERSISTENT_LOGIN_LIFETIME_DAYS)
            self.response.set_cookie(constants.PERSISTENT_LOGIN_NAME,
                                     cookie_value,
                                     expires=datetime.utcnow() + delta,
                                     path="/", httponly=True, secure=True)

        # Log in user
        if user.verified:
            user.login(self.request.remote_addr)
            session = get_current_session()
            url = session.pop(constants.VAR_NAME_REDIRECT)
            if url is None:
                url = "/"
            self.ok(url)
        else:
            logging.error('User unverified')
            self.set_error(constants.STATUS_FORBIDDEN,
                           self.gettext('UNVERIFIED_PRE') +
                           ' <a href=\"/User/Verify">' +
                           self.gettext('UNVERIFIED_HERE') +
                           '</a> ' +
                           self.gettext('UNVERIFIED_POST'),
                           url=self.request.url)
            return
Beispiel #5
0
 def generate_id():
     '''
     Return the bytearray representing the token in an URL-friendly, hex-encoded way.
     '''
     return ''.join('%02x' % ord(byte) for byte in CryptoUtil.getPersistentId())