def post(self): username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') if not utils.valid_username(username) or not utils.valid_password( password) or (not utils.valid_email(email) and "" != email) or password != verify: errorUsername = "" errorPassword = "" errorVerify = "" errorEmail = "" if not utils.valid_username(username): errorUsername = "******" if not utils.valid_password(password): errorPassword = "******" if not utils.valid_email(email) and "" != email: errorEmail = "That's not a valid email." if password != verify: errorVerify = "Your passwords didn't match." self.render('signup.html', errorUsername=errorUsername, errorPassword=errorPassword, errorVerify=errorVerify, errorEmail=errorEmail, username=username, email=email) else: if not model.User.by_name(username): user = model.User.save_user(username, password) self.set_secure_cookie('user_id', str(user.key().id())) self.redirect('/') else: errorUsername = '******' self.render('signup.html', errorUsername=errorUsername)
def post(self): user_email = self.request.get('email','') user_password = self.request.get('password') user_cpassword = self.request.get('confirmpassword') q = database.Query(database.User) q.filter("email =", user_email) total = q.count() if ((user_email and utils.valid_email(user_email)) and (user_password == user_cpassword) and total == 0): user_uuid = str(uuid.uuid1()) user_obj = database.User(key_name = user_email, email = user_email, password = base64.b64encode(user_password), is_verify = False) user_obj.put() database.Verify(user=user_obj, uuid=user_uuid).put() sender = '*****@*****.**' to = user_email mail.send_mail(sender = sender, to = user_email, subject = "CloudMania Verification mail", body=""" Dear User: Hello, Thank you for registering in cloudmania. Please tap the following link to complete the email registration process. http://cloud-mania.appspot.com/verify?uuid=%s#banner\n\n""" % (user_uuid)) self.redirect('/login#banner') return else: errors = [] if(total !=0): errors.append("Email address already exists!") elif(user_email or utils.valid_email(user_email)): errors.append("Email Address is not valid!") if(user_password != user_cpassword): errors.append("Password and Confirm password doesn't match!") template_values = {"errors": "<br/>".join(errors)} showIndex(self, template_values)
def test_valid_email(self): from utils import valid_email self.assertTrue(valid_email('*****@*****.**')) self.assertTrue(valid_email("peter'*****@*****.**")) self.assertTrue(not valid_email('peterbe @gmail.com')) self.assertTrue(not valid_email("peter'be@gmai"))
def parse_email_line(es): """ find all email addresses in the string 'es'. For example, if the input is 'Peter <*****@*****.**>' then return ['*****@*****.**'] In other words, strip out all junk that isn't valid email addresses. """ real_emails = [] sep = ',' local_domain_email_regex = re.compile(r'\b\w+@\w+\b') for chunk in [ x.strip() for x in es.replace(';', ',').split(',') if x.strip() ]: # if the chunk is something like this: # 'SnapExpense [email protected] <*****@*****.**>' # then we want to favor the part in <...> found = re.findall('<([^@]+@[^@]+)>', chunk) if found: chunk = found[0].strip() if valid_email(chunk) or local_domain_email_regex.findall(chunk): if chunk.lower() not in [x.lower() for x in real_emails]: real_emails.append(chunk) return real_emails
def post(self): """ Redirect to welcome page if form is valid else shows form with error details """ have_error = False self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username=self.username, email=self.email) if not utils.valid_username(self.username): params['error_username'] = "******" have_error = True if not utils.valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_verify'] = "Your passwords didn't match." have_error = True if not utils.valid_email(self.email): params['error_email'] = "That's not a valid email." have_error = True if have_error: self.render('register.html', **params) else: self.done()
def post(self): """ Redirect to welcome page if form is valid else shows form with error details """ have_error = False self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username=self.username, email=self.email) if not utils.valid_username(self.username): params['error_username'] = "******" have_error = True if not utils.valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_verify'] = "Your passwords didn't match." have_error = True if not utils.valid_email(self.email): params['error_email'] = "That's not a valid email." have_error = True if have_error: self.render('signup-form.html', **params) else: self.done()
def post(self): logging.info(self.request.path) have_error = False self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username=self.username, email=self.email) if not utils.valid_username(self.username): params['error_username'] = "******" have_error = True if not utils.valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_password'] = "******" have_error = True if not utils.valid_email(self.email): params['error_email'] = "That's not a valid email." have_error = True if have_error: self.render('signup-form.html', **params) else: self.done()
def parse_email_line(es): """ find all email addresses in the string 'es'. For example, if the input is 'Peter <*****@*****.**>' then return ['*****@*****.**'] In other words, strip out all junk that isn't valid email addresses. """ real_emails = [] sep = ',' local_domain_email_regex = re.compile(r'\b\w+@\w+\b') for chunk in [x.strip() for x in es.replace(';',',').split(',') if x.strip()]: # if the chunk is something like this: # 'SnapExpense [email protected] <*****@*****.**>' # then we want to favor the part in <...> found = re.findall('<([^@]+@[^@]+)>', chunk) if found: chunk = found[0].strip() if valid_email(chunk) or local_domain_email_regex.findall(chunk): if chunk.lower() not in [x.lower() for x in real_emails]: real_emails.append(chunk) return real_emails
def post(self): have_error = False self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username = self.username, email = self.email) if not utils.valid_username(self.username): params['error_username'] = "******" have_error = True if not utils.valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_verify'] = "Your passwords didn't match." have_error = True if not utils.valid_email(self.email): params['error_email'] = "That's not a valid email." have_error = True if have_error: self.render('signup-form.html', **params) else: self.done()
def post(self): have_error = False next_url = str(self.request.get('next_url')) if not next_url or next_url.startswith('/login'): next_url = '/' self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username = self.username, email = self.email) if not utils.valid_username(self.username): params['error_username'] = "******" have_error = True if not utils.valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_verify'] = "Your passwords didn't match." have_error = True if not utils.valid_email(self.email): params['error_email'] = "That's not a valid email." have_error = True if have_error: self.render('wiki_signup.html', **params) else: self.done()
def post(self): input_username = self.request.get("username") input_password = self.request.get("password") input_verify = self.request.get("verify") input_email = self.request.get("email") valid_username = u4.valid_username(input_username) valid_password = u4.valid_password(input_password) valid_verify = u4.valid_verify(input_password, input_verify) valid_email = u4.valid_email(input_email) errors = ["", "", "", ""] if not valid_username: errors[0] = "That's not a valid username." if not valid_password: errors[1] = "That wasn't a valid password." if not valid_verify: errors[2] = "Your passwords didn't match." if not valid_email and input_email != "": errors[3] = "That's not a valid email." if errors != ["", "", "", ""]: self.write_form(errors, input_username, "", "", input_email) else: user_existence = User.all().filter('username =', input_username).get() if user_existence: errors[0] = "That user already exists." self.write_form(errors, input_username, "", "", input_email) else: hashed_pw = u4.make_pw_hash(str(input_username), str(input_password)) u= User(username=str(input_username), hashed_pw=hashed_pw, email=str(input_email)) u.put() self.login(username=str(input_username), secret=secret) self.redirect("/welcome")
def post(self): have_error = False if not self.valid_form(): have_error = True self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username = self.username, email = self.email) if not utils.valid_username(self.username): params['error_username'] = u"Neplatné uživatelské jméno." have_error = True if not utils.valid_password(self.password): params['error_password'] = u"Neplatné uživatelské heslo." have_error = True elif self.password != self.verify: params['error_verify'] = u"Hesla se neshodují." have_error = True if not utils.valid_email(self.email): params['error_email'] = u"Toto není platná emailová adresa." have_error = True if have_error: self.render('signup-form.html', **params) else: self.done()
def post(self, name): username = self.request.get("username") password = self.request.get("password") vpass = self.request.get("vpass") email = self.request.get("email") have_error = False; words={"username": username, "email":email} if not utils.valid_username(username): words["error_msg_user"] = "******" have_error = True if not utils.valid_password(password): words["error_msg_pass"] = "******" have_error = True if password!=vpass: words["error_msg_vpass"] = "******" have_error = True if not utils.valid_email(email): words["error_msg_email"] = "That is not a valid email address" have_error=True if have_error: self.render("signup.html", **words) else: # check if users already exist if Users.by_name(username): words["error_msg_user"] = "******" self.render("signup.html", **words) else: u = Users.create(username, password, email) u.put() self.set_secure_cookie('User-id', str(u.key().id())) self.redirect(name)
def post(self): errors = [] user_email = self.request.get('email') is_valid = utils.valid_email(user_email) user_all = database.User.all().filter("email =", user_email) total = user_all.count(limit=1) if (total == 0): errors.append('email-id not registered!') template_values = {'errors': '<br/>'.join(errors), 'forgot': True} elif (not is_valid): errors.append('Wrong email-id!') template_values = {'errors': '<br/>'.join(errors), 'forgot': True} else: user_uuid = str(uuid.uuid1()) database.Forgot(user=user_all.get(), uuid=user_uuid).put() mail.send_mail(sender='*****@*****.**', to = user_email, subject="CloudMania Reset Password", body=""" Dear User, Hello, Please tap the following link to change password. http://cloud-mania.appspot.com/reset?uuid=%s#banner\n\n""" % (user_uuid)) template_values = {'message': True} template_values = {'errors': '<br/>'.join(errors), 'forgot': True, 'message': True} showIndex(self, template_values)
def post(self): user_email = self.session.get('user') user_obj = getUser(user_email) errors = [] success = [] user_name = self.request.get('name', '') user_email = self.request.get('email', '') user_message = self.request.get('message', '') if(not (user_email and utils.valid_email(user_email) and user_name and user_message)): errors.append("Email Address is not valid!") self.redirect('/contact#contactus') else: admin = '*****@*****.**' mail.send_mail(sender = admin, to = admin, subject="CloudMania Query", body=""" Dear Admin, Name = %s, Email = %s, Message = %s"""% (user_name, user_email, user_message)) success.append("Email sent!") if (user_obj): self.redirect('/home#banner') else: self.redirect('/login#banner') self.redirect('/home#banner') template_values = {'success': '<br/>'.join(success), 'errors': '<br/>'.join(errors)} showIndex(self, template_values)
def post(self): username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') user = User.by_name(username) values = {} if not u.valid_username(username): values['error_username'] = "******" if user: values['error_username2'] = "Username already exists." if not u.valid_password(password): values['error_password'] = "******" if password != verify: values['error_verify'] = "Your passwords didn't match." if not u.valid_email(email): values['error_email'] = "That's not a valid email." if values: values.update({'username' : username, 'email' : email}) self.markup('signup.html', **values) else: password_hashed = u.make_password_hash(username, password) user = User(username = username, password_hashed = password_hashed, email = email) user.put() self.set_cookie("user_id", str(user.key().id())) self.redirect("/dashboard")
def validateFields(self): validation = {'valid': True} email = self.request.get('fields.email') password = self.request.get('fields.password') fields = {'email' : email} errors = {} validation['fields'] = fields if not utils.valid_email(email): errors['error_email'] = "That's not a valid email." validation['valid'] = False validation['errors'] = errors return validation if not utils.valid_password(password): errors['error_password'] = "******" validation['valid'] = False validation['errors'] = errors return validation userQuery = self.validateUser(fields,password) if not userQuery['userFound']: errors['error_db'] = "Invalid email/password" validation['valid'] = False validation['errors'] = errors return validation validation['errors'] = errors validation['fields']['userId'] = userQuery['userId'] return validation
def post(self): #next_url = str(self.request.get('next_url')) #if not next_url or next_url.startswith('/login'): #next_url = '/' username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') valid_user = utils.valid_username(username) valid_pass = utils.valid_password(password) passwords_match = utils.verify_password(password, verify) email_valid = utils.valid_email(email) params = dict(valid_user = valid_user, valid_pass = valid_pass, passwords_match = passwords_match, email_valid = email_valid) errors = set_errors(params) if not errors: user_exists = db.GqlQuery("SELECT * FROM User WHERE name = :1", username).get() if not user_exists: new_user = User(name = username, password = utils.make_pw_hash(username, password), email = email) new_user.put() self.login(new_user) self.redirect('/wiki') # CHANGE THIS!!! else: error_user = "******" self.render("signup.html", error_user = error_user) else: self.render("signup.html", username=username, email=email, **errors)
def post(self): username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') if not utils.valid_username(username) or not utils.valid_password(password) or (not utils.valid_email(email) and "" != email) or password != verify: errorUsername = "" errorPassword = "" errorVerify = "" errorEmail = "" if not utils.valid_username(username): errorUsername = "******" if not utils.valid_password(password): errorPassword = "******" if not utils.valid_email(email) and "" != email: errorEmail = "That's not a valid email." if password != verify: errorVerify = "Your passwords didn't match." self.render('signup.html',errorUsername=errorUsername,errorPassword=errorPassword,errorVerify=errorVerify,errorEmail=errorEmail, username=username, email=email) else: if not model.User.by_name(username): user = model.User.save_user(username,password) self.set_secure_cookie('user_id',str(user.key().id())) self.redirect('/') else: errorUsername = '******' self.render('signup.html',errorUsername=errorUsername)
def test_valid_email_valid(self): email = '*****@*****.**' is_valid = utils.valid_email(email) query = ExploriumDbApi.USERS_TABLE.select().where(ExploriumDbApi.USERS_TABLE.c.email == email) email_check = ExploriumDbApi.conn.execute(query).fetchone() if email_check: self.assertFalse(is_valid) else: self.assertTrue(is_valid)
def post(self): name = self.request.get('name') email = self.request.get('email') password = self.request.get('password') verify_password = self.request.get('verify_password') key = self.request.get('key') error = False error_name = "" error_password = "" error_email = "" error_verify = "" if not utils.valid_username(name): error_name="Your username needs to be between 3 and 20 characters long and only contain numbers and letters" error = True if not utils.valid_password(password): error_password="******" error = True if not utils.valid_email(email): error_email="Please type in a valid email address" error = True if password != verify_password: error_verify="Please ensure your passwords match" error = True if key != "Nicholas001": error_key="Please provide the correct key" error = True if not error: pw_hash = utils.make_pw_hash(name, password) user = model.User(parent=model.users_key(), name=name, email=email, pw_hash=pw_hash) user.put() self.login(user) self.redirect('/fileupload') else: js_code = "$('#register').modal('show');" data = { 'error_name':error_name, 'error_password':error_password, 'error_email':error_email, 'error_verify':error_verify, 'error_key':error_key, 'js_code':js_code } self.render('register.html', data=data) """
def post(self): user_uname = self.request.get('username') user_psswrd = self.request.get('password') user_ver = self.request.get('verify') user_email = self.request.get('email') uname = utils.valid_uname(user_uname) uname_ex = utils.user_exists(user_uname) psswrd = utils.valid_psswrd(user_psswrd) verified = utils.verify_psswrd(user_psswrd, user_ver) email = utils.valid_email(user_email) #Create error messages if not uname: uname_err = "That's not a valid username!" if uname_ex: uname_err = "This username already exists!" if not psswrd: psswrd_err = "That wasn't a valid password" if not verified: verify_err = "Passwords did not match" if not email: email_err = "That's not a valid email!" if not (uname and not uname_ex and psswrd and verified and (email or user_email == "")): #There was an error in one of the fields. self.render_signup(uname=cgi.escape(user_uname), uname_err=uname_err, psswrd_err=psswrd_err, verify_err=verify_err, email=cgi.escape(user_email), email_err=email_err) else: #Create a new user. password_hash = utils.make_pw_hash(user_uname, user_psswrd) user = mydb.User(username=user_uname, password_hash=password_hash, salt=password_hash.split('|')[1], email=user_email) user.put() mydb.allusers(update=True, newuser=user) print "added new user %s" % user.username #Redirect the user back to entry where they came from. redir = self.request.cookies.get('Location') if not redir: redir = '/' self.response.headers.add_header( 'Set-Cookie', "user_id=%s;Location=%s;Path=/" % (utils.make_secure_val(str(user.key.id())), str(redir))) self.redirect(str(redir))
def post(self): self.username = self.request.get('username') self.password = self.request.get('password') self.v_password = self.request.get('verify') self.email = self.request.get('email') usererror = '' passerror = '' vpasserror = '' emailerror = '' if self.username: u_present = True if not valid_username(self.username): usererror = "That's not a valid username." else: usererror = "That's not a valid username." if self.password: p_present = True if not valid_pass(self.password): passerror = "That wasn't a valid password." else: passerror = "That wasn't a valid password." if self.v_password: vp_present = True if not valid_pass(self.v_password): vpasserror = "That wasn't a valid verification password." else: vpasserror = "That wasn't a valid verification password." if self.email: email_present = True if not valid_email(self.email): emailerror = "That wasn't a valid email." if self.password != self.v_password: passerror = "Passwords do not match" if usererror == '' and passerror == '' \ and vpasserror == '' and emailerror == '': self.done() else: self.render("signup.html", username=self.username, usererror=usererror, passerror=passerror, vpasserror=vpasserror, emailerror=emailerror) def done(self, *a, **kw): raise NotImplementedError
def post(self): # Get user input username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') # Process results input_error = False user_error = "" passwd_error = "" verify_error = "" email_error = "" if not utils.valid_username(username): user_error = "That's not a valid username" input_error = True if not utils.valid_password(password): passwd_error = "That wasn't a valid password" input_error = True elif password != verify: verify_error = "Your passwords didn't match" input_error = True if not utils.valid_email(email): email_error = "That's not a valid email" input_error = True # Check if this user is already in our registry if not input_error and User.by_name(username): user_error = "The user already exists" input_error = True if not input_error: # Create user entry in database hashed_pw = utils.make_pw_hash(username, password) u = User(name=username, hashed_pw=hashed_pw, email=email) u.put() # Set cookie to user_id uid = u.key().id() user_id = utils.make_secure_cookie(str(uid)) self.response.headers.add_header('Set-Cookie', 'user_id=%s; Path=/' % user_id) # Redirect to welcome page self.redirect('/blog/welcome') else: self.render('signup.html', username=username, email=email, user_error=user_error, passwd_error=passwd_error, verify_error=verify_error, email_error=email_error)
def create_user(request): """ Create PINNA user """ display_name = request.DATA.get('display_name', '').strip() email = request.DATA.get('email', '').strip() password = request.DATA.get('password', '').strip() if (not display_name) or (not email) or (not password): msg = 'These fields must not be empty: ' empty_fields = [] if not display_name: empty_fields.append('display_name') if not email: empty_fields.append('email') if not password: empty_fields.append('password') msg += ",".join(empty_fields) return utils.failed_response(msg, 'empty_fields') if not utils.valid_email(email): msg = "The email is invalid" msg_code = "email_invalid" return utils.failed_response(msg, msg_code) try: checked = User.objects.get(username=email) msg = 'The user is existed' return utils.failed_response(msg, "user_existed") except User.DoesNotExist: display_name = display_name.lower().title() user = User.objects.create_user(email, email, password, first_name=display_name) # Create My Tracks and My Library mylib = Library.objects.create() Profile.objects.create(user=user, mylibrary=mylib) session = PinnaSession.objects.create(user=user) msg = 'The user %s is created successfully' %display_name return utils.successful_response(msg, "ok", token=session.key, userid=user.pk)
def signup(request): context = {} isVal = False # UGH SO INELEGANT exists = False # UGH AGAIN if request.method == 'POST': first_name = request.POST['first_name'] last_name = request.POST['last_name'] email = request.POST['email'] password = request.POST['password'] exists = email_exists(email) if exists: context["failure_message"] = "Email already exists." return render(request, 'home.html', context) isVal = valid_email(email)
def validateFields(self): validation = {'valid': True} username = self.request.get('fields.username') password = self.request.get('fields.password') verifyPass = self.request.get('fields.verifyPass') email = self.request.get('fields.email') fields = {'username':username, 'password':password, 'verifyPass':verifyPass, 'email':email} errors = {} validation['fields']=fields user = self.validateUser(fields) if user['userFound']: validation['valid'] = False errors['error_email'] = "This email is already registered" validation['errors'] = errors return validation if not utils.valid_email(email): validation['valid'] = False errors['error_email'] = "That's not a valid email." validation['errors'] = errors return validation if not utils.valid_username(username): validation['valid'] = False errors['error_username'] = "******" validation['errors'] = errors return validation if not utils.valid_password(password): validation['valid'] = False errors['error_password'] = "******" validation['errors'] = errors return validation elif verifyPass != password: validation['valid'] = False errors['error_verify'] = "Passwords do not match" validation['errors'] = errors return validation validation['errors'] = errors return validation
def post(self): valid_cookie = self.request.cookies.get("user_id") if valid_cookie: import globals if globals.users != None: has_error = False user_input = self.request.get("username") password_input = self.request.get("password") verify_input = self.request.get("verify") email_input = self.request.get("email") valid_u = utils.valid_username(user_input) valid_p = utils.valid_password(password_input) valid_e = utils.valid_email(email_input) user_error = "" pass_error = "" email_error = "" verify_error = "" if not valid_u: user_error = "Invalid username, please try again." has_error = True if not valid_p: pass_error = "Invalid password, please try again." has_error = True if password_input != verify_input: verify_error = "Passwords do not match, try again." has_error = True if not valid_e and email_input != "": email_error = "Invalid email, please try again." has_error = True if has_error != False: self.render( "signup.html", error_user=user_error, error_pass=pass_error, error_verify=verify_error, error_email=email_error, username=user_input, email=email_input, user=globals.users, ) else: self.redirect("/unit2/welcome?username="******"/")
def post(self): user_name = self.request.get('username') user_password = self.request.get('password') user_verify = self.request.get('verify') user_email = self.request.get('email') name = utils.valid_username(user_name) password = utils.valid_password(user_password) verify = utils.valid_verify(user_verify, user_password) email = utils.valid_email(user_email) nameerror = passworderror = verifyerror = emailerror = "" if not name: nameerror = "That's not a valid username" if not password: passworderror = "That's not a valid password" if password and not verify: verifyerror = "Your passwords didn't match" if user_email and not email: emailerror = "That's not a valid email" if (not (name and password and verify)) or (user_email and not email): self.render_signup(user_name, nameerror, passworderror, verifyerror, user_email, emailerror) else: # lookup user u = User.gql("WHERE username = '******'" % user_name).get() # If user already exists if u: nameerror = "That user already exists" self.render_signup(user_name, nameerror, passworderror, verifyerror, user_email, emailerror) else: # make salted password hash h = utils.make_pw_hash(user_name, user_password) u = User(username=user_name, password=h) u.put() user_id = u.key().id() uid_cookie = str(self.put_user_id_cookie(user_id, h)) self.response.headers.add_header( "Set-Cookie", "user_id=%s; Path=/" % uid_cookie) self.redirect("/")
def post(self): user_name = self.request.get('username') user_password = self.request.get('password') user_verify = self.request.get('verify') user_email = self.request.get('email') name = utils.valid_username(user_name) password = utils.valid_password(user_password) verify = utils.valid_verify(user_verify, user_password) email = utils.valid_email(user_email) nameerror = passworderror = verifyerror = emailerror = "" if not name: nameerror = "That's not a valid username" if not password: passworderror = "That's not a valid password" if password and not verify: verifyerror = "Your passwords didn't match" if user_email and not email: emailerror = "That's not a valid email" if (not (name and password and verify)) or (user_email and not email): self.render_signup(user_name, nameerror, passworderror, verifyerror, user_email, emailerror) else: # lookup user u = User.gql("WHERE username = '******'"%user_name).get() # If user already exists if u: nameerror = "That user already exists" self.render_signup(user_name, nameerror, passworderror, verifyerror, user_email, emailerror) else: # make salted password hash h = utils.make_pw_hash(user_name, user_password) u = User(username=user_name, password=h) u.put() user_id = u.key().id() uid_cookie = str(self.put_user_id_cookie(user_id, h)) self.response.headers.add_header("Set-Cookie", "user_id=%s; Path=/"%uid_cookie) self.redirect("/")
def change_user_email(): if not is_admin(request): return 'unauthorized', 403 body = request.json # Validations if not type_check(body, 'dict'): return 'body must be an object', 400 if not object_check(body, 'username', 'str'): return 'body.username must be a string', 400 if not object_check(body, 'email', 'str'): return 'body.email must be a string', 400 if not valid_email(body['email']): return 'email must be a valid email', 400 user = db_get('users', {'username': body['username'].strip().lower()}) if not user: return 'invalid username', 400 token = make_salt() hashed_token = hash(token, make_salt()) # We assume that this email is not in use by any other users. In other words, we trust the admin to enter a valid, not yet used email address. db_update( 'users', { 'username': user['username'], 'email': body['email'], 'verification_pending': hashed_token }) # If this is an e2e test, we return the email verification token directly instead of emailing it. if is_testing_request(request): resp = {'username': user['username'], 'token': hashed_token} else: send_email_template( 'welcome_verify', body['email'], requested_lang(), os.getenv('BASE_URL') + '/auth/verify?username='******'username']) + '&token=' + urllib.parse.quote_plus(hashed_token)) return '', 200
def signIn(self, request): """ This function register a new user as player. Input: A unique username and email address""" username = request.username email = request.email if not utils.valid_username(username) or not utils.valid_email(email): raise endpoints.ConflictException('Invalid Input') if Player.query(Player.username == request.username).get(): raise endpoints.ConflictException( 'A User with that name already exists!') Player(username=username, email=email).put() # create default player if not exist if not Player.query(Player.username == "computer").get(): self._defaultPlayer() return MessageForm(message="Welcome Player %s. Enjoy racing!!!" % username)
def post(self): have_error = False # get user input from request username = self.request.get('username') password = self.request.get('password') verify_password = self.request.get('verify_password') email = self.request.get('email') verify_email = self.request.get('verify_email') # set params to be passed back to form if error params = dict(username = username, email = email) # get users from db user = User.by_name(username) # check if username already exists, if exists return error if user: params['exist_error'] = "That username already exists!" have_error = True # check that username is valid if not utils.valid_username(username): params['error_username'] = "******" have_error = True # check that passoword is valid and passwords match if not utils.valid_password(password): params['error_password'] = "******" have_error = True elif password != verify_password: params['error_verify_password'] = "******" have_error = True # check that email is valid and match if not utils.valid_email(email): params['error_email'] = "That's not a valid email!" have_error = True # if there is error, rerender form with error params, # else redirect to main if have_error: self.render("signup.html", **params) else: # store in User table u = User.register(username, password, email) u.put() # set secure cookie self.login(u) self.redirect('/')
def change_user_email(): user = current_user() if not is_admin(user): return 'unauthorized', 403 body = request.json # Validations if not isinstance(body, dict): return 'body must be an object', 400 if not isinstance(body.get('username'), str): return 'body.username must be a string', 400 if not isinstance(body.get('email'), str): return 'body.email must be a string', 400 if not valid_email(body['email']): return 'email must be a valid email', 400 user = DATABASE.user_by_username(body['username'].strip().lower()) if not user: return 'invalid username', 400 token = make_salt() hashed_token = hash(token, make_salt()) # We assume that this email is not in use by any other users. In other words, we trust the admin to enter a valid, not yet used email address. DATABASE.update_user(user['username'], { 'email': body['email'], 'verification_pending': hashed_token }) # If this is an e2e test, we return the email verification token directly instead of emailing it. if is_testing_request(request): resp = {'username': user['username'], 'token': hashed_token} else: send_email_template( 'welcome_verify', body['email'], email_base_url() + '/auth/verify?username='******'username']) + '&token=' + urllib.parse.quote_plus(hashed_token)) return '', 200
def validate_form(signup, input_username, input_password, input_verify=None, input_email=None): """ params: - signup: true for signup validation, false for login validation - username and password - input_verify, input_email: optional parameters returns: - returns true if input is valid, false otherwise and - dictionary (params) of errors """ params = {} valid_input = True valid_username = utils.valid_username(input_username) if not valid_username: valid_input = False params['error_username'] = "******" valid_password = utils.valid_password(input_password) if not valid_password: valid_input = False params['error_password'] = "******" if not input_verify and signup: valid_input = False params['error_verify'] = "verify password" if input_verify and signup: valid_verify = utils.valid_password(input_verify) if input_password != input_verify: valid_input = False params['error_verify'] = "Password and Verification do not match" if input_email and signup: valid_email = utils.valid_email(input_email) if not valid_email: params['error_email'] = "Invalid email address" params['return_email'] = input_email return valid_input, params
def post(self): user_uname = self.request.get('username') user_psswrd = self.request.get('password') user_ver = self.request.get('verify') user_email = self.request.get('email') uname = utils.valid_uname(user_uname) uname_ex = utils.user_exists(user_uname) psswrd = utils.valid_psswrd(user_psswrd) verified = utils.verify_psswrd(user_psswrd, user_ver) email = utils.valid_email(user_email) # this will store the values to be returned ret = {"uname":cgi.escape(user_uname), "uname_err":"", "psswrd_err":"", "verify_err":"", "email":cgi.escape(user_email), "email_err":""} if not uname: ret["uname_err"] = "That's not a valid username!" if uname_ex: ret["uname_err"] = "This username already exists!" if not psswrd: ret["psswrd_err"] = "That wasn't a valid password" if not verified: ret["verify_err"] = "Passwords did not match" if not email: ret["email_err"] = "That's not a valid email!" if not(uname and not uname_ex and psswrd and verified and (email or user_email == "")): self.render_signup(uname=ret["uname"], uname_err=ret["uname_err"], psswrd_err=ret["psswrd_err"], verify_err=ret["verify_err"], email=ret["email"], email_err=ret["email_err"]) else: password_hash = utils.make_pw_hash(user_uname, user_psswrd) user = mydb.User(username=user_uname, password_hash=password_hash, salt=password_hash.split('|')[1], email=user_email) user.put() print "added new user %s" % user.username mydb.allusers(True, user) redir = self.request.cookies.get('Location') #time.sleep(1) if not redir: redir = '/' self.response.headers.add_header('Set-Cookie', "user_id=%s;Location=%s;Path=/" % (utils.make_secure_val(str(user.key().id())), str(redir))) print redir self.redirect(str(redir))
def signup(): ref = request if request.method == 'POST': try: username = request.form.get('user_username') email = request.form.get('user_email') password = utils.hash_password(request.form.get('user_password')) firstname = request.form.get('user_firstname') lastname = request.form.get('user_lastname') repeat_password = utils.hash_password(request.form.get('user_repeat_password')) if password != repeat_password: error = " Passwords do not match ! " return render_template('signup.html', error=error) if not utils.valid_username(username): traceback.print_exc() error = " Username is already taken " return render_template('signup.html', error=error) if not utils.valid_email(email): traceback.print_exc() p = re.compile('[aA0-zZ9$]+@[aA0-zZ9]+.[a-z]+') if p.match(email) is None: error = " Email is already taken " else: error = " Invalid Email" return render_template('signup.html', error=error) session['username'] = username # session['password'] = password query = ExploriumDbApi.USERS_TABLE.insert().values(username=username, password=password, email=email, firstname=firstname, lastname=lastname) ExploriumDbApi.conn.execute(query) return render_template('index.html', this_username=session['username'], show_what="Welcome!", result_info_list='') except Exception as e: render_template('signup.html', error='Invalid Input') return render_template('signup.html')
def post(self): user_email = self.request.get('email', '') is_valid = utils.valid_email(user_email) errors = [] if (is_valid): user_password = self.request.get('password', '') user_obj = getUser(user_email) if (user_obj and base64.b64encode(user_password) == user_obj.password): template_values = {'login': True, 'user': user_obj.email} if(base64.b64encode(user_password) == user_obj.password): self.session['user'] = user_email logging.info("%s just logged in" % user_email) template_values = {'login': True, 'user': user_obj.email} self.redirect('/home#banner') else: errors.append('Wrong Username / Password!') template_values = {'errors': '<br/>'.join(errors), 'login': True} else: errors.append('Invalid Email Address!!') template_values = {'errors': '<br/>'.join(errors), 'login': True} showIndex(self, template_values)
def post(self): input_username = self.request.get("username") input_password = self.request.get("password") input_verify = self.request.get("verify") input_email = self.request.get("email") valid_username = u4.valid_username(input_username) valid_password = u4.valid_password(input_password) valid_verify = u4.valid_verify(input_password, input_verify) valid_email = u4.valid_email(input_email) errors = ["", "", "", ""] if not valid_username: errors[0] = "That's not a valid username." if not valid_password: errors[1] = "That wasn't a valid password." if not valid_verify: errors[2] = "Your passwords didn't match." if not valid_email and input_email != "": errors[3] = "That's not a valid email." if errors != ["", "", "", ""]: self.write_form(errors, input_username, "", "", input_email) else: user_existence = User.all().filter('username =', input_username).get() if user_existence: errors[0] = "That user already exists." self.write_form(errors, input_username, "", "", input_email) else: hashed_pw = u4.make_pw_hash(str(input_username), str(input_password)) u = User(username=str(input_username), hashed_pw=hashed_pw, email=str(input_email)) u.put() self.login(username=str(input_username), secret=secret) self.redirect("/welcome")
def process_form(self, post_data): """ Utility function to process the form and generate errors. """ username = post_data[0] password = post_data[1] verify = post_data[2] email = post_data[3] errors = {} if not username or not valid_username(username): errors['username_error'] = "That's not a valid username." if not password or not valid_password(password): errors['password_error'] = "That wasn't a valid password." else: if not verify or verify != password: errors['verify_error'] = "Your passwords didn't match." if email and not valid_email(email): errors['email_error'] = "That's not a valid email." if errors: errors['email'] = email errors['username'] = username return errors
def post(self): error_input = False username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') params = dict(username=username, email=email) if not valid_username(username): params['error_username'] = "******" error_input = True if not valid_password(password): params['error_password'] = "******" error_input = True elif password != verify: params['error_verify'] = "Your passwords do not match" error_input = True if not valid_email(email): params['error_email'] = "That's not a valid email" error_input = True if error_input: self.render('signup_page.html', **params) else: user = User.find_by_name(username) if user: params['error_username'] = "******" self.render('signup_page.html', **params) else: user = User.register(username, password, email) user.put() self.login(user) self.redirect('/home')
def post(self): if self.user: self.session.add_flash("You are already logged in") self.redirect('/') else: self.username = self.request.get('username') self.password = self.request.get('password') self.confirm = self.request.get('confirm') self.email = self.request.get('email') params = dict(username=self.username, email=self.email) have_error = False if not valid_username(self.username): params['error_username'] = '******' have_error = True elif User.user_by_name(self.username): params['error_username'] = '******' have_error = True if not valid_password(self.password): params['error_password'] = '******' have_error = True elif self.password != self.confirm: params['error_confirm'] = 'Passwords do not match' have_error = True if not valid_email(self.email): params['error_email'] = 'Invalid email' have_error = True if have_error: self.render('registration.html', **params) else: user = User.register_user(username=self.username, password=self.password, email=self.email) user.put() self.login(user) self.session.add_flash("Welcome, %s!" % user.username) self.redirect('/')
def post(self): error_username = '' error_password = '' error_verify = '' error_email='' username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') if (valid_user(username) and valid_password(password) and valid_verify(verify,password)) and ((valid_email(email) or email=='')): user1 = db.GqlQuery('SELECT * FROM User WHERE username = :1', username)# see if username already exists user2 = db.GqlQuery('SELECT * FROM User WHERE email = :1', email)# see if email already exists if not (user1.get() and user2.get()): new_user = User(username = username, password = make_pw_hash(username, password), email = email) new_user.put() user_id = new_user.key().id() self.response.headers.add_header('Set-Cookie', 'user_id = %s' %user_id)#set cookie self.redirect('/welcome') else: if user1.get(): error_username = '******' if user2.get(): error_email = 'Email already exists!' self.render('signup.html',username=username, password=password, verify=verify, email=email, error_username=error_username, error_password=error_password, error_verify=error_verify, error_email=error_email) else: if not valid_user(username): error_username = "******" if not valid_password(password): error_password = "******" if not valid_verify(verify,password) or not(password and verify): error_verify = "Your passwords didn't match " if not (valid_email(email) or email == ''): error_email = "That's not a valid email!" self.render('signup.html', username=username, password=password, verify=verify, email=email, error_username=error_username, error_password=error_password, error_verify=error_verify, error_email=error_email)
def post(self): username = self.request.get("username") password = self.request.get("password") verify = self.request.get("verify") email = self.request.get("email") username_error = "" password_error = "" verify_error = "" email_error = "" if not utils.valid_username(username): username_error = "That's not a valid username." elif db.GqlQuery("SELECT * FROM User WHERE username = '******'" % username).count() != 0: username_error = "Username already exists." if utils.valid_password(password): if not password == verify: verify_error = "Your passwords didn't match." else: password_error = "That wasn't a valid password." if not utils.valid_email(email): email_error = "That's not a valid email." if (username_error != "" or password_error != "" or verify_error != "" or email_error != ""): self.write_form([username, username_error], password_error, verify_error, [email, email_error]) else: user = models.User(username=username, hashed_pw=utils.make_pw_hash(username, password), email=email) user.put() self.response.headers.add_header('Set-Cookie', str('user-id=%s; Path=/' % utils.make_secure_val(utils.SECRET, username))) self.redirect("/blog/welcome")
def post(self): have_error = False self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username = self.username, email = self.email) if not valid_username(self.username): params['error_username'] = "******" have_error = True u = User.by_name(self.username) if u: params['error_username'] = "******" have_error = True if not valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_verify'] = "Your passwords didn't match." have_error = True if not valid_email(self.email): params['error_email'] = "that's not a valid email" have_error = True if have_error: self.render('signup-form.html', **params) else: u = User.register(self.username, self.password, self.email) u.put() self.site_login(u) self.redirect('/blog/welcome') #?username=' + username)
def post(self): have_error = False self.username = self.request.get('username') self.password = self.request.get('password') self.verify = self.request.get('verify') self.email = self.request.get('email') params = dict(username=self.username, email=self.email) if not utils.valid_username(self.username): params['error_username'] = "******" have_error = True if not utils.valid_password(self.password): params['error_password'] = "******" have_error = True elif self.password != self.verify: params['error_verify'] = "Your passwords didn't match." have_error = True if not utils.valid_email(self.email): params['error_email'] = "That's not a valid email." have_error = True if have_error: self.render('register.html', **params) else: self.done()
def update_profile(user): body = request.json if not type_check(body, 'dict'): return 'body must be an object', 400 if 'email' in body: if not object_check(body, 'email', 'str'): return 'body.email must be a string', 400 if not valid_email(body['email']): return 'body.email must be a valid email', 400 if 'country' in body: if not body['country'] in countries: return 'body.country must be a valid country', 400 if 'birth_year' in body: if not object_check( body, 'birth_year', 'int') or body['birth_year'] <= 1900 or body[ 'birth_year'] > datetime.datetime.now().year: return 'birth_year must be a year between 1900 and ' + str( datetime.datetime.now().year), 400 if 'gender' in body: if body['gender'] != 'm' and body['gender'] != 'f' and body[ 'gender'] != 'o': return 'body.gender must be m/f/o', 400 resp = {} if 'email' in body: email = body['email'].strip().lower() if email != user['email']: exists = db_get('users', {'email': email}, True) if exists: return 'email exists', 403 token = make_salt() hashed_token = hash(token, make_salt()) db_update( 'users', { 'username': user['username'], 'email': email, 'verification_pending': hashed_token }) # If this is an e2e test, we return the email verification token directly instead of emailing it. if is_testing_request(request): resp = { 'username': user['username'], 'token': hashed_token } else: send_email_template( 'welcome_verify', email, requested_lang(), os.getenv('BASE_URL') + '/auth/verify?username='******'username']) + '&token=' + urllib.parse.quote_plus(hashed_token)) if 'country' in body: db_update('users', { 'username': user['username'], 'country': body['country'] }) if 'birth_year' in body: db_update('users', { 'username': user['username'], 'birth_year': body['birth_year'] }) if 'gender' in body: db_update('users', { 'username': user['username'], 'gender': body['gender'] }) return jsonify(resp)
def post(self): if self.request.get('login_email') and self.request.get('login_password'): user_email = self.request.get('login_email') user_psswrd = self.request.get('login_password') print user_email valid_pwd = False valid_email = False q = mydb.User.get_by_email(user_email) if not(q is None): valid_email = True valid_pwd = utils.valid_pw(user_email, user_psswrd, q.password_hash) if valid_pwd and valid_email: self.response.headers.add_header('Set-Cookie', "user_id=%s;Path=/" % utils.make_secure_val(str(q.key().id()))) self.redirect('/hello') else: self.render_signup(email=cgi.escape(user_email), login_err="Invalid username or password. Please sign up or try again.") else: user_email = self.request.get('email') user_psswrd = self.request.get('password') user_first_name = self.request.get('first_name') user_last_name = self.request.get('last_name') user_dob = self.request.get('dob') user_gender = self.request.get('gender') user_occupation = self.request.get('occupation') user_confirmation = self.request.get('confirmation') print user_email print user_psswrd print user_first_name print user_last_name print utils.convert_dob(user_dob) print user_gender print user_occupation print user_confirmation name = utils.valid_name(user_first_name) and utils.valid_name(user_last_name) user_ex = utils.user_exists(user_email) psswrd = utils.valid_psswrd(user_psswrd) email = utils.valid_email(user_email) # this will store the values to be returned #ret = {"uname":cgi.escape(user_uname), "uname_err":"", "psswrd_err":"", "verify_err":"", "email":cgi.escape(user_email), "email_err":""} if not name or user_ex or not psswrd or not email: input_err = "Some input was incorrect. Further details to come soon." if not(name and not user_ex and psswrd and email): self.render_signup(first_name=first_name, login_err=login_err, input_err=input_err, email=email, last_name=last_name, gender=gender, occupation=occupation) else: password_hash = utils.make_pw_hash(user_email, user_psswrd) user = mydb.User(first_name=user_first_name, last_name=user_last_name, dob=utils.convert_dob(user_dob), gender=user_gender, occupation=user_occupation, password_hash=password_hash, salt=password_hash.split('|')[1], email=user_email) user.put() print "added new user %s" % user.email #mydb.allusers(True, user) time.sleep(0.2) self.response.headers.add_header('Set-Cookie', "user_id=%s;Path=/" % utils.make_secure_val(str(user.key().id()))) self.redirect('/hello')
def email(email_str): """Return email_str if valid, raise an exception in other case.""" if valid_email(email_str): return email_str else: raise ValueError('{} is not a valid email'.format(email_str))
def signup(): body = request.json # Validations, mandatory fields if not type_check(body, 'dict'): return 'body must be an object', 400 if not object_check(body, 'username', 'str'): return 'username must be a string', 400 if '@' in body['username']: return 'username cannot contain an @-sign', 400 if ':' in body['username']: return 'username cannot contain a colon', 400 if len(body['username'].strip()) < 3: return 'username must be at least three characters long', 400 if not object_check(body, 'password', 'str'): return 'password must be a string', 400 if len(body['password']) < 6: return 'password must be at least six characters long', 400 if not object_check(body, 'email', 'str'): return 'email must be a string', 400 if not valid_email(body['email']): return 'email must be a valid email', 400 # Validations, optional fields if 'country' in body: if not body['country'] in countries: return 'country must be a valid country', 400 if 'birth_year' in body: if not object_check( body, 'birth_year', 'int') or body['birth_year'] <= 1900 or body[ 'birth_year'] > datetime.datetime.now().year: return 'birth_year must be a year between 1900 and ' + datetime.datetime.now( ).year, 400 if 'gender' in body: if body['gender'] != 'm' and body['gender'] != 'f' and body[ 'gender'] != 'o': return 'gender must be m/f/o', 400 user = db_get('users', {'username': body['username'].strip().lower()}) if user: return 'username exists', 403 email = db_get('users', {'email': body['email'].strip().lower()}, True) if email: return 'email exists', 403 hashed = hash(body['password'], make_salt()) token = make_salt() hashed_token = hash(token, make_salt()) username = body['username'].strip().lower() email = body['email'].strip().lower() if not is_testing_request( request) and 'subscribe' in body and body['subscribe'] == True: # If we have a Mailchimp API key, we use it to add the subscriber through the API if os.getenv('MAILCHIMP_API_KEY') and os.getenv( 'MAILCHIMP_AUDIENCE_ID'): # The first domain in the path is the server name, which is contained in the Mailchimp API key request_path = 'https://' + os.getenv( 'MAILCHIMP_API_KEY').split( '-')[1] + '.api.mailchimp.com/3.0/lists/' + os.getenv( 'MAILCHIMP_AUDIENCE_ID') + '/members' request_headers = { 'Content-Type': 'application/json', 'Authorization': 'apikey ' + os.getenv('MAILCHIMP_API_KEY') } request_body = {'email_address': email, 'status': 'subscribed'} r = requests.post(request_path, headers=request_headers, data=json.dumps(request_body)) subscription_error = None if r.status_code != 200 and r.status_code != 400: subscription_error = True # We can get a 400 if the email is already subscribed to the list. We should ignore this error. if r.status_code == 400 and not re.match( '.*already a list member', r.text): subscription_error = True # If there's an error in subscription through the API, we report it to the main email address if subscription_error: send_email( config['email']['sender'], 'ERROR - Subscription to Hedy newsletter on signup', email, '<p>' + email + '</p><pre>Status:' + str(r.status_code) + ' Body:' + r.text + '</pre>') # Otherwise, we send an email to notify about this to the main email address else: send_email(config['email']['sender'], 'Subscription to Hedy newsletter on signup', email, '<p>' + email + '</p>') user = { 'username': username, 'password': hashed, 'email': email, 'created': timems(), 'verification_pending': hashed_token, 'last_login': timems() } if 'country' in body: user['country'] = body['country'] if 'birth_year' in body: user['birth_year'] = body['birth_year'] if 'gender' in body: user['gender'] = body['gender'] db_create('users', user) # We automatically login the user cookie = make_salt() db_create( 'tokens', { 'id': cookie, 'username': user['username'], 'ttl': times() + session_length }) # If this is an e2e test, we return the email verification token directly instead of emailing it. if is_testing_request(request): resp = make_response({'username': username, 'token': hashed_token}) # Otherwise, we send an email with a verification link and we return an empty body else: send_email_template( 'welcome_verify', email, requested_lang(), os.getenv('BASE_URL') + '/auth/verify?username='******'&token=' + urllib.parse.quote_plus(hashed_token)) resp = make_response({}) # We set the cookie to expire in a year, just so that the browser won't invalidate it if the same cookie gets renewed by constant use. # The server will decide whether the cookie expires. resp.set_cookie(cookie_name, value=cookie, httponly=True, secure=True, samesite='Lax', path='/', max_age=365 * 24 * 60 * 60) return resp
def edit_profile(): if 'username' not in session or 'password' not in session: return redirect(url_for('signin')) if session['username'] == 'guest': return redirect(url_for('index')) if request.method == 'GET': if 'username' not in session: return redirect(url_for('signin')) userinfo = ExploriumDbApi.load_user_info(session['username']) error = "" return render_template('profile-edit.html', this_username=session['username'], user_info=userinfo, error=error) if request.method == "POST": try: if 'username' not in session: return redirect(url_for('signin')) firstname = request.form.get('user-firstname') lastname = request.form.get('user-lastname') email = request.form.get('user-email') username = request.form.get('user-username') userinfo = ExploriumDbApi.load_user_info(session['username']) if not firstname or not lastname or not email or not username: traceback.print_exc() error = " Fields cannot be empty. " return render_template('profile-edit.html', this_username=session['username'], user_info=userinfo, error=error) if not utils.valid_username(username) and username != userinfo['username']: error = " Username is already taken " return render_template('profile-edit.html', this_username=session['username'], user_info=userinfo, error=error) if not utils.valid_email(email) and email != userinfo['email']: p = re.compile('[aA0-zZ9$]+@[aA0-zZ9]+.[a-z]+') if p.match(email) is None: error = " Email is already taken " else: error = " Invalid Email" return render_template('profile-edit.html', this_username=session['username'], user_info=userinfo, error=error) session['username'] = username if request.form.get('user-password'): password = utils.hash_password(request.form.get('user-password')) query = ExploriumDbApi.USERS_TABLE.update().where( ExploriumDbApi.USERS_TABLE.c.user_id == userinfo['user_id']).values(firstname=firstname, lastname=lastname, username=username, email=email, password=password) else: query = ExploriumDbApi.USERS_TABLE.update().where( ExploriumDbApi.USERS_TABLE.c.user_id == userinfo['user_id']).values(firstname=firstname, lastname=lastname, username=username, email=email) ExploriumDbApi.conn.execute(query) userinfo = ExploriumDbApi.load_user_info(session['username']) return render_template('profile.html', this_username=session['username'], user_info=userinfo) except: userinfo = ExploriumDbApi.load_user_info(session['username']) error = "Invalid Input" return render_template('profile-edit.html', this_username=session['username'], user_info=userinfo, error=error)
def test_valid_email_invalid(self): email = 'tea.com' is_valid = utils.valid_email(email) self.assertFalse(is_valid)
def update_profile(user): body = request.json if not isinstance(body, dict): return 'body must be an object', 400 if 'email' in body: if not isinstance(body.get('email'), str): return 'body.email must be a string', 400 if not valid_email(body['email']): return 'body.email must be a valid email', 400 if 'country' in body: if not body['country'] in countries: return 'body.country must be a valid country', 400 if 'birth_year' in body: if not isinstance(body.get('birth_year'), int) or body['birth_year'] <= 1900 or body[ 'birth_year'] > datetime.datetime.now().year: return 'birth_year must be a year between 1900 and ' + str( datetime.datetime.now().year), 400 if 'gender' in body: if body['gender'] != 'm' and body['gender'] != 'f' and body[ 'gender'] != 'o': return 'body.gender must be m/f/o', 400 if 'prog_experience' in body and body['prog_experience'] not in [ 'yes', 'no' ]: return 'If present, prog_experience must be "yes" or "no"', 400 if 'experience_languages' in body: if not isinstance(body['experience_languages'], list): return 'If present, experience_languages must be an array', 400 for language in body['experience_languages']: if language not in [ 'scratch', 'other_block', 'python', 'other_text' ]: return 'Invalid language: ' + str(language), 400 resp = {} if 'email' in body: email = body['email'].strip().lower() if email != user['email']: exists = DATABASE.user_by_email(email) if exists: return 'email exists', 403 token = make_salt() hashed_token = hash(token, make_salt()) DATABASE.update_user(user['username'], { 'email': email, 'verification_pending': hashed_token }) # If this is an e2e test, we return the email verification token directly instead of emailing it. if is_testing_request(request): resp = { 'username': user['username'], 'token': hashed_token } else: send_email_template( 'welcome_verify', email, requested_lang(), os.getenv('BASE_URL') + '/auth/verify?username='******'username']) + '&token=' + urllib.parse.quote_plus(hashed_token)) username = user['username'] updates = {} for field in [ 'country', 'birth_year', 'gender', 'prog_experience', 'experience_languages' ]: if field in body: if field == 'experience_languages' and len(body[field]) == 0: updates[field] = None else: updates[field] = body[field] if updates: DATABASE.update_user(username, updates) return jsonify(resp)