def test_extra_email_map(self):
usr = UserModel().create_or_update(username=u'test_user',
password=u'qweqwe',
email=u'*****@*****.**',
firstname=u'u1', lastname=u'u1')
Session().commit()
m = UserEmailMap()
m.email = u'*****@*****.**'
m.user = usr
Session().add(m)
Session().commit()
u = User.get_by_email(email='*****@*****.**')
self.assertEqual(usr.user_id, u.user_id)
self.assertEqual(usr.username, u.username)
u = User.get_by_email(email='*****@*****.**')
self.assertEqual(usr.user_id, u.user_id)
self.assertEqual(usr.username, u.username)
u = User.get_by_email(email='*****@*****.**')
self.assertEqual(None, u)
UserModel().delete(usr.user_id)
Session().commit()
def reset_password_link(self, data):
from kallithea.lib.celerylib import tasks, run_task
from kallithea.model.notification import EmailNotificationModel
import kallithea.lib.helpers as h
user_email = data['email']
user = User.get_by_email(user_email)
if user:
log.debug('password reset user found %s' % user)
link = h.canonical_url('reset_password_confirmation', key=user.api_key)
reg_type = EmailNotificationModel.TYPE_PASSWORD_RESET
body = EmailNotificationModel().get_email_tmpl(reg_type,
'txt',
user=user.short_contact,
reset_url=link)
html_body = EmailNotificationModel().get_email_tmpl(reg_type,
'html',
user=user.short_contact,
reset_url=link)
log.debug('sending email')
run_task(tasks.send_email, [user_email],
_("Password reset link"), body, html_body)
log.info('send new password mail to %s' % user_email)
else:
log.debug("password reset email %s not found" % user_email)
return True
def verify_reset_password_token(self, email, timestamp, token):
from kallithea.lib.celerylib import tasks, run_task
from kallithea.lib import auth
import kallithea.lib.helpers as h
user = User.get_by_email(email)
if user is None:
log.debug("user with email %s not found", email)
return False
token_age = int(time.time()) - int(timestamp)
if token_age < 0:
log.debug('timestamp is from the future')
return False
if token_age > UserModel.password_reset_token_lifetime:
log.debug('password reset token expired')
return False
expected_token = self.get_reset_password_token(user,
timestamp,
h.authentication_token())
log.debug('computed password reset token: %s', expected_token)
log.debug('received password reset token: %s', token)
return expected_token == token
def validate_python(self, value, state):
user = User.get_by_email(value)
if user is None:
msg = M(self, 'non_existing_email', state, email=value)
raise formencode.Invalid(msg, value, state,
error_dict=dict(email=msg)
)
def user_or_none(author):
"""Try to match email part of VCS committer string with a local user - or return None"""
from kallithea.model.db import User
email = author_email(author)
if email:
return User.get_by_email(email, cache=True) # cache will only use sql_cache_short
return None
def verify_reset_password_token(self, email, timestamp, token):
from kallithea.lib.celerylib import tasks
from kallithea.lib import auth
import kallithea.lib.helpers as h
user = User.get_by_email(email)
if user is None:
log.debug("user with email %s not found", email)
return False
token_age = int(time.time()) - int(timestamp)
if token_age < 0:
log.debug('timestamp is from the future')
return False
if token_age > UserModel.password_reset_token_lifetime:
log.debug('password reset token expired')
return False
expected_token = self.get_reset_password_token(user,
timestamp,
h.authentication_token())
log.debug('computed password reset token: %s', expected_token)
log.debug('received password reset token: %s', token)
return expected_token == token
def user_or_none(author):
"""Try to match email part of VCS committer string with a local user - or return None"""
from kallithea.model.db import User
email = author_email(author)
if email:
return User.get_by_email(
email, cache=True) # cache will only use sql_cache_short
return None
def validate_python(self, value, state):
user = User.get_by_email(value, case_insensitive=True)
if user is None:
msg = M(self, 'non_existing_email', state, email=value)
raise formencode.Invalid(msg,
value,
state,
error_dict=dict(email=msg))
def validate_python(self, value, state):
if (old_data.get('email') or '').lower() != value:
user = User.get_by_email(value)
if user is not None:
msg = M(self, 'email_taken', state)
raise formencode.Invalid(msg, value, state,
error_dict=dict(email=msg)
)
def validate_python(self, value, state):
user = User.get_by_email(value)
if user is None:
msg = self.message('non_existing_email', state, email=value)
raise formencode.Invalid(msg,
value,
state,
error_dict=dict(email=msg))
def validate_python(self, value, state):
if (old_data.get('email') or '').lower() != value:
user = User.get_by_email(value, case_insensitive=True)
if user:
msg = M(self, 'email_taken', state)
raise formencode.Invalid(msg,
value,
state,
error_dict=dict(email=msg))
def validate_python(self, value, state):
if (old_data.get('email') or '').lower() != value:
user = User.get_by_email(value)
if user is not None:
msg = self.message('email_taken', state)
raise formencode.Invalid(msg,
value,
state,
error_dict=dict(email=msg))
def user_attr_or_none(author, show_attr):
"""Try to match email part of VCS committer string with a local user and return show_attr
- or return None if user not found"""
email = author_email(author)
if email:
from kallithea.model.db import User
user = User.get_by_email(email)
if user is not None:
return getattr(user, show_attr)
return None
def test_extra_email_map(self):
usr = UserModel().create_or_update(username=u'test_user',
password=u'qweqwe',
email=u'*****@*****.**',
firstname=u'u1', lastname=u'u1')
Session().commit()
m = UserEmailMap()
m.email = u'*****@*****.**'
m.user = usr
Session().add(m)
Session().commit()
u = User.get_by_email(email='*****@*****.**')
assert usr.user_id == u.user_id
assert usr.username == u.username
u = User.get_by_email(email='*****@*****.**')
assert usr.user_id == u.user_id
assert usr.username == u.username
u = User.get_by_email(email='*****@*****.**')
assert usr.user_id == u.user_id
assert usr.username == u.username
u = User.get_by_email(email='*****@*****.**')
assert None == u
u = User.get_by_email(email='*****@*****.**')
assert None == u
u = User.get_by_email(email='*****@*****.**')
assert None == u
UserModel().delete(usr.user_id)
Session().commit()
def send_reset_password_email(self, data):
"""
Sends email with a password reset token and link to the password
reset confirmation page with all information (including the token)
pre-filled. Also returns URL of that page, only without the token,
allowing users to copy-paste or manually enter the token from the
email.
"""
from kallithea.lib.celerylib import tasks, run_task
from kallithea.model.notification import EmailNotificationModel
import kallithea.lib.helpers as h
user_email = data['email']
user = User.get_by_email(user_email)
timestamp = int(time.time())
if user is not None:
if self.can_change_password(user):
log.debug('password reset user %s found', user)
token = self.get_reset_password_token(user,
timestamp,
h.authentication_token())
# URL must be fully qualified; but since the token is locked to
# the current browser session, we must provide a URL with the
# current scheme and hostname, rather than the canonical_url.
link = h.url('reset_password_confirmation', qualified=True,
email=user_email,
timestamp=timestamp,
token=token)
else:
log.debug('password reset user %s found but was managed', user)
token = link = None
reg_type = EmailNotificationModel.TYPE_PASSWORD_RESET
body = EmailNotificationModel().get_email_tmpl(
reg_type, 'txt',
user=user.short_contact,
reset_token=token,
reset_url=link)
html_body = EmailNotificationModel().get_email_tmpl(
reg_type, 'html',
user=user.short_contact,
reset_token=token,
reset_url=link)
log.debug('sending email')
run_task(tasks.send_email, [user_email],
_("Password reset link"), body, html_body)
log.info('send new password mail to %s', user_email)
else:
log.debug("password reset email %s not found", user_email)
return h.url('reset_password_confirmation',
email=user_email,
timestamp=timestamp)
def send_reset_password_email(self, data):
"""
Sends email with a password reset token and link to the password
reset confirmation page with all information (including the token)
pre-filled. Also returns URL of that page, only without the token,
allowing users to copy-paste or manually enter the token from the
email.
"""
from kallithea.lib.celerylib import tasks
from kallithea.model.notification import EmailNotificationModel
import kallithea.lib.helpers as h
user_email = data['email']
user = User.get_by_email(user_email)
timestamp = int(time.time())
if user is not None:
if self.can_change_password(user):
log.debug('password reset user %s found', user)
token = self.get_reset_password_token(user,
timestamp,
h.session_csrf_secret_token())
# URL must be fully qualified; but since the token is locked to
# the current browser session, we must provide a URL with the
# current scheme and hostname, rather than the canonical_url.
link = h.url('reset_password_confirmation', qualified=True,
email=user_email,
timestamp=timestamp,
token=token)
else:
log.debug('password reset user %s found but was managed', user)
token = link = None
reg_type = EmailNotificationModel.TYPE_PASSWORD_RESET
body = EmailNotificationModel().get_email_tmpl(
reg_type, 'txt',
user=user.short_contact,
reset_token=token,
reset_url=link)
html_body = EmailNotificationModel().get_email_tmpl(
reg_type, 'html',
user=user.short_contact,
reset_token=token,
reset_url=link)
log.debug('sending email')
tasks.send_email([user_email], _("Password reset link"), body, html_body)
log.info('send new password mail to %s', user_email)
else:
log.debug("password reset email %s not found", user_email)
return h.url('reset_password_confirmation',
email=user_email,
timestamp=timestamp)
def get_user(self, username=None, settings=None, **kwargs):
"""Get user given the context."""
environ = kwargs.get('environ') or {}
user_info = self._get_user_info(environ, settings)
username = user_info['username']
email = user_info['email']
# we got the username, so use default method now
user = super(KallitheaAuthPlugin, self).get_user(username)
if user is None:
# username might differ, but email not
user = User.get_by_email(email)
if user is not None:
user.username = username
user.extern_type = self.name
user.extern_name = username
return user
def reset_password(self, user_email, new_passwd):
from kallithea.lib.celerylib import tasks
from kallithea.lib import auth
user = User.get_by_email(user_email)
if user is not None:
if not self.can_change_password(user):
raise Exception('trying to change password for external user')
user.password = auth.get_crypt_password(new_passwd)
Session().commit()
log.info('change password for %s', user_email)
if new_passwd is None:
raise Exception('unable to set new password')
tasks.send_email([user_email],
_('Password reset notification'),
_('The password to your account %s has been changed using password reset form.') % (user.username,))
log.info('send password reset mail to %s', user_email)
return True
def reset_password(self, user_email, new_passwd):
from kallithea.lib.celerylib import tasks
from kallithea.lib import auth
user = User.get_by_email(user_email)
if user is not None:
if not self.can_change_password(user):
raise Exception('trying to change password for external user')
user.password = auth.get_crypt_password(new_passwd)
Session().commit()
log.info('change password for %s', user_email)
if new_passwd is None:
raise Exception('unable to set new password')
tasks.send_email([user_email],
_('Password reset notification'),
_('The password to your account %s has been changed using password reset form.') % (user.username,))
log.info('send password reset mail to %s', user_email)
return True
def reset_password(self, data):
from kallithea.lib.celerylib import tasks, run_task
from kallithea.lib import auth
user_email = data['email']
user = User.get_by_email(user_email)
new_passwd = auth.PasswordGenerator().gen_password(8,
auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
if user:
user.password = auth.get_crypt_password(new_passwd)
Session().add(user)
Session().commit()
log.info('change password for %s' % user_email)
if new_passwd is None:
raise Exception('unable to generate new password')
run_task(tasks.send_email, [user_email],
_('Your new password'),
_('Your new Kallithea password:%s') % (new_passwd,))
log.info('send new password mail to %s' % user_email)
return True
def get_by_email(self, email, cache=False, case_insensitive=False):
return User.get_by_email(email, case_insensitive, cache)
