def client_oauth_register(request, regdict):
nxt = request.route_url('access.cl.home')
loc = get_localizer(request)
headers = None
#if authenticated_userid(request):
# return HTTPSeeOther(location=nxt)
cfg = request.registry.settings
rate_id = int(cfg.get('netprofile.client.registration.rate_id', 1))
state_id = int(cfg.get('netprofile.client.registration.state_id', 1))
errors = {}
sess = DBSession()
login = regdict.get('username', None)
passwd = regdict.get('password', None)
email = regdict.get('email', None)
name_family = regdict.get('familyname', '')
name_given = regdict.get('givenname', '')
### !!!!! What if user changes his password in out database?!
if login is not None and passwd is not None:
q = sess.query(AccessEntity).filter(AccessEntity.nick == login, AccessEntity.access_state != AccessState.block_inactive.value)
if q is not None:
for user in q:
if user.password == passwd:
headers = remember(request, login)
return headers
if headers is None:
ent = PhysicalEntity()
ent.nick = login
ent.email = email
ent.name_family = name_family
ent.name_given = name_given
ent.state_id = state_id
stash = Stash()
stash.entity = ent
stash.name = loc.translate(_('Primary Account'))
acc = AccessEntity()
acc.nick = login
acc.password = passwd
acc.stash = stash
acc.rate_id = rate_id
acc.state_id = state_id
ent.children.append(acc)
sess.add(ent)
sess.add(stash)
sess.add(acc)
sess.flush()
headers = remember(request, login)
return headers
else:
return False
def client_register(request):
if authenticated_userid(request):
return HTTPSeeOther(location=request.route_url('access.cl.home'))
cur_locale = locale_neg(request)
loc = get_localizer(request)
cfg = request.registry.settings
comb_js = asbool(cfg.get('netprofile.client.combine_js', False))
can_reg = asbool(cfg.get('netprofile.client.registration.enabled', False))
must_verify = asbool(cfg.get('netprofile.client.registration.verify_email', True))
must_recaptcha = asbool(cfg.get('netprofile.client.registration.recaptcha.enabled', False))
min_pwd_len = int(cfg.get('netprofile.client.registration.min_password_length', 8))
rate_id = int(cfg.get('netprofile.client.registration.rate_id', 1))
state_id = int(cfg.get('netprofile.client.registration.state_id', 1))
maillogin = asbool(cfg.get('netprofile.client.email_as_username', False))
csrf = request.POST.get('csrf', '')
errors = {}
if not can_reg:
return HTTPSeeOther(location=request.route_url('access.cl.login'))
if must_recaptcha:
rc_private = cfg.get('netprofile.client.recaptcha.private_key')
rc_public = cfg.get('netprofile.client.recaptcha.public_key')
if (not rc_private) or (not rc_public):
# TODO: log missing reCAPTCHA keys
must_recaptcha = False
if 'submit' in request.POST:
sess = DBSession()
if csrf != request.get_csrf():
errors['csrf'] = _('Error submitting form')
elif must_recaptcha:
try:
rcresp = verify_recaptcha(rc_private, request)
except ValueError as e:
errors['recaptcha'] = str(e)
else:
if rcresp and not rcresp.valid:
errors['recaptcha'] = rcresp.text()
if len(errors) == 0:
login = request.POST.get('user', '')
passwd = request.POST.get('pass', '')
passwd2 = request.POST.get('pass2', '')
email = request.POST.get('email', '')
name_family = request.POST.get('name_family', '')
name_given = request.POST.get('name_given', '')
name_middle = request.POST.get('name_middle', '')
l = len(login)
if (l == 0) or (l > 254):
errors['user'] = _('Invalid field length')
elif not maillogin and not _re_login.match(login):
errors['user'] = _('Invalid character used in username')
l = len(passwd)
if l < min_pwd_len:
errors['pass'] = _('Password is too short')
elif l > 254:
errors['pass'] = _('Password is too long')
if passwd != passwd2:
errors['pass2'] = _('Passwords do not match')
l = len(email)
if (l == 0) or (l > 254):
errors['email'] = _('Invalid field length')
elif not _re_email.match(email):
errors['email'] = _('Invalid e-mail format')
if maillogin:
login = email
l = len(name_family)
if (l == 0) or (l > 254):
errors['name_family'] = _('Invalid field length')
l = len(name_given)
if (l == 0) or (l > 254):
errors['name_given'] = _('Invalid field length')
l = len(name_middle)
if l > 254:
errors['name_middle'] = _('Invalid field length')
if 'user' not in errors:
# XXX: currently we check across all entity types.
login_clash = sess.query(func.count('*'))\
.select_from(Entity)\
.filter(Entity.nick == login)\
.scalar()
if login_clash > 0:
errors['user'] = _('This username is already taken')
if len(errors) == 0:
ent = PhysicalEntity()
ent.nick = login
ent.email = email
ent.name_family = name_family
ent.name_given = name_given
if name_middle:
ent.name_middle = name_middle
ent.state_id = state_id
stash = Stash()
stash.entity = ent
stash.name = loc.translate(_('Primary Account'))
acc = AccessEntity()
acc.nick = login
acc.password = passwd
acc.stash = stash
acc.rate_id = rate_id
acc.state_id = state_id
ent.children.append(acc)
sess.add(ent)
sess.add(stash)
sess.add(acc)
if must_verify:
link_id = int(cfg.get('netprofile.client.registration.link_id', 1))
rand_len = int(cfg.get('netprofile.client.registration.code_length', 20))
queue_mail = asbool(cfg.get('netprofile.client.registration.mail_queue', False))
sender = cfg.get('netprofile.client.registration.mail_sender')
acc.access_state = AccessState.block_inactive.value
link = AccessEntityLink()
link.entity = acc
link.type_id = link_id
chars = string.ascii_uppercase + string.digits
try:
rng = random.SystemRandom()
except NotImplementedError:
rng = random
link.value = ''.join(rng.choice(chars) for i in range(rand_len))
link.timestamp = datetime.datetime.now()
sess.add(link)
mailer = get_mailer(request)
tpldef = {
'cur_loc' : cur_locale,
'entity' : ent,
'stash' : stash,
'access' : acc,
'link' : link
}
request.run_hook('access.cl.tpldef.register.mail', tpldef, request)
msg_text = Attachment(
data=render('netprofile_access:templates/email_register_plain.mak', tpldef, request),
content_type='text/plain; charset=\'utf-8\'',
disposition='inline',
transfer_encoding='quoted-printable'
)
msg_html = Attachment(
data=render('netprofile_access:templates/email_register_html.mak', tpldef, request),
content_type='text/html; charset=\'utf-8\'',
disposition='inline',
transfer_encoding='quoted-printable'
)
msg = Message(
subject=(loc.translate(_('Activation required for user %s')) % login),
sender=sender,
recipients=(email,),
body=msg_text,
html=msg_html
)
if queue_mail:
mailer.send_to_queue(msg)
else:
mailer.send(msg)
return HTTPSeeOther(location=request.route_url('access.cl.regsent'))
tpldef = {
'cur_loc' : cur_locale,
'comb_js' : comb_js,
'must_verify' : must_verify,
'must_recaptcha' : must_recaptcha,
'min_pwd_len' : min_pwd_len,
'maillogin' : maillogin,
'errors' : {err: loc.translate(errors[err]) for err in errors}
}
if must_recaptcha:
tpldef['rc_public'] = rc_public
request.run_hook('access.cl.tpldef.register', tpldef, request)
return tpldef
def client_register(request):
if authenticated_userid(request):
return HTTPSeeOther(location=request.route_url('access.cl.home'))
cur_locale = locale_neg(request)
loc = request.localizer
cfg = request.registry.settings
comb_js = asbool(cfg.get('netprofile.client.combine_js', False))
can_reg = asbool(cfg.get('netprofile.client.registration.enabled', False))
must_verify = asbool(cfg.get('netprofile.client.registration.verify_email', True))
must_recaptcha = asbool(cfg.get('netprofile.client.registration.recaptcha.enabled', False))
min_pwd_len = int(cfg.get('netprofile.client.registration.min_password_length', 8))
rate_id = int(cfg.get('netprofile.client.registration.rate_id', 1))
state_id = int(cfg.get('netprofile.client.registration.state_id', 1))
maillogin = asbool(cfg.get('netprofile.client.email_as_username', False))
csrf = request.POST.get('csrf', '')
errors = {}
if not can_reg:
return HTTPSeeOther(location=request.route_url('access.cl.login'))
if must_recaptcha:
rc_private = cfg.get('netprofile.client.recaptcha.private_key')
rc_public = cfg.get('netprofile.client.recaptcha.public_key')
if (not rc_private) or (not rc_public):
# TODO: log missing reCAPTCHA keys
must_recaptcha = False
if 'submit' in request.POST:
sess = DBSession()
if csrf != request.get_csrf():
errors['csrf'] = _('Error submitting form')
elif must_recaptcha:
try:
rcresp = verify_recaptcha(rc_private, request)
except ValueError as e:
errors['recaptcha'] = str(e)
else:
if rcresp and not rcresp.valid:
errors['recaptcha'] = rcresp.text()
if len(errors) == 0:
login = request.POST.get('user', '')
passwd = request.POST.get('pass', '')
passwd2 = request.POST.get('pass2', '')
email = request.POST.get('email', '')
name_family = request.POST.get('name_family', '')
name_given = request.POST.get('name_given', '')
name_middle = request.POST.get('name_middle', '')
l = len(email)
if (l == 0) or (l > 254):
errors['email'] = _('Invalid field length')
elif not _re_email.match(email):
errors['email'] = _('Invalid e-mail format')
if maillogin:
login = email
else:
l = len(login)
if (l == 0) or (l > 254):
errors['user'] = _('Invalid field length')
elif _re_login.match(login):
errors['user'] = _('Invalid character used in username')
l = len(passwd)
if l < min_pwd_len:
errors['pass'] = _('Password is too short')
elif l > 254:
errors['pass'] = _('Password is too long')
if passwd != passwd2:
errors['pass2'] = _('Passwords do not match')
l = len(name_family)
if (l == 0) or (l > 254):
errors['name_family'] = _('Invalid field length')
l = len(name_given)
if (l == 0) or (l > 254):
errors['name_given'] = _('Invalid field length')
l = len(name_middle)
if l > 254:
errors['name_middle'] = _('Invalid field length')
if 'user' not in errors:
# XXX: currently we check across all entity types.
login_clash = sess.query(func.count('*'))\
.select_from(Entity)\
.filter(Entity.nick == login)\
.scalar()
if login_clash > 0:
errors['user'] = _('This username is already taken')
if len(errors) == 0:
ent = PhysicalEntity()
ent.nick = login
ent.email = email
ent.name_family = name_family
ent.name_given = name_given
if name_middle:
ent.name_middle = name_middle
ent.state_id = state_id
stash = Stash()
stash.entity = ent
stash.name = loc.translate(_('Primary Account'))
acc = AccessEntity()
acc.nick = login
acc.password = passwd
acc.stash = stash
acc.rate_id = rate_id
acc.state_id = state_id
ent.children.append(acc)
sess.add(ent)
sess.add(stash)
sess.add(acc)
if must_verify:
link_id = int(cfg.get('netprofile.client.registration.link_id', 1))
rand_len = int(cfg.get('netprofile.client.registration.code_length', 20))
queue_mail = asbool(cfg.get('netprofile.client.registration.mail_queue', False))
sender = cfg.get('netprofile.client.registration.mail_sender')
acc.access_state = AccessState.block_inactive.value
link = AccessEntityLink()
link.entity = acc
link.type_id = link_id
chars = string.ascii_uppercase + string.digits
try:
rng = random.SystemRandom()
except NotImplementedError:
rng = random
link.value = ''.join(rng.choice(chars) for i in range(rand_len))
link.timestamp = datetime.datetime.now()
sess.add(link)
mailer = get_mailer(request)
tpldef = {
'cur_loc' : cur_locale,
'entity' : ent,
'stash' : stash,
'access' : acc,
'link' : link
}
request.run_hook('access.cl.tpldef.register.mail', tpldef, request)
msg_text = Attachment(
data=render('netprofile_access:templates/email_register_plain.mak', tpldef, request),
content_type='text/plain; charset=\'utf-8\'',
disposition='inline',
transfer_encoding='quoted-printable'
)
msg_html = Attachment(
data=render('netprofile_access:templates/email_register_html.mak', tpldef, request),
content_type='text/html; charset=\'utf-8\'',
disposition='inline',
transfer_encoding='quoted-printable'
)
msg = Message(
subject=(loc.translate(_('Activation required for user %s')) % login),
sender=sender,
recipients=(email,),
body=msg_text,
html=msg_html
)
if queue_mail:
mailer.send_to_queue(msg)
else:
mailer.send(msg)
return HTTPSeeOther(location=request.route_url('access.cl.regsent'))
tpldef = {
'cur_loc' : cur_locale,
'comb_js' : comb_js,
'must_verify' : must_verify,
'must_recaptcha' : must_recaptcha,
'min_pwd_len' : min_pwd_len,
'maillogin' : maillogin,
'errors' : {err: loc.translate(errors[err]) for err in errors}
}
if must_recaptcha:
tpldef['rc_public'] = rc_public
request.run_hook('access.cl.tpldef.register', tpldef, request)
return tpldef
