Ejemplo n.º 1
0
def register():
    
    getpostfiles=GetPostFiles()
    
    connection=WebModel.connection()
    
    user_admin=UserAdmin(connection)
    
    user_admin.conditions=['WHERE privileges=%s', [2]]
    
    c=user_admin.select_count()
    
    if c==0:
        
        getpostfiles.obtain_post()
        
        getpostfiles.post['privileges']=2
        
        user_admin.valid_fields=['username', 'email', 'password', 'privileges']
        
        user_admin.create_forms()
        
        if user_admin.insert(getpostfiles.post, False):
        
            error= {'error': 0}
            
            return error
        
        else:
            
            user_admin.check_all_fields(getpostfiles.post, False)
            
            pass_values_to_form(getpostfiles.post, user_admin.forms, yes_error=True)
            
            s=get_session()
                
            s['csrf_token']=create_key_encrypt()
            
            error={'error': 1, 'csrf_token': s['csrf_token']}
            
            for field in user_admin.valid_fields:
                    
                    error[field]=user_admin.forms[field].txt_error
            
            error['repeat_password']=user_admin.forms['repeat_password'].txt_error
            
            #error['password_repeat']=I18n.lang('common', 'password_no_match', 'Passwords doesn\'t match')
            
            s.save()
            
            return error
        
    else:
    
        return {'error': 1}
Ejemplo n.º 2
0
def check_code_token():
    
    t=PTemplate(env)
    
    if yes_recovery_login==True:
    
        getpost=GetPostFiles()
        
        getpost.obtain_post()
        
        connection=WebModel.connection()
    
        user_admin=UserAdmin(connection)
        
        token=getpost.post.get('token',  '')
        
        token=user_admin.fields['token_recovery'].check(token)
    
        if token.strip()!='':
            
            user_admin.set_conditions('WHERE token_recovery=%s', [token])
            
            user_admin.yes_reset_conditions=False
            
            arr_user=user_admin.select_a_row_where(['id', 'email'])
            
            if arr_user:
                
                new_password=create_key()
                           
                user_admin.valid_fields=['password', 'token_recovery', 'num_tries']

                user_admin.reset_require()
                
                user_admin.check_user=False
                
                if user_admin.update({'password': new_password, 'token_recovery': "", 'num_tries': 0}, False):
                    
                    send_mail=SendMail()
                    
                    content_mail=t.load_template('admin/recovery_password.phtml', password=new_password)
                    
                    if not send_mail.send(email_address, [arr_user['email']], I18n.lang('admin', 'send_password_email', 'Your new password'), content_mail):
                        return {'token': 'Error: i cannot send mail', 'error': 1}
                    
                    return {'token': 'Error: cannot send the maild with the new password', 'error': 0} 
    
    s=get_session()
                
    s['csrf_token']=create_key_encrypt()
    
    s.save()
    
    return {'token': 'Error: token is not valid', 'error': 1,  'csrf_token': s['csrf_token']}
Ejemplo n.º 3
0
def send_password():
    
    connection=WebModel.connection()
    
    user_admin=UserAdmin(connection)
    
    t=PTemplate(env)
    
    getpost=GetPostFiles()
    
    getpost.obtain_post()
    
    email=getpost.post.get('email',  '')
    
    email=user_admin.fields['email'].check(email)
    
    if user_admin.fields['email'].error:
        
        s=get_session()
                
        s['csrf_token']=create_key_encrypt()
        
        s.save()
        
        return {'email': user_admin.fields['email'].txt_error, 'error': 1, 'csrf_token': s['csrf_token']}
        
    else:
        
        user_admin.set_conditions('WHERE email=%s', [email])
        
        user_admin.yes_reset_conditions=False
        
        if user_admin.select_count()==1:
            
            user_admin.reset_require()
            
            user_admin.valid_fields=['token_recovery']
            
            user_admin.check_user=False
            
            token=create_key_encrypt_256()
            
            if user_admin.update({'token_recovery': token}):
                
                send_mail=SendMail()
                
                content_mail=t.load_template('admin/recovery_mail.phtml', token=token)
                
                if not send_mail.send(email_address, [email], I18n.lang('admin', 'send_email', 'Email for recovery your password'), content_mail):
                    return {'email': 'Error: i cannot send mail', 'error': 1}
                
            
        return {'email': '', 'error': 0}
Ejemplo n.º 4
0
def login():
    
    connection=WebModel.connection()
    
    user_admin=UserAdmin(connection)
    
    getpostfiles=GetPostFiles()
    
    getpostfiles.obtain_post()
    
    getpostfiles.post['username']=getpostfiles.post.get('username', '')
    getpostfiles.post['password']=getpostfiles.post.get('password', '')
    
    username=user_admin.fields['username'].check(getpostfiles.post['username'])
    
    password=getpostfiles.post['password'].strip()
    
    user_admin.conditions=['WHERE username=%s', [username]]
    
    arr_user=user_admin.select_a_row_where(['id', 'password', 'privileges', 'lang', 'num_tries'])
    
    if arr_user==False:
        
        s=get_session()
                
        s['csrf_token']=create_key_encrypt()
        
        s.save()
        
        return {'error': 1, 'csrf_token': s['csrf_token']}
    else:
        
        num_tries=int(arr_user['num_tries'])
        
        if arr_user['num_tries']<3:
        
            if user_admin.fields['password'].verify(password, arr_user['password']):
                
                generate_session()
                
                s=get_session()
                
                s['id']=arr_user['id']
                s['login']=1
                s['privileges']=arr_user['privileges']
                s['lang']=arr_user['lang']
                
                if s['lang']=='':
                    s['lang']=I18n.default_lang
                
                remember_login=getpostfiles.post.get('remember_login', '0')
                
                if remember_login=='1':
                    
                    timestamp=time()+315360000
                    
                    random_text=create_key_encrypt()
                    
                    #Update user with autologin token
                    
                    user_admin.check_user=False
                    
                    user_admin.conditions=['WHERE username=%s', [username]]
                    
                    user_admin.valid_fields=['token_login']
                    
                    user_admin.reset_require()
                    
                    if user_admin.update({'token_login': random_text}):
                        
                        response.set_cookie('remember_login', random_text, path="/", expires=timestamp, secret=key_encrypt)
                    #else:
                        #print(user_admin.query_error)
                s.save()
                
                return {'error': 0}
            else:
                
                user_admin.check_user=False
                    
                user_admin.conditions=['WHERE username=%s', [username]]
                
                user_admin.valid_fields=['num_tries']
                
                user_admin.reset_require()
                
                user_admin.update({'num_tries': arr_user['num_tries']+1})
                
                s=get_session()
                
                s['csrf_token']=create_key_encrypt()
                
                s.save()
                
                return {'error': 1, 'csrf_token': s['csrf_token']}
        else:
            s=get_session()
                
            s['csrf_token']=create_key_encrypt()
            
            s.save()
            
            return {'error': 1, 'csrf_token': s['csrf_token']}