def encrypt_password_callback(request, user):
"""Callback helper function. This function is called within the base
create view to encrypt the password after the user has been
created."""
unencryped_pw = user.password
user.password = encrypt_password(unencryped_pw)
return user
def encrypt_password_callback(request, user):
"""Callback helper function. This function is called within the base
create view to encrypt the password after the user has been
created."""
unencryped_pw = user.password
user.password = encrypt_password(unencryped_pw)
return user
def handle_user_passwd_command(args):
if args.password:
password = args.password
else:
password = password_generator()
encrypted_password = encrypt_password(password)
path = []
path.append(get_app_location(args.app))
path.append(args.config)
session = get_session(os.path.join(*path))
try:
user = session.query(User).filter(User.login == args.user).all()[0]
except:
print "User %s not found in system. You could only alter existing user's passwords" % args.user
else:
user.password = encrypted_password
print "OK! Password for '%s' changed to '%s'" % (args.user, password)
finally:
transaction.commit()
def register_user(request):
settings = request.registry.settings
if not is_registration_enabled(settings):
raise exc.exception_response(503)
handle_history(request)
_ = request.translate
config = Config(load(get_path_to_form_config('auth.xml')))
form_config = config.get_form('register_user')
form = Form(form_config, csrf_token=request.session.get_csrf_token(),
translate=_)
# Do extra validation which is not handled by formbar.
# Is the login unique?
login_unique_validator = Validator('login',
_('There is already a user with this '
'name'),
is_login_unique)
pw_len_validator = Validator('pass',
_('Password must be at least 12 characters '
'long.'),
password_minlength_validator)
pw_nonchar_validator = Validator('pass',
_('Password must contain at least 2 '
'non-letters.'),
password_nonletter_validator)
form.add_validator(login_unique_validator)
form.add_validator(pw_len_validator)
form.add_validator(pw_nonchar_validator)
registration_complete = False
if request.POST:
if form.validate(request.params):
# 1. Create user. Do not activate him. Default role is user.
ufac = User.get_item_factory()
user = ufac.create(None, form.data)
# Set login from formdata
user.login = form.data['login']
# Encrypt password and save
user.password = encrypt_password(form.data['pass'])
# Deactivate the user. To activate the user needs to confirm
# with the activation link
user.activated = False
atoken = str(uuid.uuid4())
user.activation_token = atoken
# Set profile data
user.profile[0].email = form.data['_email']
# 2. Set user group
gfac = Usergroup.get_item_factory()
default_grps = settings.get("auth.register_user_default_groups",
str(USER_GROUP_ID))
for gid in [int(id) for id in default_grps.split(",")]:
group = gfac.load(gid)
user.groups.append(group)
# 3. Set user role
rfac = Role.get_item_factory()
default_roles = settings.get("auth.register_user_default_roles",
str(USER_ROLE_ID))
for rid in [int(id) for id in default_roles.split(",")]:
role = rfac.load(rid)
user.roles.append(role)
# Set default user group.
request.db.add(user)
# 4. Send confirmation email. The user will be activated
# after the user clicks on the confirmation link
mailer = Mailer(request)
recipient = user.profile[0].email
subject = _('Confirm user registration')
values = {'url': request.route_url('confirm_user', token=atoken),
'app_name': get_app_title(),
'email': settings['mail.default_sender'],
'_': _}
mail = Mail([recipient],
subject,
template="register_user",
values=values)
mailer.send(mail)
msg = _("User has been created and a confirmation mail was sent"
" to the users email adress. Please check your email.")
request.session.flash(msg, 'success')
registration_complete = True
return {'form': form.render(), 'complete': registration_complete}
def test_encrypt_default():
from ringo.lib.security import encrypt_password, verify_password
password = "******"
result = encrypt_password(password)
assert verify_password(password, result)
def test_encrypt_default():
from ringo.lib.security import encrypt_password, verify_password
password = "******"
result = encrypt_password(password)
assert verify_password(password, result)
def register_user(request):
settings = request.registry.settings
if not is_registration_enabled(settings):
raise exc.exception_response(503)
_ = request.translate
config = Config(load(get_path_to_form_config('auth.xml')))
form_config = config.get_form('register_user')
form = Form(form_config,
csrf_token=request.session.get_csrf_token(),
translate=_)
# Do extra validation which is not handled by formbar.
# Is the login unique?
login_unique_validator = Validator(
'login', _('There is already a user with this '
'name'), is_login_unique)
pw_len_validator = Validator(
'pass', _('Password must be at least 12 characters '
'long.'), password_minlength_validator)
pw_nonchar_validator = Validator(
'pass', _('Password must contain at least 2 '
'non-letters.'), password_nonletter_validator)
form.add_validator(login_unique_validator)
form.add_validator(pw_len_validator)
form.add_validator(pw_nonchar_validator)
registration_complete = False
if request.POST:
if form.validate(request.params):
# 1. Create user. Do not activate him. Default role is user.
ufac = User.get_item_factory()
user = ufac.create(None, form.data)
# Set login from formdata
user.login = form.data['login']
# Encrypt password and save
user.password = encrypt_password(form.data['pass'])
# Deactivate the user. To activate the user needs to confirm
# with the activation link
user.activated = False
atoken = str(uuid.uuid4())
user.activation_token = atoken
# Set profile data
user.profile[0].email = form.data['_email']
# 2. Set user group
gfac = Usergroup.get_item_factory()
default_grps = settings.get("auth.register_user_default_groups",
str(USER_GROUP_ID))
for gid in [int(id) for id in default_grps.split(",")]:
group = gfac.load(gid)
user.groups.append(group)
# 3. Set user role
rfac = Role.get_item_factory()
default_roles = settings.get("auth.register_user_default_roles",
str(USER_ROLE_ID))
for rid in [int(id) for id in default_roles.split(",")]:
role = rfac.load(rid)
user.roles.append(role)
# Set default user group.
request.db.add(user)
# 4. Send confirmation email. The user will be activated
# after the user clicks on the confirmation link
mailer = Mailer(request)
recipient = user.profile[0].email
subject = _('Confirm user registration')
values = {
'url': request.route_url('confirm_user', token=atoken),
'app_name': get_app_title(),
'email': settings['mail.default_sender'],
'login': user.login,
'_': _
}
mail = Mail([recipient],
subject,
template="register_user",
values=values)
mailer.send(mail)
msg = _("User has been created and a confirmation mail was sent"
" to the users email adress. Please check your email.")
request.session.flash(msg, 'success')
registration_complete = True
return {'form': form.render(), 'complete': registration_complete}
def register_user(request):
settings = request.registry.settings
if not is_registration_enabled(settings):
raise exc.exception_response(503)
handle_history(request)
_ = request.translate
config = Config(load(get_path_to_form_config('auth.xml', 'ringo')))
form_config = config.get_form('register_user')
form = Form(form_config, csrf_token=request.session.get_csrf_token(),
translate=_)
# Do extra validation which is not handled by formbar.
# Is the login unique?
validator = Validator('login',
'There is already a user with this name',
is_login_unique)
form.add_validator(validator)
if request.POST:
if form.validate(request.params):
# 1. Create user. Do not activate him. Default role is user.
ufac = User.get_item_factory()
user = ufac.create(None, form.data)
# Set login from formdata
user.login = form.data['login']
# Encrypt password and save
user.password = encrypt_password(form.data['pass'])
# Deactivate the user. To activate the user needs to confirm
# with the activation link
user.activated = False
atoken = str(uuid.uuid4())
user.activation_token = atoken
# Set profile data
user.profile[0].email = form.data['_email']
# 2. Set user group
gfac = Usergroup.get_item_factory()
group = gfac.load(USER_GROUP_ID)
user.groups.append(group)
# 3. Set user role
rfac = Role.get_item_factory()
role = rfac.load(USER_ROLE_ID)
user.roles.append(role)
# Set default user group.
request.db.add(user)
# 4. Send confirmation email. The user will be activated
# after the user clicks on the confirmation link
mailer = Mailer(request)
recipient = user.profile[0].email
subject = _('Confirm user registration')
values = {'url': request.route_url('confirm_user', token=atoken),
'app_name': get_app_title(),
'email': settings['mail.default_sender'],
'_': _}
mail = Mail([recipient], subject, template="register_user", values=values)
mailer.send(mail)
target_url = request.route_path('login')
headers = forget(request)
msg = _("User has been created and a confirmation mail was sent"
" to the users email adress. Please check your email.")
request.session.flash(msg, 'success')
return HTTPFound(location=target_url, headers=headers)
return {'form': form.render()}
