def update_auth_token(user):
r = g.redis
r.delete("auth:%s" % user['auth'])
new_auth_token = util.get_rand()
r.hset("user:%s" % user['id'], "auth", new_auth_token)
r.set("auth:%s" % new_auth_token, user['id'])
return new_auth_token
def create_user_github(username, email):
r = g.redis
username = username.lower()
if r.exists("username.to.id:" + username):
return None, "Username exists, please try a different one."
if not util.lock('create_user.' + username):
return None, "Please wait some time before creating a new user."
user_id = r.incr("users.count")
auth_token = util.get_rand()
now = int(time.time())
pl = r.pipeline()
pl.hmset(
"user:%s" % user_id,
{
"id": user_id,
"username": username,
"ctime": now,
"karma": config.UserInitialKarma,
"about": "",
"email": email,
"auth": auth_token,
"apisecret": util.get_rand(),
"flags": "g", #github user
"karma_incr_time": now,
"replies": 0,
})
pl.set("username.to.id:" + username, user_id)
pl.set("auth:" + auth_token, user_id)
pl.execute()
util.unlock('create_user.' + username)
return auth_token, None
def create_user(username, password, userip):
r = g.redis
username = username.lower()
if r.exists("username.to.id:" + username):
return None, "Username exists, please try a different one."
if not util.lock('create_user.' + username):
return None, "Please wait some time before creating a new user."
user_id = r.incr("users.count")
auth_token = util.get_rand()
salt = util.get_rand()
now = int(time.time())
pl = r.pipeline()
pl.hmset("user:%s" % user_id, {
"id": user_id,
"username": username,
"salt": salt,
"password": util.hash_password(password, salt),
"ctime": now,
"karma": config.UserInitialKarma,
"about": "",
"email": "",
"auth": auth_token,
"apisecret": util.get_rand(),
"flags": "",
"karma_incr_time": now,
"replies": 0,
})
pl.set("username.to.id:" + username, user_id)
pl.set("auth:" + auth_token, user_id)
pl.execute()
util.unlock('create_user.' + username)
return auth_token, None
def update_profile(request):
auth_user(request.cookies.get('auth'))
if not g.user:
result = {'status': 'error', 'error': 'Not authenticated.'}
return util.json_response(result)
if request.POST.get('apisecret') != g.user["apisecret"]:
result = {'status': 'error', 'error': 'Wrong form secret'}
return util.json_response(result)
password = request.POST.get('password') #optinal
email = request.POST.get('email')
about = request.POST.get('about')
email, msg = util.check_string(email, maxlen=128)
if email is None:
result = {'status': 'error', 'error': 'email ' + msg}
return util.json_response(result)
about, msg = util.check_string(about, maxlen=256)
if about is None:
result = {'status': 'error', 'error': 'about ' + msg}
return util.json_response(result)
r = g.redis
if password:
password, msg = util.check_string(password, config.PasswordMinLength)
if not password:
result = {'status': 'error', 'error': 'password ' + msg}
return util.json_response(result)
salt = g.user.get('salt', util.get_rand())
r.hmset("user:"******"password": util.hash_password(password, salt),
"salt": salt
})
r.hmset("user:"******"about": about.rstrip(), "email": email})
return util.json_response({'status': "ok"})
def update_profile(request):
auth_user(request.cookies.get("auth"))
if not g.user:
result = {"status": "error", "error": "Not authenticated."}
return util.json_response(result)
if request.POST.get("apisecret") != g.user["apisecret"]:
result = {"status": "error", "error": "Wrong form secret"}
return util.json_response(result)
password = request.POST.get("password") # optinal
email = request.POST.get("email")
about = request.POST.get("about")
email, msg = util.check_string(email, maxlen=128)
if email is None:
result = {"status": "error", "error": "email " + msg}
return util.json_response(result)
about, msg = util.check_string(about, maxlen=256)
if about is None:
result = {"status": "error", "error": "about " + msg}
return util.json_response(result)
r = g.redis
if password:
password, msg = util.check_string(password, config.PasswordMinLength)
if not password:
result = {"status": "error", "error": "password " + msg}
return util.json_response(result)
salt = g.user.get("salt", util.get_rand())
r.hmset("user:"******"id"], {"password": util.hash_password(password, salt), "salt": salt})
r.hmset("user:"******"id"], {"about": about.rstrip(), "email": email})
return util.json_response({"status": "ok"})
