def create_user(username, password, firstname, lastname, email, phone, email_to_file=None):
if not validate_username(username):
return [None, "Wrong user name format (are allowed a-Z|0-9|.|-|_)"]
if not validate_email(email):
return [None, "Wrong email format"]
if Users.objects.filter(username=username):
logging.warning("Cannot create account: username {} already exists".format(email))
return [None, "This username already exists"]
if Users.objects.filter(email=email):
logging.warning("Cannot create account: email {} already exists".format(email))
return [None, "This email already exists"]
person = People.objects.create(firstname=firstname, lastname=lastname, phone=phone, is_laboratory=0)
role = Roles.objects.get(name=DEFAULT_ROLE)
salt = crypt.mksalt(method=crypt.METHOD_SHA256)
newuser = Users(username=username, password=crypt.crypt(password, salt),
salt=salt, email=email, person=person, role=role,
is_active=0, is_password_reset=0, code=utils.random_string())
newuser.save()
allow_access_to_demo(newuser)
text = "Your account '{}' has been created. ".format(username) + \
"It will be validated by an admin shortly. You will receive an email at this " + \
"address when your account has been activated."
html = text
send_email(email, "New varapp account", text=text, html=html, tofile=email_to_file)
send_email(settings.EMAIL_ADMIN, "Account for user {} awaits validation".format(username),
text='', html='', tofile=email_to_file)
return [newuser, '']
def test_send_email(self):
with tempfile.TemporaryFile(mode='a+') as target:
message = '<div>aaaa</div>'
send_email('*****@*****.**', 'test email from varapp',
text=message, html=message, tofile=target)
target.seek(0)
content = target.readlines()
self.assertTrue(message in ' '.join(content))
def test_send_email(self):
with tempfile.TemporaryFile(mode='a+') as target:
message = '<div>aaaa</div>'
send_email('*****@*****.**',
'test email from varapp',
text=message,
html=message,
tofile=target)
target.seek(0)
content = target.readlines()
self.assertTrue(message in ' '.join(content))
def user_activation(username, code, email, activate, email_to_file=None):
"""Activate a user's account"""
user = Users.objects.get(username=username, code=code)
if not user:
return [None, USER_NOT_FOUND_MSG]
if activate=='true':
user.is_active = 1
user.save()
text = "Your varapp account '{}' has been activated.".format(username)
html = "<p>Your varapp account '{}' has been activated.</p>".format(username)
send_email(email, "Your account is now active",
text=text, html=html, tofile=email_to_file)
else:
user.is_active = 0
user.save()
return [user, '']
def reset_password_request(username, email, host, email_to_file=None):
if not find_user2(username=username, email=email):
return [None, USER_NOT_FOUND_WITH_EMAIL_MSG]
user = Users.objects.get(username=username, email=email, is_active=1)
activation_code = utils.random_string(10)
user.activation_code = activation_code
user.save()
reset_url = host + '/#/passwordHasBeenReset' + \
'?username={}&email={}&activation_code={}'.format(username, email, activation_code)
text = "A new password has been demanded for user {}. Please click on the link below ".format(username) + \
"to verify that you are the author of this request. " \
"Shortly after verification, your new login information will be sent at this address. " + \
"\n\n{}\n\n".format(reset_url)
html = "<p>A new password has been demanded for user '{}'. Please click on the link below ".format(username) + \
"to verify that you are the author of this request. " \
"Shortly after verification, your new login information will be sent at this address.</p>" + \
"<p><a href={}>I want to reset my password</a></p>".format(reset_url)
send_email(email, "New password request", text=text, html=html, tofile=email_to_file)
return [user, '']
def change_password(username, email, activation_code, password, email_to_file=None, send=True):
if not find_user2(username=username, email=email):
return [None, USER_NOT_FOUND_WITH_EMAIL_MSG]
user = Users.objects.get(username=username, email=email, is_active=1)
if user.activation_code != activation_code:
logging.warning("Invalid activation code: {}".format(activation_code))
return [None, "Password has already been reset"]
user.password = crypt.crypt(password, user.salt)
user.activation_code = None
user.save()
if send:
text = "Your varapp password has changed. " + \
"Please use the new login information below:" + \
"\n\n\tLogin: {}\n\tPassword: {}\n\n".format(username, password)
html = "<p>Your varapp password changed. " + \
"Please use the new login information below:</p>" + \
"<table><tr><td>Login:</td><td>{}</td></tr>".format(username) + \
"<tr><td>Password:</td><td>{}</td></tr></table>".format(password)
send_email(email, "Password reset", text=text, html=html, tofile=email_to_file)
return [user, '']