def resetPassword(self, **kwargs):
        try:
            user = masterdb.User.select(AND(masterdb.User.q.email_address == kwargs['email_address'],
                                             masterdb.User.q.deleted == 0))[0]
        except:
            redirect("/login?reset=0")

        validators = {
            'new_password': V.All(CPV.SecurePassword(), V.NotEmpty()),
            'confirm_new_password': V.All(CPV.SecurePassword(), V.NotEmpty())
        }

        errors = simpleValidate(validators, kwargs)

        if kwargs['new_password'] != kwargs['confirm_new_password']:
            errors += 1
            kwargs["error::confirm_new_password"] = _("New passwords do not match.")

        if errors: return apply(self.ResetPassword, [], kwargs)

        user.password = kwargs['new_password']
        user.forgotpassword_code = None
        user.forgotpassword_timestamp = None

        # Login the user
        abstract_logic.switchToUser(user, user.customer.getControlPanelURL(), True)
    def setSuperuserUser(self, user_id=None, **kwargs):
        try:
            current_user = identity.current.user
            user = masterdb.User.get(int(user_id))
            abstract_logic.switchToUser(user, check_permission=True)
            log.info("Changed user %s to user %s" % (current_user.email_address, user.email_address))
        except:
            pass

        return redirect("/")
    def twitter_signin(self, oauth_token, oauth_verifier, **kwargs): 
        response = twitter_api.get_access_token(oauth_token, oauth_verifier)
        if not response:
            return "<script type='text/javascript'>window.opener.showError(); window.close();</script>"
        else:
            try: user = masterdb.OauthCredentials.selectBy(account_identifier=response["user_id"], provider_type="twitter")[0].user
            except: return "<script type='text/javascript'>window.opener.showError(); window.close();</script>"

            # Log user in
            abstract_logic.switchToUser(user, logout=True)

            return "<script type='text/javascript'>window.opener.location = '/'; window.close();</script>"
 def before_main(self):
     try:
         user = masterdb.User.get(int(request.params.pop("_su_user_")))
         abstract_logic.switchToUser(user, check_permission=True)
     except:
         pass