def resetPassword(self, **kwargs): try: user = masterdb.User.select(AND(masterdb.User.q.email_address == kwargs['email_address'], masterdb.User.q.deleted == 0))[0] except: redirect("/login?reset=0") validators = { 'new_password': V.All(CPV.SecurePassword(), V.NotEmpty()), 'confirm_new_password': V.All(CPV.SecurePassword(), V.NotEmpty()) } errors = simpleValidate(validators, kwargs) if kwargs['new_password'] != kwargs['confirm_new_password']: errors += 1 kwargs["error::confirm_new_password"] = _("New passwords do not match.") if errors: return apply(self.ResetPassword, [], kwargs) user.password = kwargs['new_password'] user.forgotpassword_code = None user.forgotpassword_timestamp = None # Login the user abstract_logic.switchToUser(user, user.customer.getControlPanelURL(), True)
def setSuperuserUser(self, user_id=None, **kwargs): try: current_user = identity.current.user user = masterdb.User.get(int(user_id)) abstract_logic.switchToUser(user, check_permission=True) log.info("Changed user %s to user %s" % (current_user.email_address, user.email_address)) except: pass return redirect("/")
def twitter_signin(self, oauth_token, oauth_verifier, **kwargs): response = twitter_api.get_access_token(oauth_token, oauth_verifier) if not response: return "<script type='text/javascript'>window.opener.showError(); window.close();</script>" else: try: user = masterdb.OauthCredentials.selectBy(account_identifier=response["user_id"], provider_type="twitter")[0].user except: return "<script type='text/javascript'>window.opener.showError(); window.close();</script>" # Log user in abstract_logic.switchToUser(user, logout=True) return "<script type='text/javascript'>window.opener.location = '/'; window.close();</script>"
def before_main(self): try: user = masterdb.User.get(int(request.params.pop("_su_user_"))) abstract_logic.switchToUser(user, check_permission=True) except: pass