def post(self, **kwargs): challenge = self.request.POST.get('recaptcha_challenge_field') response = self.request.POST.get('recaptcha_response_field') remote_ip = self.request.remote_addr cResponse = captcha.submit( challenge, response, self.app.config.get('captcha_private_key'), remote_ip) if cResponse.is_valid: # captcha was valid... carry on..nothing to see here pass else: _message = _('Wrong image verification code. Please try again.') self.add_message(_message, 'error') return self.redirect_to('delete-account') if not self.form.validate() and False: return self.get() password = self.form.password.data.strip() try: user_info = models_boilerplate.User.get_by_id(long(self.user_id)) auth_id = "own:%s" % user_info.username password = utils.hashing(password, self.app.config.get('salt')) try: # authenticate user by its password user = models_boilerplate.User.get_by_auth_password(auth_id, password) if user: # Delete Social Login for social in models_boilerplate.SocialUser.get_by_user(user_info.key): social.key.delete() user_info.key.delete() ndb.Key("Unique", "User.username:%s" % user.username).delete_async() ndb.Key("Unique", "User.auth_id:own:%s" % user.username).delete_async() ndb.Key("Unique", "User.email:%s" % user.email).delete_async() #TODO: Delete UserToken objects self.auth.unset_session() # display successful message msg = _("The account has been successfully deleted.") self.add_message(msg, 'success') return self.redirect_to('home') except (InvalidAuthIdError, InvalidPasswordError), e: # Returns error message to self.response.write in # the BaseHandler.dispatcher message = _("Incorrect password! Please enter your current password to change your account settings.") self.add_message(message, 'error') return self.redirect_to('delete-account')
def post(self, **kwargs): challenge = self.request.POST.get('recaptcha_challenge_field') response = self.request.POST.get('recaptcha_response_field') remote_ip = self.request.remote_addr cResponse = captcha.submit( challenge, response, self.app.config.get('captcha_private_key'), remote_ip) if cResponse.is_valid: # captcha was valid... carry on..nothing to see here pass else: _message = _('Wrong image verification code. Please try again.') self.add_message(_message, 'error') return self.redirect_to('delete-account') if not self.form.validate() and False: return self.get() password = self.form.password.data.strip() try: user_info = self.user_model.get_by_id(long(self.user_id)) auth_id = "own:%s" % user_info.username password = utils.hashing(password, self.app.config.get('salt')) try: # authenticate user by its password user = self.user_model.get_by_auth_password(auth_id, password) if user: # Delete Social Login for social in models_boilerplate.SocialUser.get_by_user(user_info.key): social.key.delete() user_info.key.delete() ndb.Key("Unique", "User.username:%s" % user.username).delete_async() ndb.Key("Unique", "User.auth_id:own:%s" % user.username).delete_async() ndb.Key("Unique", "User.email:%s" % user.email).delete_async() #TODO: Delete UserToken objects self.auth.unset_session() # display successful message msg = _("The account has been successfully deleted.") self.add_message(msg, 'success') return self.redirect_to('home') except (InvalidAuthIdError, InvalidPasswordError), e: # Returns error message to self.response.write in # the BaseHandler.dispatcher message = _("Incorrect password! Please enter your current password to change your account settings.") self.add_message(message, 'error') return self.redirect_to('delete-account')
def post(self): """ Get fields from POST dict """ if not self.form.validate(): return self.get() username = self.form.username.data.lower() name = self.form.name.data.strip() last_name = self.form.last_name.data.strip() email = self.form.email.data.lower() password = self.form.password.data.strip() country = self.form.country.data tz = self.form.tz.data # Password to SHA512 password = utils.hashing(password, self.app.config.get('salt')) # Passing password_raw=password so password will be hashed # Returns a tuple, where first value is BOOL. # If True ok, If False no new user is created unique_properties = ['username', 'email'] auth_id = "own:%s" % username user = self.auth.store.user_model.create_user( auth_id, unique_properties, password_raw=password, username=username, name=name, last_name=last_name, email=email, ip=self.request.remote_addr, country=country, tz=tz ) if not user[0]: #user is a tuple if "username" in str(user[1]): message = _( 'Sorry, The username <strong>{}</strong> is already registered.').format(username) elif "email" in str(user[1]): message = _('Sorry, The email <strong>{}</strong> is already registered.').format(email) else: message = _('Sorry, The user is already registered.') self.add_message(message, 'error') return self.redirect_to('register') else: # User registered successfully # But if the user registered using the form, the user has to check their email to activate the account ??? try: if not user[1].activated: # send email subject = _("%s Account Verification" % self.app.config.get('app_name')) confirmation_url = self.uri_for("account-activation", user_id=user[1].get_id(), token=self.user_model.create_auth_token(user[1].get_id()), _full=True) logging.info("*** confirmation_url is %s" % confirmation_url) # load email's template template_val = { "app_name": self.app.config.get('app_name'), "username": username, "confirmation_url": confirmation_url, "support_url": self.uri_for("contact", _full=True) } body_path = "emails/account_activation.txt" body = self.jinja2.render_template(body_path, **template_val) email_url = self.uri_for('taskqueue-send-email') taskqueue.add(url=email_url, params={ 'to': str(email), 'subject': subject, 'body': body, }) message = _('You were successfully registered. ' 'Please check your email to activate your account.') self.add_message(message, 'success') return self.redirect_to('home') # If the user didn't register using registration form ??? db_user = self.auth.get_user_by_password(user[1].auth_ids[0], password) # Check Twitter association in session twitter_helper = twitter.TwitterAuth(self) twitter_association_data = twitter_helper.get_association_data() if twitter_association_data is not None: if models.SocialUser.check_unique(user[1].key, 'twitter', str(twitter_association_data['id'])): social_user = models.SocialUser( user=user[1].key, provider='twitter', uid=str(twitter_association_data['id']), extra_data=twitter_association_data ) social_user.put() #check Facebook association fb_data = json.loads(self.session['facebook']) if fb_data is not None: if models.SocialUser.check_unique(user.key, 'facebook', str(fb_data['id'])): social_user = models.SocialUser( user=user.key, provider='facebook', uid=str(fb_data['id']), extra_data=fb_data ) social_user.put() #check LinkedIn association li_data = json.loads(self.session['linkedin']) if li_data is not None: if models.SocialUser.check_unique(user.key, 'linkedin', str(li_data['id'])): social_user = models.SocialUser( user=user.key, provider='linkedin', uid=str(li_data['id']), extra_data=li_data ) social_user.put() message = _('Welcome <strong>{}</strong>, you are now logged in.').format(username) self.add_message(message, 'success') return self.redirect_to('home') except (AttributeError, KeyError), e: logging.error('Unexpected error creating the user %s: %s' % (username, e )) message = _('Unexpected error creating the user %s' % username) self.add_message(message, 'error') return self.redirect_to('home')