def new(self):
""" Insert new user in the database """
form = self.params
self.__request_account()
self.__request_profile()
self.__request_password(new_user=True)
if self.changed_email:
self.user['email'] = self.user['new_email']
if self.message is None:
self.user['password'] = create_password(form['password_new'])
del(self.user['password_new'])
del(self.user['password_check'])
self.user['status'] = ACTIVATED
if 'image_tmp' in self.user:
del(self.user['image_tmp'])
self.user['_id'] = model.users.create(self.user)
if len(form.get('image_uploaded', '')) > 0:
if self.__upload_avatar():
self.user['image'] = self.list_images
model.users.update(user_id=self.user['_id'],
user=self.user)
self.success = True
self.message = g.users_msg('success_new_user')
return False
def update(self):
""" Update user values in the database """
form = self.params
self.__request_account()
self.__request_profile()
self.__request_password()
if self.changed_email:
self.user['email'] = self.user['new_email']
if 'image_uploaded' in form and len(form['image_uploaded']):
if self.__upload_avatar():
self.user['image'] = self.list_images
if not self.message:
if len(form['password_new']):
self.user['password'] = create_password(form['password_new'])
del (self.user['password_new'])
del (self.user['password_check'])
if 'image_tmp' in self.user:
del (self.user['image_tmp'])
try:
g.db.users.update({'_id': ObjectId(self.user['_id'])},
self.user)
self.success = True
self.message = g.users_msg('success_update_user')
except PyMongoError, e:
print 'Error caught in users.update : {0}'.format(e)
self.message = g.users_msg('error_mongo_update')
def __request_password(self, new_user=False, old_password=False):
""" Get from request.form the password values and check it """
form = self.params
password = form.get('password')
password_new = form.get('password_new')
password_check = form.get('password_check')
if self.message:
return False
# Check that the password_new field is not empty
if new_user and (password_new is None or len(password_new) == 0):
self.message = g.users_msg('error_password_0')
# Check that the password_check field is not empty
elif new_user and (password_check is None or len(password_check) == 0):
self.message = g.users_msg('error_password_2')
elif password_new and len(password_new):
self.user['password_new'] = password_new
self.user['password_check'] = password_check
# Check that the new password has between 6 and 30 characters.
if not check.length(self.user['password_new'], 6, 30):
self.message = g.users_msg('error_password_1')
# Check that both passwords are the same
elif self.user['password_new'] != self.user['password_check']:
self.message = g.users_msg('error_password_2')
if old_password:
# Verify that the old password matches the one entered.
old_password = create_password(password)
if self.user['password'] != old_password:
self.message = g.users_msg('error_password_3')
def update(self):
""" Update user values in the database """
form = self.params
self.__request_account()
self.__request_profile()
self.__request_password()
if self.changed_email:
self.user['email'] = self.user['new_email']
if len(form.get('image_uploaded', '')) > 0:
if self.__upload_avatar():
self.user['image'] = self.list_images
if self.message is None:
if len(form['password_new']):
self.user['password'] = create_password(form['password_new'])
del (self.user['password_new'])
del (self.user['password_check'])
if 'image_tmp' in self.user:
del (self.user['image_tmp'])
model.users.update(user_id=self.user['_id'], user=self.user)
self.success = True
self.message = g.users_msg('success_update_user')
self.user['password_new'] = ""
self.user['password_check'] = ""
def update(self):
""" Update user values in the database """
form = self.params
self.__request_account()
self.__request_profile()
self.__request_password()
if self.changed_email:
self.user['email'] = self.user['new_email']
if len(form.get('image_uploaded', '')) > 0:
if self.__upload_avatar():
self.user['image'] = self.list_images
if self.message is None:
if len(form['password_new']):
self.user['password'] = create_password(form['password_new'])
del(self.user['password_new'])
del(self.user['password_check'])
if 'image_tmp' in self.user:
del(self.user['image_tmp'])
model.users.update(user_id=self.user['_id'],
user=self.user)
self.success = True
self.message = g.users_msg('success_update_user')
self.user['password_new'] = ""
self.user['password_check'] = ""
def __request_password(self, new_user=False, old_password=False):
""" Get from request.form the password values and check it """
form = self.params
if self.message:
return False
# Check that the password_new field is not empty
if new_user and (not "password_new" in form or not len(form['password_new'])):
self.message = g.users_msg('error_password_0')
# Check that the password_check field is not empty
elif new_user and (not "password_check" in form or not len(form['password_check'])):
self.message = g.users_msg('error_password_2')
elif "password_new" in form and len(form['password_new']):
self.user['password_new'] = form['password_new']
self.user['password_check'] = form['password_check']
# Check that the new password has between 6 and 30 characters.
if not check.length(self.user['password_new'], 6, 30):
self.message = g.users_msg('error_password_1')
# Check that both passwords are the same
elif self.user['password_new'] != self.user['password_check']:
self.message = g.users_msg('error_password_2')
if old_password:
# Verify that the old password matches the one entered.
old_password = create_password(form['password'])
if self.user['password'] != old_password:
self.message = g.users_msg('error_password_3')
def update(self):
""" Update user values in the database """
form = self.params
self.__request_account()
self.__request_profile()
self.__request_password()
if self.changed_email:
self.user['email'] = self.user['new_email']
if 'image_uploaded' in form and len(form['image_uploaded']):
if self.__upload_avatar():
self.user['image'] = self.list_images
if not self.message:
if len(form['password_new']):
self.user['password'] = create_password(form['password_new'])
del(self.user['password_new'])
del(self.user['password_check'])
if 'image_tmp' in self.user:
del(self.user['image_tmp'])
try:
g.db.users.update({ '_id' : ObjectId(self.user['_id']) }, self.user)
self.success = True
self.message = g.users_msg('success_update_user')
except PyMongoError, e:
print 'Error caught in users.update : {0}'.format(e)
self.message = g.users_msg('error_mongo_update')
def __request_password(self, new_user=False, old_password=False):
""" Get from request.form the password values and check it """
form = self.params
password = form.get('password')
password_new = form.get('password_new')
password_check = form.get('password_check')
if self.message:
return False
# Check that the password_new field is not empty
if new_user and (password_new is None or len(password_new) == 0):
self.message = g.users_msg('error_password_0')
# Check that the password_check field is not empty
elif new_user and (password_check is None or len(password_check) == 0):
self.message = g.users_msg('error_password_2')
elif password_new and len(password_new):
self.user['password_new'] = password_new
self.user['password_check'] = password_check
# Check that the new password has between 6 and 30 characters.
if not check.length(self.user['password_new'], 6, 30):
self.message = g.users_msg('error_password_1')
# Check that both passwords are the same
elif self.user['password_new'] != self.user['password_check']:
self.message = g.users_msg('error_password_2')
if old_password:
# Verify that the old password matches the one entered.
old_password = create_password(password)
if self.user['password'] != old_password:
self.message = g.users_msg('error_password_3')
def new(self):
""" Insert new user in the database """
form = self.params
self.__request_account()
self.__request_profile()
self.__request_password(new_user=True)
if self.changed_email:
self.user['email'] = self.user['new_email']
if self.message is None:
self.user['password'] = create_password(form['password_new'])
del (self.user['password_new'])
del (self.user['password_check'])
self.user['status'] = ACTIVATED
if 'image_tmp' in self.user:
del (self.user['image_tmp'])
self.user['_id'] = model.users.create(self.user)
if len(form.get('image_uploaded', '')) > 0:
if self.__upload_avatar():
self.user['image'] = self.list_images
model.users.update(user_id=self.user['_id'],
user=self.user)
self.success = True
self.message = g.users_msg('success_new_user')
return False
def __request_password(self, new_user=False, old_password=False):
""" Get from request.form the password values and check it """
form = self.params
if self.message:
return False
# Check that the password_new field is not empty
if new_user and (not "password_new" in form
or not len(form['password_new'])):
self.message = g.users_msg('error_password_0')
# Check that the password_check field is not empty
elif new_user and (not "password_check" in form
or not len(form['password_check'])):
self.message = g.users_msg('error_password_2')
elif "password_new" in form and len(form['password_new']):
self.user['password_new'] = form['password_new']
self.user['password_check'] = form['password_check']
# Check that the new password has between 6 and 30 characters.
if not check.length(self.user['password_new'], 6, 30):
self.message = g.users_msg('error_password_1')
# Check that both passwords are the same
elif self.user['password_new'] != self.user['password_check']:
self.message = g.users_msg('error_password_2')
if old_password:
# Verify that the old password matches the one entered.
old_password = create_password(form['password'])
if self.user['password'] != old_password:
self.message = g.users_msg('error_password_3')
def sign_in(self):
""" """
input_login = request.form['username']
password = request.form['password']
if 'permanent' in request.form:
permanent = request.form['permanent']
else:
permanent = None
if not input_login and not password:
self.message = g.login_msg('login_error_1')
else:
regx = re.compile('^'+input_login+'$', re.IGNORECASE)
user = g.db.users.find_one({"username" : regx})
no_valid = False
if user is None:
user = g.db.users.find_one({"email" : regx})
if user is None:
self.message = g.login_msg('login_error_2')
return False
elif self.check_ip_in_black_list(g.ip):
no_valid = self.recaptcha()
if user["status"] is 0:
self.message = g.login_msg('login_error_3')
return False
if no_valid:
self.add_ip_in_black_list(g.ip)
self.message = g.login_msg('captcha_error')
elif not user['password'] == create_password(password):
# Important login error
self.add_ip_in_black_list(g.ip)
self.message = g.login_msg('login_error_2')
else:
# Save session in main domain
token = get_token(CLIENT_ID, CLIENT_SECRET, user['username'], user['password'])
print token
if token is None:
self.message = g.login_msg('login_error_4')
return False
g.db.users.update({ '_id' : ObjectId(user['_id']) }, { "$set": { "token": token } })
session['user_id'] = user['_id']
if permanent is not None:
session.permanent = True
return True
return False
def update_password(self):
""" Update user values in the database """
form = self.params
self.__request_password(True, True)
if not self.message:
self.user['password'] = create_password(form['password_new'])
del(self.user['password_new'])
del(self.user['password_check'])
try:
g.db.users.update({ '_id' : ObjectId(self.user['_id']) }, self.user)
self.success = True
self.message = g.users_msg('success_update_password')
except PyMongoError, e:
print 'Error caught in users.update_password : {0}'.format(e)
self.message = g.users_msg('account_error_1')
def update_password(self):
""" Update user values in the database """
form = self.params
old_password = self.user.get('password', False)
self.__request_password(old_password=old_password)
if self.message is None:
self.user['password'] = create_password(form['password_new'])
del (self.user['password_new'])
del (self.user['password_check'])
model.users.update(user_id=self.user['_id'], user=self.user)
self.success = True
self.message = g.users_msg('success_update_password')
self.user['password'] = ""
self.user['password_new'] = ""
self.user['password_check'] = ""
def update_password(self):
""" Update user values in the database """
form = self.params
self.__request_password(True, True)
if not self.message:
self.user['password'] = create_password(form['password_new'])
del (self.user['password_new'])
del (self.user['password_check'])
try:
g.db.users.update({'_id': ObjectId(self.user['_id'])},
self.user)
self.success = True
self.message = g.users_msg('success_update_password')
except PyMongoError, e:
print 'Error caught in users.update_password : {0}'.format(e)
self.message = g.users_msg('account_error_1')
def update_password(self):
""" Update user values in the database """
form = self.params
old_password = self.user.get('password', False)
self.__request_password(old_password=old_password)
if self.message is None:
self.user['password'] = create_password(form['password_new'])
del(self.user['password_new'])
del(self.user['password_check'])
model.users.update(user_id=self.user['_id'],
user = self.user)
self.success = True
self.message = g.users_msg('success_update_password')
self.user['password'] = ""
self.user['password_new'] = ""
self.user['password_check'] = ""
def sign_in(username_or_email=None,
password=None,
permanent=None):
"""
Sign the user in.
We check the user by both the username or email.
"""
error_code = None
if not username_or_email or not password:
error_code = ('login_msg', 'login_error_1')
if not error_code:
user = model.users.find(username=username_or_email, only_one=True, my_rank=10)
if user is None:
user = model.users.find(email=username_or_email, only_one=True, my_rank=10)
if user is None:
error_code = ('login_msg', 'login_error_2')
if not error_code and user["status"] == NOTACTIVATED:
error_code = ('login_msg', 'login_error_3')
elif not error_code and not user['password'] == create_password(password):
error_code = ('login_msg', 'login_error_2')
if not error_code:
model.users.update(user_id=user["_id"])
if permanent is not None:
permanent = True
return {
"success": True,
"user_id": str(user['_id']),
"permanent": permanent
}
return dict(success=False, errors=[{ "code": error_code }])
def change_password(self, check):
""" """
user = check_verify_remember(check)
if user:
g.chtml = ''
chtml = captcha.displayhtml(
public_key = "6Ldph8cSAAAAAGJK1OCZwgqWxctr6gS2FTCM3B1r",
use_ssl = False,
error = None)
g.chtml = Markup(chtml)
g.check = check
if request.method == 'POST':
valid = self.recaptcha()
if valid:
new_password = request.form['new_password']
new_password_two = request.form['new_password_two']
if len(new_password) < 6:
message = g.users_msg('error_password_1')
status = 'msg msg-error'
elif new_password != new_password_two:
message = g.users_msg('error_password_2')
status = 'msg msg-error'
else:
g.db.users.update({"_id": user['_id']}, {"$set": { "password": create_password(new_password) } })
message = g.users_msg('success_update_password')
status = 'msg msg-success'
else:
message = g.login_msg('captcha_error')
status = 'msg msg-error'
return render_template('{}/change_password.html'.format(MODULE_DIR), **locals())
else:
message = g.login_msg('not_change_password')
status = 'msg msg-error'
return render_template('{}/verify.html'.format(MODULE_DIR), **locals())
