def post(self): if self.ensure_is_logged_in(): self.check_CSRF() anchor = self.request.get('anchor', '') extended = 'True' if self.request.get( 'extended') == 'True' else 'False' disconnect_session_token = self.request.get('disconnect') disconnect_app_token = self.request.get('disconnect_app') if disconnect_session_token: enki.libuser.delete_session_token_auth( disconnect_session_token) self.add_infomessage('success', MSG.SUCCESS(), MSG.DISCONNECTED_SESSION()) extended = 'True' elif disconnect_app_token: EnkiModelRestAPITokenVerify.delete_token_by_id( disconnect_app_token) self.add_infomessage('success', MSG.SUCCESS(), MSG.DISCONNECTED_APP()) extended = 'True' self.redirect( enki.libutil.get_local_url('profile', { 'extended': extended, '_fragment': anchor }))
def post_reauthenticated(self, params): submit_type = params.get('submittype') if submit_type == 'cancel': self.redirect(enki.libutil.get_local_url('profile')) elif submit_type == 'delete': delete_posts = False if enki.HandlerBase.account_is_active(self.enki_user.key.id()): has_posts = True if enki.libforum.fetch_EnkiPost_by_author( self.enki_user.key.id()) else False if has_posts and params.get('deleteposts') == 'on': delete_posts = True if self.enki_user.email and self.enki_user.email != 'removed': # if the user has an email, send a confirmation email self.account_deletion_request(delete_posts) if delete_posts: self.add_infomessage( 'info', MSG.INFORMATION(), MSG.ACCOUNT_AND_POSTS_DELETE_INFO_EMAIL_SENT( self.enki_user.email)) else: self.add_infomessage( 'info', MSG.INFORMATION(), MSG.ACCOUNT_DELETE_INFO_EMAIL_SENT( self.enki_user.email)) else: # otherwise just delete the account self.delete_account(delete_posts) if delete_posts: self.add_infomessage('success', MSG.SUCCESS(), MSG.ACCOUNT_AND_POSTS_DELETED()) else: self.add_infomessage('success', MSG.SUCCESS(), MSG.ACCOUNT_DELETED()) self.redirect(enki.libutil.get_local_url())
def post(self): if self.ensure_is_logged_in() and self.ensure_has_display_name(): self.check_CSRF() user_id = self.user_id friend_id_invite = self.request.get('invite') friend_id_remove = self.request.get('remove') friend_name_search = self.request.get('search').strip()[:( enki.libdisplayname.DISPLAY_NAME_LENGTH_MAX + 4)] # 4 allows for some leading and trailing characters already_friends = '' has_friends = enki.libfriends.exist_EnkiFriends error_message = '' result = '' if friend_id_invite: # send invitation to user to become friend outcome = enki.libfriends.send_friend_request( user_id, int(friend_id_invite)) if outcome == enki.libfriends.INFO_FRIENDS: self.add_infomessage( 'success', MSG.SUCCESS(), MSG.FRIEND_ADDED( enki.libdisplayname.get_display_name( int(friend_id_invite)))) elif outcome == enki.libutil.ENKILIB_OK: self.add_infomessage( 'success', MSG.SUCCESS(), MSG.FRIEND_INVITATION_SENT( enki.libdisplayname.get_display_name( int(friend_id_invite)))) elif friend_id_remove: # unfriend enki.libfriends.remove_friend(user_id, int(friend_id_remove)) has_friends = enki.libfriends.exist_EnkiFriends self.add_infomessage( 'success', MSG.SUCCESS(), MSG.FRIEND_REMOVED( enki.libdisplayname.get_display_name( int(friend_id_remove)))) elif friend_name_search: # search for user to invite users_ids_to_ignore = [user_id] if has_friends: users_ids_to_ignore += enki.libfriends.get_friends_user_id( user_id) result = enki.libdisplayname.find_users_by_display_name( friend_name_search, users_ids_to_ignore) if result.error == enki.libdisplayname.ERROR_DISPLAY_NAME_INVALID: error_message = MSG.DISPLAY_NAME_INVALID() elif result.error == enki.libdisplayname.ERROR_DISPLAY_NAME_NOT_EXIST: error_message = MSG.DISPLAY_NAME_NOT_EXIST() else: error_message = MSG.DISPLAY_NAME_NEEDED() if has_friends: already_friends = enki.libfriends.get_friends_user_id_display_name_url( user_id) self.render_tmpl('friends.html', data=already_friends, error=error_message, result=result, friend_name=friend_name_search)
def post_reauthenticated(self, params): app_secret_set = params.get('app_secret_set') app_name = params.get('app_name') error_message = '' data = [] app_success = '' if app_secret_set: secret = enki.librestapi.generate_auth_token() app = EnkiModelApp.get_by_id(int(app_secret_set)) app.secret = secret app.put() self.add_infomessage('success', MSG.SUCCESS(), MSG.NEW_SECRET_GENERATED()) app_success = str(app.key.id()) data = enki.librestapi.apps_list(self.user_id) else: data = enki.librestapi.apps_list(self.user_id) if not app_name: error_message = MSG.NAME_NEEDED() elif (len(app_name) > enki.librestapi.APP_MAX_NAME_LENGTH): error_message = MSG.APP_NAME_TOO_LONG( str(enki.librestapi.APP_MAX_NAME_LENGTH)) elif EnkiModelApp.exist_by_name(app_name): error_message = MSG.APP_NAME_ALREADY_EXISTS() elif (EnkiModelApp.count_by_user_id(self.user_id) >= enki.librestapi.APP_MAX): error_message = MSG.APP_EXCEED_ALLOWED() else: secret = enki.librestapi.generate_auth_token() app = EnkiModelApp(user_id=self.user_id, name=app_name, secret=secret) app.put() data.append( [app_name, str(app.key.id()), secret, app.time_created]) self.add_infomessage('success', MSG.SUCCESS(), MSG.APP_CREATED()) app_success = str(app.key.id()) self.render_tmpl( 'apps.html', active_menu='profile', error=error_message, data=data, app_success=app_success, app_max=enki.librestapi.APP_MAX, app_max_name_length=enki.librestapi.APP_MAX_NAME_LENGTH, )
def post(self): if self.ensure_is_logged_in() and self.ensure_has_display_name(): self.check_CSRF() user_id = self.user_id message_accept = self.request.get('accept') message_decline = self.request.get('decline') if message_accept: sender_id = EnkiModelMessage.get_by_id( int(message_accept)).sender if sender_id: EnkiModelFriends.add_friend(user_id, sender_id) self.add_infomessage( MSG.SUCCESS(), MSG.FRIEND_ADDED( EnkiModelDisplayName.get_display_name(sender_id))) elif message_decline: sender_id = EnkiModelMessage.get_by_id( int(message_decline)).sender if sender_id: EnkiModelMessage.remove_messages_crossed( user_id, sender_id) self.render_tmpl('messages.html', data=EnkiModelMessage.get_messages(self.user_id))
def post(self): if self.ensure_is_logged_in(): self.check_CSRF() submit_type = self.request.get('submittype') if self.enki_user.email: if self.enki_user.password and submit_type == 'reauthenticate': password = self.request.get('password') if self.reauthenticate(self.enki_user.email, password): self.add_infomessage('success', MSG.SUCCESS(), MSG.REAUTHENTICATED()) self.redirect_to_relevant_page() else: error_message = MSG.WRONG_EMAIL_OR_PW() backoff_timer = self.get_backoff_timer( self.enki_user.email) if backoff_timer != 0: error_message = MSG.TIMEOUT( enki.libutil.format_timedelta(backoff_timer)) self.render_tmpl( 'reauthenticate.html', active_menu='profile', authhandlers=self.get_user_auth_providers(), email=self.enki_user.email, error=error_message) elif submit_type == 'cancel': self.redirect_to_relevant_page() elif submit_type == 'recoverpass': self.redirect( enki.libutil.get_local_url( 'passwordrecover', {'email': self.enki_user.email}))
def get(self, verifytoken): tokenEntity = EnkiModelTokenVerify.get_by_token_type( xstr(verifytoken), 'emailsubscriptionconfirm') if tokenEntity: newsletter = tokenEntity.state unsubscribe_token = EnkiModelEmailSubscriptions.add_newsletter( tokenEntity.email, newsletter) self.add_infomessage(MSG.SUCCESS(), MSG.EMAIL_SUBSCRIBED(newsletter)) # send welcome email with unsubscribe link link = enki.libutil.get_local_url('emailunsubscribe', { 'unsubscribetoken': unsubscribe_token, 'newsletter': newsletter }) self.send_email( tokenEntity.email, MSG.SEND_EMAIL_EMAIL_NEWSLETTER_WELCOME_SUBJECT(newsletter), MSG.SEND_EMAIL_EMAIL_NEWSLETTER_WELCOME_BODY(newsletter, link)) self.add_infomessage( MSG.INFORMATION(), MSG.EMAIL_NEWSLETTER_WELCOME_EMAIL_SENT(newsletter)) self.redirect(enki.libutil.get_local_url('home')) tokenEntity.key.delete() else: self.add_infomessage(MSG.INFORMATION(), MSG.EMAIL_SUBSCRIPTION_FAILED()) self.redirect(enki.libutil.get_local_url('emailsubscriptions'))
def post( self ): # generate a new token (and delete old one if they exist) if self.ensure_is_logged_in() and self.ensure_has_display_name( self.request.referrer ): self.check_CSRF() user_id = self.enki_user.key.id() token = EnkiModelRestAPIConnectToken.cleanup_and_get_new_connection_token( user_id ) self.add_infomessage( MSG.SUCCESS(), MSG.GAME_CONNECTION_TOKEN( token, EnkiModelRestAPIConnectToken.MAX_AGE )) self.redirect_to_relevant_page()
def get(self, **kwargs): token = kwargs['verifytoken'] tokenEntity = EnkiModelTokenVerify.get_by_token_type( token, 'emailchange') if tokenEntity: self.email_change(tokenEntity) self.add_infomessage('success', MSG.SUCCESS(), MSG.EMAIL_SET()) self.redirect(enki.libutil.get_local_url('profile')) else: self.abort(404)
def post_reauthenticated( self, params ): app_id = params.get( 'delete' ) if app_id: EnkiModelRestAPIDataStore.delete_user_app_data( self.user_id , app_id ) self.add_infomessage( MSG.SUCCESS(), MSG.APP_DATA_DELETED()) data_list = EnkiModelApp.user_data_list( self.user_id ) self.render_tmpl( 'appdatastores.html', active_menu = 'profile', data = data_list, apps_list = EnkiModelApp.user_apps_list( data_list ), )
def get(self, **kwargs): token = kwargs['rollbacktoken'] tokenEntity = enki.libuser.get_RollbackToken_by_token(token) if tokenEntity: self.email_rollback(tokenEntity) self.add_infomessage('success', MSG.SUCCESS(), MSG.EMAIL_RESTORED()) self.redirect(enki.libutil.get_local_url('profile')) else: self.abort(404)
def get(self, unsubscribetoken): unsubscribetoken = xstr(unsubscribetoken) tokenEntity = EnkiModelEmailSubscriptions.get_by_token( unsubscribetoken) newsletter = self.request.get(xstr('newsletter')) if not newsletter: # unsubscribe from all newsletters (or was already unsubscribed) if tokenEntity: EnkiModelEmailSubscriptions.remove_by_email(tokenEntity.email) self.add_infomessage(MSG.SUCCESS(), MSG.EMAIL_UNSUBSCRIBED_ALL()) elif (newsletter in settings.email_newsletter_name) or ( newsletter in tokenEntity.newsletters ): # unsubscribe from a specific newsletter (or was already unsubscribed) if tokenEntity: EnkiModelEmailSubscriptions.remove_newsletter_by_token( tokenEntity.token, newsletter) self.add_infomessage(MSG.SUCCESS(), MSG.EMAIL_UNSUBSCRIBED(newsletter)) else: # newsletter doesn't exist hence the user's already unsubscribed self.add_infomessage(MSG.SUCCESS(), MSG.EMAIL_UNSUBSCRIBED('')) self.redirect(enki.libutil.get_local_url('emailsubscriptions'))
def get(self, **kwargs): token = kwargs['verifytoken'] delete_posts = False tokenExists = EnkiModelTokenVerify.exist_by_token_type( token, 'accountdelete') if not tokenExists: tokenExists = EnkiModelTokenVerify.exist_by_token_type( token, 'accountandpostsdelete') if tokenExists: delete_posts = True if tokenExists: result = self.delete_account(delete_posts, token) if delete_posts: self.add_infomessage('success', MSG.SUCCESS(), MSG.ACCOUNT_AND_POSTS_DELETED()) else: self.add_infomessage('success', MSG.SUCCESS(), MSG.ACCOUNT_DELETED()) self.redirect(enki.libutil.get_local_url()) else: self.abort(404)
def post_reauthenticated(self, params): choice = params.get('choice') if choice != 'cancel': tokenEntity = EnkiModelTokenVerify.get_by_user_id_auth_id_type( user_id=self.user_id, auth_id=choice, type='loginaddconfirm_3') if tokenEntity: self.set_auth_id(tokenEntity.auth_ids_provider, self.user_id) self.add_infomessage( 'success', MSG.SUCCESS(), MSG.AUTH_PROVIDER_ADDED(str( tokenEntity.auth_ids_provider))) tokenEntity.key.delete() self.redirect(enki.libutil.get_local_url('accountconnect'))
def post_reauthenticated(self, params): app_id = params.get('delete') if app_id: enki.librestapi.delete_user_app_data(self.user_id, app_id) self.add_infomessage('success', MSG.SUCCESS(), MSG.APP_DATA_DELETED()) data_list = enki.librestapi.user_data_list(self.user_id) self.render_tmpl( 'appdatastores.html', active_menu='profile', data=data_list, apps_list=enki.librestapi.user_apps_list(data_list), )
def post(self): self.cleanup_item() self.log_out() self.check_CSRF() token = self.session.get('tokenregisterauth') tokenEntity = EnkiModelTokenVerify.get_by_token_type(token, 'register') if tokenEntity: submit_type = self.request.get('submittype') # Log in with email and password if submit_type == 'login': email = tokenEntity.email tokenEntity.key.delete() password = self.request.get('password') if self.log_in_with_email(email, password): self.add_infomessage('success', MSG.SUCCESS(), MSG.LOGGED_IN()) self.redirect_to_relevant_page() else: error_message = MSG.WRONG_EMAIL_OR_PW() backoff_timer = self.get_backoff_timer(email) if backoff_timer != 0: error_message = MSG.TIMEOUT( enki.libutil.format_timedelta(backoff_timer)) self.render_tmpl('login.html', active_menu='login', authhandlers=settings.HANDLERS, email=email, error=error_message) elif submit_type == 'recoverpass': email = tokenEntity.email tokenEntity.key.delete() self.redirect( enki.libutil.get_local_url('passwordrecover', {'email': email})) # Create a new account using the OAuth provider but without the email elif submit_type == 'register': email = tokenEntity.email tokenEntity.email = '' tokenEntity.put() self.add_infomessage( 'info', MSG.INFORMATION(), MSG.REGISTRATION_INFO_EMAIL_CANNOT_USE(email)) self.redirect( enki.libutil.get_local_url('registeroauthconfirm')) else: tokenEntity.key.delete() self.add_infomessage('info', MSG.INFORMATION(), MSG.LOGIN_FAILED()) self.redirect(enki.libutil.get_local_url('home')) else: self.abort(404)
def add_infomessage(self, message_header, message_body): # reference: http://bootswatch.com/flatly/#indicators # message_type values: 'success', 'info', 'warning', 'danger' if message_header == MSG.SUCCESS(): message_type = 'success' elif message_header == MSG.INFORMATION(): message_type = 'info' elif message_header == MSG.WARNING(): message_type = 'warning' else: message_header = MSG.DANGER() message_type = 'danger' self.session['infomessage'] = self.session.pop( 'infomessage', []) + [[message_type, message_header, message_body]]
def post(self): if self.ensure_is_logged_in(): self.check_CSRF() submit_type = self.request.get('submittype') if submit_type == 'reset': self.redirect(enki.libutil.get_local_url('emailbatchsending')) elif submit_type == 'send' or submit_type == 'sendtest': ready_to_send = 'off' newsletter = self.request.get('newsletter') subject = self.request.get('subject') body_text = self.request.get('body_text') footer_template = self.get_mailgun_email_footer_template( newsletter) if submit_type == 'sendtest': self.send_email(self.enki_user.email, subject, body_text + footer_template) self.add_infomessage( MSG.INFORMATION(), 'Test email sent to ' + self.enki_user.email) elif submit_type == 'send': ready_to_send = self.request.get('readytosend') if ready_to_send == 'on': batches_emails, batches_emails_recipient_variables = EnkiModelEmailSubscriptions.get_mailgun_email_batches( newsletter) send_success = False for batch_emails, batch_emails_recipient_variables in zip( batches_emails, batches_emails_recipient_variables): send_success = self.send_mailgun_batch_email( batch_emails, subject, body_text, footer_template, batch_emails_recipient_variables) if send_success: self.add_infomessage(MSG.SUCCESS(), 'Batch email sent') self.redirect( enki.libutil.get_local_url( 'emailbatchsending')) return else: self.add_infomessage(MSG.WARNING(), 'Batch email sending failed') self.render_tmpl('emailbatchsending.html', newsletter=newsletter, subject=subject, body_text=body_text, footer=footer_template, ready_to_send=ready_to_send)
def post(self): self.cleanup_item() self.log_out() self.check_CSRF() submit_type = self.request.get('submittype') email = self.request.get('email') if submit_type == 'login': password = self.request.get('password') if self.log_in_with_email(email, password): self.add_infomessage('success', MSG.SUCCESS(), MSG.LOGGED_IN()) self.redirect_to_relevant_page() else: error_message = MSG.WRONG_EMAIL_OR_PW() if enki.libuser.exist_EnkiUser(email): # if the email exist as part of an Auth account (doesn't have a password), silently email them to set a password. user = enki.libuser.get_EnkiUser(email) if not user.password: self.add_debugmessage( '''Comment - whether the email is available or not, the feedback through the UI is identical to prevent email checking.''' ) link = enki.libutil.get_local_url( 'passwordrecover', {'email': email}) self.send_email( email, MSG. SEND_EMAIL_LOGIN_ATTEMPT_WITH_YOUR_EMAIL_NO_PW_SUBJECT( ), MSG. SEND_EMAIL_LOGIN_ATTEMPT_WITH_YOUR_EMAIL_NO_PW_BODY( link, email)) backoff_timer = self.get_backoff_timer(email) if backoff_timer != 0: error_message = MSG.TIMEOUT( enki.libutil.format_timedelta(backoff_timer)) self.render_tmpl('login.html', active_menu='login', authhandlers=settings.HANDLERS, email=email, error=error_message) elif submit_type == 'register': self.redirect( enki.libutil.get_local_url('register', {'email': email})) else: self.redirect( enki.libutil.get_local_url('passwordrecover', {'email': email}))
def post(self, **kwargs): self.check_CSRF(), token = kwargs['verifytoken'] tokenEntity = EnkiModelTokenVerify.get_by_token_type(token, 'register') if tokenEntity: email = tokenEntity.email password = self.request.get('password') result = enki.libuser.validate_password(password) link = enki.libutil.get_local_url('registerconfirm', {'verifytoken': token}) if result == enki.libutil.ENKILIB_OK: result = self.create_user_from_email_pw(email, password) if result == enki.libutil.ENKILIB_OK: self.add_infomessage('success', MSG.SUCCESS(), MSG.ACCOUNT_CREATED()) self.log_in_with_email(email, password) self.redirect_to_relevant_page() elif result == enki.handlerbase.ERROR_USER_NOT_CREATED: error_message = MSG.FAIL_REGISTRATION() self.render_tmpl('register.html', active_menu='register', email=email, error=error_message) else: error_message = '' if result == enki.libuser.ERROR_PASSWORD_BLANK: error_message = MSG.MISSING_PW() elif result == enki.libuser.ERROR_PASSWORD_TOO_SHORT: length = len(password) error_message = " ".join([ MSG.PW_TOO_SHORT(length), MSG.PW_ENSURE_MIN_LENGTH( self.app.config.get('enki').get('user').get( 'PASSWORD_LENGTH_MIN')) ]) self.render_tmpl('registerconfirm.html', active_menu='register', email=email, url=link, error=error_message) else: self.abort(404)
def post_reauthenticated(self, params): register = params.get('register') deregister = params.get('deregister') if register: # initiate adding a new authentication method to the account for authhandler in settings.HANDLERS: if register == authhandler.get_provider_name(): token = security.generate_random_string(entropy=256) LoginAddToken = EnkiModelTokenVerify( token=token, user_id=self.user_id, auth_ids_provider=register, type='loginaddconfirm_1') LoginAddToken.put() self.redirect(authhandler.get_button().href) break elif deregister: self.remove_auth_id(deregister) self.add_infomessage('success', MSG.SUCCESS(), MSG.AUTH_PROVIDER_REMOVED(deregister)) self.redirect(enki.libutil.get_local_url('accountconnect'))
def post(self): if self.ensure_is_logged_in(): self.check_CSRF() password = self.request.get('password') email = self.enki_user.email error_password_message = '' error_passwordnew_message = '' if self.log_in_with_id(self.enki_user.key.id(), password): password_new = self.request.get('passwordnew') result = enki.libuser.set_password(self.enki_user, password_new) if result == enki.libutil.ENKILIB_OK: self.add_infomessage('success', MSG.SUCCESS(), MSG.PASSWORD_UPDATED()) self.redirect(enki.libutil.get_local_url('profile')) return else: if result == enki.libuser.ERROR_PASSWORD_BLANK: error_passwordnew_message = MSG.MISSING_NEW_PW() elif result == enki.libuser.ERROR_PASSWORD_TOO_SHORT: length = len(password_new) error_passwordnew_message = " ".join([ MSG.PW_TOO_SHORT(length), MSG.PW_ENSURE_MIN_LENGTH( self.app.config.get('enki').get('user').get( 'PASSWORD_LENGTH_MIN')) ]) else: error_password_message = MSG.WRONG_PW() backoff_timer = self.get_backoff_timer(email) if backoff_timer != 0: error_password_message = MSG.TIMEOUT( enki.libutil.format_timedelta(backoff_timer)) self.render_tmpl('passwordchange.html', active_menu='profile', error_password=error_password_message, error_passwordnew=error_passwordnew_message)
def post(self, **kwargs): self.check_CSRF() token = kwargs['verifytoken'] tokenEntity = EnkiModelTokenVerify.get_by_token_type( token, 'passwordchange') if tokenEntity: email = tokenEntity.email user = enki.libuser.get_EnkiUser(email) if user: password = self.request.get('password') result = enki.libuser.set_password(user, password) if result == enki.libutil.ENKILIB_OK: enki.libuser.delete_verifytoken_by_email( email, 'passwordchange') self.log_in_with_id(user.key.id(), password) self.add_infomessage('success', MSG.SUCCESS(), MSG.PASSWORD_SET()) self.redirect(enki.libutil.get_local_url('profile')) return else: error_message = '' if result == enki.libuser.ERROR_PASSWORD_BLANK: error_message = MSG.MISSING_PW() elif result == enki.libuser.ERROR_PASSWORD_TOO_SHORT: length = len(password) error_message = " ".join([ MSG.PW_TOO_SHORT(length), MSG.PW_ENSURE_MIN_LENGTH( self.app.config.get('enki').get('user').get( 'PASSWORD_LENGTH_MIN')) ]) self.render_tmpl('passwordrecoverconfirm.html', error=error_message) else: self.abort(401) else: self.abort(404)
def post_reauthenticated(self, params): email = params.get('email') old_email_existed = True if ( self.enki_user.email and self.enki_user.email != 'removed') else False result = enki.libuser.validate_email(email) error_message = '' if result == enki.libutil.ENKILIB_OK or result == enki.libuser.ERROR_EMAIL_MISSING: result_of_change_request = self.email_change_request(email) if result_of_change_request == 'same': error_message = MSG.CURRENT_EMAIL() elif result_of_change_request == 'cannot_remove': error_message = MSG.CANNOT_DELETE_EMAIL() elif result_of_change_request == 'removed': self.add_infomessage('success', MSG.SUCCESS(), MSG.EMAIL_REMOVED()) if old_email_existed: self.add_infomessage('info', MSG.INFORMATION(), MSG.EMAIL_ROLLBACK_INFO_EMAIL_SENT()) self.redirect(enki.libutil.get_local_url('profile')) elif result_of_change_request == 'change' or result_of_change_request == enki.handlerbase.ERROR_EMAIL_IN_USE: self.add_infomessage( 'info', MSG.INFORMATION(), MSG.EMAIL_CHANGE_CONFIRM_INFO_EMAIL_SENT(email)) if self.enki_user.email and self.enki_user.email != 'removed': self.add_infomessage( 'info', MSG.INFORMATION(), MSG.EMAIL_CHANGE_UNDO_INFO_EMAIL_SENT()) self.redirect(enki.libutil.get_local_url('profile')) return elif result == enki.libuser.ERROR_EMAIL_FORMAT_INVALID: error_message = MSG.WRONG_EMAIL_FORMAT() if error_message: self.render_tmpl('emailchange.html', active_menu='profile', email=email, error=error_message)
def post_reauthenticated(self, params): prefix = params.get('prefix') error_message = '' result = enki.libdisplayname.make_unique_and_set_display_name( self.user_id, prefix) if result == enki.libutil.ENKILIB_OK: self.add_infomessage('success', MSG.SUCCESS(), MSG.DISPLAYNAME_SET()) self.session['sessiondisplaynamerefpath'] = self.session.pop( 'sessionreauth', self.request.referrer) self.redirect_to_relevant_page() return else: if result == enki.libdisplayname.ERROR_DISPLAY_NAME_LENGTH: length = len(prefix) instruction = '' if length < enki.libdisplayname.PREFIX_LENGTH_MIN: instruction = MSG.DISPLAY_NAME_TOO_SHORT_LENGTHEN( enki.libdisplayname.PREFIX_LENGTH_MIN) elif length > enki.libdisplayname.PREFIX_LENGTH_MAX: instruction = MSG.DISPLAY_NAME_TOO_LONG_SHORTEN( enki.libdisplayname.PREFIX_LENGTH_MAX) error_message = " ".join( [MSG.DISPLAY_NAME_WRONG_LENGTH(length), instruction]) elif result == enki.libdisplayname.ERROR_DISPLAY_NAME_ALNUM: error_message = MSG.DISPLAY_NAME_WRONG_SYMBOLS() elif result == enki.libdisplayname.ERROR_DISPLAY_NAME_IN_USE: error_message = MSG.DISPLAY_NAME_ALREADY_USED() self.render_tmpl( 'displayname.html', active_menu='profile', prefix=prefix, data=enki.libdisplayname.get_display_name_data(self.user_id), prefix_length_min=enki.libdisplayname.PREFIX_LENGTH_MIN, prefix_length_max=enki.libdisplayname.PREFIX_LENGTH_MAX, error=error_message)
def provider_authenticated_callback(self, loginInfo): # We expect the fields of the dictionary to be: # - 'provider_name' unique 'pretty' provider name (e.g. google, facebook,...) # - 'provider_uid' provider specific (a.k.a "locally unique") user Id, i.e unique to the provider (e.g. the google user id number) # - 'email' # - 'email_verified' # We IGNORE: username, gender (facebook), avatar link, etc. # get the verified email from the auth provider email = None if loginInfo['email'] and loginInfo['email_verified'] == True: email = loginInfo['email'] # get the authId from the auth provider auth_id = loginInfo['provider_name'] + ':' + loginInfo['provider_uid'] if auth_id: # Modify existing or create user # check if it's an add login method request LoginAddToken = EnkiModelTokenVerify.get_by_user_id_state_type( self.user_id, loginInfo['provider_name'], 'loginaddconfirm_1') if LoginAddToken: # Add a login method if not EnkiModelUser.exist_by_auth_id(auth_id): # store the new auth prov + id in the session LoginAddToken.state = auth_id LoginAddToken.type = 'loginaddconfirm_2' LoginAddToken.put() self.redirect( enki.libutil.get_local_url('loginaddconfirm')) else: self.add_infomessage( MSG.INFORMATION(), MSG.AUTH_PROVIDER_CANNOT_BE_ADDED(str(auth_id))) self.redirect(enki.libutil.get_local_url('accountconnect')) return else: user = self.get_user_from_authid(auth_id, email) if user: # Existing authentication method / user if self.is_logged_in() and self.user_id == user.key.id(): # Refresh the reauthenticated status self.session['reauth_time'] = datetime.datetime.now() self.add_infomessage(MSG.SUCCESS(), MSG.REAUTHENTICATED()) self.redirect_to_relevant_page() return # Login self.log_in_session_token_create(user) self.add_infomessage(MSG.SUCCESS(), MSG.LOGGED_IN()) self.redirect_to_relevant_page() else: # New authentication method register_token = EnkiModelTokenVerify.get_by_state_type( auth_id, 'register') if register_token: # If a token already exists, get the token value and update the email token = register_token.token register_token.email = email # update in case the user changed their email or modified their email access permission else: # Create a new token token = security.generate_random_string(entropy=256) register_token = EnkiModelTokenVerify(token=token, email=email, state=auth_id, type='register') register_token.put() self.session['tokenregisterauth'] = token if EnkiModelUser.exist_by_email(email): self.redirect( enki.libutil.get_local_url( 'registeroauthwithexistingemail')) else: self.redirect( enki.libutil.get_local_url('registeroauthconfirm')) else: self.redirect_to_relevant_page()
def post(self, forum): if self.ensure_is_logged_in() and self.ensure_has_display_name(): if forum.isdigit() and EnkiModelForum.get_by_id(int(forum)): user_id = self.user_id thread_title = self.request.get('thread_title') post_body = self.request.get('post_body') submit_type = self.request.get('submittype') error_message_threadtitle = '' error_message_postbody = '' preview_threadtitle = '' preview_post = '' pmtoken = self.request.get('preventmultitoken') show_input = True if submit_type == 'input': thread_title = '' post_body = '' pmtoken = enki.libforum.add_preventmultipost_token() else: self.check_CSRF() if submit_type != 'cancel': if not thread_title: error_message_threadtitle = MSG.THREAD_TITLE_NEEDED( ) else: exceed = len( thread_title ) - enki.libforum.THREAD_TITLE_LENGTH_MAX if exceed > 0: error_message_threadtitle = MSG.THREAD_TITLE_TOO_LONG( exceed) if not post_body: error_message_postbody = MSG.POST_BODY_NEEDED() else: exceed = len( post_body) - enki.libforum.POST_LENGTH_MAX if exceed > 0: error_message_postbody = MSG.POST_BODY_TOO_LONG( exceed) if not error_message_threadtitle and not error_message_postbody: if submit_type == 'submit': if enki.libforum.check_and_delete_preventmultipost_token( pmtoken): result = enki.libforum.add_thread_and_post( user_id, forum, thread_title, post_body) if result == enki.libutil.ENKILIB_OK: self.add_infomessage( 'success', MSG.SUCCESS(), MSG.THREAD_PUBLISHED()) thread_title = '' post_body = '' self.redirect( enki.libutil.get_local_url( 'forum', {'forum': forum})) return else: error_threadtitle = MSG.FAIL_THREAD_SUBMISSION( ) else: thread_title = '' post_body = '' elif submit_type == 'preview': preview_threadtitle = thread_title preview_post = post_body elif submit_type == 'cancel': thread_title = '' post_body = '' self.render_tmpl( 'forum.html', CSRFneeded=show_input, active_menu='forums', data=enki.libforum.get_forum_data(forum), show_input=show_input, preventmultitoken=pmtoken, error_threadtitle=error_message_threadtitle, error_postbody=error_message_postbody, maxpostlength=enki.libforum.POST_LENGTH_MAX, maxthreadtitlelength=enki.libforum.THREAD_TITLE_LENGTH_MAX, threadtitle=thread_title, postbody=post_body, previewthreadtitle=preview_threadtitle, previewpost=preview_post)
def post(self, post): if self.ensure_is_logged_in() and self.ensure_has_display_name(): if post.isdigit() and enki.libforum.EnkiModelPost.get_by_id( int(post)): data = enki.libforum.get_post_data(post) is_author = True if self.user_id == data.author_data.user_id else False user = self.user_id post_body = self.request.get('post_body') submit_type = self.request.get('submittype') change = self.request.get('change') error_message = '' preview = '' if submit_type == 'delete': self.check_CSRF() result = enki.libforum.delete_post(user, post) if result[0] == enki.libutil.ENKILIB_OK: self.add_infomessage('success', MSG.SUCCESS(), MSG.POST_DELETED()) self.redirect( enki.libutil.get_local_url( 'thread', {'thread': result[1] })) # redirect to parent thread return else: error_message = MSG.FAIL_POST_DELETION() elif submit_type == 'cancel': self.redirect(enki.libutil.get_local_url(data.post_page)) return else: if not post_body: error_message = MSG.POST_BODY_NEEDED() else: exceed = len(post_body) - enki.libforum.POST_LENGTH_MAX if exceed > 0: error_message = MSG.POST_BODY_TOO_LONG(exceed) if not error_message: if submit_type == 'submit': self.check_CSRF() result = enki.libforum.edit_post(user, post, post_body) if result[0] == enki.libutil.ENKILIB_OK: self.add_infomessage('success', MSG.SUCCESS(), MSG.POST_MODIFIED()) self.redirect( enki.libutil.get_local_url( 'thread', {'thread': result[1] })) # redirect to parent thread return else: error_message = MSG.FAIL_POST_MODIFICATION() elif submit_type == 'preview': preview = post_body self.render_tmpl('post.html', active_menu='forums', data=data, change=change, isauthor=is_author, error=error_message, postbody=post_body, maxpostlength=enki.libforum.POST_LENGTH_MAX, preview=preview)
def post(self, thread): if self.ensure_is_logged_in() and self.ensure_has_display_name(): if thread.isdigit() and EnkiModelThread.get_by_id(int(thread)): user = self.user_id post_body = self.request.get('post_body') submit_type = self.request.get('submittype') post_count = str(self.request.get('count')) post_requested = str(self.request.get('start')) if not post_count: post_count = enki.libforum.POSTS_PER_PAGE if not post_requested: post_requested = enki.libforum.get_first_post_on_page( enki.libforum.get_page( EnkiModelThread.get_by_id(int(thread)), enki.libforum.POST_LAST, int(post_count)), int(post_count)) error_message = '' preview = '' pmtoken = self.request.get('preventmultitoken') show_input = True if submit_type == 'input': post_body = '' pmtoken = enki.libforum.add_preventmultipost_token() else: self.check_CSRF() if submit_type != 'cancel': if not post_body: error_message = MSG.POST_BODY_NEEDED() else: exceed = len( post_body) - enki.libforum.POST_LENGTH_MAX if exceed > 0: error_message = MSG.POST_BODY_TOO_LONG(exceed) if not error_message: if submit_type == 'submit': if enki.libforum.check_and_delete_preventmultipost_token( pmtoken): result = enki.libforum.add_post( user, thread, post_body) if result == enki.libutil.ENKILIB_OK: self.add_infomessage( 'success', MSG.SUCCESS(), MSG.POST_PUBLISHED()) post_body = '' post_requested = enki.libforum.get_first_post_on_page( enki.libforum.get_page( EnkiModelThread.get_by_id( int(thread)), enki.libforum.POST_LAST, int(post_count)), int(post_count)) self.redirect( enki.libutil.get_local_url( 'thread', { 'thread': thread, 'start': str(post_requested), 'count': str(post_count) })) return else: error_message = MSG.FAIL_POST_SUBMISSION() else: post_body = '' elif submit_type == 'preview': preview = post_body elif submit_type == 'cancel': post_body = '' data = enki.libforum.get_thread_data(thread, post_requested, post_count) pagination = enki.libforum.get_thread_pagination_data( thread, post_requested, post_count) self.render_tmpl('thread.html', CSRFneeded=show_input, active_menu='forums', data=data, pagination=pagination, user_id=self.user_id, show_input=show_input, preventmultitoken=pmtoken, error=error_message, maxpostlength=enki.libforum.POST_LENGTH_MAX, postbody=post_body, preview=preview)
def post(self): if self.ensure_is_logged_in(): self.check_CSRF() user_id = self.enki_user.key.id() if self.get_backoff_timer(str(user_id), True) == 0: licence_key_preset = self.request.get( 'licence_key_preset').strip()[:( enki.libstore.LICENCE_KEY_DASHES_LENGTH + 4 )] # 4 allows for some leading and trailing characters licence_key_manual = self.request.get( 'licence_key_manual').strip()[:( enki.libstore.LICENCE_KEY_DASHES_LENGTH + 4)] licence_key = licence_key_manual is_manual = True if licence_key_preset and not licence_key_manual: licence_key = licence_key_preset is_manual = False if licence_key: if len(licence_key) <= ( enki.libstore.LICENCE_KEY_DASHES_LENGTH): licence_key_reduced = re.sub( r'[^\w]', '', licence_key)[:enki.libstore.LICENCE_KEY_LENGTH] item = enki.libstore.get_EnkiProductKey_by_licence_key( licence_key_reduced) if not item: if is_manual: self.session[ 'error_library'] = MSG.LICENCE_INVALID() self.session[ 'error_library_licence'] = licence_key elif item: licence_key_formatted = enki.libstore.insert_dashes_5_10( licence_key_reduced) if not item.activated_by_user: # the licence key is not activated. if enki.libstore.exist_EnkiProductKey_product_activated_by( user_id, item.product_name): # the user has already activated a key for the same product if is_manual: self.session[ 'error_library'] = MSG.LICENCE_ALREADY_ACTIVATED_GIVE( settings.product_displayname[ item.product_name]) self.session[ 'error_library_licence'] = licence_key_formatted else: # activate the licence item.activated_by_user = user_id item.put() self.remove_backoff_timer(str(user_id)) self.add_infomessage( 'success', MSG.SUCCESS(), MSG.PRODUCT_LICENCE_ACTIVATED( settings.product_displayname[ item.product_name], licence_key_formatted)) elif item.activated_by_user == user_id: # the user has already activated this specific key if is_manual: self.session[ 'error_library'] = MSG.PRODUCT_ALREADY_ACTIVATED( settings.product_displayname[ item.product_name]) self.session[ 'error_library_licence'] = licence_key_formatted else: self.add_infomessage( 'info', MSG.INFORMATION(), MSG.PRODUCT_ALREADY_ACTIVATED( settings.product_displayname[ item.product_name])) else: # another user has activated the key if is_manual: self.session[ 'error_library'] = MSG.LICENCE_ANOTHER_USER_ACTIVATED( settings.product_displayname[ item.product_name], licence_key_formatted) self.session[ 'error_library_licence'] = licence_key_formatted else: self.add_infomessage( 'info', MSG.INFORMATION(), MSG.LICENCE_ANOTHER_USER_ACTIVATED( settings.product_displayname[ item.product_name], licence_key_formatted)) else: self.session['error_library'] = MSG.LICENCE_TOO_LONG() self.session['error_library_licence'] = licence_key elif is_manual: self.session['error_library'] = MSG.LICENCE_MISSING() else: backoff_timer = self.get_backoff_timer(str(user_id)) if backoff_timer != 0: self.session['error_library'] = MSG.TIMEOUT( enki.libutil.format_timedelta(backoff_timer)) self.redirect_to_relevant_page()