def change_password(self, check): """ """ user = check_verify_remember(check) if user: g.chtml = '' chtml = captcha.displayhtml( public_key = "6Ldph8cSAAAAAGJK1OCZwgqWxctr6gS2FTCM3B1r", use_ssl = False, error = None) g.chtml = Markup(chtml) g.check = check if request.method == 'POST': valid = self.recaptcha() if valid: new_password = request.form['new_password'] new_password_two = request.form['new_password_two'] if len(new_password) < 6: message = g.users_msg('error_password_1') status = 'msg msg-error' elif new_password != new_password_two: message = g.users_msg('error_password_2') status = 'msg msg-error' else: g.db.users.update({"_id": user['_id']}, {"$set": { "password": create_password(new_password) } }) message = g.users_msg('success_update_password') status = 'msg msg-success' else: message = g.login_msg('captcha_error') status = 'msg msg-error' return render_template('{}/change_password.html'.format(MODULE_DIR), **locals()) else: message = g.login_msg('not_change_password') status = 'msg msg-error' return render_template('{}/verify.html'.format(MODULE_DIR), **locals())
def remember(self): """ """ if request.method == 'POST': email = request.form['email'].lower() regx = re.compile('^'+email+'$', re.IGNORECASE) result_1 = g.db.users.find_one({"username" : regx}) result_2 = g.db.users.find_one({"email" : email }) if result_1: user = result_1 else: user = result_2 if user is None: self.message = g.login_msg('remember_error_1') if self.message is None: verify = verify_remember(user) user['remember_verify'] = verify g.db.users.update({"_id": user['_id'] }, user) context = { "path": '{}/remember'.format(PATH), "verify": verify, "name": user['name'] } msg = RememberPassword(user['email'], context) email_response = msg.send() if not email_response['error']: self.status = 'msg msg-success' self.message = g.remember_msg('remember_ok') else: self.message = g.remember_msg('remember_no')
def sign_in(self): """ """ input_login = request.form['username'] password = request.form['password'] if 'permanent' in request.form: permanent = request.form['permanent'] else: permanent = None if not input_login and not password: self.message = g.login_msg('login_error_1') else: regx = re.compile('^'+input_login+'$', re.IGNORECASE) user = g.db.users.find_one({"username" : regx}) no_valid = False if user is None: user = g.db.users.find_one({"email" : regx}) if user is None: self.message = g.login_msg('login_error_2') return False elif self.check_ip_in_black_list(g.ip): no_valid = self.recaptcha() if user["status"] is 0: self.message = g.login_msg('login_error_3') return False if no_valid: self.add_ip_in_black_list(g.ip) self.message = g.login_msg('captcha_error') elif not user['password'] == create_password(password): # Important login error self.add_ip_in_black_list(g.ip) self.message = g.login_msg('login_error_2') else: # Save session in main domain token = get_token(CLIENT_ID, CLIENT_SECRET, user['username'], user['password']) print token if token is None: self.message = g.login_msg('login_error_4') return False g.db.users.update({ '_id' : ObjectId(user['_id']) }, { "$set": { "token": token } }) session['user_id'] = user['_id'] if permanent is not None: session.permanent = True return True return False