def change_password(self, check):
""" """
user = check_verify_remember(check)
if user:
g.chtml = ''
chtml = captcha.displayhtml(
public_key = "6Ldph8cSAAAAAGJK1OCZwgqWxctr6gS2FTCM3B1r",
use_ssl = False,
error = None)
g.chtml = Markup(chtml)
g.check = check
if request.method == 'POST':
valid = self.recaptcha()
if valid:
new_password = request.form['new_password']
new_password_two = request.form['new_password_two']
if len(new_password) < 6:
message = g.users_msg('error_password_1')
status = 'msg msg-error'
elif new_password != new_password_two:
message = g.users_msg('error_password_2')
status = 'msg msg-error'
else:
g.db.users.update({"_id": user['_id']}, {"$set": { "password": create_password(new_password) } })
message = g.users_msg('success_update_password')
status = 'msg msg-success'
else:
message = g.login_msg('captcha_error')
status = 'msg msg-error'
return render_template('{}/change_password.html'.format(MODULE_DIR), **locals())
else:
message = g.login_msg('not_change_password')
status = 'msg msg-error'
return render_template('{}/verify.html'.format(MODULE_DIR), **locals())
def remember(self):
""" """
if request.method == 'POST':
email = request.form['email'].lower()
regx = re.compile('^'+email+'$', re.IGNORECASE)
result_1 = g.db.users.find_one({"username" : regx})
result_2 = g.db.users.find_one({"email" : email })
if result_1:
user = result_1
else:
user = result_2
if user is None:
self.message = g.login_msg('remember_error_1')
if self.message is None:
verify = verify_remember(user)
user['remember_verify'] = verify
g.db.users.update({"_id": user['_id'] }, user)
context = {
"path": '{}/remember'.format(PATH),
"verify": verify,
"name": user['name']
}
msg = RememberPassword(user['email'], context)
email_response = msg.send()
if not email_response['error']:
self.status = 'msg msg-success'
self.message = g.remember_msg('remember_ok')
else:
self.message = g.remember_msg('remember_no')
def sign_in(self):
""" """
input_login = request.form['username']
password = request.form['password']
if 'permanent' in request.form:
permanent = request.form['permanent']
else:
permanent = None
if not input_login and not password:
self.message = g.login_msg('login_error_1')
else:
regx = re.compile('^'+input_login+'$', re.IGNORECASE)
user = g.db.users.find_one({"username" : regx})
no_valid = False
if user is None:
user = g.db.users.find_one({"email" : regx})
if user is None:
self.message = g.login_msg('login_error_2')
return False
elif self.check_ip_in_black_list(g.ip):
no_valid = self.recaptcha()
if user["status"] is 0:
self.message = g.login_msg('login_error_3')
return False
if no_valid:
self.add_ip_in_black_list(g.ip)
self.message = g.login_msg('captcha_error')
elif not user['password'] == create_password(password):
# Important login error
self.add_ip_in_black_list(g.ip)
self.message = g.login_msg('login_error_2')
else:
# Save session in main domain
token = get_token(CLIENT_ID, CLIENT_SECRET, user['username'], user['password'])
print token
if token is None:
self.message = g.login_msg('login_error_4')
return False
g.db.users.update({ '_id' : ObjectId(user['_id']) }, { "$set": { "token": token } })
session['user_id'] = user['_id']
if permanent is not None:
session.permanent = True
return True
return False
