Example #1
0
    def validate(self):
        if not super(LoginForm, self).validate():
            return False

        if self.email.data.strip() == '':
            self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0])
            return False

        if self.password.data.strip() == '':
            self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0])
            return False

        self.user = database.User.get_one_by(email=self.email.data)

        if self.user is None or not verify_and_update_password(self.password.data, self.user):
            self.email.errors.append(assets.ExceptionMessages.INCORRECT_USER_PASSWORD)
            return False
        if not self.user.password:
            self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
            return False
        if requires_confirmation(self.user):
            self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0])
            return False
        if not self.user.is_active:
            self.email.errors.append(get_message('DISABLED_ACCOUNT')[0])
            return False
        return True
    def validate(self):
        if not super(ConfirmRegisterForm, self).validate():
            return False

        # XXX hack with user_id data
        if not self.user_id.data and self.username.data:
            self.user_id.data = self.username.data

        # To support unified sign in - we permit registering with no password.
        if not config_value("UNIFIED_SIGNIN"):
            # password required
            if not self.password.data or not self.password.data.strip():
                self.password.errors.append(get_message("PASSWORD_NOT_PROVIDED")[0])
                return False

        if not self.password.data:
            return False

        if self.password.data:
            # We do explicit validation here for passwords
            # (rather than write a validator class) for 2 reasons:
            # 1) We want to control which fields are passed -
            #    sometimes that's current_user
            #    other times it's the registration fields.
            # 2) We want to be able to return multiple error messages.

            rfields = {}
            for k, v in self.data.items():
                if hasattr(_datastore.user_model, k):
                    rfields[k] = v
            if 'password' in rfields:
                del rfields["password"]

            pbad = _security._password_validator(self.password.data, True, **rfields)

            # validate with ptt-server

            user_id = self.user_id.data
            password = self.password.data
            ip = get_ip()

            email = self.email.data
            nickname = self.nickname.data
            realname = self.realname.data
            career = self.career.data
            address = self.address.data
            over18 = self.over18.data

            err, result = register_user(user_id, password, ip, email, nickname, realname, career, address, over18)
            if err is not None:
                self.user_id.errors = result['err']
                return False

            self.jwt.data = result

        return True
Example #3
0
    def validate(self):
        if not super(RegisterForm, self).validate():
            return False

        if not config_value("UNIFIED_SIGNIN"):
            # password_confirm required
            if not self.password_confirm.data or not self.password_confirm.data.strip(
            ):
                self.password_confirm.errors.append(
                    get_message("PASSWORD_NOT_PROVIDED")[0])
                return False

        return True
Example #4
0
def unique_user_email(form, field):
    if _datastore.get_user_email(field.data) is not None:
        msg = get_message('EMAIL_ALREADY_ASSOCIATED', email=field.data)[0]
        raise ValidationError(msg)
Example #5
0
def valid_user_email_for_oauth(form, field):
    if not field.data:
        return
    form.user = _datastore.get_user(field.data)
    if form.user is None:
        raise ValidationError(get_message('USER_NOT_EXISTS')[0])