Example #1
0
def challenge(http_request, factory):
    """
    Generate a nonce for authentication.

    Arguments
    ~~~~~~~~~
    * factory_name string (lowercase, normally from hostname)

    Return value
    ~~~~~~~~~~~~
    * challenge dict

    The return value is a dict with the following keys:

    * algorithm string (sha1 or md5)
    * salt string (few random characters)
    * nonce string (random lowercase hexadecimal, length 32)

    See nonces.verify for how to encrypt your password with the nonce.
    """
    hashkey = crypto.random_md5()
    ip = http_request.META['REMOTE_ADDR']
    Nonce.objects.create(factory=factory, hashkey=hashkey, ip=ip)
    password = factory.admin.password
    if password.count('$'):
        algorithm, salt, hashed = password.split('$')
    else:
        algorithm, salt, hashed = 'md5', '', password
    return {
        'algorithm': algorithm,
        'salt': salt,
        'nonce': hashkey,
        }
Example #2
0
def email(http_request):
    """
    Ask user for email address, then send verification message.
    """
    ip = http_request.META['REMOTE_ADDR']
    nonces_per_day = Nonce.objects.filter(ip=ip, email__isnull=False,
       created__gt=datetime.now() - timedelta(hours=24)).count()
    if nonces_per_day >= 3:
        return error_page(http_request, _("too many verification emails"),
_("There were too many email requests from your IP in the last 24 hours."),
_("Please try again later."))
    form = EmailForm(http_request.POST or None)
    if not form.is_valid():
        form_title = _("email verification")
        form_action = '/accounts/email/'
        form_submit = _("send email")
        form_javascript = "document.getElementById('id_email').focus()"
        return render_to_response('form.html', locals(),
            context_instance=RequestContext(http_request))
    address = form.cleaned_data['email']
    user = None
    users = User.objects.filter(email=address)
    if len(users):
        user = users[0]
    hashkey = crypto.random_md5()
    Nonce.objects.create(email=address, hashkey=hashkey, ip=ip)
    domain = Site.objects.get_current().domain
    message = email_message(domain, hashkey, user)
    try:
        send_mail("Browsershots email verification", message,
                  settings.DEFAULT_FROM_EMAIL, [address],
                  fail_silently=False)
    except smtplib.SMTPException, e:
        return error_page(http_request, _("email error"),
            _("Could not send email."), str(e))
Example #3
0
def challenge(http_request, factory):
    """
    Generate a nonce for authentication.

    Arguments
    ~~~~~~~~~
    * factory_name string (lowercase, normally from hostname)

    Return value
    ~~~~~~~~~~~~
    * challenge dict

    The return value is a dict with the following keys:

    * algorithm string (sha1 or md5)
    * salt string (few random characters)
    * nonce string (random lowercase hexadecimal, length 32)

    See nonces.verify for how to encrypt your password with the nonce.
    """
    hashkey = crypto.random_md5()
    ip = http_request.META['REMOTE_ADDR']
    Nonce.objects.create(factory=factory, hashkey=hashkey, ip=ip)
    password = factory.admin.password
    if password.count('$'):
        algorithm, salt, hashed = password.split('$')
    else:
        algorithm, salt, hashed = 'md5', '', password
    return {
        'algorithm': algorithm,
        'salt': salt,
        'nonce': hashkey,
    }
Example #4
0
def email(http_request):
    """
    Ask user for email address, then send verification message.
    """
    ip = http_request.META['REMOTE_ADDR']
    nonces_per_day = Nonce.objects.filter(ip=ip, email__isnull=False,
       created__gt=datetime.now() - timedelta(hours=24)).count()
    if nonces_per_day >= 3:
        return error_page(http_request, _("too many verification emails"),
_("There were too many email requests from your IP in the last 24 hours."),
_("Please try again later."))
    form = EmailForm(http_request.POST or None)
    if not form.is_valid():
        form_title = _("email verification")
        form_action = '/accounts/email/'
        form_submit = _("send email")
        form_javascript = "document.getElementById('id_email').focus()"
        return render_to_response('form.html', locals(),
            context_instance=RequestContext(http_request))
    address = form.cleaned_data['email']
    user = None
    users = User.objects.filter(email=address)
    if len(users):
        user = users[0]
    hashkey = crypto.random_md5()
    Nonce.objects.create(email=address, hashkey=hashkey, ip=ip)
    domain = Site.objects.get_current().domain
    message = email_message(domain, hashkey, user)
    try:
        send_mail("Browsershots email verification", message,
                  settings.DEFAULT_FROM_EMAIL, [address],
                  fail_silently=False)
    except smtplib.SMTPException, e:
        return error_page(http_request, _("email error"),
            _("Could not send email."), str(e))
Example #5
0
def save_upload(screenshot):
    """
    Save uploaded screenshot file and return hashkey.
    """
    hashkey = crypto.random_md5()
    makedirs(png_path(hashkey))
    outfile = file(png_filename(hashkey), 'wb')
    outfile.write(screenshot.data)
    outfile.close()
    return hashkey
Example #6
0
def save_upload(screenshot):
    """
    Save uploaded screenshot file and return hashkey.
    """
    hashkey = crypto.random_md5()
    makedirs(png_path(hashkey))
    outfile = file(png_filename(hashkey), 'wb')
    outfile.write(screenshot.data)
    outfile.close()
    return hashkey
Example #7
0
def challengeUser(http_request, username):
    """
    Generate a nonce for authentication.

    Arguments
    ~~~~~~~~~
    * username string (your user account on the server)

    Return value
    ~~~~~~~~~~~~
    * challenge dict

    The return value is a dict with the following keys:

    * algorithm string (sha1 or md5)
    * salt string (few random characters)
    * nonce string (random lowercase hexadecimal, length 32)

    See nonces.verifyUser for how to encrypt your password with the
    nonce.
    """
    try:
        user = User.objects.get(username=username)
    except User.DoesNotExist:
        raise Fault(404, "User not found.")
    hashkey = crypto.random_md5()
    ip = http_request.META['REMOTE_ADDR']
    Nonce.objects.create(email=username, hashkey=hashkey, ip=ip)
    password = user.password
    if password.count('$'):
        algorithm, salt, hashed = password.split('$')
    else:
        algorithm, salt, hashed = 'md5', '', password
    return {
        'algorithm': algorithm,
        'salt': salt,
        'nonce': hashkey,
        }
Example #8
0
def challengeUser(http_request, username):
    """
    Generate a nonce for authentication.

    Arguments
    ~~~~~~~~~
    * username string (your user account on the server)

    Return value
    ~~~~~~~~~~~~
    * challenge dict

    The return value is a dict with the following keys:

    * algorithm string (sha1 or md5)
    * salt string (few random characters)
    * nonce string (random lowercase hexadecimal, length 32)

    See nonces.verifyUser for how to encrypt your password with the
    nonce.
    """
    try:
        user = User.objects.get(username=username)
    except User.DoesNotExist:
        raise Fault(404, "User not found.")
    hashkey = crypto.random_md5()
    ip = http_request.META['REMOTE_ADDR']
    Nonce.objects.create(email=username, hashkey=hashkey, ip=ip)
    password = user.password
    if password.count('$'):
        algorithm, salt, hashed = password.split('$')
    else:
        algorithm, salt, hashed = 'md5', '', password
    return {
        'algorithm': algorithm,
        'salt': salt,
        'nonce': hashkey,
    }