def __register(self, api):
""" Check incoming parameters and register user """
# Validate email
email = self.request.get(constants.VAR_NAME_EMAIL)
logging.info('User registering: ' + str(email))
if not User.isEmailValid(email) or User.isAlreadyRegistered(email):
logging.error('Email mismatched or already registered')
self.set_error(constants.STATUS_BAD_REQUEST,
self.gettext('REGISTER_ERROR'),
url=self.request.url)
return
# Validate password
password = self.request.get(constants.VAR_NAME_PASSWORD)
if not User.isPasswordValid(password):
logging.error('Invalid password')
self.set_error(constants.STATUS_BAD_REQUEST,
self.gettext('REGISTER_ERROR'),
url=self.request.url)
return
# Calculate password hash
salt_and_key = CryptoUtil.get_salt_and_key(password)
salt = salt_and_key[0]
key = salt_and_key[1]
# Create and store user object
user = User(key_name=email)
user.email = email.lower()
user.salt = salt
user.password = key
user.verified = False
user.put()
# Send email for verification
self.__send_verification(email)
if api == '':
# Display message
template_values = {
'message': self.gettext('PLEASE_CHECK_YOUR_EMAIL')
}
template = self.jinja2_env.get_template('staticmessage.html')
self.response.out.write(template.render(template_values))
self.ok()
def __send_verification(self, email):
""" Send verification email to recipient """
user = User.getUser(email.lower())
if user is None or user.verified:
self.set_error(constants.STATUS_BAD_REQUEST, message=None, url="/")
return
user.verificationCode = b64encode(CryptoUtil.get_verify_code(), "*$")
template_values = {
'user_email': self.user_email,
'code': user.verificationCode,
'url': constants.VERIFICATION_URL
}
template = self.jinja2_env.get_template('verificationemail.jinja')
message = mail.EmailMessage()
message.sender = constants.SENDER_ADDRESS
message.to = user.email
message.subject = 'Please verify your address'
message.body = template.render(template_values)
message.send()
user.put()
def generate_id():
'''
Generates the sessionid user for authentication during the lifetime of the session. The output is hex_encoded
'''
return ''.join('%02x' % ord(byte) for byte in CryptoUtil.get_sessionId())
def __login(self):
""" Validate incoming parameters and log in user if all is ok """
# Validate email and get user from db
email = self.request.get(constants.VAR_NAME_EMAIL)
logging.info('User logging in: ' + str(email))
if not User.isEmailValid(email) or not User.isAlreadyRegistered(email):
logging.error('Email mismatched or not registered')
self.set_error(constants.STATUS_BAD_REQUEST,
self.gettext('LOGIN_ERROR'), url=self.request.url)
return
user = User.getUser(email.lower())
# Calculate password hash
password = self.request.get(constants.VAR_NAME_PASSWORD)
if not User.isPasswordValid(password):
logging.error('Invalid password')
self.set_error(constants.STATUS_BAD_REQUEST,
self.gettext('LOGIN_ERROR'), url=self.request.url)
return
key = CryptoUtil.getKey(password, user.salt)
# Validate password
if not user.password == key:
logging.error('Incorrect password for email')
self.set_error(constants.STATUS_BAD_REQUEST,
self.gettext('LOGIN_ERROR'), url=self.request.url)
return
# Check remember me
remember_string = self.request.get('remember').lower()
remember = remember_string != '' and remember_string != 'false'
if remember:
token_id = LoginToken.generate_id()
token = LoginToken()
token.tokenid = token_id
token.ip = self.request.remote_addr
token.user = email
token.put()
cookie_value = token.get_cookie_value()
delta = timedelta(days=constants.PERSISTENT_LOGIN_LIFETIME_DAYS)
self.response.set_cookie(constants.PERSISTENT_LOGIN_NAME,
cookie_value,
expires=datetime.utcnow() + delta,
path="/", httponly=True, secure=True)
# Log in user
if user.verified:
user.login(self.request.remote_addr)
session = get_current_session()
url = session.pop(constants.VAR_NAME_REDIRECT)
if url is None:
url = "/"
self.ok(url)
else:
logging.error('User unverified')
self.set_error(constants.STATUS_FORBIDDEN,
self.gettext('UNVERIFIED_PRE') +
' <a href=\"/User/Verify">' +
self.gettext('UNVERIFIED_HERE') +
'</a> ' +
self.gettext('UNVERIFIED_POST'),
url=self.request.url)
return
def generate_id():
'''
Return the bytearray representing the token in an URL-friendly, hex-encoded way.
'''
return ''.join('%02x' % ord(byte) for byte in CryptoUtil.getPersistentId())
