def delete(self):
self.key.delete()
if request.is_xhr:
return 'json:', {'success': True}
raise HTTPFound(location='/key/')
def delete(self):
owner = self.key.owner
#Delete the key
self.key.delete()
if request.is_xhr:
return 'json:', dict(success=True)
raise HTTPFound(location='/key/')
def post(self, identity, password, remember=False, redirect=None):
if not authenticate(identity, password):
if request.is_xhr:
return 'json:', dict(success=False, message=_("Invalid user name or password."))
return self.get(redirect)
if request.is_xhr:
return 'json:', dict(success=True, location=redirect or '/')
raise HTTPFound(location=redirect or '/')
def delete(self):
log.info("Deleted application %s owned by %s", self.app,
self.app.owner)
self.app.delete()
if request.is_xhr:
return 'json:', dict(
success=True,
message=_("Successfully deleted application registration."))
raise HTTPFound(location='/application/manage/')
def put(self):
if self.key.owner.id != user.id:
raise HTTPNotFound()
u = user._current_obj()
u.primary = self.key
u.save()
if request.is_xhr:
return 'json:', dict(success=True)
raise HTTPFound(location='/character/')
def ar(self, ar):
if not session.get('ar', None) == ar:
session['ar'] = ar
session.save()
raise HTTPFound(
location='/account/authenticate?redirect=%2Fauthorize%2F{0}'.
format(ar))
try:
return AuthenticationRequest.objects.get(id=ar,
user=None,
grant=None)
except AuthenticationRequest.DoesNotExist:
raise HTTPNotFound()
def get(self, ar):
from brave.core.application.model import ApplicationGrant
ar = self.ar(ar)
u = user._current_obj()
grant = ApplicationGrant.objects(user=u,
application=ar.application).first()
if not grant:
# TODO: We need a 'just logged in' flag in the request.
characters = list(u.characters.order_by('name').all())
if len(characters):
default = u.primary or characters[0]
else:
return (
'brave.core.template.authorize',
dict(
success=False,
message=
_("This application requires that you have a character connected to your"
" account. Please <a href=\"/key/\">add an API key</a> to your account."
),
ar=ar))
return 'brave.core.template.authorize', dict(success=True,
ar=ar,
characters=characters,
default=default)
ngrant = ApplicationGrant(user=u,
application=ar.application,
mask=grant.mask,
expires=datetime.utcnow() +
timedelta(days=30),
character=grant.character)
ngrant.save()
ar.user = u
ar.grant = ngrant
ar.expires = datetime.utcnow() + timedelta(
minutes=10) # extend to allow time for verification
ar.save()
r = grant.delete()
target = URL(ar.success)
target.query.update(dict(token=str(ngrant.id)))
raise HTTPFound(location=str(target))
def post(self, **kw):
data = Bunch(kw)
try:
data.key = int(data.key)
if data.key <= KEY_RESET_FLOOR:
return 'json:', dict(success=False,
message=_("The key given (%d) must be above minimum reset floor value of %d. Please reset your EVE API Key." % (data.key, KEY_RESET_FLOOR)),
field='key')
except ValueError:
return 'json:', dict(success=False, message=_("Key ID must be a number."), field='key')
record = EVECredential(data.key, data.code, owner=user.id)
try:
record.save()
#Necessary to guarantee that the pull finished before returning.
record.pull()
characters = []
for character in record.characters:
characters.append(dict(identifier = character.identifier, name = character.name))
if request.is_xhr:
return 'json:', dict(
success = True,
message = _("Successfully added EVE API key."),
identifier = str(record.id),
key = record.key,
code = record.code,
characters = characters,
violation = record.violation
)
except ValidationError:
if request.is_xhr:
return 'json:', dict(
success = False,
message = _("Validation error: one or more fields are incorrect or missing."),
)
except NotUniqueError:
return 'json:', dict(
success = False,
message = _("This key has already been added by another account."),
)
raise HTTPFound(location='/key/')
def delete(self):
log.info("REVOKE %r %r", self.grant.user, self.grant.application)
try:
self.grant.delete()
except:
log.exception("Error revoking grant.")
return 'json:', dict(
success=False,
message=_("Unable to revoke application permission."))
if request.is_xhr:
return 'json:', dict(
success=True,
message=_("Successfully revoked application permissions."))
raise HTTPFound(location='/application/')
def post(self, **kw):
data = Bunch(kw)
record = EVECredential(data.key, data.code, owner=user.id)
record.save()
# If record is a character key:
# Create character owned by user.id
if request.is_xhr:
return 'json:', {
'success': True,
'identifier': str(record.id),
'key': record.key,
'code': record.code
}
raise HTTPFound(location='/key/')
def post(self, identity, password, remember=False, redirect=None):
# First try with the original input
success = authenticate(identity, password)
if not success:
# Try lowercase if it's an email or username, but not if it's an OTP
if '@' in identity or len(identity) != 44:
success = authenticate(identity.lower(), password)
if not success:
if request.is_xhr:
return 'json:', dict(
success=False, message=_("Invalid user name or password."))
return self.get(redirect)
if request.is_xhr:
return 'json:', dict(success=True, location=redirect or '/')
raise HTTPFound(location=redirect or '/')
def get(self, redirect=None, **get):
if redirect is None:
referrer = request.referrer
redirect = '/' if not referrer or referrer.endswith(
request.script_name) else referrer
try:
data = Bunch(reset_password_form.native(get)[0])
except Exception as e:
if config.get('debug', False):
raise
raise HTTPFound(
location='/') # Todo redirect to recover with error message
if not data.recovery_key: # no key passed, so show email entry
form = recover_form(dict(redirect=redirect))
button_label = _("Recover")
else:
form = reset_password_form(
dict(email=data.email, recovery_key=data.recovery_key))
button_label = _("Set Password")
return "brave.core.account.template.recover", dict(
form=form, button_label=str(button_label))
def post(self, **kw):
data = Bunch(kw)
record = EVECredential(data.key, data.code, owner=user.id)
try:
record.save()
record.importChars()
if request.is_xhr:
return 'json:', {
'success': True,
'identifier': str(record.id),
'key': record.key,
'code': record.code
}
except ValidationError:
if request.is_xhr:
return 'json:', {
'success':
False,
'message':
'Validation error for Eve Credential: One or more fields are incorrect or missing'
}
raise HTTPFound(location='/key/')
def post(self, **kw):
data = Bunch(kw)
try:
data.key = int(data.key)
if data.key <= int(config['core.minimum_key_id']):
return 'json:', dict(
success=False,
message=_(
"The key given (%d) must be above minimum reset floor value of %d. "
"Please reset your EVE API Key." %
(data.key, int(config['core.minimum_key_id']))),
field='key')
except ValueError:
return 'json:', dict(success=False,
message=_("Key ID must be a number."),
field='key')
record = EVECredential(data.key, data.code, owner=user.id)
try:
record.save()
#Necessary to guarantee that the pull finished before returning.
record.pull()
characters = []
for character in record.characters:
characters.append(
dict(identifier=character.identifier, name=character.name))
if request.is_xhr:
return 'json:', dict(
success=True,
message=_("Successfully added EVE API key."),
identifier=str(record.id),
key=record.key,
code=record.code,
characters=characters,
violation=record.violation)
except ValidationError:
if request.is_xhr:
return 'json:', dict(
success=False,
message=
_("Validation error: one or more fields are incorrect or missing."
),
)
except NotUniqueError:
if EVECredential.objects(key=data.key):
# Mark both of these accounts as duplicates to each other.
acc = User.objects(username=user.username).first()
other = EVECredential.objects(key=data.key).first().owner
User.add_duplicate(acc, other)
return 'json:', dict(
success=False,
message=
_("This key has already been added to this or another account."
),
)
raise HTTPFound(location='/key/')