def validate_password(self, password, confirm): if password != confirm: raise ValidationException('password_mismatch') if not self.PASS_RX.match(password): raise ValidationException('password_invalid') return True
def validate_password(self, password, confirm): if password != confirm: raise ValidationException('Passwords do not match!') if not self.PASS_RX.match(password): raise ValidationException('Please choose a different password') return True
def validate_user(self, user, email): if not self.is_username_available(user): raise ValidationException('username_not_available') if self.has_user_email(email): raise ValidationException('email_not_available') return True
def reset_password(self, password, confirm, resetcode): self.validate_password(password, confirm) try: self.cork.reset_password(resetcode, password) except AuthException: raise ValidationException('invalid_reset_code')
def create_coll_post(): title = self.post_get('title') if not title: self.flash_message('Title is required') self.redirect('/_create') is_public = self.post_get('public') == 'on' coll = self.sanitize_title(title) user = self.manager.get_curr_user() try: if not coll: raise ValidationException('Invalid Collection Name') #self.manager.add_collection(user, coll_name, title, access) collection = self.manager.create_collection(user, coll, title, desc='', public=is_public) self.flash_message( 'Created collection <b>{0}</b>!'.format( collection['title']), 'success') redir_to = self.get_redir_back('/_create') except ValidationException as ve: self.flash_message(str(ve)) redir_to = '/_create' self.redirect(redir_to)
def update_password(self, curr_password, password, confirm): user = self.get_curr_user() if not self.cork.verify_password(user, curr_password): raise ValidationException('Incorrect Current Password') self.validate_password(password, confirm) self.cork.update_password(user, password)
def validate_user(self, user, email): if self.has_user(user): msg = 'User <b>{0}</b> already exists! Please choose a different username' msg = msg.format(user) raise ValidationException(msg) if not self.USER_RX.match(user) or user in self.RESTRICTED_NAMES: msg = 'The name <b>{0}</b> is not a valid username. Please choose a different username' msg = msg.format(user) raise ValidationException(msg) if self.has_user_email(email): msg = 'There is already an account for <b>{0}</b>. If you have trouble logging in, you may <a href="/_forgot"><b>reset the password</b></a>.' msg = msg.format(email) raise ValidationException(msg) return True
def update_password(self, curr_password, password, confirm): username = self.access.session_user.name if not self.cork.verify_password(username, curr_password): raise ValidationException('invalid_password') self.validate_password(password, confirm) self.cork.update_password(username, password)
def create_user(self, reg): try: user, init_info = self.cork.validate_registration(reg) except AAAException as a: raise ValidationException(a) if init_info: init_info = json.loads(init_info) else: init_info = {} key = self.user_key.format(user=user) now = int(time.time()) max_size, max_coll = self.redis.hmget('h:defaults', ['max_size', 'max_coll']) if not max_size: max_size = self.default_max_size if not max_coll: max_coll = self.default_max_coll with redis_pipeline(self.redis) as pi: pi.hset(key, 'max_size', max_size) pi.hset(key, 'max_coll', max_coll) pi.hset(key, 'created_at', now) pi.hset(key, 'name', init_info.get('name', '')) pi.hsetnx(key, 'size', '0') self.cork.do_login(user) sesh = self.get_session() if not sesh.curr_user: sesh.curr_user = user # Move Temp collection to be permanent move_info = init_info.get('move_info') if move_info: self.move_temp_coll(user, move_info) first_coll = init_info.get('to_title') else: self.create_collection(user, coll=self.default_coll['id'], coll_title=self.default_coll['title'], desc=self.default_coll['desc'].format(user), public=False) first_coll = self.default_coll['title'] # Check for mailing list management if self.mailing_list: self.add_to_mailing_list(user, self.get_user_email(user), self.get_user_info(user).get('name', '')) return user, first_coll
def get_move_temp_info(self, input_data): move_temp = input_data.get('moveTemp') if not move_temp: return None to_coll_title = input_data.get('toColl', '') to_coll = sanitize_title(to_coll_title) if not to_coll: raise ValidationException('invalid_coll_name') if not self.access.session_user.is_anon(): raise ValidationException('invalid_user_import') return {'from_user': self.access.session_user.name, 'to_coll': to_coll, 'to_title': to_coll_title, }
def is_valid_invite(self, invitekey): try: if not invitekey: return False key = base64.b64decode(invitekey.encode('utf-8')).decode('utf-8') key.split(':', 1) email, hash_ = key.split(':', 1) entry = self.invites[email] if entry and entry.get('hash_') == hash_: return email except Exception as e: print(e) pass msg = 'Sorry, that is not a valid invite code. Please try again or request another invite' raise ValidationException(msg)
def get_move_temp_info(self): move_info = None move_temp = self.post_get('move-temp') if move_temp == '1': to_coll_title = self.post_get('to-coll') to_coll = self.sanitize_title(to_coll_title) if not to_coll: raise ValidationException( 'Invalid new collection name, please pick a different name' ) sesh = self.get_session() if sesh.is_anon() and to_coll: move_info = { 'from_user': sesh.anon_user, 'to_coll': to_coll, 'to_title': to_coll_title, } return move_info
def register_user(self, input_data, host): msg = OrderedDict() redir_extra = '' username = input_data.get('username', '') full_name = input_data.get('full_name', '') email = input_data.get('email', '') if 'username' not in input_data: msg['username'] = '******' elif username.startswith(self.temp_prefix): msg['username'] = '******' if 'email' not in input_data: msg['email'] = 'Missing Email' if self.invites_enabled: try: val_email = self.is_valid_invite(input_data['invite']) if val_email != email: raise ValidationException('Sorry, this invite can only be used with email: {0}'.format(val_email)) except ValidationException as ve: msg['invite'] = str(ve) else: redir_extra = '?invite=' + input_data.get('invite', '') try: self.validate_user(username, email) self.validate_password(input_data['password'], input_data['confirmpassword']) except ValidationException as ve: msg['validation'] = str(ve) try: move_info = self.get_move_temp_info(input_data) except ValidationException as ve: msg['move_info'] = str(ve) if msg: return msg, redir_extra try: desc = {'name': full_name} if move_info: desc['move_info'] = move_info desc = json.dumps(desc) self.cork.register(username, input_data['password'], email, role='archivist', max_level=50, subject='webrecorder.io Account Creation', email_template='webrecorder/templates/emailconfirm.html', description=desc, host=host) # add to announce list if user opted in if input_data.get('announce_mailer') and self.announce_list: self.add_to_mailing_list(username, email, full_name, list_endpoint=self.announce_list) if self.invites_enabled: self.delete_invite(email) # extend session for upto 90 mins to store data to be migrated # to allow time for user to validate registration if move_info: self.get_session().save() except ValidationException as ve: msg['validation'] = str(ve) except Exception as ex: import traceback traceback.print_exc() msg['other_error'] = 'Registration failed: ' + str(ex) if not msg: msg['success'] = ('A confirmation e-mail has been sent to <b>{0}</b>. ' + 'Please check your e-mail to complete the registration!').format(username) return msg, redir_extra
def register_post(): self.redirect_home_if_logged_in() email = self.post_get('email') username = self.post_get('username') password = self.post_get('password') name = self.post_get('name') decoy_name = self.post_get('full_name') confirm_password = self.post_get('confirmpassword') invitecode = self.post_get('invite') opt_in_mailer = self.post_get('announce_mailer') == '1' redir_to = REGISTER_PATH if decoy_name: return self.redirect(redir_to) if username.startswith(self.manager.temp_prefix): self.flash_message('Sorry, this is not a valid username') self.redirect(redir_to) return try: move_info = self.get_move_temp_info() except ValidationException as ve: self.flash_message('Registration Failed: ' + str(ve)) self.redirect('/') return if self.invites_enabled: try: val_email = self.manager.is_valid_invite(invitecode) if val_email != email: raise ValidationException( 'Sorry, this invite can only be used with email: {0}' .format(val_email)) except ValidationException as ve: self.flash_message(str(ve)) self.redirect(redir_to) return redir_to += '?invite=' + invitecode try: self.manager.validate_user(username, email) self.manager.validate_password(password, confirm_password) #TODO: set default host? host = self.get_host() desc = {'name': name} if move_info: desc['move_info'] = move_info desc = json.dumps(desc) self.manager.cork.register( username, password, email, role='archivist', max_level=50, subject='webrecorder.io Account Creation', email_template='webrecorder/templates/emailconfirm.html', description=desc, host=host) self.flash_message( ('A confirmation e-mail has been sent to <b>{0}</b>. ' 'Please check your e-mail to complete the registration!' ).format(username), 'warning') # add to announce list if user opted in if opt_in_mailer and self.announce_list: self.manager.add_to_mailing_list( username, email, name, list_endpoint=self.announce_list) redir_to = '/' if self.invites_enabled: self.manager.delete_invite(email) except ValidationException as ve: self.flash_message(str(ve)) except Exception as ex: self.flash_message('Registration failed: ' + str(ex)) self.redirect(redir_to)