def reset_password(): """ Final password reset form POST endpoint. """ code = request.forms.get('code') password = request.forms.get('password') confirm_password = request.forms.get('confirm_password') # Validate password if confirm_password != password: return redirect_with_query( '/account/reset/verified', {'code_valid': True, 'code': code, 'error': "Passwords do not match."}, ) try: User.validate_password(password) except UsageError as e: return redirect_with_query( '/account/reset/verified', {'code_valid': True, 'code': code, 'error': str(e)} ) # Verify reset code again and get user_id user_id = local.model.get_reset_code_user_id(code, delete=True) if user_id is None: return redirect_with_query('/account/reset/verified', {'code_valid': False}) # Update user password user_info = local.model.get_user_info(user_id) user_info['password'] = (User.encode_password(password, crypt_util.get_random_string()),) local.model.update_user_info(user_info) return redirect('/account/reset/complete')
def reset_password(): """ Final password reset form POST endpoint. """ code = request.forms.get('code') password = request.forms.get('password') confirm_password = request.forms.get('confirm_password') # Validate password if confirm_password != password: return redirect_with_query( '/account/reset/verified', {'code_valid': True, 'code': code, 'error': "Passwords do not match."}, ) try: User.validate_password(password) except UsageError as e: return redirect_with_query( '/account/reset/verified', {'code_valid': True, 'code': code, 'error': e.message} ) # Verify reset code again and get user_id user_id = local.model.get_reset_code_user_id(code, delete=True) if user_id is None: return redirect_with_query('/account/reset/verified', {'code_valid': False}) # Update user password user_info = local.model.get_user_info(user_id) user_info['password'] = (User.encode_password(password, crypt_util.get_random_string()),) local.model.update_user_info(user_info) return redirect('/account/reset/complete')
def do_signup(): if request.user: return redirect(default_app().get_url( 'success', message="You are already logged into your account.")) success_uri = request.forms.get('success_uri') error_uri = request.forms.get('error_uri') username = request.forms.get('username') password = request.forms.get('password') email = request.forms.get('email') errors = [] if request.forms.get('confirm_password') != password: errors.append("Passwords do not match.") if not spec_util.NAME_REGEX.match(username): errors.append( "Username must only contain letter, digits, hyphens, underscores, and periods." ) try: User.validate_password(password) except UsageError as e: errors.append(e.message) # Only do a basic validation of email -- the only guaranteed way to check # whether an email address is valid is by sending an actual email. if not spec_util.BASIC_EMAIL_REGEX.match(email): errors.append("Email address is invalid.") if local.model.user_exists(username, email): errors.append("User with this username or email already exists.") if not NAME_REGEX.match(username): errors.append( "Username characters must be alphanumeric, underscores, periods, or dashes." ) if errors: return redirect_with_query( error_uri, { 'error': ' '.join(errors), 'next': success_uri, 'email': email, 'username': username, }) # Create unverified user _, verification_key = local.model.add_user(username, email, password) # Send key send_verification_key(username, email, verification_key) # Redirect to success page return redirect_with_query(success_uri, {'email': email})
def do_signup(): if request.user: return redirect(default_app().get_url('success', message="You are already logged into your account.")) success_uri = request.forms.get('success_uri') error_uri = request.forms.get('error_uri') username = request.forms.get('username') password = request.forms.get('password') email = request.forms.get('email') errors = [] if request.forms.get('confirm_password') != password: errors.append("Passwords do not match.") if not spec_util.NAME_REGEX.match(username): errors.append("Username must only contain letter, digits, hyphens, underscores, and periods.") try: User.validate_password(password) except UsageError as e: errors.append(e.message) # Only do a basic validation of email -- the only guaranteed way to check # whether an email address is valid is by sending an actual email. if not spec_util.BASIC_EMAIL_REGEX.match(email): errors.append("Email address is invalid.") if local.model.user_exists(username, email): errors.append("User with this username or email already exists.") if not NAME_REGEX.match(username): errors.append("Username characters must be alphanumeric, underscores, periods, or dashes.") if errors: return redirect_with_query(error_uri, { 'error': ' '.join(errors), 'next': success_uri, 'email': email, 'username': username, }) # Create unverified user _, verification_key = local.model.add_user(username, email, password) # Send key send_verification_key(username, email, verification_key) # Redirect to success page return redirect_with_query(success_uri, { 'email': email })
def do_signup(): if request.user.is_authenticated: return redirect(default_app().get_url( 'success', message="You are already logged into your account.")) success_uri = request.forms.get('success_uri') error_uri = request.forms.get('error_uri') username = request.forms.get('username') email = request.forms.get('email') first_name = request.forms.get('first_name') last_name = request.forms.get('last_name') password = request.forms.get('password') affiliation = request.forms.get('affiliation') errors = [] if request.user.is_authenticated: errors.append("You are already logged in as %s, please log out before " "creating a new account." % request.user.user_name) if request.forms.get('confirm_password') != password: errors.append("Passwords do not match.") if not spec_util.NAME_REGEX.match(username): errors.append( "Username must only contain letter, digits, hyphens, underscores, and periods." ) try: User.validate_password(password) except UsageError as e: errors.append(str(e)) # Only do a basic validation of email -- the only guaranteed way to check # whether an email address is valid is by sending an actual email. if not spec_util.BASIC_EMAIL_REGEX.match(email): errors.append("Email address is invalid.") if local.model.user_exists(username, email): errors.append("User with this username or email already exists.") if not NAME_REGEX.match(username): errors.append( "Username characters must be alphanumeric, underscores, periods, or dashes." ) if errors: return redirect_with_query( error_uri, { 'error': ' '.join(errors), 'next': success_uri, 'email': email, 'username': username, 'first_name': first_name, 'last_name': last_name, 'affiliation': affiliation, }, ) # If user leaves it blank, empty string is obtained - make it of NoneType. if not affiliation: affiliation = None # Create unverified user _, verification_key = local.model.add_user(username, email, first_name, last_name, password, affiliation) # Send key send_verification_key(username, email, verification_key) # Redirect to success page return redirect_with_query(success_uri, {'email': email})
from codalab.objects.user import User manager = CodaLabManager() model = manager.model() username = manager.root_user_name() user_id = manager.root_user_id() if len(sys.argv) == 2: password = sys.argv[1] else: while True: password = getpass.getpass() if getpass.getpass('Config password: '******'Passwords don\'t match. Try again.' print if model.get_user(user_id=user_id, check_active=False): update = { "user_id": user_id, "user_name": username, "password": User.encode_password(password, crypt_util.get_random_string()),\ "is_active": True, "is_verified": True, } model.update_user_info(update) else: model.add_user(username, '', password, user_id, is_verified=True)
import unittest import datetime from codalab.objects.user import User user = User({ "user_id": 1, "user_name": "test", "email": "*****@*****.**", "last_login": datetime.datetime.now(), "is_active": True, "first_name": None, "last_name": None, "date_joined": datetime.datetime.now(), "is_verified": True, "is_superuser": False, "password": "", "time_quota": 0, "time_used": 0, "disk_quota": 0, "disk_used": 0, "affiliation": None, "url": None, }) class UserTest(unittest.TestCase): def test_hashing(self): """ Test that hashing works """
import datetime from codalab.objects.user import User from codalab.model.tables import NOTIFICATIONS_IMPORTANT user = User({ "user_id": 1, "user_name": "test", "email": "*****@*****.**", "notifications": NOTIFICATIONS_IMPORTANT, "last_login": datetime.datetime.now(), "is_active": True, "first_name": None, "last_name": None, "date_joined": datetime.datetime.now(), "has_access": False, "is_verified": True, "is_superuser": False, "password": "", "time_quota": 0, "parallel_run_quota": 0, "time_used": 0, "disk_quota": 0, "disk_used": 0, "affiliation": None, "url": None, }) class UserTest(unittest.TestCase): def test_hashing(self): """
from codalab.lib import crypt_util from codalab.lib.codalab_manager import CodaLabManager from codalab.objects.user import User manager = CodaLabManager() model = manager.model() username = manager.root_user_name() user_id = manager.root_user_id() if len(sys.argv) == 2: password = sys.argv[1] else: while True: password = getpass.getpass('Password for %s(%s): ' % (username, user_id)) if getpass.getpass('Confirm password: '******'Passwords don\'t match. Try again.') if model.get_user(user_id=user_id, check_active=False): update = { "user_id": user_id, "user_name": username, "password": User.encode_password(password, crypt_util.get_random_string()), "is_active": True, "is_verified": True, } model.update_user_info(update) else: model.add_user(username, '', '', '', password, '', user_id=user_id, is_verified=True)
def do_signup(): success_uri = request.forms.get('success_uri') error_uri = request.forms.get('error_uri') username = request.forms.get('username') email = request.forms.get('email') first_name = request.forms.get('first_name') last_name = request.forms.get('last_name') password = request.forms.get('password') affiliation = request.forms.get('affiliation') token = request.forms.get('token') errors = [] if not token: errors.append('Google reCAPTCHA token is missing.') else: url = 'https://www.google.com/recaptcha/api/siteverify' data = { 'secret': os.environ['CODALAB_RECAPTCHA_SECRET_KEY'], 'response': token, } res = requests.post(url, data) try: data = res.json() if not data.get('success'): errors.append('Google reCAPTCHA failed.') except UsageError as e: errors.append(str(e)) if request.user.is_authenticated: errors.append("You are already logged in as %s, please log out before " "creating a new account." % request.user.user_name) if request.forms.get('confirm_password') != password: errors.append("Passwords do not match.") if not spec_util.NAME_REGEX.match(username): errors.append( "Username must only contain letter, digits, hyphens, underscores, and periods." ) try: User.validate_password(password) except UsageError as e: errors.append(str(e)) # Only do a basic validation of email -- the only guaranteed way to check # whether an email address is valid is by sending an actual email. if not spec_util.BASIC_EMAIL_REGEX.match(email): errors.append("Email address is invalid.") if local.model.user_exists(username, email): errors.append("User with this username or email already exists.") if not NAME_REGEX.match(username): errors.append( "Username characters must be alphanumeric, underscores, periods, or dashes." ) if errors: return redirect_with_query( error_uri, { 'error': ' '.join(errors), 'next': success_uri, 'email': email, 'username': username, 'first_name': first_name, 'last_name': last_name, 'affiliation': affiliation, }, ) # If user leaves it blank, empty string is obtained - make it of NoneType. if not affiliation: affiliation = None # Create unverified user _, verification_key = local.model.add_user(username, email, first_name, last_name, password, affiliation) # Send key send_verification_key(username, email, verification_key) # Redirect to success page return redirect_with_query(success_uri, {'email': email})
def do_signup(): if request.user.is_authenticated: return redirect( default_app().get_url('success', message="You are already logged into your account.") ) success_uri = request.forms.get('success_uri') error_uri = request.forms.get('error_uri') username = request.forms.get('username') email = request.forms.get('email') first_name = request.forms.get('first_name') last_name = request.forms.get('last_name') password = request.forms.get('password') affiliation = request.forms.get('affiliation') errors = [] if request.user.is_authenticated: errors.append( "You are already logged in as %s, please log out before " "creating a new account." % request.user.user_name ) if request.forms.get('confirm_password') != password: errors.append("Passwords do not match.") if not spec_util.NAME_REGEX.match(username): errors.append( "Username must only contain letter, digits, hyphens, underscores, and periods." ) try: User.validate_password(password) except UsageError as e: errors.append(e.message) # Only do a basic validation of email -- the only guaranteed way to check # whether an email address is valid is by sending an actual email. if not spec_util.BASIC_EMAIL_REGEX.match(email): errors.append("Email address is invalid.") if local.model.user_exists(username, email): errors.append("User with this username or email already exists.") if not NAME_REGEX.match(username): errors.append("Username characters must be alphanumeric, underscores, periods, or dashes.") if errors: return redirect_with_query( error_uri, { 'error': ' '.join(errors), 'next': success_uri, 'email': email, 'username': username, 'first_name': first_name, 'last_name': last_name, 'affiliation': affiliation, }, ) # If user leaves it blank, empty string is obtained - make it of NoneType. if not affiliation: affiliation = None # Create unverified user _, verification_key = local.model.add_user( username, email, first_name, last_name, password, affiliation ) # Send key send_verification_key(username, email, verification_key) # Redirect to success page return redirect_with_query(success_uri, {'email': email})