def __init__(self):
self.serviceName = conf.get('serviceName')
self.emailCodeLink = conf.get('emailCodeLink')
smtp_params = conf.get('smtp')
self.email_account = EmailAccount(
smtp_params['from'],
smtp_params['smtpServer'],
smtp_params['username'],
smtp_params['password'],
port=smtp_params['port'],
sender_name=smtp_params.get('senderName'))
async def logout(document):
decoded_token = decode_signed_string(
document['authToken'],
max_age_days = conf.get('tokenDurationSeconds') / 86400.0
)
if decoded_token is None:
return Response({"success": True})
await conf.mongo_accounts.update_one(
{'authTokens': {'$elemMatch': {'authToken': decoded_token}}},
{'$pull': {'authTokens': {'authToken': decoded_token}}}
)
return Response({"success": True})
async def _generate_auth_token(user):
now = int(time.time())
token_duration_seconds = conf.get('tokenDurationSeconds')
timestamp_cutoff = now - token_duration_seconds
current_auth_tokens = user.get('authTokens', [])
new_tokens = [
dct
for dct in current_auth_tokens
if dct['timestamp'] > timestamp_cutoff
]
max_tokens_per_user = conf.get('maxTokensPerUser')
assert max_tokens_per_user >= 1
if len(new_tokens) >= max_tokens_per_user:
new_tokens = new_tokens[1:]
new_unsigned_token = str(uuid.uuid4())
new_tokens.append({'authToken': new_unsigned_token, 'timestamp': now})
await conf.mongo_accounts.update_one(
filter = {'_id': user['_id']},
update = {'$set': {'authTokens': new_tokens}}
)
return create_signed_string(new_unsigned_token)
def decode_signed_string(strg, max_age_days):
try:
result = decode_signed_value(conf.get("secretKey"),
"data",
zlib.decompress(
b64decode(strg, altchars=b'_-')),
max_age_days=max_age_days)
except (binascii.Error, zlib.error) as exc:
return None
if result is None:
return None
else:
return result.decode('utf-8')
from coolsignup.conf import conf
from naval import Type, Length, Assert, Do
from postpone import LazyString as _
from zxcvbn import zxcvbn
PASSWORD_MAX_LENGTH = 800
NewPasswordValidator = Do(
Type(str), Length(conf.get('passwordMinLength'), PASSWORD_MAX_LENGTH),
Assert(
(lambda p: zxcvbn(p)['guesses_log10'] >= conf.get('passwordStrength')),
error_message=_("Password too easy to guess.")))
if await email_exists(email, case_sensitive = False):
return Response(email_used_result)
else:
code = create_signed_document({
'action': 'firstRegistration',
'email': email
})
mailer.send_registration_code(
code,
email,
lang = lang
)
return Response({"success": True})
DecodeEmailCode = DecodeSignedDocument(
max_age_days = conf.get('codeDurationSeconds') / 86400.0
)
RegistrationCode = Do(
Type(str),
Length(min = 1, max = 2000),
DecodeEmailCode,
Schema(
['email', Email],
['action', ('firstRegistration',)]
)
)
@Sch(['code', RegistrationCode, SaveAs('decoded')])
async def check_registration_code(document):
if await email_exists(document['decoded']['email'], case_sensitive = False):
def create_signed_string(strg):
return b64encode(zlib.compress(
create_signed_value(conf.get("secretKey"), "data", strg)),
altchars=b'_-').decode('utf-8')