def reset(request, encrypted_email):
errors = []
error = False
if request.method == "POST":
try:
user_email = request.POST["user_email"].lower()
password = request.POST["new_password"]
password2 = request.POST["new_password2"]
if password == "":
errors.append("Empty Password.")
error = True
if password2 != password:
errors.append("Password and Confirm Password don't match.")
error = True
if not error:
hashed_password = hashlib.sha1(password).hexdigest()
user = User.objects.get(email=user_email)
try:
DataHubManager.create_user(username=user.username,
password=hashed_password)
except Exception, e:
pass
try:
DataHubManager.change_password(username=user.username,
password=hashed_password)
except Exception, e:
errors.append(str(e))
error = True
if error:
c = {
'user_email': user_email,
'encrypted_email': encrypted_email,
'errors': errors
}
c.update(csrf(request))
return render_to_response('reset.html', c)
else:
hashed_password = hashlib.sha1(password).hexdigest()
user = User.objects.get(email=user_email)
user.password = hashed_password
user.save()
c = {
'msg_title':
'DataHub Reset Password',
'msg_body':
'Your password has been changed successfully.<br /> <br />'
'<a href="/account/login" class="blue bold">Click Here</a>'
' to sign in.'
}
c.update(csrf(request))
return render_to_response('confirmation.html', c)
def reset (request, encrypted_email):
errors = []
error = False
if request.method == "POST":
try:
user_email = request.POST["user_email"].lower()
password = request.POST["new_password"]
password2 = request.POST["new_password2"]
if password == "":
errors.append("Empty Password.")
error = True
if password2 != password:
errors.append("Password and Confirm Password don't match.")
error = True
if not error:
hashed_password = hashlib.sha1(password).hexdigest()
user = User.objects.get(email=user_email)
try:
DataHubManager.create_user(username=user.username, password=hashed_password)
except Exception, e:
pass
try:
DataHubManager.change_password(username=user.username, password=hashed_password)
except Exception, e:
errors.append(str(e))
error = True
if error:
c = {
'user_email': user_email,
'encrypted_email': encrypted_email,
'errors': errors
}
c.update(csrf(request))
return render_to_response('reset.html', c)
else:
hashed_password = hashlib.sha1(password).hexdigest()
user = User.objects.get(email=user_email)
user.password = hashed_password
user.save()
c = {
'msg_title': 'DataHub Reset Password',
'msg_body': 'Your password has been changed successfully.<br /> <br />'
'<a href="/login" class="blue bold">Click Here</a>'
' to sign in.'
}
c.update(csrf(request))
return render_to_response('confirmation.html', c)
def datahub_authenticate(username, password):
"""
Analog of django.contrib.auth.authenticate.
Given a username or email plus password, finds the User object, verifies
the password, and sets a flag on the object allowing it to be used in the
login function.
First argument can be a username or email address.
If the user has an account in a state partially migrated from the legacy
model, this will finish the migration by setting the password on their
migrated account and flipping the appropriate flags to allow login.
"""
# If username looks like an email address, look up the username
# associated with that address.
#
# This assumes the username regex disallows the @ symbol, and the
# email regex requires it.
if '@' in username:
try:
user = User.objects.get(email=username)
username = user.username
except User.DoesNotExist:
user = None
else:
try:
user = User.objects.get(username=username)
except:
user = None
if user is not None and user.last_login is None:
hashed_password = hashlib.sha1(password).hexdigest()
try:
DataHubLegacyUser.objects.get(
username=username,
password=hashed_password)
print("Found partially migrated user {0}".format(username))
user.set_password(password)
user.save(update_fields=['password'])
# Set the user's Postgres password to their hashed password
DataHubManager.change_password(username, user.password)
print("Updated password for {0}".format(username))
except DataHubLegacyUser.DoesNotExist:
pass
user = django_authenticate(username=username, password=password)
return user
def datahub_authenticate(username, password):
"""
Analog of django.contrib.auth.authenticate.
Given a username or email plus password, finds the User object, verifies
the password, and sets a flag on the object allowing it to be used in the
login function.
First argument can be a username or email address.
If the user has an account in a state partially migrated from the legacy
model, this will finish the migration by setting the password on their
migrated account and flipping the appropriate flags to allow login.
"""
# If username looks like an email address, look up the username
# associated with that address.
#
# This assumes the username regex disallows the @ symbol, and the
# email regex requires it.
if '@' in username:
try:
user = User.objects.get(email=username)
username = user.username
except User.DoesNotExist:
user = None
else:
try:
user = User.objects.get(username=username)
except:
user = None
if user is not None and user.last_login is None:
hashed_password = hashlib.sha1(password).hexdigest()
try:
DataHubLegacyUser.objects.get(username=username,
password=hashed_password)
print("Found partially migrated user {0}".format(username))
user.set_password(password)
user.save(update_fields=['password'])
# Set the user's Postgres password to their hashed password
DataHubManager.change_password(username, user.password)
print("Updated password for {0}".format(username))
except DataHubLegacyUser.DoesNotExist:
pass
user = django_authenticate(username=username, password=password)
return user
def register (request):
redirect_url = '/'
if('redirect_url' in request.GET.keys()):
redirect_url = urllib.unquote_plus(request.GET['redirect_url'])
if request.method == "POST":
errors = []
email = ''
try:
error = False
if('redirect_url' in request.POST.keys()):
redirect_url = urllib.unquote_plus(request.POST['redirect_url'])
username = request.POST["username"].lower()
email = request.POST["email"].lower()
password = request.POST["password"]
if(email_re.match(email.strip()) == None):
errors.append("Invalid Email.")
error = True
if(not is_valid_username(username)):
errors.append("Invalid Username.")
error = True
if(password == ""):
errors.append("Empty Password.")
error = True
try:
user = User.objects.get(username=username)
errors.append("Username already taken.")
error = True
except User.DoesNotExist:
pass
if not error:
hashed_password = hashlib.sha1(password).hexdigest()
try:
DataHubManager.create_user(username=username, password=hashed_password)
except Exception, e:
pass
try:
DataHubManager.change_password(username=username, password=hashed_password)
except Exception, e:
errors.append(str(e))
error = True
if(error):
return register_form(request, redirect_url = urllib.quote_plus(redirect_url), errors = errors)
user = User(username=username, email=email, password=hashed_password)
user.save()
clear_session(request)
request.session[kEmail] = user.email
request.session[kUsername] = user.username
encrypted_email = encrypt_text(user.email)
subject = "Welcome to DataHub"
msg_body = '''
Dear %s,
Thanks for registering to DataHub.
Please click the link below to start using DataHub:
%s://%s/verify/%s
''' % (
user.email,
'https' if request.is_secure() else 'http',
request.get_host(),
encrypted_email)
pool.apply_async(send_email, [user.email, subject, msg_body])
return HttpResponseRedirect(redirect_url)
def register (request):
redirect_url = '/'
if('redirect_url' in request.GET.keys()):
redirect_url = urllib.unquote_plus(request.GET['redirect_url'])
if request.method == "POST":
errors = []
email = ''
try:
error = False
if('redirect_url' in request.POST.keys()):
redirect_url = urllib.unquote_plus(request.POST['redirect_url'])
username = request.POST["username"].lower()
email = request.POST["email"].lower()
password = request.POST["password"]
if(email_re.match(email.strip()) == None):
errors.append("Invalid Email.")
error = True
if(not is_valid_username(username)):
errors.append("Invalid Username.")
error = True
if(password == ""):
errors.append("Empty Password.")
error = True
try:
user = User.objects.get(username=username)
errors.append("Username already taken.")
error = True
except User.DoesNotExist:
pass
if not error:
hashed_password = hashlib.sha1(password).hexdigest()
try:
DataHubManager.create_user(username=username, password=hashed_password)
except Exception, e:
pass
try:
DataHubManager.change_password(username=username, password=hashed_password)
except Exception, e:
errors.append(str(e))
error = True
if(error):
return register_form(request, redirect_url = urllib.quote_plus(redirect_url), errors = errors)
user = User(username=username, email=email, password=hashed_password)
user.save()
clear_session(request)
request.session[kEmail] = user.email
request.session[kUsername] = user.username
encrypted_email = encrypt_text(user.email)
subject = "Welcome to DataHub"
msg_body = '''
Dear %s,
Thanks for registering to DataHub.
Please click the link below to start using DataHub:
%s://%s/account/verify/%s
''' % (
user.email,
'https' if request.is_secure() else 'http',
request.get_host(),
encrypted_email)
pool.apply_async(send_email, [user.email, subject, msg_body])
return HttpResponseRedirect(redirect_url)
