def login_mod(req): check_login(req) login = Login(req.login.id) token = do_create_token(req, "/login") state = None if req.method == "POST": check_token(req, req.form.get("token")) login.bind(req.form, req.cfg.login_rounds) email = login.email if login.email != req.login.email else None state = login.pref(req, email=email) if 0 < state < 64: return generate_page(req, "login/login_mod.html", token=token, item=login, error=state) state = 0 if state is None else state if email: host = "%s (%s)" % (req.remote_host, req.remote_addr) send_verify_email(req, login, req.login.email, host=host, browser=req.user_agent) state |= REQUEST_FOR_EMAIL else: email = None # endif login.get(req) req.login = login return generate_page(req, "login/login_mod.html", token=token, item=login, state=state, email=email)
def admin_logins(req): check_login(req) check_right(req, R_ADMIN) error = req.args.getfirst("error", 0, int) pager = Pager(sort="asc", order="email") pager.bind(req.args) rows = Login.list(req, pager) return generate_page( req, "admin/logins.html", token=do_create_token(req, "/admin/logins"), pager=pager, rows=rows, error=error )
def admin_logins_mod(req, id): check_login(req) check_right(req, R_ADMIN) token = do_create_token(req, "/admin/logins/%d" % id) login = Login(id) if req.login.id == login.id: # not good idea to remove raise SERVER_RETURN(state.HTTP_FORBIDDEN) # rights himself done = None if req.method == "POST": check_token(req, req.form.get("token")) login.bind(req.form, req.cfg.login_rounds) done = login.mod(req) if 0 < done < 64: return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=done) # endif # endif if not login.get(req): raise SERVER_RETURN(state.HTTP_NOT_FOUND) return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, state=done)
def admin_logins_add(req): check_login(req) check_right(req, R_ADMIN) token = do_create_token(req, "/admin/logins/add") if req.method == "POST": check_token(req, req.form.get("token")) login = Login() login.bind(req.form, req.cfg.login_rounds) if not req.cfg.login_created_verify_link: login.enabled = 1 login.rights = ["user"] error = login.add(req) if error: return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=error) if req.cfg.login_created_verify_link: send_login_created(req, login) redirect(req, "/admin/logins/%d" % login.id) # endif return generate_page(req, "admin/logins_mod.html", token=token, rights=rights)