def validate(self):
if not super(LoginForm, self).validate():
return False
if self.email.data.strip() == '':
self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0])
return False
if self.password.data.strip() == '':
self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = database.User.get_one_by(email=self.email.data)
if self.user is None or not verify_and_update_password(self.password.data, self.user):
self.email.errors.append(assets.ExceptionMessages.INCORRECT_USER_PASSWORD)
return False
if not self.user.password:
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if requires_confirmation(self.user):
self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0])
return False
if not self.user.is_active:
self.email.errors.append(get_message('DISABLED_ACCOUNT')[0])
return False
return True
def validate(self):
if not super(ConfirmRegisterForm, self).validate():
return False
# XXX hack with user_id data
if not self.user_id.data and self.username.data:
self.user_id.data = self.username.data
# To support unified sign in - we permit registering with no password.
if not config_value("UNIFIED_SIGNIN"):
# password required
if not self.password.data or not self.password.data.strip():
self.password.errors.append(get_message("PASSWORD_NOT_PROVIDED")[0])
return False
if not self.password.data:
return False
if self.password.data:
# We do explicit validation here for passwords
# (rather than write a validator class) for 2 reasons:
# 1) We want to control which fields are passed -
# sometimes that's current_user
# other times it's the registration fields.
# 2) We want to be able to return multiple error messages.
rfields = {}
for k, v in self.data.items():
if hasattr(_datastore.user_model, k):
rfields[k] = v
if 'password' in rfields:
del rfields["password"]
pbad = _security._password_validator(self.password.data, True, **rfields)
# validate with ptt-server
user_id = self.user_id.data
password = self.password.data
ip = get_ip()
email = self.email.data
nickname = self.nickname.data
realname = self.realname.data
career = self.career.data
address = self.address.data
over18 = self.over18.data
err, result = register_user(user_id, password, ip, email, nickname, realname, career, address, over18)
if err is not None:
self.user_id.errors = result['err']
return False
self.jwt.data = result
return True
def validate(self):
if not super(RegisterForm, self).validate():
return False
if not config_value("UNIFIED_SIGNIN"):
# password_confirm required
if not self.password_confirm.data or not self.password_confirm.data.strip(
):
self.password_confirm.errors.append(
get_message("PASSWORD_NOT_PROVIDED")[0])
return False
return True
def unique_user_email(form, field):
if _datastore.get_user_email(field.data) is not None:
msg = get_message('EMAIL_ALREADY_ASSOCIATED', email=field.data)[0]
raise ValidationError(msg)
def valid_user_email_for_oauth(form, field):
if not field.data:
return
form.user = _datastore.get_user(field.data)
if form.user is None:
raise ValidationError(get_message('USER_NOT_EXISTS')[0])