def register_user():
"""Register a new user."""
try:
email = request.form['email']
pw = request.form['password']
except KeyError:
raise helpers.BadRequest(errors.MISSING_FIELD,
"missing e-mail and / or password")
# Check that there is no user with that e-mail address.
if g.store.find(User, User.email == email).one() is not None:
raise helpers.BadRequest(errors.EXISTING_USER, "user already exists")
# Check that the e-mail address is valid.
elif not mail.is_valid(email):
raise helpers.BadRequest(errors.INVALID_EMAIL, "e-mail is not valid")
# Check that the password is good enough.
elif not password.is_good_enough(pw):
raise helpers.BadRequest(errors.INVALID_PASSWORD,
"password is not satisfactory")
# All the checks went through, we can create the user.
user = User(email, password.encrypt(pw))
g.store.add(user)
g.store.flush() # Necessary to get an ID.
# Default nickname.
user.nickname = unicode("user%d" % user.id)
return jsonify(uid=user.id)
def register_user():
"""Register a new user."""
try:
email = request.form['email']
pw = request.form['password']
except KeyError:
raise helpers.BadRequest(errors.MISSING_FIELD,
"missing e-mail and / or password")
# Check that there is no user with that e-mail address.
if g.store.find(User, User.email == email).one() is not None:
raise helpers.BadRequest(errors.EXISTING_USER,
"user already exists")
# Check that the e-mail address is valid.
elif not mail.is_valid(email):
raise helpers.BadRequest(errors.INVALID_EMAIL,
"e-mail is not valid")
# Check that the password is good enough.
elif not password.is_good_enough(pw):
raise helpers.BadRequest(errors.INVALID_PASSWORD,
"password is not satisfactory")
# All the checks went through, we can create the user.
user = User(email, password.encrypt(pw))
g.store.add(user)
g.store.flush() # Necessary to get an ID.
# Default nickname.
user.nickname = unicode("user%d" % user.id)
return jsonify(uid=user.id)
def update_user_password(user, uid):
"""Update the user's password."""
helpers.ensure_users_match(user, uid)
try:
pw = request.form['password']
except KeyError:
raise helpers.BadRequest(errors.MISSING_FIELD, "missing password")
if not password.is_good_enough(pw):
raise helpers.BadRequest(errors.INVALID_EMAIL,
"password is not satisfactory")
user.password = password.encrypt(pw)
return helpers.success()
def update_user_password(user, uid):
"""Update the user's password."""
helpers.ensure_users_match(user, uid)
try:
pw = request.form['password']
except KeyError:
raise helpers.BadRequest(errors.MISSING_FIELD,
"missing password")
if not password.is_good_enough(pw):
raise helpers.BadRequest(errors.INVALID_EMAIL,
"password is not satisfactory")
user.password = password.encrypt(pw)
return helpers.success()
def signup_form():
if request.method == 'GET':
return render_template('signup.html')
try:
email = request.form['email']
pw = request.form['password']
pw2 = request.form['password_repeat']
except KeyError:
return render_template('signup.html',
error="please fill out all the fields.")
# Check if passwords match.
if pw != pw2:
return render_template('signup.html',
error="the passwords don't match.")
# Check that there is no user with that e-mail address.
elif g.store.find(User, User.email == email).one() is not None:
return render_template('signup.html', error="this e-mail address is "
"already used by another account.")
# Check that the e-mail address is valid.
elif not mail.is_valid(email):
return render_template('signup.html',
error="e-mail address is invalid.")
# Check that the password is good enough.
elif not password.is_good_enough(pw):
return render_template('signup.html', error="passwords need to be "
"at least 6 characters long.")
# Check that the terms of use were checked.
elif not request.form.get('tou'):
return render_template('signup.html',
error="you must accept the Terms of Use.")
# All the checks went through, we can create the user.
user = User(email, password.encrypt(pw))
g.store.add(user)
g.store.flush() # Needed to get an ID.
# Default nickname.
user.nickname = unicode("user%d" % user.id)
return render_template('success.html', intent=gen_intent(email, pw))
def signup_form():
if request.method == 'GET':
return render_template('signup.html')
try:
email = request.form['email']
pw = request.form['password']
pw2 = request.form['password_repeat']
except KeyError:
return render_template('signup.html',
error="please fill out all the fields.")
# Check if passwords match.
if pw != pw2:
return render_template('signup.html',
error="the passwords don't match.")
# Check that there is no user with that e-mail address.
elif g.store.find(User, User.email == email).one() is not None:
return render_template('signup.html', error="this e-mail address is "
"already used by another account.")
# Check that the e-mail address is valid.
elif not mail.is_valid(email):
return render_template('signup.html',
error="e-mail address is invalid.")
# Check that the password is good enough.
elif not password.is_good_enough(pw):
return render_template('signup.html', error="passwords need to be "
"at least 6 characters long.")
# Check that the terms of use were checked.
elif not request.form.get('tou'):
return render_template('signup.html',
error="you must accept the Terms of Use.")
# All the checks went through, we can create the user.
user = User(email, password.encrypt(pw))
g.store.add(user)
g.store.flush() # Needed to get an ID.
# Default nickname.
user.nickname = unicode("user%d" % user.id)
return render_template('success.html', intent=gen_intent(email, pw))
error='User not found.')
if request.method == 'GET':
return render_template('resetpw.html')
# Otherwise, we are dealing with a POST request.
try:
pw = request.form['password']
pw2 = request.form['password_repeat']
except KeyError:
return render_template('resetpw.html',
error="please fill out all the fields.")
# Check if passwords match.
if pw != pw2:
return render_template('resetpw.html',
error="the passwords don't match.")
# Check that the password is good enough.
elif not password.is_good_enough(pw):
return render_template('resetpw.html', error="passwords need to be "
"at least 6 characters long.")
user.password = password.encrypt(pw)
return render_template('simple.html',
message='Your password has been reset.')
@app.route('/validate', methods=['GET'])
def validate():
try:
uid = int(request.args['uid'])
mac = request.args['mac']
except KeyError, ValueError:
return redirect(url_for("homepage"))
if not mail.verify(mac, uid):
