def post(self, grantable, args):
username = grantable.pendingaccount.email
rawpassword = args['password']
if len(username) > 200:
return logWith404(logger, 'create_plt_account: bad username')
if len(rawpassword) < 8:
return logWith404(logger, 'create_plt_account: bad password')
salt = str(uuid.uuid4())
hashed_password = get_hashed(rawpassword, salt)
station_cap = newStationCap()
account = BelayAccount(station_url=station_cap.serialize())
account.save()
credentials = PltCredentials(username=username, \
salt=salt, \
hashed_password=hashed_password, \
account=account)
credentials.save()
session_id = str(uuid.uuid4())
session = BelaySession(session_id=session_id, account=account)
session.save()
grantable.pendingaccount.delete()
response = {
'station': station_cap,
'makeStash': bcap.regrant('make-stash', account)
}
return bcap.bcapResponse(response)
def create_plt_account(request):
if request.method != 'POST':
return HttpResponseNotAllowed(['POST'])
args = bcap.dataPostProcess(request.read())
if not args.has_key('username'):
return logWith404(logger, 'create_plt_account: post data missing username')
if not args.has_key('password'):
return logWith404(logger, 'create_plt_account: post data missing password')
username = args['username']
rawpassword = args['password']
if len(username) > 20:
return logWith404(logger, 'create_plt_account: bad username')
if len(rawpassword) < 8:
return logWith404(logger, 'create_plt_account: bad password')
salt = str(uuid.uuid4())
hashed_password = get_hashed(rawpassword, salt)
station_cap = newStationCap()
account = BelayAccount(station_url=station_cap.serialize())
account.save()
credentials = PltCredentials(username=username, \
salt=salt, \
hashed_password=hashed_password, \
account=account)
credentials.save()
session_id = str(uuid.uuid4())
session = BelaySession(session_id=session_id, account=account)
session.save()
response = {
'station': station_cap,
'makeStash': bcap.regrant('make-stash', account)
}
return bcap.bcapResponse(response)