def join_post(self): data = web.input() recaptcha_url = 'http://www.google.com/recaptcha/api/verify' recaptcha_data = dict(challenge = data.recaptcha_challenge_field, response = data.recaptcha_response_field, remoteip = web.ctx.ip, privatekey = config.recaptcha_private_key) req = urllib2.Request(recaptcha_url, urllib.urlencode(recaptcha_data)) response = urllib2.urlopen(req) page = response.read().split('\n') if page[0] == 'false': if page[1].strip() == 'incorrect-captcha-sol': return util.render().error(error_message = _('INCORRECT_CAPTCHA'), help_context='error') else: return util.render().error(error_message = _('CAPTCHA_ERROR'), help_context='error') username = data.id.strip() if username == '': return util.render().error(error_message = _('NO_USERNAME_SPECIFIED'), help_context='error') if user._get_uid_from_username(username) > 0: return util.render().error(error_message = _('ID_ALREADY_EXISTS'), help_context='error') if data.password1 != data.password2: return util.render().error(error_message = _('PASSWORD_DO_NOT_MATCH'), help_context='error') if len(data.password1) < 6: return util.render().error(error_message = _('PASSWORD_TOO_SHORT'), help_context='error') nick = data.nick email = data.email password = data.password1 ret = user.join(locals()) if not ret[0]: return util.render().error(error_message = ret[1], help_context='error') self.session_set(username) user.update_last_login(web.ctx.session.uid, web.ctx.ip) raise web.seeother(util.link('/'))
def recover_password_get(self): if web.ctx.query == '': qs = dict() else: # XXX: http://bugs.python.org/issue8136 qs = parse_qs(urllib.unquote(web.ctx.query[1:]).encode('latin-1').decode('utf-8')) if not (qs.has_key('id') and qs.has_key('key')): return util.render().error(error_message = _('INVALID_LINK'), help_context = 'error') user_id = qs['id'][0] key = qs['key'][0] uid = user._get_uid_from_username(user_id) if uid < 0: return util.render().error(error_message = _('INVALID_USERNAME'), help_context = 'error') if user.get_password_salt(uid) != key: return util.render().error(error_message = _('INVALID_PASSWORD_KEY'), help_context = 'error') self.session_set(user_id) web.ctx.session.persistent = False user.update_last_login(uid, web.ctx.ip) new_pw = user.generate_random_password() user.update_password(uid, new_pw) return util.render().error(error_message = _('Your temporary password is "%s"(case-sensitive). Change password now.') % new_pw, error_class = _('Information'))
def login_xdomain_get(self): qs = web.ctx.query if len(qs) > 0: qs = qs[1:] qs = parse_qs(qs) if type(qs) != dict: return util.render().login(title = _('Login'), board_desc=_('Login'), lang="ko", error = _('INVALID_PASSWORD'), referer = util.link('/')) referer = util.link('/') password_hash = '' persistent = False ts = 0 if qs.has_key('t'): ts = int(qs['t'][0]) username = '' if qs.has_key('username'): username = qs['username'][0] if ts < 1 or username == '': return util.render().login(title = _('Login'), board_desc=_('Login'), lang="ko", error = _('INVALID_PASSWORD'), referer = util.link('/')) login_info = user.get_login_info(username, ts) if login_info == None: return util.render().login(title = _('Login'), board_desc=_('Login'), lang="ko", error = _('INVALID_PASSWORD'), referer = util.link('/')) referer = login_info['referer'] password_hash = login_info['password_hash'] persistent = (login_info['persistent'] == 1) user.remove_login_info(username, ts) login = user.login(username, password_hash, True) if not login[0]: err = login[1] return util.render().login(title = _('Login'), board_desc=_('Login'), lang="ko", error = err, referer = referer) u = self.session_set(username) if persistent: web.ctx.session.persistent = True else: web.ctx.session.persistent = False user.update_last_login(u.uSerial, web.ctx.ip) raise web.seeother(referer)