def signup(request): username = request.POST.get("username") password = request.POST.get("password") if config.InviteOnlySignUp: invitecode = request.POST.get("invitecode") username, msg = util.check_string(username, 2, 20, config.UsernameChars) if not username: result = {"status": "error", "error": "username " + msg} return util.json_response(result) password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = {"status": "error", "error": "password " + msg} return util.json_response(result) r = g.redis if config.InviteOnlySignUp: # race condition here. if not r.sismember("invite.code", invitecode): result = {"status": "error", "error": "invalid invitation code"} return util.json_response(result) # mark as used r.smove("invite.code", "invite.code.used", invitecode) # XXX proxied requests have the same REMOTE_ADDR auth, msg = create_user(username, password, request.environ["REMOTE_ADDR"]) if not auth: result = {"status": "error", "error": msg} else: result = {"status": "ok", "auth": auth} return util.json_response(result)
def login(request): username = request.GET.get('username') password = request.GET.get('password') username, msg = util.check_string(username, 2, 20) if not username: result = {'status': 'error', 'error': 'username ' + msg} return util.json_response(result) password, msg = util.check_string(password) if not password: result = {'status': 'error', 'error': 'password ' + msg} return util.json_response(result) auth, apisecret = check_user_credentials(username, password) if auth: result = {'status': 'ok', 'auth': auth, 'apisecret': apisecret} else: result = { 'status': 'error', 'error': 'bad username/password', } return util.json_response(result)
def update_profile(request): auth_user(request.cookies.get('auth')) if not g.user: result = {'status': 'error', 'error': 'Not authenticated.' } return util.json_response(result) if request.POST.get('apisecret') != g.user["apisecret"]: result = {'status': 'error', 'error': 'Wrong form secret' } return util.json_response(result) password = request.POST.get('password') #optinal email = request.POST.get('email') about = request.POST.get('about') email, msg = util.check_string(email, maxlen=128) if email is None: result = { 'status': 'error', 'error': 'email ' + msg } return util.json_response(result) about, msg = util.check_string(about, maxlen=256) if about is None: result = { 'status': 'error', 'error': 'about ' + msg } return util.json_response(result) r = g.redis if password: password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = { 'status': 'error', 'error': 'password ' + msg } return util.json_response(result) r.hset("user:"******"password", util.hash_password(password, g.user['salt'])) r.hmset("user:"******"about": about.rstrip(), "email": email }) return util.json_response({'status': "ok"})
def signup(request): username = request.POST.get('username') password = request.POST.get('password') if config.InviteOnlySignUp: invitecode = request.POST.get('invitecode') username, msg = util.check_string(username, 2, 20, config.UsernameChars) if not username: result = { 'status': 'error', 'error': 'username ' + msg } return util.json_response(result) password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = { 'status': 'error', 'error': 'password ' + msg } return util.json_response(result) r = g.redis if config.InviteOnlySignUp: #race condition here. if not r.sismember('invite.code', invitecode): result = { 'status': 'error', 'error': 'invalid invitation code', } return util.json_response(result) #mark as used r.smove('invite.code', 'invite.code.used', invitecode) #XXX proxied requests have the same REMOTE_ADDR auth, msg = create_user(username, password, request.environ['REMOTE_ADDR']) if not auth: result = { 'status': 'error', 'error': msg, } else: result = { 'status': 'ok', 'auth': auth, } return util.json_response(result)
def signup(request): username = request.POST.get('username') password = request.POST.get('password') if config.InviteOnlySignUp: invitecode = request.POST.get('invitecode') username, msg = util.check_string(username, 2, 20, config.UsernameChars) if not username: result = {'status': 'error', 'error': 'username ' + msg} return util.json_response(result) password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = {'status': 'error', 'error': 'password ' + msg} return util.json_response(result) r = g.redis if config.InviteOnlySignUp: #race condition here. if not r.sismember('invite.code', invitecode): result = { 'status': 'error', 'error': 'invalid invitation code', } return util.json_response(result) #mark as used r.smove('invite.code', 'invite.code.used', invitecode) #XXX proxied requests have the same REMOTE_ADDR auth, msg = create_user(username, password, request.environ['REMOTE_ADDR']) if not auth: result = { 'status': 'error', 'error': msg, } else: result = { 'status': 'ok', 'auth': auth, } return util.json_response(result)
def update_profile(request): auth_user(request.cookies.get('auth')) if not g.user: result = {'status': 'error', 'error': 'Not authenticated.'} return util.json_response(result) if request.POST.get('apisecret') != g.user["apisecret"]: result = {'status': 'error', 'error': 'Wrong form secret'} return util.json_response(result) password = request.POST.get('password') #optinal email = request.POST.get('email') about = request.POST.get('about') email, msg = util.check_string(email, maxlen=128) if email is None: result = {'status': 'error', 'error': 'email ' + msg} return util.json_response(result) about, msg = util.check_string(about, maxlen=256) if about is None: result = {'status': 'error', 'error': 'about ' + msg} return util.json_response(result) r = g.redis if password: password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = {'status': 'error', 'error': 'password ' + msg} return util.json_response(result) salt = g.user.get('salt', util.get_rand()) r.hmset("user:"******"password": util.hash_password(password, salt), "salt": salt }) r.hmset("user:"******"about": about.rstrip(), "email": email}) return util.json_response({'status': "ok"})
def login(request): username = request.GET.get("username") password = request.GET.get("password") username, msg = util.check_string(username, 2, 20) if not username: result = {"status": "error", "error": "username " + msg} return util.json_response(result) password, msg = util.check_string(password) if not password: result = {"status": "error", "error": "password " + msg} return util.json_response(result) auth, apisecret = check_user_credentials(username, password) if auth: result = {"status": "ok", "auth": auth, "apisecret": apisecret} else: result = {"status": "error", "error": "bad username/password"} return util.json_response(result)
def update_profile(request): auth_user(request.cookies.get("auth")) if not g.user: result = {"status": "error", "error": "Not authenticated."} return util.json_response(result) if request.POST.get("apisecret") != g.user["apisecret"]: result = {"status": "error", "error": "Wrong form secret"} return util.json_response(result) password = request.POST.get("password") # optinal email = request.POST.get("email") about = request.POST.get("about") email, msg = util.check_string(email, maxlen=128) if email is None: result = {"status": "error", "error": "email " + msg} return util.json_response(result) about, msg = util.check_string(about, maxlen=256) if about is None: result = {"status": "error", "error": "about " + msg} return util.json_response(result) r = g.redis if password: password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = {"status": "error", "error": "password " + msg} return util.json_response(result) salt = g.user.get("salt", util.get_rand()) r.hmset("user:"******"id"], {"password": util.hash_password(password, salt), "salt": salt}) r.hmset("user:"******"id"], {"about": about.rstrip(), "email": email}) return util.json_response({"status": "ok"})
def login(request): username = request.GET.get('username') password = request.GET.get('password') username, msg = util.check_string(username, 2, 20) if not username: result = { 'status': 'error', 'error': 'username ' + msg } return util.json_response(result) password, msg = util.check_string(password) if not password: result = { 'status': 'error', 'error': 'password ' + msg } return util.json_response(result) auth, apisecret = check_user_credentials(username, password) if auth: result = { 'status': 'ok', 'auth': auth, 'apisecret': apisecret } else: result = { 'status': 'error', 'error': 'bad username/password', } return util.json_response(result)