Exemple #1
0
def send_forgot_password(email):  # type: (str) -> Tuple[bool, Optional[str]]
    """
    Returns:
        (email_sent: bool, error: string)
    """
    if not email:
        return False, "Email address can't be empty"
    email_error = validate_email_address(email)
    if email_error:
        return False, email_error

    with crawl_db(config.get('password_db')) as db:
        db.c.execute("select id from dglusers where email=? collate nocase",
                     (email, ))
        result = db.c.fetchone()
    if not result:
        return False, None

    userid = result[0]
    token = create_password_token(userid)
    msg_body_plaintext, msg_body_html = generate_token_email(token)

    send_email(email, 'Request to reset your password', msg_body_plaintext,
               msg_body_html)

    return True, None
Exemple #2
0
def register_user(username, passwd,
                  email):  # type: (str, str, str) -> Optional[str]
    """Returns an error message or None on success."""
    if passwd == "":
        return "The password can't be empty!"
    if email:  # validate the email only if it is provided
        result = validate_email_address(email)
        if result:
            return result
    username = username.strip()
    if not re.match(config.get('nick_regex'), username):
        return "Invalid username!"

    crypted_pw = encrypt_pw(passwd)

    with crawl_db(config.get('password_db')) as db:
        db.c.execute(
            "select username from dglusers where username=? collate nocase",
            (username, ))
        result = db.c.fetchone()

    if result:
        return "User already exists!"

    with crawl_db(config.get('password_db')) as db:
        query = """
            INSERT INTO dglusers
                (username, email, password, flags, env)
            VALUES
                (?, ?, ?, 0, '')
        """
        db.c.execute(query, (username, email, crypted_pw))
        db.conn.commit()

    return None
Exemple #3
0
def change_email(user_id, email):  # type: (str, str) -> Optional[str]
    """Returns an error message or None on success."""
    result = validate_email_address(email)
    if result:
        return result

    with crawl_db(config.get('password_db')) as db:
        db.c.execute("update dglusers set email=? where id=?",
                     (email, user_id))
        db.conn.commit()

    return None
Exemple #4
0
def register_user(username, passwd,
                  email):  # type: (str, str, str) -> Optional[str]
    """Returns an error message or None on success."""
    if config.get('new_accounts_disabled'):
        # XX show a message before they enter form data...
        return "New account creation is disabled."

    if passwd == "":
        return "The password can't be empty!"
    if email:  # validate the email only if it is provided
        result = validate_email_address(email)
        if result:
            return result
    username = username.strip()
    if not re.match(config.get('nick_regex'), username):
        return "Account creation failed."
    if config.get(
            'nick_check_fun') and not config.get('nick_check_fun')(username):
        return "Account creation failed."

    crypted_pw = encrypt_pw(passwd)

    with crawl_db(config.get('password_db')) as db:
        db.c.execute(
            "select username from dglusers where username=? collate nocase",
            (username, ))
        result = db.c.fetchone()

    if result:
        return "User already exists!"

    flags = 0
    if config.get('new_accounts_hold'):
        flags = (flags | DGLACCT_LOGIN_LOCK | DGLACCT_EMAIL_LOCK
                 | DGLACCT_PASSWD_LOCK | DGLACCT_ACCOUNT_HOLD)

    with crawl_db(config.get('password_db')) as db:
        query = """
            INSERT INTO dglusers
                (username, email, password, flags, env)
            VALUES
                (?, ?, ?, ?, '')
        """
        db.c.execute(query, (username, email, crypted_pw, flags))
        db.conn.commit()

    return None
Exemple #5
0
def change_email(user_id, email):  # type: (str, str) -> Optional[str]
    """Returns an error message or None on success."""
    result = validate_email_address(email)
    if result:
        return result

    with crawl_db(config.get('password_db')) as db:
        query = """
            SELECT id, flags
            FROM dglusers
            WHERE username=?
            COLLATE NOCASE
        """
        db.c.execute(query, (username,))
        result = db.c.fetchone()  # type: Optional[Tuple[int, str, int]]
        if not result:
            return "Invalid username!"
        if result[1] & DGLACCT_EMAIL_LOCK:
            return "Account has an email lock!"
        db.c.execute("update dglusers set email=? where id=?", (email, user_id))
        db.conn.commit()

    return None
Exemple #6
0
 def test_validate_email_address(self, email, valid):
     result = util.validate_email_address(email)
     if valid:
         assert result is None
     else:
         assert result is not None