def reset(request, encrypted_email): errors = [] error = False if request.method == "POST": try: user_email = request.POST["user_email"].lower() password = request.POST["new_password"] password2 = request.POST["new_password2"] if password == "": errors.append("Empty Password.") error = True if password2 != password: errors.append("Password and Confirm Password don't match.") error = True if not error: hashed_password = hashlib.sha1(password).hexdigest() user = User.objects.get(email=user_email) try: DataHubManager.create_user(username=user.username, password=hashed_password) except Exception, e: pass try: DataHubManager.change_password(username=user.username, password=hashed_password) except Exception, e: errors.append(str(e)) error = True if error: c = { 'user_email': user_email, 'encrypted_email': encrypted_email, 'errors': errors } c.update(csrf(request)) return render_to_response('reset.html', c) else: hashed_password = hashlib.sha1(password).hexdigest() user = User.objects.get(email=user_email) user.password = hashed_password user.save() c = { 'msg_title': 'DataHub Reset Password', 'msg_body': 'Your password has been changed successfully.<br /> <br />' '<a href="/account/login" class="blue bold">Click Here</a>' ' to sign in.' } c.update(csrf(request)) return render_to_response('confirmation.html', c)
def reset (request, encrypted_email): errors = [] error = False if request.method == "POST": try: user_email = request.POST["user_email"].lower() password = request.POST["new_password"] password2 = request.POST["new_password2"] if password == "": errors.append("Empty Password.") error = True if password2 != password: errors.append("Password and Confirm Password don't match.") error = True if not error: hashed_password = hashlib.sha1(password).hexdigest() user = User.objects.get(email=user_email) try: DataHubManager.create_user(username=user.username, password=hashed_password) except Exception, e: pass try: DataHubManager.change_password(username=user.username, password=hashed_password) except Exception, e: errors.append(str(e)) error = True if error: c = { 'user_email': user_email, 'encrypted_email': encrypted_email, 'errors': errors } c.update(csrf(request)) return render_to_response('reset.html', c) else: hashed_password = hashlib.sha1(password).hexdigest() user = User.objects.get(email=user_email) user.password = hashed_password user.save() c = { 'msg_title': 'DataHub Reset Password', 'msg_body': 'Your password has been changed successfully.<br /> <br />' '<a href="/login" class="blue bold">Click Here</a>' ' to sign in.' } c.update(csrf(request)) return render_to_response('confirmation.html', c)
def datahub_authenticate(username, password): """ Analog of django.contrib.auth.authenticate. Given a username or email plus password, finds the User object, verifies the password, and sets a flag on the object allowing it to be used in the login function. First argument can be a username or email address. If the user has an account in a state partially migrated from the legacy model, this will finish the migration by setting the password on their migrated account and flipping the appropriate flags to allow login. """ # If username looks like an email address, look up the username # associated with that address. # # This assumes the username regex disallows the @ symbol, and the # email regex requires it. if '@' in username: try: user = User.objects.get(email=username) username = user.username except User.DoesNotExist: user = None else: try: user = User.objects.get(username=username) except: user = None if user is not None and user.last_login is None: hashed_password = hashlib.sha1(password).hexdigest() try: DataHubLegacyUser.objects.get( username=username, password=hashed_password) print("Found partially migrated user {0}".format(username)) user.set_password(password) user.save(update_fields=['password']) # Set the user's Postgres password to their hashed password DataHubManager.change_password(username, user.password) print("Updated password for {0}".format(username)) except DataHubLegacyUser.DoesNotExist: pass user = django_authenticate(username=username, password=password) return user
def datahub_authenticate(username, password): """ Analog of django.contrib.auth.authenticate. Given a username or email plus password, finds the User object, verifies the password, and sets a flag on the object allowing it to be used in the login function. First argument can be a username or email address. If the user has an account in a state partially migrated from the legacy model, this will finish the migration by setting the password on their migrated account and flipping the appropriate flags to allow login. """ # If username looks like an email address, look up the username # associated with that address. # # This assumes the username regex disallows the @ symbol, and the # email regex requires it. if '@' in username: try: user = User.objects.get(email=username) username = user.username except User.DoesNotExist: user = None else: try: user = User.objects.get(username=username) except: user = None if user is not None and user.last_login is None: hashed_password = hashlib.sha1(password).hexdigest() try: DataHubLegacyUser.objects.get(username=username, password=hashed_password) print("Found partially migrated user {0}".format(username)) user.set_password(password) user.save(update_fields=['password']) # Set the user's Postgres password to their hashed password DataHubManager.change_password(username, user.password) print("Updated password for {0}".format(username)) except DataHubLegacyUser.DoesNotExist: pass user = django_authenticate(username=username, password=password) return user
def register (request): redirect_url = '/' if('redirect_url' in request.GET.keys()): redirect_url = urllib.unquote_plus(request.GET['redirect_url']) if request.method == "POST": errors = [] email = '' try: error = False if('redirect_url' in request.POST.keys()): redirect_url = urllib.unquote_plus(request.POST['redirect_url']) username = request.POST["username"].lower() email = request.POST["email"].lower() password = request.POST["password"] if(email_re.match(email.strip()) == None): errors.append("Invalid Email.") error = True if(not is_valid_username(username)): errors.append("Invalid Username.") error = True if(password == ""): errors.append("Empty Password.") error = True try: user = User.objects.get(username=username) errors.append("Username already taken.") error = True except User.DoesNotExist: pass if not error: hashed_password = hashlib.sha1(password).hexdigest() try: DataHubManager.create_user(username=username, password=hashed_password) except Exception, e: pass try: DataHubManager.change_password(username=username, password=hashed_password) except Exception, e: errors.append(str(e)) error = True if(error): return register_form(request, redirect_url = urllib.quote_plus(redirect_url), errors = errors) user = User(username=username, email=email, password=hashed_password) user.save() clear_session(request) request.session[kEmail] = user.email request.session[kUsername] = user.username encrypted_email = encrypt_text(user.email) subject = "Welcome to DataHub" msg_body = ''' Dear %s, Thanks for registering to DataHub. Please click the link below to start using DataHub: %s://%s/verify/%s ''' % ( user.email, 'https' if request.is_secure() else 'http', request.get_host(), encrypted_email) pool.apply_async(send_email, [user.email, subject, msg_body]) return HttpResponseRedirect(redirect_url)
def register (request): redirect_url = '/' if('redirect_url' in request.GET.keys()): redirect_url = urllib.unquote_plus(request.GET['redirect_url']) if request.method == "POST": errors = [] email = '' try: error = False if('redirect_url' in request.POST.keys()): redirect_url = urllib.unquote_plus(request.POST['redirect_url']) username = request.POST["username"].lower() email = request.POST["email"].lower() password = request.POST["password"] if(email_re.match(email.strip()) == None): errors.append("Invalid Email.") error = True if(not is_valid_username(username)): errors.append("Invalid Username.") error = True if(password == ""): errors.append("Empty Password.") error = True try: user = User.objects.get(username=username) errors.append("Username already taken.") error = True except User.DoesNotExist: pass if not error: hashed_password = hashlib.sha1(password).hexdigest() try: DataHubManager.create_user(username=username, password=hashed_password) except Exception, e: pass try: DataHubManager.change_password(username=username, password=hashed_password) except Exception, e: errors.append(str(e)) error = True if(error): return register_form(request, redirect_url = urllib.quote_plus(redirect_url), errors = errors) user = User(username=username, email=email, password=hashed_password) user.save() clear_session(request) request.session[kEmail] = user.email request.session[kUsername] = user.username encrypted_email = encrypt_text(user.email) subject = "Welcome to DataHub" msg_body = ''' Dear %s, Thanks for registering to DataHub. Please click the link below to start using DataHub: %s://%s/account/verify/%s ''' % ( user.email, 'https' if request.is_secure() else 'http', request.get_host(), encrypted_email) pool.apply_async(send_email, [user.email, subject, msg_body]) return HttpResponseRedirect(redirect_url)