Esempio n. 1
0
def register_view(context, request):
    logged_in = authenticated_userid(request)
    login = request.params.get('login', '')
    fullname = request.params.get('fullname', '')
    email = request.params.get('email', '')
    password = request.params.get('password', '')
    password_verify = request.params.get('password_verify')
    captcha_answer = request.params.get('captcha_answer', '')
    message = ''

    if 'form.submitted' in request.params:
        schema = RegisterSchema()
        message = None
        try:
            schema.to_python(request.params)
        except formencode.validators.Invalid, why:
            message = str(why)
        else:
            ok = False
            session = context.sessions.get(request.environ['repoze.browserid'])
            solutions = session.get('captcha_solutions', [])
            for solution in solutions:
                if captcha_answer.lower() == solution.lower():
                    ok = True
            if not ok:
                message = 'Bad CAPTCHA answer'
            else:
                users = find_users(context)
                info = users.get_by_login(login)
                if info:
                    message = 'Username %s already exists' % login
                else:
                    if password != password_verify:
                        message = 'Password and password verify do not match'
                    else:
                        users.add(login, login, password, groups=('members',))
                        profiles = find_profiles(context)
                        profile = Profile(fullname, email)
                        profiles[login] = profile
                        acl = context.__acl__[:]
                        acl.extend([(Allow, login, 'edit'),
                                    (Allow, 'admin', 'edit')])
                        profile.__acl__ = acl
                        headers = remember(request, login)
                        login_url = resource_url(context, request, 'login')
                        response = HTTPFound(location = login_url,
                                             headers=headers)
                        return response
Esempio n. 2
0
def groupfinder(userid, request=None):
    environ = {}
    if request is None:
        request = get_current_request()
    else:
        root = request.root
        environ = request.environ
    users = find_users(root)
    info = users.get_by_id(userid)
    if info:
        groups = info['groups']
        environ['REMOTE_ID'] = userid
        environ['REMOTE_USER'] = info['login']
        environ['REMOTE_GROUPS'] = groups
        profiles = find_profiles(root)
        profile = profiles.get(userid)
        if profile:
            environ['REMOTE_EMAIL'] = profile.email
        return groups
Esempio n. 3
0
def profile_edit_view(context, request):
    login = authenticated_userid(request)
    fullname = context.fullname
    email = context.email
    password = ''
    password_verify = ''
    message = ''

    if 'form.editprofile' in request.params:
        schema = ProfileSchema()
        message = None
        try:
            schema.to_python(request.params)
        except formencode.validators.Invalid, why:
            message = str(why)
        else:
            fullname = request.params['fullname']
            email = request.params['email']
            profiles = find_profiles(context)
            profile = profiles[login]
            profile.fullname = fullname
            profile.email = email
            message = 'Profile edited'
Esempio n. 4
0
def forgot_password_view(context, request):
    email = request.params.get('email', '')
    message = ''
    if 'form.submitted' in request.params:
        schema = ForgotPasswordSchema()
        try:
            schema.to_python(request.params)
        except formencode.validators.Invalid, why:
            message = str(why)
        else:
            profiles = find_profiles(context)
            found_profile = None
            for profile in profiles.values():
                if profile.email == email:
                    found_profile = profile
                    break
            if found_profile is None:
                message = 'Email %s not found' % email
            else:
                login = profile.__name__
                password = random_password()
                users = find_users(context)
                users.change_password(login, password)
                msg = Message()
                frm = 'bfg.repoze.org <*****@*****.**>'
                msg['From'] = frm
                msg['To'] = email
                msg['Subject'] = 'Account information'
                body = 'Your new password is "%s" for login name "%s"' % (
                    password, login)
                msg.set_payload(body)
                msg.set_type('text/html')
                message = msg.as_string()
                mailer = get_mailer()
                mailer.send(frm, [email], message)
                message = 'Mail sent to "%s" with new password' % email