def client_oauth_register(request, regdict): nxt = request.route_url('access.cl.home') loc = get_localizer(request) headers = None #if authenticated_userid(request): # return HTTPSeeOther(location=nxt) cfg = request.registry.settings rate_id = int(cfg.get('netprofile.client.registration.rate_id', 1)) state_id = int(cfg.get('netprofile.client.registration.state_id', 1)) errors = {} sess = DBSession() login = regdict.get('username', None) passwd = regdict.get('password', None) email = regdict.get('email', None) name_family = regdict.get('familyname', '') name_given = regdict.get('givenname', '') ### !!!!! What if user changes his password in out database?! if login is not None and passwd is not None: q = sess.query(AccessEntity).filter(AccessEntity.nick == login, AccessEntity.access_state != AccessState.block_inactive.value) if q is not None: for user in q: if user.password == passwd: headers = remember(request, login) return headers if headers is None: ent = PhysicalEntity() ent.nick = login ent.email = email ent.name_family = name_family ent.name_given = name_given ent.state_id = state_id stash = Stash() stash.entity = ent stash.name = loc.translate(_('Primary Account')) acc = AccessEntity() acc.nick = login acc.password = passwd acc.stash = stash acc.rate_id = rate_id acc.state_id = state_id ent.children.append(acc) sess.add(ent) sess.add(stash) sess.add(acc) sess.flush() headers = remember(request, login) return headers else: return False
def client_register(request): if authenticated_userid(request): return HTTPSeeOther(location=request.route_url('access.cl.home')) cur_locale = locale_neg(request) loc = get_localizer(request) cfg = request.registry.settings comb_js = asbool(cfg.get('netprofile.client.combine_js', False)) can_reg = asbool(cfg.get('netprofile.client.registration.enabled', False)) must_verify = asbool(cfg.get('netprofile.client.registration.verify_email', True)) must_recaptcha = asbool(cfg.get('netprofile.client.registration.recaptcha.enabled', False)) min_pwd_len = int(cfg.get('netprofile.client.registration.min_password_length', 8)) rate_id = int(cfg.get('netprofile.client.registration.rate_id', 1)) state_id = int(cfg.get('netprofile.client.registration.state_id', 1)) maillogin = asbool(cfg.get('netprofile.client.email_as_username', False)) csrf = request.POST.get('csrf', '') errors = {} if not can_reg: return HTTPSeeOther(location=request.route_url('access.cl.login')) if must_recaptcha: rc_private = cfg.get('netprofile.client.recaptcha.private_key') rc_public = cfg.get('netprofile.client.recaptcha.public_key') if (not rc_private) or (not rc_public): # TODO: log missing reCAPTCHA keys must_recaptcha = False if 'submit' in request.POST: sess = DBSession() if csrf != request.get_csrf(): errors['csrf'] = _('Error submitting form') elif must_recaptcha: try: rcresp = verify_recaptcha(rc_private, request) except ValueError as e: errors['recaptcha'] = str(e) else: if rcresp and not rcresp.valid: errors['recaptcha'] = rcresp.text() if len(errors) == 0: login = request.POST.get('user', '') passwd = request.POST.get('pass', '') passwd2 = request.POST.get('pass2', '') email = request.POST.get('email', '') name_family = request.POST.get('name_family', '') name_given = request.POST.get('name_given', '') name_middle = request.POST.get('name_middle', '') l = len(login) if (l == 0) or (l > 254): errors['user'] = _('Invalid field length') elif not maillogin and not _re_login.match(login): errors['user'] = _('Invalid character used in username') l = len(passwd) if l < min_pwd_len: errors['pass'] = _('Password is too short') elif l > 254: errors['pass'] = _('Password is too long') if passwd != passwd2: errors['pass2'] = _('Passwords do not match') l = len(email) if (l == 0) or (l > 254): errors['email'] = _('Invalid field length') elif not _re_email.match(email): errors['email'] = _('Invalid e-mail format') if maillogin: login = email l = len(name_family) if (l == 0) or (l > 254): errors['name_family'] = _('Invalid field length') l = len(name_given) if (l == 0) or (l > 254): errors['name_given'] = _('Invalid field length') l = len(name_middle) if l > 254: errors['name_middle'] = _('Invalid field length') if 'user' not in errors: # XXX: currently we check across all entity types. login_clash = sess.query(func.count('*'))\ .select_from(Entity)\ .filter(Entity.nick == login)\ .scalar() if login_clash > 0: errors['user'] = _('This username is already taken') if len(errors) == 0: ent = PhysicalEntity() ent.nick = login ent.email = email ent.name_family = name_family ent.name_given = name_given if name_middle: ent.name_middle = name_middle ent.state_id = state_id stash = Stash() stash.entity = ent stash.name = loc.translate(_('Primary Account')) acc = AccessEntity() acc.nick = login acc.password = passwd acc.stash = stash acc.rate_id = rate_id acc.state_id = state_id ent.children.append(acc) sess.add(ent) sess.add(stash) sess.add(acc) if must_verify: link_id = int(cfg.get('netprofile.client.registration.link_id', 1)) rand_len = int(cfg.get('netprofile.client.registration.code_length', 20)) queue_mail = asbool(cfg.get('netprofile.client.registration.mail_queue', False)) sender = cfg.get('netprofile.client.registration.mail_sender') acc.access_state = AccessState.block_inactive.value link = AccessEntityLink() link.entity = acc link.type_id = link_id chars = string.ascii_uppercase + string.digits try: rng = random.SystemRandom() except NotImplementedError: rng = random link.value = ''.join(rng.choice(chars) for i in range(rand_len)) link.timestamp = datetime.datetime.now() sess.add(link) mailer = get_mailer(request) tpldef = { 'cur_loc' : cur_locale, 'entity' : ent, 'stash' : stash, 'access' : acc, 'link' : link } request.run_hook('access.cl.tpldef.register.mail', tpldef, request) msg_text = Attachment( data=render('netprofile_access:templates/email_register_plain.mak', tpldef, request), content_type='text/plain; charset=\'utf-8\'', disposition='inline', transfer_encoding='quoted-printable' ) msg_html = Attachment( data=render('netprofile_access:templates/email_register_html.mak', tpldef, request), content_type='text/html; charset=\'utf-8\'', disposition='inline', transfer_encoding='quoted-printable' ) msg = Message( subject=(loc.translate(_('Activation required for user %s')) % login), sender=sender, recipients=(email,), body=msg_text, html=msg_html ) if queue_mail: mailer.send_to_queue(msg) else: mailer.send(msg) return HTTPSeeOther(location=request.route_url('access.cl.regsent')) tpldef = { 'cur_loc' : cur_locale, 'comb_js' : comb_js, 'must_verify' : must_verify, 'must_recaptcha' : must_recaptcha, 'min_pwd_len' : min_pwd_len, 'maillogin' : maillogin, 'errors' : {err: loc.translate(errors[err]) for err in errors} } if must_recaptcha: tpldef['rc_public'] = rc_public request.run_hook('access.cl.tpldef.register', tpldef, request) return tpldef
def client_register(request): if authenticated_userid(request): return HTTPSeeOther(location=request.route_url('access.cl.home')) cur_locale = locale_neg(request) loc = request.localizer cfg = request.registry.settings comb_js = asbool(cfg.get('netprofile.client.combine_js', False)) can_reg = asbool(cfg.get('netprofile.client.registration.enabled', False)) must_verify = asbool(cfg.get('netprofile.client.registration.verify_email', True)) must_recaptcha = asbool(cfg.get('netprofile.client.registration.recaptcha.enabled', False)) min_pwd_len = int(cfg.get('netprofile.client.registration.min_password_length', 8)) rate_id = int(cfg.get('netprofile.client.registration.rate_id', 1)) state_id = int(cfg.get('netprofile.client.registration.state_id', 1)) maillogin = asbool(cfg.get('netprofile.client.email_as_username', False)) csrf = request.POST.get('csrf', '') errors = {} if not can_reg: return HTTPSeeOther(location=request.route_url('access.cl.login')) if must_recaptcha: rc_private = cfg.get('netprofile.client.recaptcha.private_key') rc_public = cfg.get('netprofile.client.recaptcha.public_key') if (not rc_private) or (not rc_public): # TODO: log missing reCAPTCHA keys must_recaptcha = False if 'submit' in request.POST: sess = DBSession() if csrf != request.get_csrf(): errors['csrf'] = _('Error submitting form') elif must_recaptcha: try: rcresp = verify_recaptcha(rc_private, request) except ValueError as e: errors['recaptcha'] = str(e) else: if rcresp and not rcresp.valid: errors['recaptcha'] = rcresp.text() if len(errors) == 0: login = request.POST.get('user', '') passwd = request.POST.get('pass', '') passwd2 = request.POST.get('pass2', '') email = request.POST.get('email', '') name_family = request.POST.get('name_family', '') name_given = request.POST.get('name_given', '') name_middle = request.POST.get('name_middle', '') l = len(email) if (l == 0) or (l > 254): errors['email'] = _('Invalid field length') elif not _re_email.match(email): errors['email'] = _('Invalid e-mail format') if maillogin: login = email else: l = len(login) if (l == 0) or (l > 254): errors['user'] = _('Invalid field length') elif _re_login.match(login): errors['user'] = _('Invalid character used in username') l = len(passwd) if l < min_pwd_len: errors['pass'] = _('Password is too short') elif l > 254: errors['pass'] = _('Password is too long') if passwd != passwd2: errors['pass2'] = _('Passwords do not match') l = len(name_family) if (l == 0) or (l > 254): errors['name_family'] = _('Invalid field length') l = len(name_given) if (l == 0) or (l > 254): errors['name_given'] = _('Invalid field length') l = len(name_middle) if l > 254: errors['name_middle'] = _('Invalid field length') if 'user' not in errors: # XXX: currently we check across all entity types. login_clash = sess.query(func.count('*'))\ .select_from(Entity)\ .filter(Entity.nick == login)\ .scalar() if login_clash > 0: errors['user'] = _('This username is already taken') if len(errors) == 0: ent = PhysicalEntity() ent.nick = login ent.email = email ent.name_family = name_family ent.name_given = name_given if name_middle: ent.name_middle = name_middle ent.state_id = state_id stash = Stash() stash.entity = ent stash.name = loc.translate(_('Primary Account')) acc = AccessEntity() acc.nick = login acc.password = passwd acc.stash = stash acc.rate_id = rate_id acc.state_id = state_id ent.children.append(acc) sess.add(ent) sess.add(stash) sess.add(acc) if must_verify: link_id = int(cfg.get('netprofile.client.registration.link_id', 1)) rand_len = int(cfg.get('netprofile.client.registration.code_length', 20)) queue_mail = asbool(cfg.get('netprofile.client.registration.mail_queue', False)) sender = cfg.get('netprofile.client.registration.mail_sender') acc.access_state = AccessState.block_inactive.value link = AccessEntityLink() link.entity = acc link.type_id = link_id chars = string.ascii_uppercase + string.digits try: rng = random.SystemRandom() except NotImplementedError: rng = random link.value = ''.join(rng.choice(chars) for i in range(rand_len)) link.timestamp = datetime.datetime.now() sess.add(link) mailer = get_mailer(request) tpldef = { 'cur_loc' : cur_locale, 'entity' : ent, 'stash' : stash, 'access' : acc, 'link' : link } request.run_hook('access.cl.tpldef.register.mail', tpldef, request) msg_text = Attachment( data=render('netprofile_access:templates/email_register_plain.mak', tpldef, request), content_type='text/plain; charset=\'utf-8\'', disposition='inline', transfer_encoding='quoted-printable' ) msg_html = Attachment( data=render('netprofile_access:templates/email_register_html.mak', tpldef, request), content_type='text/html; charset=\'utf-8\'', disposition='inline', transfer_encoding='quoted-printable' ) msg = Message( subject=(loc.translate(_('Activation required for user %s')) % login), sender=sender, recipients=(email,), body=msg_text, html=msg_html ) if queue_mail: mailer.send_to_queue(msg) else: mailer.send(msg) return HTTPSeeOther(location=request.route_url('access.cl.regsent')) tpldef = { 'cur_loc' : cur_locale, 'comb_js' : comb_js, 'must_verify' : must_verify, 'must_recaptcha' : must_recaptcha, 'min_pwd_len' : min_pwd_len, 'maillogin' : maillogin, 'errors' : {err: loc.translate(errors[err]) for err in errors} } if must_recaptcha: tpldef['rc_public'] = rc_public request.run_hook('access.cl.tpldef.register', tpldef, request) return tpldef