def post(self):
"""
Creates a new user
Parameters:
- name: The name of the new user
- password: A sha1 hash of the users password
- email: A valid email address for the user
"""
name = self.request.get("name")
salt = server.generate_salt()
password = hashlib.sha1(self.request.get("password") + salt).hexdigest()
email = self.request.get("email")
#check if this user exists already
check_user = models.User.get_by_key_name(name)
if check_user is not None:
return server.response(self, values={"status" : "USEREXISTS"})
if re.search("^\w{5,18}$", name) is None:
return server.response(self, values={"status" : "BADUSERNAME"})
if re.search("^(?:[a-zA-Z0-9_'^&/+-])+(?:\.(?:[a-zA-Z0-9_'^&/+-])+)*@(?:(?:\[?(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.){3}(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\]?)|(?:[a-zA-Z0-9-]+\.)+(?:[a-zA-Z]){2,}\.?)$", email) is None:
return server.response(self, values={"status" : "BADEMAIL"})
try:
new_user = models.User(key_name=name, name=name, password=password,
email=email, salt=salt)
new_user.put()
server.response(self)
except db.BadValueError, e:
server.response(self, values={"status" : "ERROR -" + str(e)})
def post(self):
user, user_data = server.is_valid_key(self)
if not user:
return server.response(self, {"values" : "BADAUTH"})
password_required = True if self.request.get("password") != "" else False
group = escape(self.request.get("group"))
if group == "":
return server.response(self, {"status" : "MISSINGVALUES"})
if password_required:
salt = server.generate_salt()
password = hashlib.sha1(self.request.get("password") + salt).hexdigest()
else:
password = None
salt = None
description = escape(self.request.get("description"))
check = models.Group.get_by_key_name(group)
if check is not None:
return server.response(self, {"status" : "GROUPEXISTS"})
new_group = models.Group(key_name=group, name=group, owner=user,
description=description,
password_required=password_required,
password=password, salt=salt)
new_group.put()
memcache.delete("user-groups" + user.name)
member = models.GroupMember(group=new_group, user=user)
member.put()
server.response(self)
def post(self):
"""
Recieve a new password from user and send out an activation link to their email
:Parameters:
- email: The email address of the user wanting password change
- password: The new password
"""
user = models.User.all().filter("email =", self.request.get("email")).get()
if user is None:
return server.response(self, values={"status" : "NOUSER"})
password = self.request.get("password")
activation_code = server.generate_salt()
temp = models.TempPassword.get_by_key_name(user.name)
if temp is None:
temp = models.TempPassword(key_name=user.name, user=user, temp_pass=password,
activation_link=activation_code,
time=time.time())
else:
temp.activation_link = activation_code
temp.temp_pass = password
temp.time = time.time()
temp.put()
message = mail.EmailMessage(sender="*****@*****.**",
subject="Password change")
message.to = "%s <%s>" % (user.name, user.email)
message.body = """
Dear %s,
You, or someone pretending to be you has asked for a password change.
To complete the change please follow this link:
http://zxvf.appspot.com/usr/%s/changepass/%s
This link is valid for 2 days.
If you didn't request a password change, please disregard this message.""" % (
user.name, user.name, activation_code)
message.send()
server.response(self)