Esempio n. 1
0
    def post(self):
        """
        Creates a new user
         Parameters:
          - name: The name of the new user
          - password: A sha1 hash of the users password
          - email: A valid email address for the user
        """
        name = self.request.get("name")
        salt = server.generate_salt()
        password = hashlib.sha1(self.request.get("password") + salt).hexdigest()
        email = self.request.get("email")
        #check if this user exists already
        check_user = models.User.get_by_key_name(name)
        if check_user is not None:
            return server.response(self, values={"status" : "USEREXISTS"})
        if re.search("^\w{5,18}$", name) is None:
            return server.response(self, values={"status" : "BADUSERNAME"})   
        if re.search("^(?:[a-zA-Z0-9_'^&/+-])+(?:\.(?:[a-zA-Z0-9_'^&/+-])+)*@(?:(?:\[?(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.){3}(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\]?)|(?:[a-zA-Z0-9-]+\.)+(?:[a-zA-Z]){2,}\.?)$", email) is None:
            return server.response(self, values={"status" : "BADEMAIL"})

        try:
            new_user = models.User(key_name=name, name=name, password=password,
                                   email=email, salt=salt)
            new_user.put()
            server.response(self)
        except db.BadValueError, e:
            server.response(self, values={"status" : "ERROR -" + str(e)})
Esempio n. 2
0
 def post(self):
     user, user_data = server.is_valid_key(self)
     if not user:
         return server.response(self, {"values" : "BADAUTH"})
     password_required = True if self.request.get("password") != "" else False
     group = escape(self.request.get("group"))
     if group == "":
         return server.response(self, {"status" : "MISSINGVALUES"})
     if password_required:
         salt = server.generate_salt()
         password = hashlib.sha1(self.request.get("password") + salt).hexdigest()
     else:
         password = None
         salt = None
     description = escape(self.request.get("description"))
     check = models.Group.get_by_key_name(group)
     if check is not None:
         return server.response(self, {"status" : "GROUPEXISTS"})
     new_group = models.Group(key_name=group, name=group, owner=user,
                              description=description,
                              password_required=password_required,
                              password=password, salt=salt)
     new_group.put()
     memcache.delete("user-groups" + user.name)
     member = models.GroupMember(group=new_group, user=user)
     member.put()
     server.response(self)
Esempio n. 3
0
    def post(self):
        """
        Recieve a new password from user and send out an activation link to their email
         :Parameters:
          - email: The email address of the user wanting password change
          - password: The new password  
        """
        user = models.User.all().filter("email =", self.request.get("email")).get()
        if user is None:
            return server.response(self, values={"status" : "NOUSER"})
        password = self.request.get("password")
        activation_code = server.generate_salt()
        temp = models.TempPassword.get_by_key_name(user.name)
        if temp is None:
            temp = models.TempPassword(key_name=user.name, user=user, temp_pass=password,
                                       activation_link=activation_code,
                                       time=time.time())
        else:
            temp.activation_link = activation_code
            temp.temp_pass = password
            temp.time = time.time()
        temp.put()

        message = mail.EmailMessage(sender="*****@*****.**",
                            subject="Password change")
        message.to = "%s <%s>" % (user.name, user.email)
        message.body = """
        Dear %s,
        You, or someone pretending to be you has asked for a password change.
        To complete the change please follow this link:
        
        http://zxvf.appspot.com/usr/%s/changepass/%s
        
        This link is valid for 2 days.
        
        If you didn't request a password change, please disregard this message.""" % (
            user.name, user.name, activation_code)
        message.send()
        server.response(self)