def change_password(self, cur_password, new_password):
if self.username is None:
self.send_message(
"change_password_fail",
reason="You need to log in to change your password.")
return
if not userdb.user_passwd_match(self.username, cur_password):
self.send_message("change_password_fail",
reason="Your password didn't match.")
self.logger.info(
"Non-matching current password during password change for %s",
self.username)
return
error = userdb.change_password(self.user_id, new_password)
if error is None:
self.user_id, self.user_email, self.user_flags = userdb.get_user_info(
self.username)
self.logger.info("User %s changed password.", self.username)
self.send_message("change_password_done")
else:
self.logger.info("Failed to change username for %s: %s",
self.username, error)
self.send_message("change_password_fail", reason=error)
def do_login(self, username):
self.username = username
self.user_id, self.user_email, self.user_flags = userdb.get_user_info(
username)
self.logger.extra["username"] = username
def login_callback(result):
success = result == 0
if not success:
msg = ("Could not initialize your rc and morgue!<br>" +
"This probably means there is something wrong " +
"with the server configuration.")
self.send_message("close", reason=msg)
self.logger.warning(
"User initialization returned an error for user %s!",
self.username)
self.username = None
self.close()
return
self.queue_message("login_success",
username=username,
admin=self.is_admin())
if self.watched_game:
self.watched_game.update_watcher_description()
else:
self.send_lobby_html()
self.init_user(login_callback)
def reset_token_commands(args):
if args.clear_reset:
username = args.clear_reset
else:
username = args.reset
user_info = userdb.get_user_info(username)
if not user_info:
err_exit("Reset/clear password failed; invalid user: %s" % username)
# don't crash on the default config
if config.get('lobby_url') is None:
config.set('lobby_url', "[insert lobby url here]")
if args.clear_reset:
ok, msg = userdb.clear_password_token(username)
if not ok:
err_exit("Error clearing password reset token for %s: %s" %
(username, msg))
else:
print("Password reset token cleared for account '%s'." % username)
else:
ok, msg = userdb.generate_forgot_password(username)
if not ok:
err_exit("Error generating password reset token for %s: %s" %
(username, msg))
else:
if not user_info[1]:
logging.warning("No email set for account '%s', use caution!" %
username)
print("Setting a password reset token on account '%s'." % username)
print("Email: %s\nMessage body to send to user:\n%s\n" %
(user_info[1], msg))
def admin_pw_reset(self, username):
user_info = userdb.get_user_info(username)
if not user_info:
self.send_message("admin_pw_reset_done", error="Invalid user")
return
ok, msg = userdb.generate_forgot_password(username)
if not ok:
self.send_message("admin_pw_reset_done", error=msg)
else:
self.logger.info("Admin user '%s' set a password token on account '%s'", self.username, username)
self.send_message("admin_pw_reset_done", email_body=msg, username=username, email=user_info[1])
def update_db_info(self):
if not self.username:
return True # caller needs to check for anon if necessary
# won't detect a change in hold state on first login...
old_restriction = self.user_flags is not None and self.account_restricted()
self.user_id, self.user_email, self.user_flags = userdb.get_user_info(self.username)
self.logger.extra["username"] = self.username
if userdb.dgl_is_banned(self.user_flags):
return False
if old_restriction and not self.account_restricted():
self.logger.info("[Account] Hold cleared for user %s (IP: %s)",
self.username, self.request.remote_ip)
return True
def change_email(self, email):
if self.username is None:
self.send_message("change_email_fail",
reason="You need to log in to change your email")
return
error = userdb.change_email(self.user_id, email)
if error is None:
self.user_id, self.user_email, self.user_flags = userdb.get_user_info(
self.username)
self.logger.info("User %s changed email to %s.", self.username,
email if email else "null")
self.send_message("change_email_done", email=email)
else:
self.logger.info("Failed to change username for %s: %s",
self.username, error)
self.send_message("change_email_fail", reason=error)