def confirm_registration_view(context, request): form = Form(Confirm(), buttons=('confirm',)) pending = request.registry.queryAdapter(context, IRegistrations, name='pending') if pending is None: #pragma NO COVERAGE pending = PendingRegistrations(context) if 'confirm' in request.POST: try: appstruct = form.validate(request.POST.items()) except ValidationFailure, e: rendered_form = e.render() else: email = appstruct['email'] token = appstruct['token'] info = pending.get(email) if info is None: return HTTPFound( location=view_url(context, request, 'register_url', 'register.html', message=REGISTER_FIRST, )) if token != info.token: return HTTPFound( location=view_url(context, request, 'confirmation_url', 'confirm_registration.html', email=email, message=CHECK_TOKEN, )) confirmed = request.registry.queryAdapter(context, IRegistrations, name='confirmed') if confirmed is None: #pragma NO COVERAGE confirmed = ConfirmedRegistrations(context) pending.remove(email) uuid = getRandomToken(request) confirmed.set(uuid, email=email, login=email, password=None, security_question=None, security_answer=None, token=None, ) info = confirmed.get(uuid) after_confirmation_url = view_url(context, request, 'after_confirmation_url', 'edit_account.html', ) auto_login = request.registry.queryUtility(IAutoLogin) if auto_login is not None: headers = auto_login(uuid, request) return HTTPFound(location=after_confirmation_url, headers=headers) else: sendGeneratedPassword(request, uuid, confirmed) return HTTPFound(location=after_confirmation_url)
def _callFUT(self, request=None, userid='testing', confirmed=None): from cartouche.util import sendGeneratedPassword if request is None: request = self._makeRequest() if confirmed is None: confirmed = DummyConfirmed() return sendGeneratedPassword(request, userid, confirmed)
def confirm_registration_view(context, request): form = Form(Confirm(), buttons=('confirm', )) pending = request.registry.queryAdapter(context, IRegistrations, name='pending') if pending is None: #pragma NO COVERAGE pending = PendingRegistrations(context) if 'confirm' in request.POST: try: appstruct = form.validate(request.POST.items()) except ValidationFailure, e: rendered_form = e.render() else: email = appstruct['email'] token = appstruct['token'] info = pending.get(email) if info is None: return HTTPFound(location=view_url( context, request, 'register_url', 'register.html', message=REGISTER_FIRST, )) if token != info.token: return HTTPFound(location=view_url( context, request, 'confirmation_url', 'confirm_registration.html', email=email, message=CHECK_TOKEN, )) confirmed = request.registry.queryAdapter(context, IRegistrations, name='confirmed') if confirmed is None: #pragma NO COVERAGE confirmed = ConfirmedRegistrations(context) pending.remove(email) uuid = getRandomToken(request) confirmed.set( uuid, email=email, login=email, password=None, security_question=None, security_answer=None, token=None, ) info = confirmed.get(uuid) after_confirmation_url = view_url( context, request, 'after_confirmation_url', 'edit_account.html', ) auto_login = request.registry.queryUtility(IAutoLogin) if auto_login is not None: headers = auto_login(uuid, request) return HTTPFound(location=after_confirmation_url, headers=headers) else: sendGeneratedPassword(request, uuid, confirmed) return HTTPFound(location=after_confirmation_url)
def reset_password_view(context, request): form = Form(ResetPassword(), buttons=('reset',)) rendered_form = form.render(null) confirmed = request.registry.queryAdapter(context, IRegistrations, name='confirmed') if confirmed is None: #pragma NO COVERAGE confirmed = ConfirmedRegistrations(context) login_url = view_url(context, request, 'login_url', 'login.html') reset_url = resource_url(context, request, request.view_name) registry = request.registry message = request.GET.get('message') if 'reset' in request.POST: try: appstruct = form.validate(request.POST.items()) except ValidationFailure as e: rendered_form = e.render() else: login = appstruct['login_name'] token = appstruct['token'] record = confirmed.get_by_login(login) if record is None: # DO NOT report lookup errors return HTTPFound(location=login_url) if token == '': # send the e-mail new_token = getRandomToken(request) confirmed.set(record.uuid, email=record.email, login=login, password=record.password, security_question=record.security_question, security_answer=record.security_answer, token=new_token, ) from_addr = registry.settings['cartouche.from_addr'] body = RESET_EMAIL % {'token': new_token, 'reset_url': reset_url} delivery = registry.queryUtility(IMailDelivery, default=localhost_mta) message = Message() message['Subject'] = 'Password reset confirmation' message.set_payload(body) delivery.send(from_addr, [record.email], message) return HTTPFound(location=reset_url) else: if token != record.token: message = CHECK_TOKEN # fall through to 'GET' else: confirmed.set(record.uuid, email=record.email, login=record.login, password=None, # clear it to allow update security_question=record.security_question, security_answer=record.security_answer, token=None, # clear it ) after_reset_url = view_url(context, request, 'after_reset_url', 'edit_account.html', ) auto_login = request.registry.queryUtility(IAutoLogin) if auto_login is not None: headers = auto_login(record.uuid, request) return HTTPFound(location=after_reset_url, headers=headers) else: # TODO: generate random password and send e-mail. sendGeneratedPassword(request, record.uuid, confirmed) return HTTPFound(location=after_reset_url) main_template = get_renderer('templates/main.pt') return {'main_template': main_template.implementation(), 'message': message, 'rendered_form': rendered_form, 'recover_account_url': view_url(context, request, 'recover_account_url', 'recover_account.html'), }
def reset_password_view(context, request): form = Form(ResetPassword(), buttons=('reset',)) rendered_form = form.render(null) confirmed = request.registry.queryAdapter(context, IRegistrations, name='confirmed') if confirmed is None: #pragma NO COVERAGE confirmed = ConfirmedRegistrations(context) login_url = view_url(context, request, 'login_url', 'login.html') reset_url = resource_url(context, request, request.view_name) registry = request.registry message = request.GET.get('message') if 'reset' in request.POST: try: appstruct = form.validate(request.POST.items()) except ValidationFailure, e: rendered_form = e.render() else: login = appstruct['login_name'] token = appstruct['token'] record = confirmed.get_by_login(login) if record is None: # DO NOT report lookup errors return HTTPFound(location=login_url) if token == '': # send the e-mail new_token = getRandomToken(request) confirmed.set(record.uuid, email=record.email, login=login, password=record.password, security_question=record.security_question, security_answer=record.security_answer, token=new_token, ) from_addr = registry.settings['cartouche.from_addr'] body = RESET_EMAIL % {'token': new_token, 'reset_url': reset_url} delivery = registry.queryUtility(IMailDelivery, default=localhost_mta) message = Message() message['Subject'] = 'Password reset confirmation' message.set_payload(body) delivery.send(from_addr, [record.email], message) return HTTPFound(location=reset_url) else: if token != record.token: message = CHECK_TOKEN # fall through to 'GET' else: confirmed.set(record.uuid, email=record.email, login=record.login, password=None, # clear it to allow update security_question=record.security_question, security_answer=record.security_answer, token=None, # clear it ) after_reset_url = view_url(context, request, 'after_reset_url', 'edit_account.html', ) auto_login = request.registry.queryUtility(IAutoLogin) if auto_login is not None: headers = auto_login(record.uuid, request) return HTTPFound(location=after_reset_url, headers=headers) else: # TODO: generate random password and send e-mail. sendGeneratedPassword(request, record.uuid, confirmed) return HTTPFound(location=after_reset_url)