コード例 #1
0
def confirm_registration_view(context, request):
    form = Form(Confirm(), buttons=('confirm',))
    pending = request.registry.queryAdapter(context, IRegistrations,
                                            name='pending')
    if pending is None:  #pragma NO COVERAGE
        pending = PendingRegistrations(context)
    if 'confirm' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            email = appstruct['email']
            token = appstruct['token']
            info = pending.get(email)
            if info is None:
                return HTTPFound(
                        location=view_url(context, request,
                                          'register_url',
                                          'register.html',
                                          message=REGISTER_FIRST,
                                         ))
            if token != info.token:
                return HTTPFound(
                        location=view_url(context, request,
                                          'confirmation_url',
                                          'confirm_registration.html',
                                          email=email,
                                          message=CHECK_TOKEN,
                                         ))
            confirmed = request.registry.queryAdapter(context, IRegistrations,
                                                      name='confirmed')
            if confirmed is None:  #pragma NO COVERAGE
                confirmed = ConfirmedRegistrations(context)
            pending.remove(email)
            uuid = getRandomToken(request)
            confirmed.set(uuid,
                          email=email,
                          login=email,
                          password=None,
                          security_question=None,
                          security_answer=None,
                          token=None,
                         )
            info = confirmed.get(uuid)
            after_confirmation_url = view_url(context, request,
                                              'after_confirmation_url',
                                              'edit_account.html',
                                             )
            auto_login = request.registry.queryUtility(IAutoLogin)
            if auto_login is not None:
                headers = auto_login(uuid, request)
                return HTTPFound(location=after_confirmation_url,
                                 headers=headers)
            else:
                sendGeneratedPassword(request, uuid, confirmed)
                return HTTPFound(location=after_confirmation_url)
コード例 #2
0
def register_view(context, request):
    form = Form(Signup(), buttons=('register',))
    rendered_form = form.render(null)
    if 'register' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            pending = request.registry.queryAdapter(context, IRegistrations,
                                                    name='pending')
            if pending is None:  #pragma NO COVERAGE
                pending = PendingRegistrations(context)
            email = appstruct['email']
            token = getRandomToken(request)
            pending.set(email, token=token)

            from_addr = request.registry.settings['cartouche.from_addr']
            delivery = request.registry.queryUtility(IMailDelivery,
                                                     default=localhost_mta)
            confirmation_url = view_url(context, request, 'confirmation_url',
                                        'confirm_registration.html',
                                        email=email)
            body = REGISTRATION_EMAIL % {'token': token,
                                         'confirmation_url': confirmation_url}
            message = Message()
            message['Subject'] = 'Site registration confirmation'
            message.set_payload(body)
            delivery.send(from_addr, [email], message)
            return HTTPFound(location=confirmation_url)
コード例 #3
0
ファイル: login.py プロジェクト: marcinkuzminski/cartouche
def recover_account_view(context, request):
    form = Form(RecoverAccount(), buttons=('recover',))
    rendered_form = form.render(null)
    confirmed = request.registry.queryAdapter(context, IRegistrations,
                                              name='confirmed')
    if confirmed is None:  #pragma NO COVERAGE
        confirmed = ConfirmedRegistrations(context)
    login_url = view_url(context, request, 'login_url', 'login.html')
    registry = request.registry
    message = request.GET.get('message')

    if 'recover' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e: #pragma NO COVER
            rendered_form = e.render()
        else:
            email = appstruct['email']
            record = confirmed.get_by_email(email)
            if record is not None:
                from_addr = registry.settings['cartouche.from_addr']
                login = record.login
                body = RECOVERY_EMAIL % {'login': login,
                                         'login_url': login_url}
                delivery = registry.queryUtility(IMailDelivery,
                                                 default=localhost_mta)
                email_message = Message()
                email_message['Subject'] = 'Account recovery'
                email_message.set_payload(body)
                delivery.send(from_addr, [email], email_message)
            #else: # DO NOT report lookup errors
            return HTTPFound(location=login_url)
コード例 #4
0
def register_view(context, request):
    form = Form(Signup(), buttons=('register', ))
    rendered_form = form.render(null)
    if 'register' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            pending = request.registry.queryAdapter(context,
                                                    IRegistrations,
                                                    name='pending')
            if pending is None:  #pragma NO COVERAGE
                pending = PendingRegistrations(context)
            email = appstruct['email']
            token = getRandomToken(request)
            pending.set(email, token=token)

            from_addr = request.registry.settings['cartouche.from_addr']
            delivery = request.registry.queryUtility(IMailDelivery,
                                                     default=localhost_mta)
            confirmation_url = view_url(context,
                                        request,
                                        'confirmation_url',
                                        'confirm_registration.html',
                                        email=email)
            body = REGISTRATION_EMAIL % {
                'token': token,
                'confirmation_url': confirmation_url
            }
            message = Message()
            message['Subject'] = 'Site registration confirmation'
            message.set_payload(body)
            delivery.send(from_addr, [email], message)
            return HTTPFound(location=confirmation_url)
コード例 #5
0
 def _callFUT(self, context=None, request=None,
              key='view_url', default_name='view.html', **extra_qs):
     from cartouche.util import view_url
     if context is None:
         context = self._makeContext()
     if request is None:
         request = self._makeRequest()
     return view_url(context, request, key, default_name, **extra_qs)
コード例 #6
0
ファイル: login.py プロジェクト: Pylons/cartouche
def login_view(context, request):
    whence = request.registry.queryUtility(ICameFromURL)
    if whence is not None:
        came_from = whence(request)
    else:
        came_from = resource_url(context, request)
    form = Form(Login(), buttons=('login',))
    rendered_form = form.render({'came_from': came_from})
    message = request.GET.get('message')

    if 'login' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure as e:
            rendered_form = e.render()
            message = 'Please supply required values'
        else:
            credentials = {'login': appstruct['login_name'],
                           'password': appstruct['password'],
                          }
            api = get_api(request.environ)
            identity, headers =  api.login(credentials)
            if identity is not None:
                came_from = appstruct.get('came_from')
                if came_from is None:
                    came_from = resource_url(context, request)
                return HTTPFound(location=came_from, headers=headers)
            message = 'Login failed'

    main_template = get_renderer('templates/main.pt')
    return {'main_template': main_template.implementation(),
            'came_from': came_from,
            'rendered_form': rendered_form,
            'message': message,
            'register_url': view_url(context, request,
                                     'register_url',
                                     'register.html'),
            'recover_account_url': view_url(context, request,
                                            'recover_account_url',
                                            'recover_account.html'),
            'reset_password_url': view_url(context, request,
                                           'reset_password_url',
                                           'reset_password.html'),
           }
コード例 #7
0
def edit_account_view(context, request):
    confirmed = request.registry.queryAdapter(context,
                                              IRegistrations,
                                              name='confirmed')
    if confirmed is None:  #pragma NO COVERAGE
        confirmed = ConfirmedRegistrations(context)

    identity = request.environ.get('repoze.who.identity')
    if identity is None:
        return HTTPUnauthorized()

    userid = identity['repoze.who.userid']
    account_info = confirmed.get(userid)
    if account_info is None:
        return HTTPForbidden()

    appstruct = {
        'login_name': account_info.login,
        'email': account_info.email,
        'security': {
            'question': account_info.security_question or '',
            'answer': account_info.security_answer or '',
        },
    }
    schema = EditAccount().bind(current_login_name=account_info.login,
                                confirmed=confirmed,
                                old_password=account_info.password)
    form = Form(schema, buttons=('update', ))
    rendered_form = form.render(appstruct)

    if 'update' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            login = appstruct['login_name']
            email = appstruct['email']
            pwd_mgr = SSHAPasswordManager()
            password = pwd_mgr.encodePassword(appstruct['password'])
            security_question = appstruct['security']['question']
            security_answer = appstruct['security']['answer']
            confirmed.set(
                userid,
                email=email,
                login=login,
                password=password,
                security_question=security_question,
                security_answer=security_answer,
            )
            return HTTPFound(location=view_url(
                context,
                request,
                'after_edit_url',
                request.view_name,
            ))
コード例 #8
0
ファイル: login.py プロジェクト: Pylons/cartouche
def logout_view(context, request):
    if 'logout' in request.POST:
        api = get_api(request.environ)
        headers =  api.logout()
        after_logout_url = view_url(context, request, 'after_logout_url', '')
        return HTTPFound(location=after_logout_url, headers=headers)
    identity = request.environ.get('repoze.who.identity', {})
    main_template = get_renderer('templates/main.pt')
    return {'userid': identity.get('repoze.who.userid'),
            'main_template': main_template.implementation(),
           }
コード例 #9
0
ファイル: login.py プロジェクト: marcinkuzminski/cartouche
def logout_view(context, request):
    if 'logout' in request.POST:
        api = get_api(request.environ)
        headers =  api.logout()
        after_logout_url = view_url(context, request, 'after_logout_url', '')
        return HTTPFound(location=after_logout_url, headers=headers)
    identity = request.environ.get('repoze.who.identity', {})
    main_template = get_renderer('templates/main.pt')
    return {'userid': identity.get('repoze.who.userid'),
            'main_template': main_template.implementation(),
           }
コード例 #10
0
 def _callFUT(self,
              context=None,
              request=None,
              key='view_url',
              default_name='view.html',
              **extra_qs):
     from cartouche.util import view_url
     if context is None:
         context = self._makeContext()
     if request is None:
         request = self._makeRequest()
     return view_url(context, request, key, default_name, **extra_qs)
コード例 #11
0
def edit_account_view(context, request):
    confirmed = request.registry.queryAdapter(context, IRegistrations,
                                              name='confirmed')
    if confirmed is None:  #pragma NO COVERAGE
        confirmed = ConfirmedRegistrations(context)

    identity = request.environ.get('repoze.who.identity')
    if identity is None:
        return HTTPUnauthorized()

    userid = identity['repoze.who.userid']
    account_info = confirmed.get(userid)
    if account_info is None:
        return HTTPForbidden()

    appstruct = {'login_name': account_info.login,
                 'email': account_info.email,
                 'security': {'question': account_info.security_question or '',
                              'answer': account_info.security_answer or '',
                             },
                }
    schema = EditAccount().bind(current_login_name=account_info.login,
                                confirmed=confirmed,
                                old_password=account_info.password)
    form = Form(schema, buttons=('update',))
    rendered_form = form.render(appstruct)

    if 'update' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            login = appstruct['login_name']
            email = appstruct['email']
            pwd_mgr = SSHAPasswordManager()
            password = pwd_mgr.encodePassword(appstruct['password'])
            security_question = appstruct['security']['question']
            security_answer = appstruct['security']['answer']
            confirmed.set(userid,
                          email=email,
                          login=login, 
                          password=password,
                          security_question=security_question,
                          security_answer=security_answer,
                         )
            return HTTPFound(
                        location=view_url(context, request,
                                          'after_edit_url',
                                          request.view_name,
                                         ))
コード例 #12
0
            )
            auto_login = request.registry.queryUtility(IAutoLogin)
            if auto_login is not None:
                headers = auto_login(uuid, request)
                return HTTPFound(location=after_confirmation_url,
                                 headers=headers)
            else:
                sendGeneratedPassword(request, uuid, confirmed)
                return HTTPFound(location=after_confirmation_url)
    else:
        email = request.GET.get('email')
        if email is None:
            return HTTPFound(location=view_url(
                context,
                request,
                'register_url',
                'register.html',
                message=REGISTER_OR_VISIT,
            ))
        if pending.get(email) is None:
            return HTTPFound(location=view_url(
                context,
                request,
                'register_url',
                'register.html',
                message=REGISTER_FIRST,
            ))
        rendered_form = form.render({'email': email})

    main_template = get_renderer('templates/main.pt')
    return {
コード例 #13
0
ファイル: login.py プロジェクト: marcinkuzminski/cartouche
def reset_password_view(context, request):
    form = Form(ResetPassword(), buttons=('reset',))
    rendered_form = form.render(null)
    confirmed = request.registry.queryAdapter(context, IRegistrations,
                                              name='confirmed')
    if confirmed is None:  #pragma NO COVERAGE
        confirmed = ConfirmedRegistrations(context)
    login_url = view_url(context, request, 'login_url', 'login.html')
    reset_url = resource_url(context, request, request.view_name)
    registry = request.registry
    message = request.GET.get('message')

    if 'reset' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            login = appstruct['login_name']
            token = appstruct['token']
            record = confirmed.get_by_login(login)
            if record is None:
                # DO NOT report lookup errors
                return HTTPFound(location=login_url)
            if token == '':
                # send the e-mail
                new_token = getRandomToken(request)
                confirmed.set(record.uuid,
                              email=record.email,
                              login=login, 
                              password=record.password,
                              security_question=record.security_question,
                              security_answer=record.security_answer,
                              token=new_token,
                             )
                from_addr = registry.settings['cartouche.from_addr']
                body = RESET_EMAIL % {'token': new_token,
                                      'reset_url': reset_url}
                delivery = registry.queryUtility(IMailDelivery,
                                                 default=localhost_mta)
                message = Message()
                message['Subject'] = 'Password reset confirmation'
                message.set_payload(body)
                delivery.send(from_addr, [record.email], message)
                return HTTPFound(location=reset_url)
            else:
                if token != record.token:
                    message = CHECK_TOKEN
                    # fall through to 'GET'
                else:
                    confirmed.set(record.uuid,
                                  email=record.email,
                                  login=record.login, 
                                  password=None,  # clear it to allow update
                                  security_question=record.security_question,
                                  security_answer=record.security_answer,
                                  token=None,     # clear it
                                 )
                    after_reset_url = view_url(context, request,
                                               'after_reset_url',
                                               'edit_account.html',
                                              )
                    auto_login = request.registry.queryUtility(IAutoLogin)
                    if auto_login is not None:
                        headers = auto_login(record.uuid, request)
                        return HTTPFound(location=after_reset_url,
                                         headers=headers)
                    else:
                        # TODO:  generate random password and send e-mail.
                        sendGeneratedPassword(request, record.uuid, confirmed)
                        return HTTPFound(location=after_reset_url)
コード例 #14
0
ファイル: login.py プロジェクト: Pylons/cartouche
def reset_password_view(context, request):
    form = Form(ResetPassword(), buttons=('reset',))
    rendered_form = form.render(null)
    confirmed = request.registry.queryAdapter(context, IRegistrations,
                                              name='confirmed')
    if confirmed is None:  #pragma NO COVERAGE
        confirmed = ConfirmedRegistrations(context)
    login_url = view_url(context, request, 'login_url', 'login.html')
    reset_url = resource_url(context, request, request.view_name)
    registry = request.registry
    message = request.GET.get('message')

    if 'reset' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure as e:
            rendered_form = e.render()
        else:
            login = appstruct['login_name']
            token = appstruct['token']
            record = confirmed.get_by_login(login)
            if record is None:
                # DO NOT report lookup errors
                return HTTPFound(location=login_url)
            if token == '':
                # send the e-mail
                new_token = getRandomToken(request)
                confirmed.set(record.uuid,
                              email=record.email,
                              login=login, 
                              password=record.password,
                              security_question=record.security_question,
                              security_answer=record.security_answer,
                              token=new_token,
                             )
                from_addr = registry.settings['cartouche.from_addr']
                body = RESET_EMAIL % {'token': new_token,
                                      'reset_url': reset_url}
                delivery = registry.queryUtility(IMailDelivery,
                                                 default=localhost_mta)
                message = Message()
                message['Subject'] = 'Password reset confirmation'
                message.set_payload(body)
                delivery.send(from_addr, [record.email], message)
                return HTTPFound(location=reset_url)
            else:
                if token != record.token:
                    message = CHECK_TOKEN
                    # fall through to 'GET'
                else:
                    confirmed.set(record.uuid,
                                  email=record.email,
                                  login=record.login, 
                                  password=None,  # clear it to allow update
                                  security_question=record.security_question,
                                  security_answer=record.security_answer,
                                  token=None,     # clear it
                                 )
                    after_reset_url = view_url(context, request,
                                               'after_reset_url',
                                               'edit_account.html',
                                              )
                    auto_login = request.registry.queryUtility(IAutoLogin)
                    if auto_login is not None:
                        headers = auto_login(record.uuid, request)
                        return HTTPFound(location=after_reset_url,
                                         headers=headers)
                    else:
                        # TODO:  generate random password and send e-mail.
                        sendGeneratedPassword(request, record.uuid, confirmed)
                        return HTTPFound(location=after_reset_url)

    main_template = get_renderer('templates/main.pt')
    return {'main_template': main_template.implementation(),
            'message': message,
            'rendered_form': rendered_form,
            'recover_account_url': view_url(context, request,
                                            'recover_account_url',
                                            'recover_account.html'),
           }
コード例 #15
0
                                             )
            auto_login = request.registry.queryUtility(IAutoLogin)
            if auto_login is not None:
                headers = auto_login(uuid, request)
                return HTTPFound(location=after_confirmation_url,
                                 headers=headers)
            else:
                sendGeneratedPassword(request, uuid, confirmed)
                return HTTPFound(location=after_confirmation_url)
    else:
        email = request.GET.get('email')
        if email is None:
            return HTTPFound(
                        location=view_url(context, request,
                                          'register_url',
                                          'register.html',
                                          message=REGISTER_OR_VISIT,
                                         ))
        if pending.get(email) is None:
            return HTTPFound(
                        location=view_url(context, request,
                                          'register_url',
                                          'register.html',
                                          message=REGISTER_FIRST,
                                         ))
        rendered_form = form.render({'email': email})

    main_template = get_renderer('templates/main.pt')
    return {'main_template': main_template.implementation(),
            'rendered_form': rendered_form,
           }
コード例 #16
0
ファイル: login.py プロジェクト: marcinkuzminski/cartouche
            api = get_api(request.environ)
            identity, headers =  api.login(credentials)
            if identity is not None:
                came_from = appstruct.get('came_from')
                if came_from is None:
                    came_from = resource_url(context, request)
                return HTTPFound(location=came_from, headers=headers)
            message = 'Login failed'

    main_template = get_renderer('templates/main.pt')
    return {'main_template': main_template.implementation(),
            'came_from': came_from,
            'rendered_form': rendered_form,
            'message': message,
            'register_url': view_url(context, request,
                                     'register_url',
                                     'register.html'),
            'recover_account_url': view_url(context, request,
                                            'recover_account_url',
                                            'recover_account.html'),
            'reset_password_url': view_url(context, request,
                                           'reset_password_url',
                                           'reset_password.html'),
           }


def logout_view(context, request):
    if 'logout' in request.POST:
        api = get_api(request.environ)
        headers =  api.logout()
        after_logout_url = view_url(context, request, 'after_logout_url', '')
コード例 #17
0
def confirm_registration_view(context, request):
    form = Form(Confirm(), buttons=('confirm', ))
    pending = request.registry.queryAdapter(context,
                                            IRegistrations,
                                            name='pending')
    if pending is None:  #pragma NO COVERAGE
        pending = PendingRegistrations(context)
    if 'confirm' in request.POST:
        try:
            appstruct = form.validate(request.POST.items())
        except ValidationFailure, e:
            rendered_form = e.render()
        else:
            email = appstruct['email']
            token = appstruct['token']
            info = pending.get(email)
            if info is None:
                return HTTPFound(location=view_url(
                    context,
                    request,
                    'register_url',
                    'register.html',
                    message=REGISTER_FIRST,
                ))
            if token != info.token:
                return HTTPFound(location=view_url(
                    context,
                    request,
                    'confirmation_url',
                    'confirm_registration.html',
                    email=email,
                    message=CHECK_TOKEN,
                ))
            confirmed = request.registry.queryAdapter(context,
                                                      IRegistrations,
                                                      name='confirmed')
            if confirmed is None:  #pragma NO COVERAGE
                confirmed = ConfirmedRegistrations(context)
            pending.remove(email)
            uuid = getRandomToken(request)
            confirmed.set(
                uuid,
                email=email,
                login=email,
                password=None,
                security_question=None,
                security_answer=None,
                token=None,
            )
            info = confirmed.get(uuid)
            after_confirmation_url = view_url(
                context,
                request,
                'after_confirmation_url',
                'edit_account.html',
            )
            auto_login = request.registry.queryUtility(IAutoLogin)
            if auto_login is not None:
                headers = auto_login(uuid, request)
                return HTTPFound(location=after_confirmation_url,
                                 headers=headers)
            else:
                sendGeneratedPassword(request, uuid, confirmed)
                return HTTPFound(location=after_confirmation_url)