def __init__(self):
"""
Constructor, does nothing but to define the submenu
"""
c.submenu = SubMenu()
c.submenu.set_label("About Sponsoring")
c.submenu.add_entry(_("Overview"), url("sponsors"))
#c.submenu.add_entry(_("Join a packaging team"), url("packaging-team"))
c.submenu.add_entry(_("Sponsoring Guidelines"), url("guidelines"))
c.submenu.add_entry(_("Request for Sponsorship"), url("rfs-howto"))
BaseController.__init__(self)
def _reset(self):
"""
Manages submissions to the password reset form.
"""
log.debug('Form validated successfully')
try:
u = meta.session.query(User).filter_by(email=self.form_result['email']).one()
except:
log.debug('Invalid email address somehow')
c.message = _('We do not have an account with that email address')
return self.index(get=True)
# If that worked, then we send the user an email with a temporary URL
# they can use to have our system generate a new password for them.
log.debug('Sending activation email')
email = Email('password_reset')
password_reset_data = PasswordReset.create_for_user(u)
meta.session.add(password_reset_data)
meta.session.commit()
recipient = u.email
password_reset_url = 'http://' + config['debexpo.sitename'] + url.current(
action='actually_reset_password', id=password_reset_data.temporary_auth_key)
email.send([recipient], password_reset_url=password_reset_url)
# FIXME: This should be a HTTP redirect
return render('/password_recover/_reset.mako')
def _reset(self):
"""
Manages submissions to the password reset form.
"""
log.debug('Form validated successfully')
try:
u = meta.session.query(User).filter_by(
email=self.form_result['email']).one()
except:
log.debug('Invalid email address somehow')
c.message = _('We do not have an account with that email address')
return self.index(get=True)
# If that worked, then we send the user an email with a temporary URL
# they can use to have our system generate a new password for them.
log.debug('Sending activation email')
email = Email('password_reset')
password_reset_data = PasswordReset.create_for_user(u)
meta.session.add(password_reset_data)
meta.session.commit()
recipient = u.email
password_reset_url = 'http://' + config[
'debexpo.sitename'] + url.current(
action='actually_reset_password',
id=password_reset_data.temporary_auth_key)
email.send([recipient], password_reset_url=password_reset_url)
# FIXME: This should be a HTTP redirect
return render('/password_recover/_reset.mako')
def _login(self):
"""
Manages submissions to the login form.
"""
log.debug('Form validated successfully')
password = debexpo.lib.utils.hash_it(self.form_result['password'])
u = None
try:
u = meta.session.query(User).filter_by(
email=self.form_result['email']).filter_by(
password=password).filter_by(verification=None).one()
except:
log.debug('Invalid email or password')
c.message = _('Invalid email or password')
return self.index(True)
session['user_id'] = u.id
session['user_type'] = u.type
session.save()
log.debug('Authentication successful; saving session')
u.lastlogin = datetime.now()
# Clear the 'path_before_login' once it was used once. This is necessary to make sure users won't be redirected
# to pages which don't exist anymore, as the path may have been stored in the session for a long time. Consider
# following use case:
# a) User is not logged in
# b) User opens the URL /package/sunflow/delete/... in the browser
# c) User is being redirected to /login, he logs in and is being redirected
# to the URL in b). This deletes the package, but leaves the URL in the session.
# d) Once the user is trying to log in again - possibly after several weeks, the URL from
# b) is still in the session - but it may not exist anymore.
if 'path_before_login' in session:
path = session['path_before_login']
del (session['path_before_login'])
else:
path = url('my')
# Purge the session upload key
keys = meta.session.query(
debexpo.model.user_upload_key.UserUploadKey).filter_by(user=u)
if keys:
for key in keys:
meta.session.delete(key)
meta.session.commit()
redirect(path)
def _login(self):
"""
Manages submissions to the login form.
"""
log.debug('Form validated successfully')
password = debexpo.lib.utils.hash_it(self.form_result['password'])
u = None
try:
u = meta.session.query(User).filter_by(email=self.form_result['email']).filter_by(password=password).filter_by(verification=None).one()
except:
log.debug('Invalid email or password')
c.message = _('Invalid email or password')
return self.index(True)
session['user_id'] = u.id
session['user_type'] = u.type
session.save()
log.debug('Authentication successful; saving session')
u.lastlogin = datetime.now()
# Clear the 'path_before_login' once it was used once. This is necessary to make sure users won't be redirected
# to pages which don't exist anymore, as the path may have been stored in the session for a long time. Consider
# following use case:
# a) User is not logged in
# b) User opens the URL /package/sunflow/delete/... in the browser
# c) User is being redirected to /login, he logs in and is being redirected
# to the URL in b). This deletes the package, but leaves the URL in the session.
# d) Once the user is trying to log in again - possibly after several weeks, the URL from
# b) is still in the session - but it may not exist anymore.
if 'path_before_login' in session:
path = session['path_before_login']
del(session['path_before_login'])
else:
path = url('my')
# Purge the session upload key
keys = meta.session.query(debexpo.model.user_upload_key.UserUploadKey
).filter_by(user=u)
if keys:
for key in keys:
meta.session.delete(key)
meta.session.commit()
redirect(path)
