def account_deletion_request(self, delete_posts=False): token_type = 'accountdelete' if delete_posts: token_type = 'accountandpostsdelete' # if the user has an email, create an email verify token, send it to the email address tokenEntity = EnkiModelTokenVerify.get_by_user_id_email_type( self.enki_user.key.id(), self.enki_user.email, token_type) if tokenEntity: # if a verify token for the same new email address and user already exists, use its token token = tokenEntity.token else: # otherwise create a new token token = security.generate_random_string(entropy=256) delete_account_token = EnkiModelTokenVerify( token=token, user_id=self.enki_user.key.id(), email=self.enki_user.email, type=token_type) delete_account_token.put() link = enki.libutil.get_local_url( 'accountdeleteconfirm', {'verifytoken': delete_account_token.token}) delete_posts_message = '' if delete_posts: self.send_email(self.enki_user.email, MSG.SEND_EMAIL_ACCOUT_POSTS_DELETE_SUBJECT(), MSG.SEND_EMAIL_ACCOUT_POSTS_DELETE_BODY(link)) else: self.send_email(self.enki_user.email, MSG.SEND_EMAIL_ACCOUT_DELETE_SUBJECT(), MSG.SEND_EMAIL_ACCOUT_DELETE_BODY(link))
def post( self ): url = settings.URL_PURCHASE_FASTSPRING if not settings.SECRET_FASTSPRING or enki.libutil.is_debug( ) or settings.ENKI_EMULATE_STORE: url = enki.libutil.get_local_url( 'storeemulatefastspring' ) if self.is_logged_in(): purchaser_user_id = self.enki_user.key.id() token = security.generate_random_string( entropy = 256 ) token_purchase = EnkiModelTokenVerify( token = token, user_id = purchaser_user_id, type = 'purchasebyuser' ) token_purchase.put() url = enki.libutil.get_local_url( 'storeemulatefastspring', { 'referrer': token_purchase.token }) self.redirect( url )
def password_change_request( self, email ): if enki.libuser.exist_EnkiUser( email ): # create an email verify token, send it to the email address token = security.generate_random_string( entropy = 256 ) emailToken = EnkiModelTokenVerify( token = token, email = email, type = 'passwordchange' ) emailToken.put() link = enki.libutil.get_local_url( 'passwordrecoverconfirm', { 'verifytoken': emailToken.token } ) self.send_email( email, MSG.SEND_EMAIL_PASSWORD_RESET_SUBJECT(), MSG.SEND_EMAIL_PASSWORD_RESET_BODY( link )) result = enki.libutil.ENKILIB_OK else: result = ERROR_EMAIL_NOT_EXIST return result
def email_change_request( self, email ): # request an email address to be modified. Create a rollback option. result = 'cannot_remove' emailCurrent = self.enki_user.email userId = self.enki_user.key.id() if email != '' and enki.libuser.exist_EnkiUser( email ): # if the new email matches an existing verified user email, reject it if emailCurrent == email: result = 'same' else: result = ERROR_EMAIL_IN_USE # Note: send an email to emailcurrent regardless to prevent email checking (see below) else: if email == '': # if the user erased the email, and they can log in through auth, store "removed" in the email field, so it isn't overwritten by an auth login with a verified email if self.enki_user.auth_ids_provider: self.enki_user.email = 'removed' self.enki_user.put() result = 'removed' else: return result else: # email the new, unverified address with a link to allow the user to verify the email tokenEntity = EnkiModelTokenVerify.get_by_user_id_email_type( userId, email, 'emailchange' ) if tokenEntity: # if a verify token for the same new email address and user already exists, use its token token = tokenEntity.token else: # otherwise create a new token token = security.generate_random_string( entropy = 256 ) emailToken = EnkiModelTokenVerify( token = token, email = email, user_id = userId, type = 'emailchange' ) emailToken.put() link = enki.libutil.get_local_url( 'emailchangeconfirm', { 'verifytoken': token }) self.send_email( email, MSG.SEND_EMAIL_EMAIL_CHANGE_CONFIRM_SUBJECT(), MSG.SEND_EMAIL_EMAIL_CHANGE_CONFIRM_BODY( link, email )) result = 'change' if emailCurrent and emailCurrent != 'removed' and result != 'same': # email the current, verified address in case they want to undo the change (useful if account has been hacked) # skip this step if the current email is empty (case if user logged in with auth id without email with e.g. Steam) or "removed". # If the email is already in use, mask the fact to prevent email checking. tokenEntity = enki.libuser.get_EmailRollbackToken_by_user_id_email( userId, emailCurrent ) if tokenEntity: # if the old email is already in the archive, use its token token = tokenEntity.token else: # otherwise create a new token token = security.generate_random_string( entropy = 256 ) emailOldToken = EnkiModelTokenEmailRollback( token = token, email = emailCurrent, user_id = userId ) emailOldToken.put() if result == ERROR_EMAIL_IN_USE: self.add_debugmessage( '''Comment - whether the email is available or not, the feedback through both the UI AND EMAIL is identical to prevent email checking.''' ) link = enki.libutil.get_local_url( 'emailrollback', { 'rollbacktoken': token } ) self.send_email( emailCurrent, MSG.SEND_EMAIL_EMAIL_CHANGE_UNDO_SUBJECT(), MSG.SEND_EMAIL_EMAIL_CHANGE_UNDO_BODY( link, emailCurrent )) return result
def post(self): url = settings.URL_PURCHASE_FASTSPRING # ------ # Requires enkiDL if self.request.get('download'): ref_url = enki.libutil.get_local_url('store') self.session['sessionrefpath'] = ref_url url_fetcher = '' if settings.URLS_ENKIDL: # shuffle then try to download from locations in sequence random.shuffle(settings.URLS_ENKIDL) for i in range(len(settings.URLS_ENKIDL)): url_enkiDL = settings.URLS_ENKIDL[i] item_to_download = 'product_a' url_fetcher = enki.libenkiDL.URLFetcher() url_fetcher.get_download_URL(url_enkiDL, settings.SECRET_ENKIDL, item_to_download, self.request.remote_addr) if not url_fetcher.error: enki.modelcounter.increment('downloads_product_a') break if url_fetcher and url_fetcher.error: self.response.status_int = 500 self.add_infomessage(MSG.WARNING(), MSG.DOWNLOAD_ERROR()) self.redirect('info') return url = url_fetcher.download_url else: self.add_infomessage(MSG.WARNING(), MSG.DOWNLOAD_ERROR()) self.redirect('info') return # ------- else: if not settings.SECRET_FASTSPRING or enki.libutil.is_debug( ) or settings.ENKI_EMULATE_STORE: url = enki.libutil.get_local_url('storeemulatefastspring') else: enki.modelcounter.increment('purchases_product_a') if self.is_logged_in(): purchaser_user_id = self.enki_user.key.id() token = security.generate_random_string(entropy=256) token_purchase = EnkiModelTokenVerify( token=token, user_id=purchaser_user_id, type='purchasebyuser') token_purchase.put() url += '?referrer=' + token_purchase.token.encode('utf-8') self.redirect(url)
def email_set_request( self, email ): # request the creation of a new account based on an email address result = enki.libuser.validate_email( email ) if result == enki.libutil.ENKILIB_OK : if enki.libuser.exist_EnkiUser( email ): result = ERROR_EMAIL_IN_USE else: # create an email verify token, send it to the email address token = security.generate_random_string( entropy = 256 ) emailToken = EnkiModelTokenVerify( token = token, email = email, type = 'register' ) emailToken.put() link = enki.libutil.get_local_url( 'registerconfirm', { 'verifytoken': emailToken.token }) self.send_email( email, MSG.SEND_EMAIL_REGISTER_CONFIRM_SUBJECT(), MSG.SEND_EMAIL_REGISTER_CONFIRM_BODY( link )) result = enki.libutil.ENKILIB_OK return result
def post_reauthenticated( self, params ): register = params.get( 'register' ) deregister = params.get( 'deregister' ) if register: # initiate adding a new authentication method to the account for authhandler in settings.HANDLERS: if register == authhandler.get_provider_name(): token = security.generate_random_string( entropy = 256 ) LoginAddToken = EnkiModelTokenVerify( token = token, user_id = self.user_id, auth_ids_provider = register, type = 'loginaddconfirm_1' ) LoginAddToken.put() self.redirect( authhandler.get_button().href ) break elif deregister: self.remove_auth_id( deregister) self.add_infomessage( 'success', MSG.SUCCESS(), MSG.AUTH_PROVIDER_REMOVED( deregister )) self.redirect( enki.libutil.get_local_url( 'accountconnect' ))
def post(self): url = settings.URL_PURCHASE_FASTSPRING if not settings.SECRET_FASTSPRING or enki.libutil.is_debug( ) or settings.ENKI_EMULATE_STORE: url = enki.libutil.get_local_url('storeemulatefastspring') if self.is_logged_in(): purchaser_user_id = self.enki_user.key.id() token = security.generate_random_string(entropy=256) token_purchase = EnkiModelTokenVerify(token=token, user_id=purchaser_user_id, type='purchasebyuser') token_purchase.put() url = enki.libutil.get_local_url( 'storeemulatefastspring', {'referrer': token_purchase.token}) self.redirect(url)
def password_change_request(self, email): if EnkiModelUser.exist_by_email(email): # create an email verify token, send it to the email address token = security.generate_random_string(entropy=256) emailToken = EnkiModelTokenVerify(token=token, email=email, type='passwordchange') emailToken.put() link = enki.libutil.get_local_url( 'passwordrecoverconfirm', {'verifytoken': emailToken.token}) self.send_email(email, MSG.SEND_EMAIL_PASSWORD_RESET_SUBJECT(), MSG.SEND_EMAIL_PASSWORD_RESET_BODY(link)) result = enki.libutil.ENKILIB_OK else: result = self.ERROR_EMAIL_NOT_EXIST return result
def email_set_request(self, email): # request the creation of a new account based on an email address result = enki.libutil.ENKILIB_OK if EnkiModelUser.exist_by_email(email): result = self.ERROR_EMAIL_IN_USE else: # create an email verify token, send it to the email address token = security.generate_random_string(entropy=256) emailToken = EnkiModelTokenVerify(token=token, email=email, type='register') emailToken.put() link = enki.libutil.get_local_url( 'registerconfirm', {'verifytoken': emailToken.token}) self.send_email(email, MSG.SEND_EMAIL_REGISTER_CONFIRM_SUBJECT(), MSG.SEND_EMAIL_REGISTER_CONFIRM_BODY(link)) return result
def account_deletion_request( self, delete_posts = False ): token_type = 'accountdelete' if delete_posts: token_type = 'accountandpostsdelete' # if the user has an email, create an email verify token, send it to the email address tokenEntity = EnkiModelTokenVerify.get_by_user_id_email_type( self.enki_user.key.id( ), self.enki_user.email, token_type ) if tokenEntity: # if a verify token for the same new email address and user already exists, use its token token = tokenEntity.token else: # otherwise create a new token token = security.generate_random_string( entropy = 256 ) delete_account_token = EnkiModelTokenVerify( token = token, user_id = self.enki_user.key.id(), email = self.enki_user.email, type = token_type ) delete_account_token.put() link = enki.libutil.get_local_url( 'accountdeleteconfirm', { 'verifytoken': delete_account_token.token } ) delete_posts_message = '' if delete_posts: self.send_email( self.enki_user.email, MSG.SEND_EMAIL_ACCOUT_POSTS_DELETE_SUBJECT(), MSG.SEND_EMAIL_ACCOUT_POSTS_DELETE_BODY( link )) else: self.send_email( self.enki_user.email, MSG.SEND_EMAIL_ACCOUT_DELETE_SUBJECT(), MSG.SEND_EMAIL_ACCOUT_DELETE_BODY( link ))
def post_reauthenticated(self, params): register = params.get('register') deregister = params.get('deregister') if register: # initiate adding a new authentication method to the account for authhandler in settings.HANDLERS: if register == authhandler.get_provider_name(): token = security.generate_random_string(entropy=256) LoginAddToken = EnkiModelTokenVerify( token=token, user_id=self.user_id, auth_ids_provider=register, type='loginaddconfirm_1') LoginAddToken.put() self.redirect(authhandler.get_button().href) break elif deregister: self.remove_auth_id(deregister) self.add_infomessage('success', MSG.SUCCESS(), MSG.AUTH_PROVIDER_REMOVED(deregister)) self.redirect(enki.libutil.get_local_url('accountconnect'))
def provider_authenticated_callback( self, loginInfo ): # We expect the fields of the dictionary to be: # - 'provider_name' unique 'pretty' provider name (e.g. google, facebook,...) # - 'provider_uid' provider specific (a.k.a "locally unique") user Id, i.e unique to the provider (e.g. the google user id number) # - 'email' # - 'email_verified' # We IGNORE: username, gender (facebook), avatar link, etc. # get the verified email from the auth provider email = None if loginInfo[ 'email' ] and loginInfo[ 'email_verified' ] == True: email = loginInfo[ 'email' ] # get the authId from the auth provider authId = loginInfo[ 'provider_name' ] + ':' + loginInfo[ 'provider_uid' ] if authId: # modify existing or create user user = self.get_or_create_user_from_authid( authId, email, allow_create = False ) if user: self.log_in_session_token_create( user ) self.add_infomessage( 'success', MSG.SUCCESS( ), MSG.LOGGED_IN()) self.redirect_to_relevant_page() else: # generate & store a verification token and the auth provider. save the token number in the session. register_token = enki.libuser.get_VerifyToken_by_authid_type( authId, 'register' ) if register_token: # if a token already exists, get the token value and update the email token = register_token.token register_token.email = email # update in case the user changed their email or modified their email access permission else: # create a new token token = security.generate_random_string( entropy = 256 ) register_token = EnkiModelTokenVerify( token = token, email = email, auth_ids_provider = authId, type = 'register' ) register_token.put() self.session[ 'tokenregisterauth' ] = token self.redirect( enki.libutil.get_local_url( 'registeroauthconfirm' ) ) else: self.redirect_to_relevant_page()
def provider_authenticated_callback(self, loginInfo): # We expect the fields of the dictionary to be: # - 'provider_name' unique 'pretty' provider name (e.g. google, facebook,...) # - 'provider_uid' provider specific (a.k.a "locally unique") user Id, i.e unique to the provider (e.g. the google user id number) # - 'email' # - 'email_verified' # We IGNORE: username, gender (facebook), avatar link, etc. # get the verified email from the auth provider email = None if loginInfo['email'] and loginInfo['email_verified'] == True: email = loginInfo['email'] # get the authId from the auth provider auth_id = loginInfo['provider_name'] + ':' + loginInfo['provider_uid'] if auth_id: # Modify existing or create user # check if it's an add login method request LoginAddToken = EnkiModelTokenVerify.get_by_user_id_state_type( self.user_id, loginInfo['provider_name'], 'loginaddconfirm_1') if LoginAddToken: # Add a login method if not EnkiModelUser.exist_by_auth_id(auth_id): # store the new auth prov + id in the session LoginAddToken.state = auth_id LoginAddToken.type = 'loginaddconfirm_2' LoginAddToken.put() self.redirect( enki.libutil.get_local_url('loginaddconfirm')) else: self.add_infomessage( MSG.INFORMATION(), MSG.AUTH_PROVIDER_CANNOT_BE_ADDED(str(auth_id))) self.redirect(enki.libutil.get_local_url('accountconnect')) return else: user = self.get_user_from_authid(auth_id, email) if user: # Existing authentication method / user if self.is_logged_in() and self.user_id == user.key.id(): # Refresh the reauthenticated status self.session['reauth_time'] = datetime.datetime.now() self.add_infomessage(MSG.SUCCESS(), MSG.REAUTHENTICATED()) self.redirect_to_relevant_page() return # Login self.log_in_session_token_create(user) self.add_infomessage(MSG.SUCCESS(), MSG.LOGGED_IN()) self.redirect_to_relevant_page() else: # New authentication method register_token = EnkiModelTokenVerify.get_by_state_type( auth_id, 'register') if register_token: # If a token already exists, get the token value and update the email token = register_token.token register_token.email = email # update in case the user changed their email or modified their email access permission else: # Create a new token token = security.generate_random_string(entropy=256) register_token = EnkiModelTokenVerify(token=token, email=email, state=auth_id, type='register') register_token.put() self.session['tokenregisterauth'] = token if EnkiModelUser.exist_by_email(email): self.redirect( enki.libutil.get_local_url( 'registeroauthwithexistingemail')) else: self.redirect( enki.libutil.get_local_url('registeroauthconfirm')) else: self.redirect_to_relevant_page()
def email_change_request(self, email): # request an email address to be modified. Create a rollback option. result = 'cannot_remove' emailCurrent = self.enki_user.email userId = self.enki_user.key.id() if email != '' and EnkiModelUser.exist_by_email(email): # if the new email matches an existing verified user email, reject it if emailCurrent == email: result = 'same' else: result = self.ERROR_EMAIL_IN_USE # Note: send an email to emailcurrent regardless to prevent email checking (see below) else: if email == '': # if the user erased the email, and they can log in through auth, store "removed" in the email field, so it isn't overwritten by an auth login with a verified email if self.enki_user.auth_ids_provider: self.enki_user.email = 'removed' self.enki_user.put() result = 'removed' else: return result else: # email the new, unverified address with a link to allow the user to verify the email tokenEntity = EnkiModelTokenVerify.get_by_user_id_email_type( userId, email, 'emailchange') if tokenEntity: # if a verify token for the same new email address and user already exists, use its token token = tokenEntity.token else: # otherwise create a new token token = security.generate_random_string(entropy=256) emailToken = EnkiModelTokenVerify(token=token, email=email, user_id=userId, type='emailchange') emailToken.put() link = enki.libutil.get_local_url('emailchangeconfirm', {'verifytoken': token}) self.send_email( email, MSG.SEND_EMAIL_EMAIL_CHANGE_CONFIRM_SUBJECT(), MSG.SEND_EMAIL_EMAIL_CHANGE_CONFIRM_BODY(link, email)) result = 'change' if emailCurrent and emailCurrent != 'removed' and result != 'same': # email the current, verified address in case they want to undo the change (useful if account has been hacked) # skip this step if the current email is empty (case if user logged in with auth id without email with e.g. Steam) or "removed". # If the email is already in use, mask the fact to prevent email checking. tokenEntity = EnkiModelTokenEmailRollback.get_by_user_id_email( userId, emailCurrent) if tokenEntity: # if the old email is already in the archive, use its token token = tokenEntity.token else: # otherwise create a new token token = security.generate_random_string(entropy=256) emailOldToken = EnkiModelTokenEmailRollback(token=token, email=emailCurrent, user_id=userId) emailOldToken.put() if result == self.ERROR_EMAIL_IN_USE: self.add_debugmessage( '''Comment - whether the email is available or not, the feedback through both the UI AND EMAIL is identical to prevent email checking.''' ) link = enki.libutil.get_local_url('emailrollback', {'rollbacktoken': token}) self.send_email( emailCurrent, MSG.SEND_EMAIL_EMAIL_CHANGE_UNDO_SUBJECT(), MSG.SEND_EMAIL_EMAIL_CHANGE_UNDO_BODY(link, emailCurrent)) return result
def post(self): self.check_CSRF() submit_type = self.request.get('submittype') data = self.get_email_subscriptions_data() email = '' error_message = '' if data[0]: # is_logged_in if submit_type == 'subscribe': # delete eventual verification tokens for this email and newsletter tokenEntity = EnkiModelTokenVerify.get_by_email_state_type( self.enki_user.email, settings.email_newsletter_name[0], 'emailsubscriptionconfirm') if tokenEntity: tokenEntity.key.delete() EnkiModelEmailSubscriptions.add_newsletter( self.enki_user.email, settings.email_newsletter_name[0]) self.add_infomessage( MSG.SUCCESS(), MSG.EMAIL_SUBSCRIBED(settings.email_newsletter_name[0])) data[1] = True # has_email_subscriptions elif submit_type == 'unsubscribe': EnkiModelEmailSubscriptions.remove_newsletter_by_email( self.enki_user.email, settings.email_newsletter_name[0]) self.add_infomessage( MSG.SUCCESS(), MSG.EMAIL_UNSUBSCRIBED(settings.email_newsletter_name[0])) data[ 1] = False # has_email_subscriptions - ASSUMPTION: ONLY ONE NEWSLETTER AVAILABLE if submit_type == 'subscribeemail': email_unsafe = self.request.get('email') email, result = self.validate_email(email_unsafe) if result == self.ERROR_EMAIL_FORMAT_INVALID: error_message = MSG.WRONG_EMAIL_FORMAT() elif result == self.ERROR_EMAIL_MISSING: error_message = MSG.MISSING_EMAIL() elif result == enki.libutil.ENKILIB_OK: if EnkiModelBackoffTimer.get(self.request.remote_addr, increment=True, expires=True) == 0: if not EnkiModelEmailSubscriptions.exist_by_email_newsletter( email, settings.email_newsletter_name[0]): # if not already subscribed, create a token and send email with a link to allow the user to confirm their subscription if not EnkiModelTokenVerify.get_by_email_state_type( email, settings.email_newsletter_name[0], 'emailsubscriptionconfirm'): # if a verify token already exists, skip as an email was already sent. token = security.generate_random_string( entropy=256) emailToken = EnkiModelTokenVerify( token=token, email=email, state=settings.email_newsletter_name[0], type='emailsubscriptionconfirm') emailToken.put() link = enki.libutil.get_local_url( 'emailsubscriptionconfirm', {'verifytoken': token}) self.send_email( email, MSG.SEND_EMAIL_EMAIL_SUBSCRIBE_CONFIRM_SUBJECT( ), MSG.SEND_EMAIL_EMAIL_SUBSCRIBE_CONFIRM_BODY( link, settings.email_newsletter_name[0])) self.add_infomessage( MSG.INFORMATION(), MSG.EMAIL_SUBSCRIBE_CONFIRM_EMAIL_SENT( email, settings.email_newsletter_name[0])) self.add_debugmessage( 'Comment - whether the email is sent or not, the feedback through the UI is identical to prevent email checking.' ) email = '' else: backoff_timer = EnkiModelBackoffTimer.get( self.request.remote_addr, expires=True) if backoff_timer != 0: error_message = MSG.TIMEOUT( enki.libutil.format_timedelta(backoff_timer)) if data[0]: # is_logged_in self.redirect(enki.libutil.get_local_url('profile')) else: self.render_tmpl('emailsubscriptions.html', active_menu='profile', data=data, email=email, error=error_message)
def add_preventmultipost_token(): # prevent accidental multiple posting token = security.generate_random_string(entropy=256) pmtoken = EnkiModelTokenVerify(token=token, type='preventmultipost') pmtoken.put() return token
def add_preventmultipost_token(): # prevent accidental multiple posting token = security.generate_random_string( entropy = 256 ) pmtoken = EnkiModelTokenVerify( token = token, type = 'preventmultipost' ) pmtoken.put() return token
def provider_authenticated_callback( self, loginInfo ): # We expect the fields of the dictionary to be: # - 'provider_name' unique 'pretty' provider name (e.g. google, facebook,...) # - 'provider_uid' provider specific (a.k.a "locally unique") user Id, i.e unique to the provider (e.g. the google user id number) # - 'email' # - 'email_verified' # We IGNORE: username, gender (facebook), avatar link, etc. # get the verified email from the auth provider email = None if loginInfo[ 'email' ] and loginInfo[ 'email_verified' ] == True: email = loginInfo[ 'email' ] # get the authId from the auth provider auth_id = loginInfo[ 'provider_name' ] + ':' + loginInfo[ 'provider_uid' ] if auth_id: # Modify existing or create user # check if it's an add login method request LoginAddToken = EnkiModelTokenVerify.get_by_user_id_auth_id_type( user_id = self.user_id, auth_id = loginInfo[ 'provider_name' ], type = 'loginaddconfirm_1' ) if LoginAddToken: # Add a login method if not enki.libuser.exist_Auth_Id( auth_id ): # store the new auth prov + id in the session LoginAddToken.auth_ids_provider = auth_id LoginAddToken.type = 'loginaddconfirm_2' LoginAddToken.put() self.redirect( enki.libutil.get_local_url( 'loginaddconfirm' )) else: self.add_infomessage( 'info', MSG.INFORMATION(), MSG.AUTH_PROVIDER_CANNOT_BE_ADDED( str( auth_id ))) self.redirect( enki.libutil.get_local_url( 'accountconnect' )) return else: user = self.get_user_from_authid( auth_id, email ) if user: # Existing authentication method / user if self.is_logged_in() and self.user_id == user.key.id(): # Refresh the reauthenticated status self.session[ 'reauth_time' ] = datetime.datetime.now() self.add_infomessage( 'success', MSG.SUCCESS(), MSG.REAUTHENTICATED()) self.redirect_to_relevant_page() return # Login self.log_in_session_token_create( user ) self.add_infomessage( 'success', MSG.SUCCESS(), MSG.LOGGED_IN()) self.redirect_to_relevant_page() else: # New authentication method register_token = EnkiModelTokenVerify.get_by_auth_id_type( auth_id, 'register' ) if register_token: # If a token already exists, get the token value and update the email token = register_token.token register_token.email = email # update in case the user changed their email or modified their email access permission else: # Create a new token token = security.generate_random_string( entropy = 256 ) register_token = EnkiModelTokenVerify( token = token, email = email, auth_ids_provider = auth_id, type = 'register' ) register_token.put() self.session[ 'tokenregisterauth' ] = token if enki.libuser.exist_EnkiUser( email ): self.redirect( enki.libutil.get_local_url( 'registeroauthwithexistingemail' )) else: self.redirect( enki.libutil.get_local_url( 'registeroauthconfirm' )) else: self.redirect_to_relevant_page()