def activate(self): """ Handle a request for a user activation link. Checks if the activation code passed is valid, and (as a safety check) that it is an activation for the passed user id. If all is well, activate the user and redirect them to the stream. """ code = self.request.matchdict.get("code") id_ = self.request.matchdict.get("id") if code is None or id_ is None: return httpexceptions.HTTPNotFound() try: id_ = int(id_) except ValueError: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(activation) if user is None or user.id != id_: return httpexceptions.HTTPNotFound() # Activate the user (by deleting the activation) self.request.db.delete(activation) self.request.session.flash(_("Your e-mail address has been verified. " "Thank you!"), "success") self.request.registry.notify(ActivationEvent(self.request, user)) return httpexceptions.HTTPFound(location=self.request.route_url("index"))
def get_when_not_logged_in(self): """ Handle a request for a user activation link. Checks if the activation code passed is valid, and (as a safety check) that it is an activation for the passed user id. If all is well, activate the user and redirect them to the stream. """ code = self.request.matchdict.get('code') id_ = self.request.matchdict.get('id') try: id_ = int(id_) except ValueError: raise httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: self.request.session.flash( jinja2.Markup( _("We didn't recognize that activation link. " "Perhaps you've already activated your account? " 'If so, try <a href="{url}">signing in</a> using the username ' 'and password that you provided.').format( url=self.request.route_url('login'))), 'error') return httpexceptions.HTTPFound( location=self.request.route_url('index')) user = User.get_by_activation(activation) if user is None or user.id != id_: raise httpexceptions.HTTPNotFound() user.activate() self.request.session.flash( jinja2.Markup( _('Your account has been activated! ' 'You can now <a href="{url}">sign in</a> using the password you ' 'provided.').format(url=self.request.route_url('login'))), 'success') self.request.registry.notify(ActivationEvent(self.request, user)) return httpexceptions.HTTPFound( location=self.request.route_url('index'))
def get_when_not_logged_in(self): """ Handle a request for a user activation link. Checks if the activation code passed is valid, and (as a safety check) that it is an activation for the passed user id. If all is well, activate the user and redirect them to the stream. """ code = self.request.matchdict.get('code') id_ = self.request.matchdict.get('id') try: id_ = int(id_) except ValueError: raise httpexceptions.HTTPNotFound() activation = Activation.get_by_code(self.request.db, code) if activation is None: self.request.session.flash(jinja2.Markup(_( "We didn't recognize that activation link. " "Perhaps you've already activated your account? " 'If so, try <a href="{url}">logging in</a> using the username ' 'and password that you provided.').format( url=self.request.route_url('login'))), 'error') return httpexceptions.HTTPFound( location=self.request.route_url('index')) user = User.get_by_activation(self.request.db, activation) if user is None or user.id != id_: raise httpexceptions.HTTPNotFound() user.activate() self.request.session.flash(jinja2.Markup(_( 'Your account has been activated! ' 'You can now <a href="{url}">log in</a> using the password you ' 'provided.').format(url=self.request.route_url('login'))), 'success') self.request.registry.notify(ActivationEvent(self.request, user)) return httpexceptions.HTTPFound( location=self.request.route_url('index'))
def activate(self): """ Handle a request for a user activation link. Checks if the activation code passed is valid, and (as a safety check) that it is an activation for the passed user id. If all is well, activate the user and redirect them to the stream. """ code = self.request.matchdict.get("code") id_ = self.request.matchdict.get("id") if code is None or id_ is None: return httpexceptions.HTTPNotFound() try: id_ = int(id_) except ValueError: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(activation) if user is None or user.id != id_: return httpexceptions.HTTPNotFound() # Activate the user (by deleting the activation) self.request.db.delete(activation) self.request.session.flash( jinja2.Markup( _( "Your account has been activated! " 'You can now <a href="{url}">login</a> using the password you ' "provided." ).format(url=self.request.route_url("login")) ), "success", ) self.request.registry.notify(ActivationEvent(self.request, user)) return httpexceptions.HTTPFound(location=self.request.route_url("index"))
def activate(self): """ Handle a request for a user activation link. Checks if the activation code passed is valid, and (as a safety check) that it is an activation for the passed user id. If all is well, activate the user and redirect them to the stream. """ code = self.request.matchdict.get('code') id_ = self.request.matchdict.get('id') if code is None or id_ is None: return httpexceptions.HTTPNotFound() try: id_ = int(id_) except ValueError: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(activation) if user is None or user.id != id_: return httpexceptions.HTTPNotFound() # Activate the user (by deleting the activation) self.request.db.delete(activation) self.request.session.flash( jinja2.Markup( _('Your account has been activated! ' 'You can now <a href="{url}">login</a> using the password you ' 'provided.').format(url=self.request.route_url('login'))), 'success') self.request.registry.notify(ActivationEvent(self.request, user)) return httpexceptions.HTTPFound( location=self.request.route_url('index'))
def reset_password(self): """ Handle submission of the reset password form. This function checks that the activation code (i.e. reset token) provided by the form is valid, retrieves the user associated with the activation code, and resets their password. """ schema = schemas.ResetPasswordSchema().bind(request=self.request) form = deform.Form(schema) code = self.request.matchdict.get('code') if code is None: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(self.request, code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(self.request, activation) if user is None: return httpexceptions.HTTPNotFound() if self.request.method != 'POST': return httpexceptions.HTTPMethodNotAllowed() err, appstruct = validate_form(form, self.request.POST.items()) if err is not None: return err user.password = appstruct['password'] db = get_session(self.request) db.delete(activation) self.request.session.flash(_('Your password has been reset!'), 'success') self.request.registry.notify(PasswordResetEvent(self.request, user)) return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def reset_password(self): """ Handle submission of the reset password form. This function checks that the activation code (i.e. reset token) provided by the form is valid, retrieves the user associated with the activation code, and resets their password. """ schema = schemas.ResetPasswordSchema().bind(request=self.request) form = deform.Form(schema) code = self.request.matchdict.get('code') if code is None: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(activation) if user is None: return httpexceptions.HTTPNotFound() if self.request.method != 'POST': return httpexceptions.HTTPMethodNotAllowed() err, appstruct = validate_form(form, self.request.POST.items()) if err is not None: return err user.password = appstruct['password'] self.request.db.delete(activation) self.request.session.flash(_('Your password has been reset!'), 'success') self.request.registry.notify(PasswordResetEvent(self.request, user)) return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def activate(self): """ Handle a request for a user activation link. Checks if the activation code passed is valid, and (as a safety check) that it is an activation for the passed user id. If all is well, activate the user and redirect them to the stream. """ code = self.request.matchdict.get('code') id_ = self.request.matchdict.get('id') if code is None or id_ is None: return httpexceptions.HTTPNotFound() try: id_ = int(id_) except ValueError: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(activation) if user is None or user.id != id_: return httpexceptions.HTTPNotFound() # Activate the user (by deleting the activation) self.request.db.delete(activation) self.request.session.flash( _("Your e-mail address has been verified. " "Thank you!"), 'success') self.request.registry.notify(ActivationEvent(self.request, user)) return httpexceptions.HTTPFound( location=self.request.route_url('index'))