コード例 #1
0
ファイル: views.py プロジェクト: kteague/pyramidpd
def set_password(request):
    secret_key = request.POST['k']
    user_id = request.POST['id']
    password = request.POST['p']
    is_for_profile = request.POST.get('n', False);
    
    if not is_for_profile:
        signup = session.query(Signup).filter(Signup.id==user_id)[0]
        profile = session.query(Profile).filter(Profile.email==signup.email)[0]
        if signup.secret_key == secret_key:
            profile.password = encode_password(password)
    else:
        profile = session.query(Profile).filter(Profile.id==user_id)[0]
        if profile.password_reset_key == secret_key:
            profile.password = encode_password(password)
コード例 #2
0
ファイル: views.py プロジェクト: kteague/pyramidpd
def reset_password(request):
    email = request.POST['email']
    try:
        profile = session.query(Profile).filter(Profile.email==email)[0]
    except IndexError:
        request.response.status = '404 Not Found'
        return {'message':'Email not found','code':'1'}
    profile.password_reset_key  = ''.join(random.choice(
        string.ascii_letters + string.digits) for _ in range(20))
    now = datetime.datetime.now()
    profile.password_reset_date = datetime.date(now.year, now.month, now.day)
    session.flush()
    mailer = get_mailer(request)
    body = """
Someone requested a password reset for your account.

If this was you, then you can click on this link to change your password:

http://localhost/set_new_password?id=%s&k=%s&email=%s
    """ % (profile.id, profile.password_reset_key, email)
    message = Message(
      subject="Passpord Date password reset request",
      sender="*****@*****.**",
      recipients=[profile.email],
      body=body,
    )
    mailer.send(message)
    return {'message':'Password request sent. Check your email.', 'code':'0'}
コード例 #3
0
ファイル: views.py プロジェクト: kteague/pyramidpd
def get_profile(request):
    request.response.content_type = 'application/vnd.api+json'
    profileid = request.matchdict['profileid']
    try:
        profile = session.query(Profile).filter(Profile.id==profileid)[0]
    except IndexError:
        request.response.status = '404 Not Found'
        return {}
    
    return {
        'data': {
            'type':'profile',
            'id':profileid,
            'attributes': {
              'orientation':profile.orientation,
              'gender':profile.gender,
              'city':profile.city,
              'country':profile.country,
              'birthdate':str(profile.birthdate),
              'name':profile.name,
              'about_me':profile.about_me,
              'interests':profile.interests,
              'looking_for':profile.looking_for
             },
        },
    }
コード例 #4
0
ファイル: views.py プロジェクト: kteague/pyramidpd
def validate_signup(request):
    signup = session.query(Signup).filter(Signup.id==request.GET['id'])[0]
    if signup.secret_key != request.GET['k']:
        # probably just a 200 and an error message is OK?
        request.response.status = '400 Bad Request'
        return 'foo!'

    if not session.query(Profile).filter(Profile.id==request.GET['id']):    
        profile = Profile()
        profile.id = str(signup.id)
        profile.orientation = signup.orientation
        profile.gender = signup.gender
        profile.country = signup.country
        profile.city = signup.city
        profile.birthdate = signup.birthdate
        profile.email = signup.email
        session.add(profile)
        session.flush()

    # handle response
    request.response.status = '200 OK'
    request.response.content_type = 'application/vnd.api+json'
    request.response.headers['Location'] = 'http://localhost/api/1/signups/%s' % signup.id
    
    return {
       "data": {
         "type": "signups",
         "id": str(signup.id),
         "attributes": {
             'orientation':signup.orientation,
             'gender':signup.gender,
             'country':signup.country,
             'city':signup.city,
             'birthdate':signup.birthdate.isoformat(),
             'email':signup.email,
         },
       },
    }
コード例 #5
0
ファイル: views.py プロジェクト: kteague/pyramidpd
def sign_in(request):
    identification = request.POST['identification']
    password = request.POST['password']
    try:
        profile = session.query(Profile).filter(Profile.email==identification)[0]
    except IndexError:
        request.response.status = '401 Unauthorized'
        request.response.content_type = 'application/vnd.api+json'
        return {'message':'Account does not exist.', 'code':True}
    
    algorithm, iterations, salt, hash = profile.password.split('$', 3)
    if profile.password == encode_password(password, salt):
        # authentication success
        authtkt_ticket = remember(request, identification)
        return {'token':authtkt_ticket,'email':identification}
    else:
        request.response.status = '401 Unauthorized'
        request.response.content_type = 'application/vnd.api+json'
        return {'message':'Password incorrect.', 'code':False}