def user_is_valid(self, uid): if uid > 0: users_dao = UsersDao() cur_user = users_dao.get_user_by_uid(uid) if cur_user: return True else: return False else: return False
def user_and_stage_is_valid(self, uid, sid): if uid > 0 and sid > 0: users_dao = UsersDao() cur_user = users_dao.get_user_by_uid(uid) if cur_user: stage_dao = StageDao() cur_stage = stage_dao.get_stage_by_sid(sid) if cur_stage: return True else: return False else: return False else: return False
class UsersManager(): def __init__(self): self.dao = UsersDao() self.cur_user = None self.salt = 'gwrqifboi' def __valid_passwd(self, passwd): if not 4 <= len(passwd) <= 24: return False for i in passwd: if not 32 < ord(i) < 127: return False return True def __send_authentication_email(self, uid, email, token): mail_host = 'smtp.sohu.com' mail_host_port = 25 mail_from = 'Rabot Admin<*****@*****.**>' mail_from_uname = 'project_rabot' mail_from_passwd = 'orz_rabot' mail_to = email authentication_url = \ 'http://127.0.0.1:9000/accountactivation/?uid=%s&token=%s' % \ (str(uid), token) mail_content = """ <h3> Welcome to Rabot -- Learn coding with a rabbit. </h3> <h5>Coding for fun? Is that a joke? No! </h5> <br> Thanks for your registration.<br> Please click this <a href="%s">link</a> to finish the registration. <br> <br> If the link above is not available, please copy the following url address: <br> %s<br> """ % (authentication_url, authentication_url) message = MIMEText(mail_content, _subtype='html', _charset='utf-8') message['Subject'] = 'Welcome to Rabot -- Learn coding with a rabbit' message['From'] = mail_from message['To'] = mail_to server = smtplib.SMTP(mail_host, mail_host_port) server.ehlo() server.login(mail_from_uname, mail_from_passwd) server.sendmail(mail_from, mail_to, message.as_string()) server.close() def get_cur_user(self): return self.cur_user def clear(self): all_users = self.dao.get_all_users() for user in all_users: self.dao.delete_user(user) def registration(self, uname, passwd, email): if not self.__valid_passwd(passwd): return 'Password is invalid.' target = self.dao.get_user_by_uname(uname) if target: return 'Username is already used.' target = self.dao.get_user_by_email(email) if target: return 'Email is already used.' all_users = self.dao.get_all_users() if len(all_users) > 0: uid = all_users[-1].uid + 1 else: uid = 1 self.dao.create_user(uid, uname, passwd, email) self.cur_user = self.dao.get_user_by_uid(uid) text = ('\1'.join([str(self.cur_user.uname), str(self.cur_user.email), str(self.cur_user.passwd), self.salt])).encode('utf-8') token = hashlib.sha1(text).hexdigest() t = threading.Thread(target=self.__send_authentication_email, args=(uid, email, token)) t.start() return 'Succeeded.' def registration_authentication(self, uid, token): cur_user = self.dao.get_user_by_uid(uid) if cur_user: if self.dao.is_authenticated(cur_user): return 'User has been authenticated already.' else: text = ('\1'.join([str(cur_user.uname), str(cur_user.email), str(cur_user.passwd), self.salt])).encode('utf-8') tmp_token = hashlib.sha1(text).hexdigest() if tmp_token == token: self.dao.authenticate(cur_user) return 'Succeeded.' else: return 'Authentication failure(Incorrect token).' else: return 'User does not exist.' def login(self, uname, passwd): cur_user = self.dao.get_user_by_uname(uname) if not cur_user: return 'User does not exist.' elif check_password(passwd, cur_user.passwd): if cur_user.authenticated: self.cur_user = cur_user return 'Succeeded.' else: return 'User has not authenticated, please check your email.' else: return 'Password is incorrect.' def logout(self, uid): if uid > 0: cur_user = self.dao.get_user_by_uid(uid) if not cur_user: return 'User does not exist or has not logged in.' else: self.cur_user = cur_user return 'Succeeded.' else: self.cur_user = None return 'User does not exist.' def update(self, uid, old_passwd, new_passwd, new_email): cur_user = self.dao.get_user_by_uid(uid) if not cur_user: return 'User does not exist.' if not check_password(old_passwd, cur_user.passwd): return 'Old password is incorrect.' if len(new_passwd) > 0 and not self.__valid_passwd(new_passwd): return 'New password is invalid.' if len(new_email) > 0: target = self.dao.get_user_by_email(new_email) if target: return 'Email is already used.' if len(new_passwd) > 0: self.dao.update_passwd(cur_user, new_passwd) if len(new_email) > 0: self.dao.update_email(cur_user, new_email) self.cur_user = cur_user return 'Succeeded.'
def __init__(self): self.dao = UsersDao() self.cur_user = None self.salt = 'gwrqifboi'