def _do_reset_password(self, req): if req.authname != 'anonymous': req.hdf['reset.logged_in'] = True req.hdf['account_href'] = req.href.account() return if req.method == 'POST': username = req.args.get('username') email = req.args.get('email') if not username: req.hdf['reset.error'] = 'Username is required' return if not email: req.hdf['reset.error'] = 'Email is required' return for username_, name, email_ in self.env.get_known_users(): if username_ == username and email_ == email: break else: req.hdf['reset.error'] = 'Username and email must match.' return notifier = PasswordResetNotification(self.env) if email != notifier.email_map.get(username): req.hdf['reset.error'] = 'The email and username do not ' \ 'match a known account.' return new_password = self._random_password() notifier.notify(username, new_password) AccountManager(self.env).set_password(username, new_password) req.hdf['reset.sent_to_email'] = email
def _do_create(self, req): mgr = AccountManager(self.env) user = req.args.get('user') if not user: req.hdf['registration.error'] = 'Username cannot be empty.' return if mgr.has_user(user): req.hdf['registration.error'] = \ 'Another account with that name already exists.' return # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(self.env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): req.hdf['registration.error'] = \ 'Another account with that name already exists.' return password = req.args.get('password') if not password: req.hdf['registration.error'] = 'Password cannot be empty.' return if password != req.args.get('password_confirm'): req.hdf['registration.error'] = 'The passwords must match.' return mgr.set_password(user, password) req.redirect(self.env.href.login())
def _remote_user(self, req): user = req.args.get('user') password = req.args.get('password') if not user or not password: return None if AccountManager(self.env).check_password(user, password): return user return None
def _do_account(self, req): if req.authname == 'anonymous': req.redirect(self.env.href.wiki()) action = req.args.get('action') delete_enabled = AccountManager(self.env).supports('delete_user') req.hdf['delete_enabled'] = delete_enabled if req.method == 'POST': if action == 'change_password': self._do_change_password(req) elif action == 'delete': self._do_delete(req)
def _enable_check(self, log=False): writable = AccountManager(self.env).supports('set_password') ignore_case = auth.LoginModule(self.env).ignore_case if log: if not writable: self.log.warn('RegistrationModule is disabled because the ' 'password store does not support writing.') if ignore_case: self.log.warn('RegistrationModule is disabled because ' 'ignore_auth_case is enabled in trac.ini. ' 'This setting needs disabled to support ' 'registration.') return writable and not ignore_case
def _do_delete(self, req): user = req.authname mgr = AccountManager(self.env) password = req.args.get('password') if not password: req.hdf['account.delete_error'] = 'Password cannot be empty.' return if not mgr.check_password(user, password): req.hdf['account.delete_error'] = 'Password is incorrect.' return mgr.delete_user(user) req.redirect(self.env.href.logout())
def _do_change_password(self, req): user = req.authname password = req.args.get('password') if not password: req.hdf['account.error'] = 'Password cannot be empty.' return if password != req.args.get('password_confirm'): req.hdf['account.error'] = 'The passwords must match.' return AccountManager(self.env).set_password(user, password) req.hdf['account.message'] = 'Password successfully updated.'
def _create_user(req, env, check_permissions=True): mgr = AccountManager(env) user = req.args.get('user') if not user: raise TracError('Username cannot be empty.') if mgr.has_user(user): raise TracError('Another account with that name already exists.') if check_permissions: # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): raise TracError('Another account with that name already exists.') password = req.args.get('password') if not password: raise TracError('Password cannot be empty.') if password != req.args.get('password_confirm'): raise TracError('The passwords must match.') mgr.set_password(user, password) db = env.get_db_cnx() cursor = db.cursor() cursor.execute( "SELECT count(*) FROM session " "WHERE sid=%s AND authenticated=1", (user, )) exists, = cursor.fetchone() if not exists: cursor.execute( "INSERT INTO session " "(sid, authenticated, last_visit) " "VALUES (%s, 1, 0)", (user, )) for key in ('name', 'email'): value = req.args.get(key) if not value: continue cursor.execute( "UPDATE session_attribute SET value=%s " "WHERE name=%s AND sid=%s AND authenticated=1", (value, key, user)) if not cursor.rowcount: cursor.execute( "INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,%s,%s)", (user, key, value)) db.commit()
def _do_change_password(self, req): user = req.authname mgr = AccountManager(self.env) old_password = req.args.get('old_password') if not old_password: req.hdf['account.save_error'] = 'Old Password cannot be empty.' return if not mgr.check_password(user, old_password): req.hdf['account.save_error'] = 'Old Password is incorrect.' return password = req.args.get('password') if not password: req.hdf['account.save_error'] = 'Password cannot be empty.' return if password != req.args.get('password_confirm'): req.hdf['account.save_error'] = 'The passwords must match.' return mgr.set_password(user, password) req.hdf['account.message'] = 'Password successfully updated.'
def _write_check(self, log=False): writable = AccountManager(self.env).supports('set_password') if not writable and log: self.log.warn('AccountModule is disabled because the password ' 'store does not support writing.') return writable
def _do_delete(self, req): user = req.authname AccountManager(self.env).delete_user(user) req.redirect(self.env.href.logout())