예제 #1
0
    def handle(self, *args, **kwargs):
        """ Run our custom management command.
        """
        for user in User.objects.all():
            user.uses_identity_api = False

            if user.ad_hoc or user.username in ["", None]:
                user.save()
                continue

            success,response = identity_api.create(user.username,
                                                   password="******")
            if success:
                user.identity_api_hash = None # Not known yet.
                user.identity_api_salt = response['server_salt']
                print "Successfully created 3taps identity for "+user.username
            else:
                user.identity_api_hash = None # Not known yet.
                user.identity_api_salt = None # Not known yet.
                print "Uable to create identity for "+user.username
                print "  " + response

            user.save()
예제 #2
0
파일: users.py 프로젝트: 3taps/MessageMe
def update(session, username=None, password=None, phone_number=None):
    """ Update the details of the currently logged-in user.
    """
    raise UnauthorizedException() # Disable for now.

    logger.debug("in core.api.users.update(" +
                 "session=%s, username=%s, password=%s, phone_number=%s)" %
                 (repr(session), repr(username), repr(password),
                  repr(phone_number)))

    if session == None:
        raise InvalidParametersException()

    sessionHandler.validate(session)
    user = sessionHandler.get_user(session)

    # Remember if the user had a username or password.

    if user.username not in ["", None]:
        had_username = True
    else:
        had_username = False

    if user.password_salt not in ["", None]:
        had_password = True
    else:
        had_password = False

    # If we're setting a username and password for this user, and we didn't
    # have one previously, create a 3taps Identity for this user.  Note that
    # this may fail, if the username is already in use.

    if not had_username and username != None:
        if password == None: raise InvalidParametersException()
        _check_username(username)
        _check_password(password)

        # Try creating this user within the 3taps Identity API.

        success,response = identity_api.create(username, password)
        if not success:
            if response.startswith("403 error"):
                raise DuplicateUsernameException()
            else:
                raise InvalidParametersException()

        # Check that we don't have a local user with that username.

        try:
            existing_user = User.objects.get(username__iexact=username)
        except User.DoesNotExist:
            existing_user = None

        if existing_user != None:
            raise DuplicateUsernameException()

        # Finally, save the updated user details into our database.

        salt = response['server_salt']
        hash = hashlib.md5(password + salt).hexdigest()

        user.uses_identity_api = True
        user.username          = username
        user.identity_api_salt = salt
        user.identity_api_hash = hash
        user.save()

    # If we're changing the username for this user, ask the 3taps Identity API
    # to change the username.  Note that this may fail, if the new username is
    # already in use.

    if had_username and username != None and username != user.username:
        success,response = identity_api.login(user.username,
                                              pass_hash=user.identity_api_hash)
        if not success:
            raise UnauthorizedException()

        session = response

        success,response = identity_api.update(session,
                                               {'username' : username})
        if not success:
            if response.startswith("403 error"):
                raise DuplicateUsernameException()
            else:
                raise InvalidParametersException()

        identity_api.logout(session)

        # Check that we don't have a local user with that username.

        try:
            existing_user = User.objects.get(username__iexact=username)
        except User.DoesNotExist:
            existing_user = None

        if existing_user != None:
            raise DuplicateUsernameException()

        # Finally, save the updated user details into our database.

        user.username = username
        user.save()

    # If we're changing the password for this user, ask the 3taps Identity API
    # to change the password.

    if password != None:
        if user.username in ["", None]:
            # We can't change the password if we don't have a username.
            raise InvalidParametersException()

        if user.uses_identity_api:
            success,response = \
                    identity_api.login(user.username,
                                       pass_hash=user.identity_api_hash)
        else:
            success,response = \
                    identity_api.login(user.username,
                                       password="******")

        if not success:
            raise UnauthorizedException()

        session = response

        success,response = identity_api.update(session,
                                               {'username' : username})
        if not success:
            if response.startswith("403 error"):
                raise DuplicateUsernameException()
            else:
                raise InvalidParametersException()

        identity_api.logout(session)

        salt = response['server_salt']
        hash = hashlib.md5(password + salt).hexdigest()

        user.uses_identity_api = True
        user.identity_api_salt = salt
        user.identity_api_hash = hash
        user.save()

    # If we've been asked to update the user's phone number, do so.

    # NOTE: someone was using this to hack our system, so I've disabled it.

    if False: # phone_number != None:
        if phone_number == "":
            user.phone_number = None # Remove current phone number.
        else:
            phone_number = utils.format_phone_number(phone_number)

            try:
                existing_user = User.objects.get(phone_number=phone_number)
            except User.DoesNotExist:
                existing_user = None

            if existing_user != None and user.id != existing_user.id:
                raise DuplicatePhoneNumberException()

        user.phone_number = phone_number

    # If this was an ad hoc user who we're now making permanent, change their
    # "ad hoc" status, and create a new default topic for the user.

    if user.ad_hoc and (username != None or password != None or
                        phone_number != None):
        user.ad_hoc = False
        _create_default_topic(user)

    # If we have been given a username and password for this user, record them
    # as signing up.

    if not had_username and not had_password:
        if username not in ["", None] and password not in ["", None]:
            eventRecorder.record_event(eventRecorder.EVENT_TYPE_NEW_USER_SIGNUP)

    # Finally, save the updated user and return a copy of it back to the
    # caller.

    user.updated_at = datetime.datetime.utcnow()
    user.save()

    return user.to_dict()
예제 #3
0
파일: users.py 프로젝트: 3taps/MessageMe
def create(username=None, password=None, phone_number=None):
    """ Create a new User within the system.
    """
    raise UnauthorizedException() # Disable for now.

    logger.debug("in core.api.users.create(" +
                 "username=%s, password=%s, phone_number=%s)" %
                 (repr(username), repr(password), repr(phone_number)))

    if username     == "": username     = None
    if password     == "": password     = None
    if phone_number == "": phone_number = None

    if username == None and password == None and phone_number == None:
        ad_hoc = True
    else:
        ad_hoc = False

    if username != None: _check_username(username)
    if password != None: _check_password(password)

    if username != None or password != None:
        if username == None or password == None:
            # username and password must both be set at the same time.
            raise InvalidParametersException()

    if phone_number != None:
        phone_number = utils.format_phone_number(phone_number)

        try:
            existing_user = User.objects.get(phone_number=phone_number)
        except User.DoesNotExist:
            existing_user = None

        if existing_user != None:
            raise DuplicatePhoneNumberException()

    if username != None:
        # The user is attempting to create a new user with a username and
        # password.  Try to create the 3taps identity for this new user, and
        # raise a DuplicateUsernameException if the user already exists.
        success,response = identity_api.create(username, password)
        if not success:
            if response.startswith("403 error"):
                raise DuplicateUsernameException()
            else:
                raise InvalidParametersException()

    user = User()

    user.ad_hoc   = ad_hoc
    user.username = username

    if username != None:
        salt = response['server_salt']
        hash = hashlib.md5(password + salt).hexdigest()

        user.uses_identity_api = True
        user.identity_api_salt = salt
        user.identity_api_hash = hash
    else:
        user.uses_identity_api = False
        user.identity_api_hash = None
        user.identity_api_salt = None

    user.phone_number      = phone_number
    user.verification_code = None
    user.verified          = False
    user.created_at        = datetime.datetime.utcnow()
    user.updated_at        = datetime.datetime.utcnow()
    user.save()

    # If the new user has a username and password, record it as a new user
    # signup.

    if username != None and password != None:
        eventRecorder.record_event(eventRecorder.EVENT_TYPE_NEW_USER_SIGNUP)

    # While we're at it, create a default topic for the new user if they're not
    # an ad hoc user.

    if not ad_hoc:
        _create_default_topic(user)

    # Finally, return the new user's details to the caller.

    return user.to_dict()