def register(request):
if request.method == 'POST':
form = RegistrationForm(request.POST)
if form.is_valid():
#Make a new (inactive) user, and mail out the registration token
new_user = User(username=sha(form.cleaned_data['email'], 30), is_active=False, **form.cleaned_data)
new_user.set_password(form.cleaned_data['password'])
new_user.save()
new_token = RegistrationToken(user=new_user, token=sha(len=10))
new_token.save()
#change to we mailed you, and click link plz
return {'message':"Valid form! Your token is %s" % new_token.token}
else:
form = RegistrationForm()
return {'form':form}
def post(self, *args, **kwargs):
''' Used to delete regtokens '''
token_value = self.get_argument('token_value', '')
reg_token = RegistrationToken.by_value(token_value)
if reg_token is not None:
dbsession.delete(reg_token)
dbsession.flush()
self.redirect('/admin/regtoken/view')
else:
self.render('admin/view/token.html',
errors=["Token does not exist"])
def post(self, *args, **kwargs):
''' Used to delete regtokens '''
token_value = self.get_argument('token_value', '')
reg_token = RegistrationToken.by_value(token_value)
if reg_token is not None:
dbsession.delete(reg_token)
dbsession.flush()
self.redirect('/admin/regtoken/view')
else:
self.render('admin/view/token.html',
errors=["Token does not exist"]
)
def post(self, *args, **kwargs):
''' Attempts to create an account, with shitty form validation '''
form = Form(
account="Please enter an account name",
handle="Please enter a handle",
team="Please select a team to join",
pass1="Please enter a password",
pass2="Please confirm your password",
token="Please enter a registration token"
)
if form.validate(self.request.arguments):
config = ConfigManager.Instance()
account = self.get_argument('account').lower()
handle = self.get_argument('handle').lower()
rtok = self.get_argument('token', '__none__').lower()
passwd = self.get_argument('pass1')
if User.by_account(account) is not None:
self.render('public/registration.html',
errors=['Account name already taken']
)
elif account == handle:
self.render('public/registration.html',
errors=['Account name and hacker name must differ']
)
elif User.by_handle(handle) is not None:
self.render('public/registration.html',
errors=['Handle already taken']
)
elif not passwd == self.get_argument('pass2'):
self.render('public/registration.html',
errors=['Passwords do not match']
)
elif not 0 < len(passwd) <= config.max_password_length:
self.render('public/registration.html',
errors=['Password must be 1-%d characters'
% config.max_password_length]
)
elif Team.by_uuid(self.get_argument('team', '')) is None:
self.render('public/registration.html',
errors=["Please select a team to join"]
)
elif RegistrationToken.by_value(rtok) is None and not config.debug:
self.render('public/registration.html',
errors=["Invalid registration token"]
)
else:
self.create_user(account, handle, passwd, rtok)
self.render('public/successful_reg.html', account=account)
else:
self.render('public/registration.html', errors=form.errors)
def create_user(self, account, handle, passwd, rtok):
''' Add user to the database '''
team = Team.by_uuid(self.get_argument('team', ''))
user = User(
account=unicode(account),
handle=unicode(handle),
team_id=team.id,
)
dbsession.add(user)
dbsession.flush()
user.password = passwd
token = RegistrationToken.by_value(rtok)
if token is not None: # May be None if debug mode is on
token.used = True
dbsession.add(token)
dbsession.add(user)
dbsession.flush()
self.event_manager.joined_team(user)
def create_user(self, account, handle, passwd, rtok):
''' Add user to the database '''
team = Team.by_uuid(self.get_argument('team', ''))
user = User(
account=unicode(account),
handle=unicode(handle),
team_id=team.id,
)
dbsession.add(user)
dbsession.flush()
user.password = passwd
token = RegistrationToken.by_value(rtok)
if token is not None: # May be None if debug mode is on
token.used = True
dbsession.add(token)
dbsession.add(user)
dbsession.flush()
self.event_manager.joined_team(user)
def post(self, *args, **kwargs):
''' Attempts to create an account, with shitty form validation '''
form = Form(account="Please enter an account name",
handle="Please enter a handle",
team="Please select a team to join",
pass1="Please enter a password",
pass2="Please confirm your password",
token="Please enter a registration token")
if form.validate(self.request.arguments):
config = ConfigManager.Instance()
account = self.get_argument('account').lower()
handle = self.get_argument('handle').lower()
rtok = self.get_argument('token', '__none__').lower()
passwd = self.get_argument('pass1')
if User.by_account(account) is not None:
self.render('public/registration.html',
errors=['Account name already taken'])
elif account == handle:
self.render(
'public/registration.html',
errors=['Account name and hacker name must differ'])
elif User.by_handle(handle) is not None:
self.render('public/registration.html',
errors=['Handle already taken'])
elif not passwd == self.get_argument('pass2'):
self.render('public/registration.html',
errors=['Passwords do not match'])
elif not 0 < len(passwd) <= config.max_password_length:
self.render('public/registration.html',
errors=[
'Password must be 1-%d characters' %
config.max_password_length
])
elif Team.by_uuid(self.get_argument('team', '')) is None:
self.render('public/registration.html',
errors=["Please select a team to join"])
elif RegistrationToken.by_value(rtok) is None and not config.debug:
self.render('public/registration.html',
errors=["Invalid registration token"])
else:
self.create_user(account, handle, passwd, rtok)
self.render('public/successful_reg.html', account=account)
else:
self.render('public/registration.html', errors=form.errors)
def create_user(self, team):
''' Add user to the database '''
assert len(team.members) < self.config.max_team_size
handle = self.get_argument('handle')
user = User(
handle=unicode(handle),
team_id=team.id,
)
dbsession.add(user)
dbsession.flush()
user.password = self.get_argument('pass1', '')
user.bank_password = self.get_argument('bpass1', '')
if self.config.restrict_registration:
rtok = self.get_argument('token', '')
token = RegistrationToken.by_value(rtok)
dbsession.add(token)
dbsession.add(user)
dbsession.flush()
event = self.event_manager.create_joined_team_event(user)
self.new_events.append(event)
return user
def validate_user(self):
''' Validate user arguments '''
errors = []
handle = self.get_argument('handle')
rtok = self.get_argument('token', '')
passwd = self.get_argument('pass1', '')
bank_passwd = self.get_argument('bpass1', '')
if not 2 < len(handle) < 16:
errors.append('Hacker name must be 3-15 characters')
elif User.by_handle(handle) is not None:
errors.append('Handle already taken')
elif not passwd == self.get_argument('pass2'):
errors.append('Passwords do not match')
elif len(passwd) < 16 and not self.config.debug:
errors.append('Password must be at least 16 characters')
elif not 0 < len(bank_passwd) <= self.config.max_password_length:
errors.append(
'Bank account password must be 1-%d characters' % self.config.max_password_length
)
elif RegistrationToken.by_value(rtok) is None and self.config.restrict_registration:
errors.append("Invalid registration token")
return errors
def create(self):
''' Adds a registration token to the db and displays the value '''
token = RegistrationToken()
dbsession.add(token)
dbsession.flush()
self.render('admin/create/token.html', token=token)
