def get(self):
""" Activate a user's account for a given `token`. """
activation_token = self.request.GET.get('token')
user = users.get_current_user()
temp_values = {}
if activation_token and not user:
user_activation = ndb.Key(users.UserActivation,
activation_token).get()
if user_activation:
if user_activation.expires > datetime.now():
user = user_activation.activate_user()
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(
template.render(
'ndb_users/templates/activate-success.html',
users.template_values()))
return None
else:
temp_values['token_expired'] = True
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/activate-error.html',
users.template_values(template_values=temp_values)))
def get(self):
""" Activate a user's account for a given `token`. """
activation_token = self.request.GET.get('token')
user = users.get_current_user()
temp_values = {}
if activation_token and not user:
user_activation = ndb.Key(users.UserActivation, activation_token).get()
if user_activation:
if user_activation.expires > datetime.now():
user = user_activation.activate_user()
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(template.render(
'ndb_users/templates/activate-success.html',
users.template_values()
))
return None
else:
temp_values['token_expired'] = True
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/activate-error.html',
users.template_values(template_values=temp_values)
))
def get(self):
""" Display the Signup/Create Account template. """
# Ensure user not logged in
user = users.get_current_user()
self.response.out.write(
template.render('ndb_users/templates/create.html',
users.template_values()))
def get(self):
""" Activate a user's account for a given `token`. """
response_object = dict()
activation_token = self.request.GET.get('token')
user = users.get_current_user()
if activation_token and not user:
user_activation = ndb.Key(users.UserActivation,
activation_token).get()
if user_activation:
if user_activation.expires > datetime.now():
user = user_activation.activate_user()
if user:
_login_user_for_id(user.key.string_id())
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Activation token expired
response_object['token_expired'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Activation token invalid/not found/used
response_object['token_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `token`
def get(self):
user = users.get_current_user()
if user:
action = self.request.GET.get('action')
if action == 'logout':
_logout_user()
if self.request.GET.get('continue'):
self.redirect(self.request.GET.get('continue').encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/logout-success.html',
users.template_values()
))
else:
if self.request.GET.get('continue'):
self.redirect(self.request.GET.get('continue').encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/login-success.html',
users.template_values()
))
return None
# Path and serve template
self.response.out.write(template.render(
'ndb_users/templates/login.html',
users.template_values()
))
def get(self):
""" Inform the application if the `token` is valid/invalid. """
response_object = dict()
token = self.request.GET.get('token')
user = users.get_current_user()
if token and not user:
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
# Token OK
response_object['user'] = dict()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Expired token
response_object['token_expired'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Invalid token
response_object['token_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `token`
def get(self):
""" Activate a user's account for a given `token`. """
response_object = dict()
activation_token = self.request.GET.get('token')
user = users.get_current_user()
if activation_token and not user:
user_activation = ndb.Key(users.UserActivation, activation_token).get()
if user_activation:
if user_activation.expires > datetime.now():
user = user_activation.activate_user()
if user:
_login_user_for_id(user.key.string_id())
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Activation token expired
response_object['token_expired'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Activation token invalid/not found/used
response_object['token_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `token`
def post(self):
""" Send a recovery email, if `email` is found. """
response_object = dict()
request_object = json.loads(self.request.body)
email = request_object.get('email')
user = users.get_current_user()
if email and not user:
user = users.User.user_for_email(email)
if user:
if users.user_verified(user):
if not user.email_bounce_limited():
_create_recovery_email_for_user_id(user.key.string_id())
response_object['user'] = dict()
else:
response_object['email_bounce_limit'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# User not verified
response_object['user_not_verified'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# User not found
response_object['email_not_found'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `email`
def get(self):
""" Inform the application if the `token` is valid/invalid. """
response_object = dict()
token = self.request.GET.get('token')
user = users.get_current_user()
if token and not user:
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
# Token OK
response_object['user'] = dict()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Expired token
response_object['token_expired'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Invalid token
response_object['token_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `token`
def post(self):
""" Send a recovery email, if `email` is found. """
response_object = dict()
request_object = json.loads(self.request.body)
email = request_object.get('email')
user = users.get_current_user()
if email and not user:
user = users.User.user_for_email(email)
if user:
if users.user_verified(user):
if not user.email_bounce_limited():
_create_recovery_email_for_user_id(
user.key.string_id())
response_object['user'] = dict()
else:
response_object['email_bounce_limit'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# User not verified
response_object['user_not_verified'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# User not found
response_object['email_not_found'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `email`
def post(self):
""" Change the logged in user's password. """
response_object = dict()
request_object = json.loads(self.request.body)
user = users.get_current_user()
current_password = request_object.get('password')
new_password = request_object.get('new_password')
if user and current_password and new_password:
# Check password length
if len(new_password) < 4:
response_object['password_too_short'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Check `current_password` is indeed this user's password
attempt = users._password_hash(current_password, user.passwordSalt)
if attempt == user.passwordHash:
# Correct password; update to `new_password`
user.update_password(new_password)
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Wrong `current_password`
response_object['password_incorrect'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400)
def post(self):
""" Change the logged in user's password. """
response_object = dict()
request_object = json.loads(self.request.body)
user = users.get_current_user()
current_password = request_object.get('password')
new_password = request_object.get('new_password')
if user and current_password and new_password:
# Check password length
if len(new_password) < 4:
response_object['password_too_short'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Check `current_password` is indeed this user's password
attempt = users._password_hash(current_password, user.passwordSalt)
if attempt == user.passwordHash:
# Correct password; update to `new_password`
user.update_password(new_password)
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Wrong `current_password`
response_object['password_incorrect'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400)
def get(self):
""" Display a password reset form if the `token` is valid. """
token = self.request.GET.get('token')
user = users.get_current_user()
if token and not user:
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
self.response.out.write(template.render(
'ndb_users/templates/password-reset.html',
users.template_values(query_options={
'token': token
})
))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'token_invalid': True
}, query_options={
'token': token
})
))
def get(self):
""" Display the Signup/Create Account template. """
# Ensure user not logged in
user = users.get_current_user()
self.response.out.write(template.render(
'ndb_users/templates/create.html',
users.template_values()
))
def post(self):
""" Log in a user via POST'ed `email` and `password` values. """
# Make sure required POST parameters are present
email = self.request.POST.get('email')
password = self.request.POST.get('password')
extended = bool(self.request.POST.get('extended'))
user = users.get_current_user()
if user:
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(self.request.GET['continue'].encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/login-success.html',
users.template_values(template_values={
'user': user
})
))
return None
if email and password:
# Get a User for `email` and `password`
user = ndb.Key(users.User, users._user_id_for_email(email.lower())).get()
if user:
# User found... check Password
attempt = users._password_hash(password, user.passwordSalt)
if attempt == user.passwordHash:
if users.user_verified(user):
# Success
_login_user_for_id(user.key.string_id(), extended=extended)
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(self.request.GET['continue'].encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/login-success.html',
users.template_values(template_values={
'user': user
}, user=user)
))
return None
else:
# User email not verified (send another email, if allowed)
temp_values = dict()
if not user.email_bounce_limited():
_create_activation_email_for_user_id(user.key.string_id())
else:
temp_values['email_bounce_limit'] = True
self.response.out.write(template.render(
'ndb_users/templates/login-not-verified.html',
users.template_values(template_values=temp_values)
))
return None
# Error
self.response.out.write(template.render(
'ndb_users/templates/login-error.html',
users.template_values({
'email': email,
'extended': extended
})
))
def get(self):
""" Display a change password form, if user is logged in. """
user = users.get_current_user()
if user:
self.response.out.write(
template.render('ndb_users/templates/password-change.html',
users.template_values()))
return None
# No logged in user
self.redirect(webapp2.uri_for('login'))
def post(self):
""" Change the logged in user's password. """
user = users.get_current_user()
if user:
current_password = self.request.POST.get('current_password')
new_password = self.request.POST.get('new_password')
new_password2 = self.request.POST.get('new_password2')
# Make sure required POST parameters are present
if not current_password or not new_password or not new_password2:
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'missing_fields': True
})
))
return None
# Check password equality
if new_password != new_password2:
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'password_mismatch': True
})
))
return None
# Check password length
if len(new_password) < 4:
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'password_too_short': True
})
))
return None
# Check `current_password` is indeed this user's password
attempt = users._password_hash(current_password, user.passwordSalt)
if attempt == user.passwordHash:
# Correct password; update to `new_password`
user.update_password(new_password)
self.response.out.write(template.render(
'ndb_users/templates/password-change-success.html',
users.template_values()
))
return None
else:
# Wrong `current_password`
self.response.out.write(template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(template_values={
'password_incorrect': True
})
))
return None
# Not logged in
self.redirect(webapp2.uri_for('login'))
def post(self):
""" Send a recovery email, if `email` is found. """
# Require an email address...
user = users.get_current_user()
if user:
self.redirect(webapp2.uri_for('login'))
return None
email = self.request.POST.get('email')
if email:
# Get a user's key for their email address...
user = users.User.user_for_email(email)
if user:
if users.user_verified(user):
if not user.email_bounce_limited():
_create_recovery_email_for_user_id(
user.key.string_id())
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-success.html',
users.template_values()))
else:
# Bounce timeout
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(
template_values={
'email_bounce_limit': True
})))
else:
# User not verified
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(
template_values={'user_not_verified': True})))
else:
# User not found
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_email_not_found': True,
'email': email
})))
else:
# No `email` supplied in POST
self.response.out.write(
template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_invalid_email': True,
'email': email
})))
def post(self):
""" Reset the user's password for a `token` and passwords. """
token = self.request.GET.get('token')
user = users.get_current_user()
password = self.request.POST.get('password')
password2 = self.request.POST.get('password2')
if token and not user:
# Check passwords match
if password != password2:
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'password_mismatch': True
}, query_options={
'token': token
})
))
return None
# Check password length
if len(password) < 4:
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'password_too_short': True
}, query_options={
'token': token
})
))
return None
# Recover the User
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
user = user_recovery.reset_password(password)
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(template.render(
'ndb_users/templates/password-change-success.html',
users.template_values(query_options={
'token': token
})
))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={
'token_invalid': True
}, query_options={
'token': token
})
))
def get(self):
""" Display a change password form, if user is logged in. """
user = users.get_current_user()
if user:
self.response.out.write(template.render(
'ndb_users/templates/password-change.html',
users.template_values()
))
return None
# No logged in user
self.redirect(webapp2.uri_for('login'))
def post(self):
""" Send a recovery email, if `email` is found. """
# Require an email address...
user = users.get_current_user()
if user:
self.redirect(webapp2.uri_for('login'))
return None
email = self.request.POST.get('email')
if email:
# Get a user's key for their email address...
user = users.User.user_for_email(email)
if user:
if users.user_verified(user):
if not user.email_bounce_limited():
_create_recovery_email_for_user_id(user.key.string_id())
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-success.html',
users.template_values()
))
else:
# Bounce timeout
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'email_bounce_limit': True
})
))
else:
# User not verified
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'user_not_verified': True
})
))
else:
# User not found
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_email_not_found': True,
'email': email
})
))
else:
# No `email` supplied in POST
self.response.out.write(template.render(
'ndb_users/templates/password-forgot-error.html',
users.template_values(template_values={
'error_invalid_email': True,
'email': email
})
))
def get(self):
""" Display the password recovery form, asking for a user's email. """
user = users.get_current_user()
if not user:
self.response.out.write(
template.render('ndb_users/templates/password-forgot.html',
users.template_values()))
else:
continue_uri = self.request.GET.get('continue')
if continue_uri:
self.redirect(continue_uri.encode('ascii'))
else:
self.redirect(webapp2.uri_for('login'))
def get(self):
""" Return a `user` if logged in; empty object if no user; handle logging
out users via JSON request. """
response_object = dict()
user = users.get_current_user()
if user:
response_object['user'] = user.json_object()
action = self.request.GET.get('action')
if action == 'logout':
_logout_user()
response_object['user'] = dict()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
def get(self):
""" Return a `user` if logged in; empty object if no user; handle logging
out users via JSON request. """
response_object = dict()
user = users.get_current_user()
if user:
response_object['user'] = user.json_object()
action = self.request.GET.get('action')
if action == 'logout':
_logout_user()
response_object['user'] = dict()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
def post(self):
""" Change the logged in user's password. """
user = users.get_current_user()
if user:
current_password = self.request.POST.get('current_password')
new_password = self.request.POST.get('new_password')
new_password2 = self.request.POST.get('new_password2')
# Make sure required POST parameters are present
if not current_password or not new_password or not new_password2:
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'missing_fields': True})))
return None
# Check password equality
if new_password != new_password2:
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'password_mismatch': True})))
return None
# Check password length
if len(new_password) < 4:
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'password_too_short': True})))
return None
# Check `current_password` is indeed this user's password
attempt = users._password_hash(current_password, user.passwordSalt)
if attempt == user.passwordHash:
# Correct password; update to `new_password`
user.update_password(new_password)
self.response.out.write(
template.render(
'ndb_users/templates/password-change-success.html',
users.template_values()))
return None
else:
# Wrong `current_password`
self.response.out.write(
template.render(
'ndb_users/templates/password-change-error.html',
users.template_values(
template_values={'password_incorrect': True})))
return None
# Not logged in
self.redirect(webapp2.uri_for('login'))
def get(self):
user = users.get_current_user()
self.response.out.write(template.render(
'templates/json-api-post-login-password-reset.html', {
'user': user,
'login_url': users.create_login_url(
webapp2.uri_for('documentation')),
'logout_url': users.create_logout_url(
webapp2.uri_for('documentation')),
'password_forgot_url': users.create_password_forgot_url(
webapp2.uri_for('documentation')),
'password_change_url': users.create_password_change_url(
webapp2.uri_for('documentation'))
}))
def get(self):
""" Serve the homepage. """
user = users.get_current_user()
self.response.out.write(template.render(
'templates/index.html', {
'user': user,
'login_url': users.create_login_url(webapp2.uri_for('protected')),
'logout_url': users.create_logout_url(webapp2.uri_for('home')),
'password_forgot_url': users.create_password_forgot_url(
webapp2.uri_for('protected')),
'password_change_url': users.create_password_change_url(
webapp2.uri_for('home'))
}
))
def get(self):
""" Display the password recovery form, asking for a user's email. """
user = users.get_current_user()
if not user:
self.response.out.write(template.render(
'ndb_users/templates/password-forgot.html',
users.template_values()
))
else:
continue_uri = self.request.GET.get('continue')
if continue_uri:
self.redirect(continue_uri.encode('ascii'))
else:
self.redirect(webapp2.uri_for('login'))
def get(self):
""" Restrict this page to logged in users only! """
user = users.get_current_user()
if not user:
self.abort(401)
else:
self.response.out.write(template.render(
'templates/protected-page.html', {
'user': user,
'logout_url': users.create_logout_url(webapp2.uri_for('home')),
'password_change_url': users.create_password_change_url(
webapp2.uri_for('protected'))
}
))
def get(self):
""" Serves the JSON API page. """
user = users.get_current_user()
self.response.out.write(template.render(
'templates/json-api.html', {
'user': user,
'login_url': users.create_login_url(
webapp2.uri_for('documentation')),
'logout_url': users.create_logout_url(
webapp2.uri_for('documentation')),
'password_forgot_url': users.create_password_forgot_url(
webapp2.uri_for('documentation')),
'password_change_url': users.create_password_change_url(
webapp2.uri_for('documentation'))
}))
def post(self):
""" Reset the user's password for a `token` and passwords. """
token = self.request.GET.get('token')
user = users.get_current_user()
password = self.request.POST.get('password')
password2 = self.request.POST.get('password2')
if token and not user:
# Check passwords match
if password != password2:
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(
template_values={'password_mismatch': True},
query_options={'token': token})))
return None
# Check password length
if len(password) < 4:
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(
template_values={'password_too_short': True},
query_options={'token': token})))
return None
# Recover the User
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
user = user_recovery.reset_password(password)
if user:
_login_user_for_id(user.key.string_id())
self.response.out.write(
template.render(
'ndb_users/templates/password-change-success.html',
users.template_values(
query_options={'token': token})))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={'token_invalid': True},
query_options={'token': token})))
def post(self):
""" Create a new user for the supplied `email` and `password`. """
response_object = dict()
user = users.get_current_user()
request_object = json.loads(self.request.body)
if not user:
email = request_object.get('email')
password = request_object.get('password')
if email and password:
# Check password length
if len(password) < 4:
response['password_too_short'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Check `email`
if not mail.is_email_valid(email):
response_object['email_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Try finding a User with this email...
user_found = users.User.query(
users.User.email == email).count(1)
if user_found < 1:
# Create a User
new_user_key = users.User.create_user(email, password)
response_object['user'] = new_user_key.get().json_object()
if NDB_USERS_ENFORCE_EMAIL_VERIFICATION:
_create_activation_email_for_user_id(
new_user_key.string_id())
response_object['email_verification'] = True
else:
# Log this user in!
_login_user_for_id(new_user_key.string_id())
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Already exists
response_object['email_in_use'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, no `email`, or no `password`
def post(self):
""" Create a new user for the supplied `email` and `password`. """
response_object = dict()
user = users.get_current_user()
request_object = json.loads(self.request.body)
if not user:
email = request_object.get('email')
password = request_object.get('password')
if email and password:
# Check password length
if len(password) < 4:
response['password_too_short'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Check `email`
if not mail.is_email_valid(email):
response_object['email_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Try finding a User with this email...
user_found = users.User.query(users.User.email==email).count(1)
if user_found < 1:
# Create a User
new_user_key = users.User.create_user(email, password)
response_object['user'] = new_user_key.get().json_object()
if NDB_USERS_ENFORCE_EMAIL_VERIFICATION:
_create_activation_email_for_user_id(new_user_key.string_id())
response_object['email_verification'] = True
else:
# Log this user in!
_login_user_for_id(new_user_key.string_id())
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Already exists
response_object['email_in_use'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, no `email`, or no `password`
def post(self):
""" Log in a user via supplied JSON `email` and `password` values. """
request_object = json.loads(self.request.body)
email = request_object.get('email')
password = request_object.get('password')
extended = request_object.get('extended')
response_object = dict()
user = users.get_current_user()
if email and password and not user:
# Get a User for `email` and `password`
user = ndb.Key(users.User,
users._user_id_for_email(email.lower())).get()
if user:
# User found... check Password
attempt = users._password_hash(password, user.passwordSalt)
if attempt == user.passwordHash:
if users.user_verified(user):
# Success
_login_user_for_id(user.key.string_id(),
extended=extended)
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# User email not verified (send another email, if allowed)
if not user.email_bounce_limited():
_create_activation_email_for_user_id(
user.key.string_id())
else:
response_object['email_bounce_limit'] = True
response_object['user_not_verified'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
response_object['login_fail'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, no `email`, or no `password`
def get(self):
""" Display a password reset form if the `token` is valid. """
token = self.request.GET.get('token')
user = users.get_current_user()
if token and not user:
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
self.response.out.write(
template.render(
'ndb_users/templates/password-reset.html',
users.template_values(
query_options={'token': token})))
return None
continue_uri = self.request.GET.get('continue')
if user and continue_uri:
self.redirect(continue_uri.encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/password-reset-error.html',
users.template_values(template_values={'token_invalid': True},
query_options={'token': token})))
def post(self):
""" Reset the owner of `token`'s password. """
response_object = dict()
request_object = json.loads(self.request.body)
new_password = request_object.get('new_password')
token = self.request.GET.get('token')
user = users.get_current_user()
if token and new_password and not user:
# Check password length
if len(new_password) < 4:
response_object['password_too_short'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Recover the user
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
user = user_recovery.reset_password(new_password)
if user:
_login_user_for_id(user.key.string_id())
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Expired token
response_object['token_expired'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Invalid token
response_object['token_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `token`, or no `new_password`
def post(self):
""" Reset the owner of `token`'s password. """
response_object = dict()
request_object = json.loads(self.request.body)
new_password = request_object.get('new_password')
token = self.request.GET.get('token')
user = users.get_current_user()
if token and new_password and not user:
# Check password length
if len(new_password) < 4:
response_object['password_too_short'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
# Recover the user
user_recovery = ndb.Key(users.UserRecovery, token).get()
if user_recovery:
if user_recovery.expires > datetime.now():
user = user_recovery.reset_password(new_password)
if user:
_login_user_for_id(user.key.string_id())
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Expired token
response_object['token_expired'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# Invalid token
response_object['token_invalid'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, or no `token`, or no `new_password`
def post(self):
""" Log in a user via supplied JSON `email` and `password` values. """
request_object = json.loads(self.request.body)
email = request_object.get('email')
password = request_object.get('password')
extended = request_object.get('extended')
response_object = dict()
user = users.get_current_user()
if email and password and not user:
# Get a User for `email` and `password`
user = ndb.Key(users.User, users._user_id_for_email(email.lower())).get()
if user:
# User found... check Password
attempt = users._password_hash(password, user.passwordSalt)
if attempt == user.passwordHash:
if users.user_verified(user):
# Success
_login_user_for_id(user.key.string_id(), extended=extended)
response_object['user'] = user.json_object()
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
else:
# User email not verified (send another email, if allowed)
if not user.email_bounce_limited():
_create_activation_email_for_user_id(user.key.string_id())
else:
response_object['email_bounce_limit'] = True
response_object['user_not_verified'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
response_object['login_fail'] = True
self.response.content_type = 'application/json'
self.response.out.write(json.dumps(response_object))
return None
self.abort(400) # Logged in user, no `email`, or no `password`
def get(self):
user = users.get_current_user()
if user:
action = self.request.GET.get('action')
if action == 'logout':
_logout_user()
if self.request.GET.get('continue'):
self.redirect(
self.request.GET.get('continue').encode('ascii'))
self.response.out.write(
template.render('ndb_users/templates/logout-success.html',
users.template_values()))
else:
if self.request.GET.get('continue'):
self.redirect(
self.request.GET.get('continue').encode('ascii'))
self.response.out.write(
template.render('ndb_users/templates/login-success.html',
users.template_values()))
return None
# Path and serve template
self.response.out.write(
template.render('ndb_users/templates/login.html',
users.template_values()))
def user(self):
return users.get_current_user()
def verify_user(self):
self.user = users.get_current_user()
if not self.user:
raise UnauthorizedException("Invalid or no user session provided.")
def post(self):
""" Log in a user via POST'ed `email` and `password` values. """
# Make sure required POST parameters are present
email = self.request.POST.get('email')
password = self.request.POST.get('password')
extended = bool(self.request.POST.get('extended'))
user = users.get_current_user()
if user:
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(self.request.GET['continue'].encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/login-success.html',
users.template_values(template_values={'user': user})))
return None
if email and password:
# Get a User for `email` and `password`
user = ndb.Key(users.User,
users._user_id_for_email(email.lower())).get()
if user:
# User found... check Password
attempt = users._password_hash(password, user.passwordSalt)
if attempt == user.passwordHash:
if users.user_verified(user):
# Success
_login_user_for_id(user.key.string_id(),
extended=extended)
# Redirect if requested
if self.request.GET.get('continue'):
self.redirect(
self.request.GET['continue'].encode('ascii'))
self.response.out.write(
template.render(
'ndb_users/templates/login-success.html',
users.template_values(
template_values={'user':
user}, user=user)))
return None
else:
# User email not verified (send another email, if allowed)
temp_values = dict()
if not user.email_bounce_limited():
_create_activation_email_for_user_id(
user.key.string_id())
else:
temp_values['email_bounce_limit'] = True
self.response.out.write(
template.render(
'ndb_users/templates/login-not-verified.html',
users.template_values(
template_values=temp_values)))
return None
# Error
self.response.out.write(
template.render(
'ndb_users/templates/login-error.html',
users.template_values({
'email': email,
'extended': extended
})))
