def register(): getpostfiles=GetPostFiles() connection=WebModel.connection() user_admin=UserAdmin(connection) user_admin.conditions=['WHERE privileges=%s', [2]] c=user_admin.select_count() if c==0: getpostfiles.obtain_post() getpostfiles.post['privileges']=2 user_admin.valid_fields=['username', 'email', 'password', 'privileges'] user_admin.create_forms() if user_admin.insert(getpostfiles.post, False): error= {'error': 0} return error else: user_admin.check_all_fields(getpostfiles.post, False) pass_values_to_form(getpostfiles.post, user_admin.forms, yes_error=True) s=get_session() s['csrf_token']=create_key_encrypt() error={'error': 1, 'csrf_token': s['csrf_token']} for field in user_admin.valid_fields: error[field]=user_admin.forms[field].txt_error error['repeat_password']=user_admin.forms['repeat_password'].txt_error #error['password_repeat']=I18n.lang('common', 'password_no_match', 'Passwords doesn\'t match') s.save() return error else: return {'error': 1}
def check_code_token(): t=PTemplate(env) if yes_recovery_login==True: getpost=GetPostFiles() getpost.obtain_post() connection=WebModel.connection() user_admin=UserAdmin(connection) token=getpost.post.get('token', '') token=user_admin.fields['token_recovery'].check(token) if token.strip()!='': user_admin.set_conditions('WHERE token_recovery=%s', [token]) user_admin.yes_reset_conditions=False arr_user=user_admin.select_a_row_where(['id', 'email']) if arr_user: new_password=create_key() user_admin.valid_fields=['password', 'token_recovery', 'num_tries'] user_admin.reset_require() user_admin.check_user=False if user_admin.update({'password': new_password, 'token_recovery': "", 'num_tries': 0}, False): send_mail=SendMail() content_mail=t.load_template('admin/recovery_password.phtml', password=new_password) if not send_mail.send(email_address, [arr_user['email']], I18n.lang('admin', 'send_password_email', 'Your new password'), content_mail): return {'token': 'Error: i cannot send mail', 'error': 1} return {'token': 'Error: cannot send the maild with the new password', 'error': 0} s=get_session() s['csrf_token']=create_key_encrypt() s.save() return {'token': 'Error: token is not valid', 'error': 1, 'csrf_token': s['csrf_token']}
def send_password(): connection=WebModel.connection() user_admin=UserAdmin(connection) t=PTemplate(env) getpost=GetPostFiles() getpost.obtain_post() email=getpost.post.get('email', '') email=user_admin.fields['email'].check(email) if user_admin.fields['email'].error: s=get_session() s['csrf_token']=create_key_encrypt() s.save() return {'email': user_admin.fields['email'].txt_error, 'error': 1, 'csrf_token': s['csrf_token']} else: user_admin.set_conditions('WHERE email=%s', [email]) user_admin.yes_reset_conditions=False if user_admin.select_count()==1: user_admin.reset_require() user_admin.valid_fields=['token_recovery'] user_admin.check_user=False token=create_key_encrypt_256() if user_admin.update({'token_recovery': token}): send_mail=SendMail() content_mail=t.load_template('admin/recovery_mail.phtml', token=token) if not send_mail.send(email_address, [email], I18n.lang('admin', 'send_email', 'Email for recovery your password'), content_mail): return {'email': 'Error: i cannot send mail', 'error': 1} return {'email': '', 'error': 0}
def show_form(post, arr_form, t, yes_error=True, pass_values=True, modelform_tpl='forms/modelform.phtml'): # Create csrf_token in session s=get_session() s['csrf_token']=create_key_encrypt() if pass_values==True: pass_values_to_form(post, arr_form, yes_error) return t.load_template(modelform_tpl, forms=arr_form)
if call("ssh-keygen -t rsa -P \""+password+"\" -f "+private_key_file, shell=True) > 0: print('Error, cannot install the new ssh key') exit(1) else: print('Generated rsa key...') """ rsa_key.write_private_key_file(private_key_file, password) with open(pub_key_file, 'w') as f: f.write(rsa_key.get_base64()) """ # Open the config and write this data api_key=create_key_encrypt(50) #create_key(50).replace('/', '#') add_config=[] add_config.append("\n\nfrom modules.pastafari.libraries.configclass import config_task") add_config.append("from paramecio.citoplasma.sendmail import SendMail") add_config.append("# Pastafari configuration") add_config.append("config_task.public_key='%s'" % pub_key_file) add_config.append("config_task.private_key='%s'" % private_key_file) add_config.append("config_task.password_key='%s'" % password)
def login(): connection=WebModel.connection() user_admin=UserAdmin(connection) getpostfiles=GetPostFiles() getpostfiles.obtain_post() getpostfiles.post['username']=getpostfiles.post.get('username', '') getpostfiles.post['password']=getpostfiles.post.get('password', '') username=user_admin.fields['username'].check(getpostfiles.post['username']) password=getpostfiles.post['password'].strip() user_admin.conditions=['WHERE username=%s', [username]] arr_user=user_admin.select_a_row_where(['id', 'password', 'privileges', 'lang', 'num_tries']) if arr_user==False: s=get_session() s['csrf_token']=create_key_encrypt() s.save() return {'error': 1, 'csrf_token': s['csrf_token']} else: num_tries=int(arr_user['num_tries']) if arr_user['num_tries']<3: if user_admin.fields['password'].verify(password, arr_user['password']): generate_session() s=get_session() s['id']=arr_user['id'] s['login']=1 s['privileges']=arr_user['privileges'] s['lang']=arr_user['lang'] if s['lang']=='': s['lang']=I18n.default_lang remember_login=getpostfiles.post.get('remember_login', '0') if remember_login=='1': timestamp=time()+315360000 random_text=create_key_encrypt() #Update user with autologin token user_admin.check_user=False user_admin.conditions=['WHERE username=%s', [username]] user_admin.valid_fields=['token_login'] user_admin.reset_require() if user_admin.update({'token_login': random_text}): response.set_cookie('remember_login', random_text, path="/", expires=timestamp, secret=key_encrypt) #else: #print(user_admin.query_error) s.save() return {'error': 0} else: user_admin.check_user=False user_admin.conditions=['WHERE username=%s', [username]] user_admin.valid_fields=['num_tries'] user_admin.reset_require() user_admin.update({'num_tries': arr_user['num_tries']+1}) s=get_session() s['csrf_token']=create_key_encrypt() s.save() return {'error': 1, 'csrf_token': s['csrf_token']} else: s=get_session() s['csrf_token']=create_key_encrypt() s.save() return {'error': 1, 'csrf_token': s['csrf_token']}
def csrf_token(): s=get_session() s['csrf_token']=create_key_encrypt() return '<input type="hidden" name="csrf_token" id="csrf_token" value="'+s['csrf_token']+'" />'