def forgot(request):
email = None
if 'forgot.submit' in request.params:
email = request.params.get('email', '')
user_dao = UserDao(None)
user = user_dao.get_by_email(email)
if user is None:
msg = "Sorry. We couldn't find an account for that email."
request.session.flash(msg, 'error')
return _build_response_with(request, email=email)
user.mark_pwd_reset("FORGOTTEN")
settings = request.registry.settings
msg = ReactivateMsg(user.email, "Reset your PyCon.ca password",
settings)
msg.send(
request.route_url('pwd_reset_form',
username=user.username,
reset_key=user.activation.code))
login = request.route_url('login')
msg = ('Instructions on how to reset your password have been'
' sent to your email address.')
request.session.flash(msg, 'success')
return HTTPFound(location=login)
return _build_response_with(request, email=email)
def pwd_change(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
if 'change.submit' in params:
current_password = params.get('current_password', None)
password1 = params.get('password1', None)
password2 = params.get('password2', None)
if password1 != password2:
request.response.status_int = 500
msg = ('The password you entered does not match')
request.session.flash(msg, 'error')
return _build_response(request)
user_dao = UserDao(None)
user_id = authenticated_userid(request)
if user_id is None:
request.session.flash('Unidentified user', 'error')
return _build_response(request)
user = user_dao.get_by_id(user_id)
if user and check_password(current_password, user.password):
user_dao.set_new_pwd(user_id, generate_password(password1))
request.session.flash('Password Successfully changed', 'success')
return _build_response(request)
request.session.flash('Incorrect password', 'error')
return _build_response(request)
def pwd_change(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
if 'change.submit' in params:
current_password = params.get('current_password', None)
password1 = params.get('password1', None)
password2 = params.get('password2', None)
if password1 != password2:
request.response.status_int = 500
msg = ('The password you entered does not match')
request.session.flash(msg, 'error')
return _build_response(request)
user_dao = UserDao(None)
user_id = authenticated_userid(request)
if user_id is None:
request.session.flash('Unidentified user', 'error')
return _build_response(request)
user = user_dao.get_by_id(user_id)
if user and check_password(current_password, user.password):
user_dao.set_new_pwd(user_id, generate_password(password1))
request.session.flash('Password Successfully changed', 'success')
return _build_response(request)
request.session.flash('Incorrect password', 'error')
return _build_response(request)
def login(request):
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
username = ''
password = ''
if 'login.submit' in request.params:
username = request.params['username']
password = request.params['password']
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user and check_password(password, user.password):
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
request.session.flash('Login failed', 'error')
response_ = _build_response(request)
response_.update(
came_from=came_from,
username=username,
password=password,
)
return response_
def forgot(request):
email = None
if 'forgot.submit' in request.params:
email = request.params.get('email', '')
user_dao = UserDao(None)
user = user_dao.get_by_email(email)
if user is None:
msg = "Sorry. We couldn't find an account for that email."
request.session.flash(msg, 'error')
return _build_response_with(request, email=email)
user.mark_pwd_reset("FORGOTTEN")
settings = request.registry.settings
msg = ReactivateMsg(user.email,
"Reset your PyCon.ca password",
settings)
msg.send(request.route_url('pwd_reset_form', username=user.username,
reset_key=user.activation.code))
login = request.route_url('login')
msg = ('Instructions on how to reset your password have been'
' sent to your email address.')
request.session.flash(msg, 'success')
return HTTPFound(location=login)
return _build_response_with(request, email=email)
def login(request):
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
username = ''
password = ''
if 'login.submit' in request.params:
username = request.params['username']
password = request.params['password']
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user and check_password(password, user.password):
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
request.session.flash('Login failed', 'error')
response_ = _build_response(request)
response_.update(
came_from=came_from,
username=username,
password=password,
)
return response_
class UniqueUsername(FancyValidator):
def __init__(self, *args, **kwargs):
FancyValidator.__init__(self, *args, **kwargs)
self.user_dao = UserDao(None)
def _to_python(self, value, state):
if self.user_dao.username_already_exists(value, state.id):
raise Invalid('That username already exists', value, state)
return value
class UniqueUsername(FancyValidator):
def __init__(self, *args, **kwargs):
FancyValidator.__init__(self, *args, **kwargs)
self.user_dao = UserDao(None)
def _to_python(self, value, state):
if self.user_dao.username_already_exists(value, state.id):
raise Invalid("That username already exists", value, state)
return value
def forgot(request):
username = ""
if "forgot.submit" in request.params:
username = request.params["username"]
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user:
login = request.route_url("login")
# msg = ('Instructions on how to reset your password have been'
# ' sent to your email address.')
msg = "Contact [email protected] to reset your password."
request.session.flash(msg, "error")
return HTTPFound(location=login)
msg = "Sorry. We couldn't find an account for that username."
request.session.flash(msg, "error")
response_ = _build_response(request)
response_.update(username=username)
return response_
def forgot(request):
username = ''
if 'forgot.submit' in request.params:
username = request.params['username']
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user:
login = request.route_url('login')
#msg = ('Instructions on how to reset your password have been'
# ' sent to your email address.')
msg = ('Contact [email protected] to reset your password.')
request.session.flash(msg, 'error')
return HTTPFound(location=login)
msg = "Sorry. We couldn't find an account for that username."
request.session.flash(msg, 'error')
response_ = _build_response(request)
response_.update(username=username, )
return response_
def login(request):
login_url = request.route_url("login")
referrer = request.url
if referrer == login_url:
referrer = "/" # never use the login form itself as came_from
came_from = request.params.get("came_from", referrer)
username = ""
password = ""
if "login.submit" in request.params:
username = request.params["username"]
password = request.params["password"]
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user and check_password(password, user.password):
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
request.session.flash("Login failed", "error")
response_ = _build_response(request)
response_.update(came_from=came_from, username=username, password=password)
return response_
def get_user(request):
user_id = unauthenticated_userid(request)
if user_id:
user_dao = UserDao()
return user_dao.get(user_id)
def __init__(self, *args, **kwargs):
FancyValidator.__init__(self, *args, **kwargs)
self.user_dao = UserDao(None)
def _configure(self):
self.name = 'user'
self.dao = UserDao(self.request.user)
self.schema = UserSchema
def __getitem__(self, id):
return UserDao(self.request.user).get(id)
def __init__(self, *args, **kwargs):
FancyValidator.__init__(self, *args, **kwargs)
self.user_dao = UserDao(None)
def get_user(request):
user_id = unauthenticated_userid(request)
if user_id:
user_dao = UserDao(None)
return user_dao.get(user_id)
