def pwd_change(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
if 'change.submit' in params:
current_password = params.get('current_password', None)
password1 = params.get('password1', None)
password2 = params.get('password2', None)
if password1 != password2:
request.response.status_int = 500
msg = ('The password you entered does not match')
request.session.flash(msg, 'error')
return _build_response(request)
user_dao = UserDao(None)
user_id = authenticated_userid(request)
if user_id is None:
request.session.flash('Unidentified user', 'error')
return _build_response(request)
user = user_dao.get_by_id(user_id)
if user and check_password(current_password, user.password):
user_dao.set_new_pwd(user_id, generate_password(password1))
request.session.flash('Password Successfully changed', 'success')
return _build_response(request)
request.session.flash('Incorrect password', 'error')
return _build_response(request)
def login(request):
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
username = ''
password = ''
if 'login.submit' in request.params:
username = request.params['username']
password = request.params['password']
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user and check_password(password, user.password):
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
request.session.flash('Login failed', 'error')
response_ = _build_response(request)
response_.update(
came_from=came_from,
username=username,
password=password,
)
return response_
def login(request):
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
username = ''
password = ''
if 'login.submit' in request.params:
username = request.params['username']
password = request.params['password']
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user and check_password(password, user.password):
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
request.session.flash('Login failed', 'error')
response_ = _build_response(request)
response_.update(
came_from=came_from,
username=username,
password=password,
)
return response_
def pwd_change(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
if 'change.submit' in params:
current_password = params.get('current_password', None)
password1 = params.get('password1', None)
password2 = params.get('password2', None)
if password1 != password2:
request.response.status_int = 500
msg = ('The password you entered does not match')
request.session.flash(msg, 'error')
return _build_response(request)
user_dao = UserDao(None)
user_id = authenticated_userid(request)
if user_id is None:
request.session.flash('Unidentified user', 'error')
return _build_response(request)
user = user_dao.get_by_id(user_id)
if user and check_password(current_password, user.password):
user_dao.set_new_pwd(user_id, generate_password(password1))
request.session.flash('Password Successfully changed', 'success')
return _build_response(request)
request.session.flash('Incorrect password', 'error')
return _build_response(request)
def login(request):
login_url = request.route_url("login")
referrer = request.url
if referrer == login_url:
referrer = "/" # never use the login form itself as came_from
came_from = request.params.get("came_from", referrer)
username = ""
password = ""
if "login.submit" in request.params:
username = request.params["username"]
password = request.params["password"]
user_dao = UserDao(None)
user = user_dao.get_by_username(username)
if user and check_password(password, user.password):
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
request.session.flash("Login failed", "error")
response_ = _build_response(request)
response_.update(came_from=came_from, username=username, password=password)
return response_
