def _banned(self, value):
if value and not self._banned:
self.state |= 1
# Invalidate all cookies by changing the password
# First back up the password so we can reverse this
self.backup_password = self.password
# New PW doesn't matter, they can't log in with it anyway.
# Even if their PW /was/ 'banned' for some reason, this
# will change the salt and thus invalidate the cookies
change_password(self, 'banned')
# deauthorize all access tokens
from r2.models.token import OAuth2AccessToken
from r2.models.token import OAuth2RefreshToken
OAuth2AccessToken.revoke_all_by_user(self)
OAuth2RefreshToken.revoke_all_by_user(self)
elif not value and self._banned:
self.state &= ~1
# Undo the password thing so they can log in
self.password = self.backup_password
# They're on their own for OAuth tokens, though.
self._commit()
def _banned(self, value):
if value and not self._banned:
self.state |= 1
# Invalidate all cookies by changing the password
# First back up the password so we can reverse this
self.backup_password = self.password
# New PW doesn't matter, they can't log in with it anyway.
# Even if their PW /was/ 'banned' for some reason, this
# will change the salt and thus invalidate the cookies
change_password(self, 'banned')
# deauthorize all access tokens
from r2.models.token import OAuth2AccessToken
from r2.models.token import OAuth2RefreshToken
OAuth2AccessToken.revoke_all_by_user(self)
OAuth2RefreshToken.revoke_all_by_user(self)
elif not value and self._banned:
self.state &= ~1
# Undo the password thing so they can log in
self.password = self.backup_password
# They're on their own for OAuth tokens, though.
self._commit()
