예제 #1
0
def handle_password_reset(username, new_password, new_password2):
    """
  Handles the submitted password reset request. Returns True if successful,
  False otherwise. Also handles all messages displayed to the user.
  """
    if not validation_utils.validate_password(new_password, new_password2):
        return False

    auth_utils.set_password(username, new_password)
    # Clean up the password reset key, so that it cannot be used again.
    query = sqlalchemy.text("""
    UPDATE users
    SET password_reset_key = NULL, password_reset_expiration = NULL
    WHERE username = :u
    """)
    flask.g.db.execute(query, u=username)
    # Get the user's email.
    query = sqlalchemy.text("""
    SELECT name, email
    FROM members
      NATURAL JOIN members_extra
      NATURAL JOIN users
    WHERE username = :u
    """)
    result = flask.g.db.execute(query, u=username).first()
    # Send confirmation email to user.
    email = result['email']
    name = result['name']
    msg = email_templates.ResetPasswordSuccessfulEmail.format(name)
    subject = "Password reset successful"
    email_utils.send_email(email, msg, subject)
    return True
예제 #2
0
def handle_password_reset(username, new_password, new_password2):
    """
  Handles the submitted password reset request. Returns True if successful,
  False otherwise. Also handles all messages displayed to the user.
  """
    if not validation_utils.validate_password(new_password, new_password2):
        return False

    auth_utils.set_password(username, new_password)
    # Clean up the password reset key, so that it cannot be used again.
    query = sqlalchemy.text(
        """
    UPDATE users
    SET password_reset_key = NULL, password_reset_expiration = NULL
    WHERE username = :u
    """
    )
    flask.g.db.execute(query, u=username)
    # Get the user's email.
    query = sqlalchemy.text(
        """
    SELECT name, email
    FROM members
      NATURAL JOIN members_extra
      NATURAL JOIN users
    WHERE username = :u
    """
    )
    result = flask.g.db.execute(query, u=username).first()
    # Send confirmation email to user.
    email = result["email"]
    name = result["name"]
    msg = email_templates.ResetPasswordSuccessfulEmail.format(name)
    subject = "Password reset successful"
    email_utils.send_email(email, msg, subject)
    return True
예제 #3
0
def handle_create_account(user_id, username, password, password2, birthday):
    """Handles account creation.

  Creates account if all values provided are valid.

  Returns:
    bool indicating success.
  """
    # Validate username and password. The validate_* functions will flash errors.
    # We want to check all fields and not just stop at the first error.
    is_valid = True
    if not validation_utils.validate_username(username):
        is_valid = False
    if not validation_utils.validate_password(password, password2):
        is_valid = False
    if not validation_utils.validate_date(birthday):
        is_valid = False

    if not is_valid:
        return False

    # Insert new values into the database. Because the password is updated in a
    # separate step, we must use a transaction to execute this query.
    transaction = flask.g.db.begin()
    try:
        # Insert the new row into users.
        query = sqlalchemy.text("""
      INSERT INTO users (user_id, username, password_hash)
      VALUES (:user_id, :username, :password_hash)
      """)
        flask.g.db.execute(query,
                           user_id=user_id,
                           username=username,
                           password_hash="")
        # Set the password.
        auth_utils.set_password(username, password)
        # Set the birthday and invalidate the account creation key.
        query = sqlalchemy.text("""
      UPDATE members
      SET birthday = :birthday,
        create_account_key = NULL
      WHERE user_id = :user_id
      """)
        flask.g.db.execute(query, birthday=birthday, user_id=user_id)
        transaction.commit()
    except Exception:
        transaction.rollback()
        flask.flash("An unexpected error occurred. Please find an IMSS rep.")
        return False
    # Email the user.
    query = sqlalchemy.text("""
    SELECT name, email
    FROM members
      NATURAL JOIN members_extra
      NATURAL JOIN users
    WHERE username = :u
    """)
    result = flask.g.db.execute(query, u=username).first()
    # Send confirmation email to user.
    email = result["email"]
    name = result["name"]
    msg = email_templates.CreateAccountSuccessfulEmail.format(name, username)
    subject = "Thanks for creating an account!"
    email_utils.send_email(email, msg, subject)
    return True
예제 #4
0
def handle_create_account(user_id, username, password, password2, birthday):
  """Handles account creation.

  Creates account if all values provided are valid.

  Returns:
    bool indicating success.
  """
  # Validate username and password. The validate_* functions will flash errors.
  # We want to check all fields and not just stop at the first error.
  is_valid = True
  if not validation_utils.validate_username(username):
    is_valid = False
  if not validation_utils.validate_password(password, password2):
    is_valid = False
  if not validation_utils.validate_date(birthday):
    is_valid = False

  if not is_valid:
    return False

  # Insert new values into the database. Because the password is updated in a
  # separate step, we must use a transaction to execute this query.
  transaction = flask.g.db.begin()
  try:
    # Insert the new row into users.
    query = sqlalchemy.text("""
      INSERT INTO users (user_id, username, password_hash)
      VALUES (:user_id, :username, :password_hash)
      """)
    flask.g.db.execute(query, user_id=user_id,
        username=username, password_hash="")
    # Set the password.
    auth_utils.set_password(username, password)
    # Set the birthday and invalidate the account creation key.
    query = sqlalchemy.text("""
      UPDATE members
      SET birthday = :birthday,
        create_account_key = NULL
      WHERE user_id = :user_id
      """)
    flask.g.db.execute(query, birthday=birthday, user_id=user_id)
    transaction.commit()
  except Exception:
    transaction.rollback()
    flask.flash("An unexpected error occurred. Please find an IMSS rep.")
    return False
  # Email the user.
  query = sqlalchemy.text("""
    SELECT name, email
    FROM members
      NATURAL JOIN members_extra
      NATURAL JOIN users
    WHERE username = :u
    """)
  result = flask.g.db.execute(query, u=username).first()
  # Send confirmation email to user.
  email = result["email"]
  name = result["name"]
  msg = email_templates.CreateAccountSuccessfulEmail.format(name, username)
  subject = "Thanks for creating an account!"
  email_utils.send_email(email, msg, subject)
  return True