def auto_change_pass():
user = request.args.get('user')
token = request.args.get('token')
(email, activation_token) = DB.get_email_adress(user)
if (token == activation_token):
new_pass = DB.auto_set_new_pass(user, 'new password')
email_.send_email(
"Пользователь: {user}\n"
"Новый пароль: {password} "
"(Вы сможете изменить пароль на любой другой на странице пользователя)".format(
domain=(self.domain if self.domain is not None else self.ip),
user=user,
password=new_pass
),
"Password change",
email)
return render_template(
"error_page.html",
title="Password change",
text="Парол изменен",
description="Письмо с новым паролем отправлено на ваш e-mail"
)
else:
return redirect(self.app.config["APPLICATION_ROOT"] + '/404')
def add_user():
sha256 = hashlib.sha256(bytes(request.form.get('pass'), encoding='utf-8')).hexdigest()
name = request.form.get('name')
email = request.form.get('email')
result = not DB.check_user(name) and not DB.check_email(email)
if not (search('^.+@.+\..+$', email) and search('^[a-zA-Z0-9_]+$', name) and result):
return make_response('Wrong data', 400)
if request.files:
file = request.files['file']
if file.mimetype in const.IMAGES:
file_ext = const.IMAGES[file.mimetype]
file.save("./server/static/avatar/{}{}".format(name, file_ext))
else:
return make_response('Wrong data', 400)
else:
file_ext = None
(activation_token, result) = DB.add_user(name, sha256, file_ext, email)
if result:
response = make_response('OK')
result2 = DB.check_user(name, sha256)
if result2:
session = Session(name, result2.activated, result2.uid)
self.sessions[session.get_id()] = session
self.sessions_by_user_name[name] = session
session['avatar'] = result2.file
DB.add_session(session, result2.uid)
session.add_cookie_to_resp(response)
email_.send_email(
"Для подтвеждения регистрации пожалуйста перейдите по ссылке "
"http://{domain}/api/activate_account?token={token}".format(
domain=(self.domain if self.domain is not None else self.ip),
token=activation_token
),
"Account activation",
email)
else:
self.logger.write_msg("Something wrong with registration ({})".format(name))
response.headers["Content-type"] = "text/plain"
return response
else:
return 'Error', 500
def send_mail_for_auto_change_pass():
user = request.args.get('user')
DB.update_email_token(user, 'email activation')
(email, activation_token) = DB.get_email_adress(user)
email_.send_email(
"Для подтвеждения смены пароля пожалуйста перейдите по ссылке "
"http://{domain}/api/auto_change_pass?user={user}&token={token}".format(
domain=(self.domain if self.domain is not None else self.ip),
user=user,
token=activation_token
),
"Password change confirmation",
email)
return 'OK'
def resend_email():
if 'sessID' in request.cookies and request.cookies['sessID'] in self.sessions:
session = self.sessions[request.cookies['sessID']]
else:
return 'Fail', 401
DB.update_email_token(session.user, 'email activation')
(email, activation_token) = DB.get_email_adress(session.user)
email_.send_email(
"Для подтвеждения регистрации пожалуйста перейдите по ссылке "
"http://{domain}/api/activate_account?token={token}".format(
domain=(self.domain if self.domain is not None else self.ip),
token=activation_token
),
"Account activation",
email
)
return 'OK'