Exemplo n.º 1
0
    def post(self):
        # check if valid username

        username_input = self.request.get("user_name")
        if username_input:
            specific_user = dataFunctions.retrieveUser(username_input)
            if specific_user:
                # create a new random password
                new_password_random = dataFunctions.randomword()
                secure_password = passwordValid.make_pw_hash(
                    username_input,
                    new_password_random)  # the function returns hash|salt

                # change password in db
                specific_user.password_hashed = secure_password
                specific_user.put()

                # send new password to email
                emailFunctions.sendEmail(specific_user.email,
                                         new_password_random)

                # then redirect to sentpassword.
                self.redirect("/sentpassword")

            else:
                wrong_name = username_input
                self.render_forgotten(name=wrong_name,
                                      name_error="Wrong Username")
        else:
            self.render_forgotten(name_error="You have to enter your Username")
Exemplo n.º 2
0
    def post(self):
        # check if valid username

        username_input = self.request.get("user_name")
        if username_input:
            specific_user = dataFunctions.retrieveUser(username_input)
            if specific_user:
                # create a new random password
                new_password_random = dataFunctions.randomword()
                secure_password = passwordValid.make_pw_hash(
                    username_input, new_password_random
                )  # the function returns hash|salt

                # change password in db
                specific_user.password_hashed = secure_password
                specific_user.put()

                # send new password to email
                emailFunctions.sendEmail(specific_user.email, new_password_random)

                # then redirect to sentpassword.
                self.redirect("/sentpassword")

            else:
                wrong_name = username_input
                self.render_forgotten(name=wrong_name, name_error="Wrong Username")
        else:
            self.render_forgotten(name_error="You have to enter your Username")
Exemplo n.º 3
0
def check_user_id_cookie(a_request):
    """"Returns a specific registered user, or if user_id_cookie_value or username is None
        return None"""

    user_id_cookie_value = a_request.cookies.get("user_id")  # username_input|hash (cookie)

    if user_id_cookie_value:
        username = passwordValid.check_secure_val(user_id_cookie_value)

        if username:  # valid cookie:
            the_RU = dataFunctions.retrieveUser(username)
            return the_RU
    return None
Exemplo n.º 4
0
def check_user_id_cookie(a_request):
    """"Returns a specific registered user, or if user_id_cookie_value or username is None
        return None"""

    user_id_cookie_value = a_request.cookies.get(
        'user_id')  # username_input|hash (cookie)

    if user_id_cookie_value:
        username = passwordValid.check_secure_val(user_id_cookie_value)

        if username:  # valid cookie:
            the_RU = dataFunctions.retrieveUser(username)
            return the_RU
    return None
Exemplo n.º 5
0
    def post(self):
        #secure_value # this is the (name + pw + salt) hexdigested and then pipe salt with format "hexdigestedValue|salt"

        username_input = self.request.get('username')
        password_input = self.request.get('password')
        verify_input = self.request.get('verify')
        email_input = self.request.get('email')
        verify_email_input = self.request.get('verify_email')

        is_valid_username = passwordValid.valid_username(username_input)
        is_valid_password = passwordValid.valid_password(password_input)

        if len(email_input) > 0:
            is_valid_email = passwordValid.valid_email(email_input)
        else:
            is_valid_email = False

        does_password_match = passwordValid.password_match(
            password_input, verify_input)
        does_email_match = passwordValid.email_match(email_input,
                                                     verify_email_input)

        final_username_error = ""
        final_password_error = ""
        final_verify_error = ""
        final_email_error = ""
        final_verify_email_error = ""

        if not (is_valid_username):
            final_username_error = "Invalid username"
        if not (is_valid_password):
            final_password_error = "Invalid password"
        if not (does_password_match):
            final_verify_error = "Password doesn't match"
        if not (is_valid_email):
            final_email_error = "Invalid e-mail"
        if not (does_email_match):
            final_verify_email_error = "E-mail doesn't match"

        if is_valid_username and is_valid_password and does_password_match and is_valid_email and does_email_match:

            # check if user already exist
            user_already_exists = False

            existing_user = dataFunctions.retrieveUser(username_input)

            if existing_user:
                user_already_exists = True

            if user_already_exists:
                #write error message out
                final_username_error = "User already exist"
                self.write_form(username_input, final_username_error,
                                final_password_error, final_verify_error,
                                email_input, final_email_error,
                                verify_email_input, final_verify_email_error)

            else:  # ok to register new user

                # username_and_password = username_input + password_input
                secure_password = passwordValid.make_pw_hash(
                    username_input,
                    password_input)  # the function returns hash|salt
                secure_username = passwordValid.make_secure_val(
                    username_input)  # the function returns username_input|hash

                ru = RegisteredUsers(
                    name=username_input,
                    password_hashed=secure_password,
                    email=email_input)  # save the hashed password in database
                ru.put()
                time.sleep(0.1)  # to delay so db table gets displayed correct
                self.response.headers.add_header(
                    'Set-Cookie', 'user_id=%s; Path=/' % str(secure_username)
                )  #sending secure_username back to browser
                self.redirect("/frontpage")
        else:
            # check if user already exist
            user_already_exists = False

            all_reg_users = db.GqlQuery(
                "SELECT * FROM RegisteredUsers ORDER BY created DESC")

            if all_reg_users:
                for users in all_reg_users:
                    if users.name == username_input:
                        user_already_exists = True
                        break

            if user_already_exists:
                #write error message out
                final_username_error = "User already exist"
                final_password_error = ""
                final_email_error = ""

            self.write_form(username_input, final_username_error,
                            final_password_error, final_verify_error,
                            email_input, final_email_error, verify_email_input,
                            final_verify_email_error)
Exemplo n.º 6
0
    def post(self):
        # secure_value # this is the (name + pw + salt) hexdigested and then pipe salt with format "hexdigestedValue|salt"

        username_input = self.request.get("username")
        password_input = self.request.get("password")
        verify_input = self.request.get("verify")
        email_input = self.request.get("email")
        verify_email_input = self.request.get("verify_email")

        is_valid_username = passwordValid.valid_username(username_input)
        is_valid_password = passwordValid.valid_password(password_input)

        if len(email_input) > 0:
            is_valid_email = passwordValid.valid_email(email_input)
        else:
            is_valid_email = False

        does_password_match = passwordValid.password_match(password_input, verify_input)
        does_email_match = passwordValid.email_match(email_input, verify_email_input)

        final_username_error = ""
        final_password_error = ""
        final_verify_error = ""
        final_email_error = ""
        final_verify_email_error = ""

        if not (is_valid_username):
            final_username_error = "Invalid username"
        if not (is_valid_password):
            final_password_error = "Invalid password"
        if not (does_password_match):
            final_verify_error = "Password doesn't match"
        if not (is_valid_email):
            final_email_error = "Invalid e-mail"
        if not (does_email_match):
            final_verify_email_error = "E-mail doesn't match"

        if is_valid_username and is_valid_password and does_password_match and is_valid_email and does_email_match:

            # check if user already exist
            user_already_exists = False

            existing_user = dataFunctions.retrieveUser(username_input)

            if existing_user:
                user_already_exists = True

            if user_already_exists:
                # write error message out
                final_username_error = "User already exist"
                self.write_form(
                    username_input,
                    final_username_error,
                    final_password_error,
                    final_verify_error,
                    email_input,
                    final_email_error,
                    verify_email_input,
                    final_verify_email_error,
                )

            else:  # ok to register new user

                # username_and_password = username_input + password_input
                secure_password = passwordValid.make_pw_hash(
                    username_input, password_input
                )  # the function returns hash|salt
                secure_username = passwordValid.make_secure_val(
                    username_input
                )  # the function returns username_input|hash

                ru = RegisteredUsers(
                    name=username_input, password_hashed=secure_password, email=email_input
                )  # save the hashed password in database
                ru.put()
                time.sleep(0.1)  # to delay so db table gets displayed correct
                self.response.headers.add_header(
                    "Set-Cookie", "user_id=%s; Path=/" % str(secure_username)
                )  # sending secure_username back to browser
                self.redirect("/frontpage")
        else:
            # check if user already exist
            user_already_exists = False

            all_reg_users = db.GqlQuery("SELECT * FROM RegisteredUsers ORDER BY created DESC")

            if all_reg_users:
                for users in all_reg_users:
                    if users.name == username_input:
                        user_already_exists = True
                        break

            if user_already_exists:
                # write error message out
                final_username_error = "User already exist"
                final_password_error = ""
                final_email_error = ""

            self.write_form(
                username_input,
                final_username_error,
                final_password_error,
                final_verify_error,
                email_input,
                final_email_error,
                verify_email_input,
                final_verify_email_error,
            )