def post(self):
if self.ensure_is_logged_in():
self.check_CSRF()
anchor = self.request.get('anchor', '')
extended = 'True' if self.request.get(
'extended') == 'True' else 'False'
disconnect_session_token = self.request.get('disconnect')
disconnect_app_token = self.request.get('disconnect_app')
if disconnect_session_token:
enki.libuser.delete_session_token_auth(
disconnect_session_token)
self.add_infomessage('success', MSG.SUCCESS(),
MSG.DISCONNECTED_SESSION())
extended = 'True'
elif disconnect_app_token:
EnkiModelRestAPITokenVerify.delete_token_by_id(
disconnect_app_token)
self.add_infomessage('success', MSG.SUCCESS(),
MSG.DISCONNECTED_APP())
extended = 'True'
self.redirect(
enki.libutil.get_local_url('profile', {
'extended': extended,
'_fragment': anchor
}))
def post_reauthenticated(self, params):
submit_type = params.get('submittype')
if submit_type == 'cancel':
self.redirect(enki.libutil.get_local_url('profile'))
elif submit_type == 'delete':
delete_posts = False
if enki.HandlerBase.account_is_active(self.enki_user.key.id()):
has_posts = True if enki.libforum.fetch_EnkiPost_by_author(
self.enki_user.key.id()) else False
if has_posts and params.get('deleteposts') == 'on':
delete_posts = True
if self.enki_user.email and self.enki_user.email != 'removed':
# if the user has an email, send a confirmation email
self.account_deletion_request(delete_posts)
if delete_posts:
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.ACCOUNT_AND_POSTS_DELETE_INFO_EMAIL_SENT(
self.enki_user.email))
else:
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.ACCOUNT_DELETE_INFO_EMAIL_SENT(
self.enki_user.email))
else:
# otherwise just delete the account
self.delete_account(delete_posts)
if delete_posts:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.ACCOUNT_AND_POSTS_DELETED())
else:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.ACCOUNT_DELETED())
self.redirect(enki.libutil.get_local_url())
def post(self):
if self.ensure_is_logged_in() and self.ensure_has_display_name():
self.check_CSRF()
user_id = self.user_id
friend_id_invite = self.request.get('invite')
friend_id_remove = self.request.get('remove')
friend_name_search = self.request.get('search').strip()[:(
enki.libdisplayname.DISPLAY_NAME_LENGTH_MAX +
4)] # 4 allows for some leading and trailing characters
already_friends = ''
has_friends = enki.libfriends.exist_EnkiFriends
error_message = ''
result = ''
if friend_id_invite: # send invitation to user to become friend
outcome = enki.libfriends.send_friend_request(
user_id, int(friend_id_invite))
if outcome == enki.libfriends.INFO_FRIENDS:
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.FRIEND_ADDED(
enki.libdisplayname.get_display_name(
int(friend_id_invite))))
elif outcome == enki.libutil.ENKILIB_OK:
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.FRIEND_INVITATION_SENT(
enki.libdisplayname.get_display_name(
int(friend_id_invite))))
elif friend_id_remove: # unfriend
enki.libfriends.remove_friend(user_id, int(friend_id_remove))
has_friends = enki.libfriends.exist_EnkiFriends
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.FRIEND_REMOVED(
enki.libdisplayname.get_display_name(
int(friend_id_remove))))
elif friend_name_search: # search for user to invite
users_ids_to_ignore = [user_id]
if has_friends:
users_ids_to_ignore += enki.libfriends.get_friends_user_id(
user_id)
result = enki.libdisplayname.find_users_by_display_name(
friend_name_search, users_ids_to_ignore)
if result.error == enki.libdisplayname.ERROR_DISPLAY_NAME_INVALID:
error_message = MSG.DISPLAY_NAME_INVALID()
elif result.error == enki.libdisplayname.ERROR_DISPLAY_NAME_NOT_EXIST:
error_message = MSG.DISPLAY_NAME_NOT_EXIST()
else:
error_message = MSG.DISPLAY_NAME_NEEDED()
if has_friends:
already_friends = enki.libfriends.get_friends_user_id_display_name_url(
user_id)
self.render_tmpl('friends.html',
data=already_friends,
error=error_message,
result=result,
friend_name=friend_name_search)
def post_reauthenticated(self, params):
app_secret_set = params.get('app_secret_set')
app_name = params.get('app_name')
error_message = ''
data = []
app_success = ''
if app_secret_set:
secret = enki.librestapi.generate_auth_token()
app = EnkiModelApp.get_by_id(int(app_secret_set))
app.secret = secret
app.put()
self.add_infomessage('success', MSG.SUCCESS(),
MSG.NEW_SECRET_GENERATED())
app_success = str(app.key.id())
data = enki.librestapi.apps_list(self.user_id)
else:
data = enki.librestapi.apps_list(self.user_id)
if not app_name:
error_message = MSG.NAME_NEEDED()
elif (len(app_name) > enki.librestapi.APP_MAX_NAME_LENGTH):
error_message = MSG.APP_NAME_TOO_LONG(
str(enki.librestapi.APP_MAX_NAME_LENGTH))
elif EnkiModelApp.exist_by_name(app_name):
error_message = MSG.APP_NAME_ALREADY_EXISTS()
elif (EnkiModelApp.count_by_user_id(self.user_id) >=
enki.librestapi.APP_MAX):
error_message = MSG.APP_EXCEED_ALLOWED()
else:
secret = enki.librestapi.generate_auth_token()
app = EnkiModelApp(user_id=self.user_id,
name=app_name,
secret=secret)
app.put()
data.append(
[app_name,
str(app.key.id()), secret, app.time_created])
self.add_infomessage('success', MSG.SUCCESS(),
MSG.APP_CREATED())
app_success = str(app.key.id())
self.render_tmpl(
'apps.html',
active_menu='profile',
error=error_message,
data=data,
app_success=app_success,
app_max=enki.librestapi.APP_MAX,
app_max_name_length=enki.librestapi.APP_MAX_NAME_LENGTH,
)
def post(self):
if self.ensure_is_logged_in() and self.ensure_has_display_name():
self.check_CSRF()
user_id = self.user_id
message_accept = self.request.get('accept')
message_decline = self.request.get('decline')
if message_accept:
sender_id = EnkiModelMessage.get_by_id(
int(message_accept)).sender
if sender_id:
EnkiModelFriends.add_friend(user_id, sender_id)
self.add_infomessage(
MSG.SUCCESS(),
MSG.FRIEND_ADDED(
EnkiModelDisplayName.get_display_name(sender_id)))
elif message_decline:
sender_id = EnkiModelMessage.get_by_id(
int(message_decline)).sender
if sender_id:
EnkiModelMessage.remove_messages_crossed(
user_id, sender_id)
self.render_tmpl('messages.html',
data=EnkiModelMessage.get_messages(self.user_id))
def post(self):
if self.ensure_is_logged_in():
self.check_CSRF()
submit_type = self.request.get('submittype')
if self.enki_user.email:
if self.enki_user.password and submit_type == 'reauthenticate':
password = self.request.get('password')
if self.reauthenticate(self.enki_user.email, password):
self.add_infomessage('success', MSG.SUCCESS(),
MSG.REAUTHENTICATED())
self.redirect_to_relevant_page()
else:
error_message = MSG.WRONG_EMAIL_OR_PW()
backoff_timer = self.get_backoff_timer(
self.enki_user.email)
if backoff_timer != 0:
error_message = MSG.TIMEOUT(
enki.libutil.format_timedelta(backoff_timer))
self.render_tmpl(
'reauthenticate.html',
active_menu='profile',
authhandlers=self.get_user_auth_providers(),
email=self.enki_user.email,
error=error_message)
elif submit_type == 'cancel':
self.redirect_to_relevant_page()
elif submit_type == 'recoverpass':
self.redirect(
enki.libutil.get_local_url(
'passwordrecover',
{'email': self.enki_user.email}))
def get(self, verifytoken):
tokenEntity = EnkiModelTokenVerify.get_by_token_type(
xstr(verifytoken), 'emailsubscriptionconfirm')
if tokenEntity:
newsletter = tokenEntity.state
unsubscribe_token = EnkiModelEmailSubscriptions.add_newsletter(
tokenEntity.email, newsletter)
self.add_infomessage(MSG.SUCCESS(),
MSG.EMAIL_SUBSCRIBED(newsletter))
# send welcome email with unsubscribe link
link = enki.libutil.get_local_url('emailunsubscribe', {
'unsubscribetoken': unsubscribe_token,
'newsletter': newsletter
})
self.send_email(
tokenEntity.email,
MSG.SEND_EMAIL_EMAIL_NEWSLETTER_WELCOME_SUBJECT(newsletter),
MSG.SEND_EMAIL_EMAIL_NEWSLETTER_WELCOME_BODY(newsletter, link))
self.add_infomessage(
MSG.INFORMATION(),
MSG.EMAIL_NEWSLETTER_WELCOME_EMAIL_SENT(newsletter))
self.redirect(enki.libutil.get_local_url('home'))
tokenEntity.key.delete()
else:
self.add_infomessage(MSG.INFORMATION(),
MSG.EMAIL_SUBSCRIPTION_FAILED())
self.redirect(enki.libutil.get_local_url('emailsubscriptions'))
def post( self ): # generate a new token (and delete old one if they exist) if self.ensure_is_logged_in() and self.ensure_has_display_name( self.request.referrer ): self.check_CSRF() user_id = self.enki_user.key.id() token = EnkiModelRestAPIConnectToken.cleanup_and_get_new_connection_token( user_id ) self.add_infomessage( MSG.SUCCESS(), MSG.GAME_CONNECTION_TOKEN( token, EnkiModelRestAPIConnectToken.MAX_AGE )) self.redirect_to_relevant_page()
def get(self, **kwargs):
token = kwargs['verifytoken']
tokenEntity = EnkiModelTokenVerify.get_by_token_type(
token, 'emailchange')
if tokenEntity:
self.email_change(tokenEntity)
self.add_infomessage('success', MSG.SUCCESS(), MSG.EMAIL_SET())
self.redirect(enki.libutil.get_local_url('profile'))
else:
self.abort(404)
def post_reauthenticated( self, params ): app_id = params.get( 'delete' ) if app_id: EnkiModelRestAPIDataStore.delete_user_app_data( self.user_id , app_id ) self.add_infomessage( MSG.SUCCESS(), MSG.APP_DATA_DELETED()) data_list = EnkiModelApp.user_data_list( self.user_id ) self.render_tmpl( 'appdatastores.html', active_menu = 'profile', data = data_list, apps_list = EnkiModelApp.user_apps_list( data_list ), )
def get(self, **kwargs):
token = kwargs['rollbacktoken']
tokenEntity = enki.libuser.get_RollbackToken_by_token(token)
if tokenEntity:
self.email_rollback(tokenEntity)
self.add_infomessage('success', MSG.SUCCESS(),
MSG.EMAIL_RESTORED())
self.redirect(enki.libutil.get_local_url('profile'))
else:
self.abort(404)
def get(self, unsubscribetoken):
unsubscribetoken = xstr(unsubscribetoken)
tokenEntity = EnkiModelEmailSubscriptions.get_by_token(
unsubscribetoken)
newsletter = self.request.get(xstr('newsletter'))
if not newsletter: # unsubscribe from all newsletters (or was already unsubscribed)
if tokenEntity:
EnkiModelEmailSubscriptions.remove_by_email(tokenEntity.email)
self.add_infomessage(MSG.SUCCESS(), MSG.EMAIL_UNSUBSCRIBED_ALL())
elif (newsletter in settings.email_newsletter_name) or (
newsletter in tokenEntity.newsletters
): # unsubscribe from a specific newsletter (or was already unsubscribed)
if tokenEntity:
EnkiModelEmailSubscriptions.remove_newsletter_by_token(
tokenEntity.token, newsletter)
self.add_infomessage(MSG.SUCCESS(),
MSG.EMAIL_UNSUBSCRIBED(newsletter))
else: # newsletter doesn't exist hence the user's already unsubscribed
self.add_infomessage(MSG.SUCCESS(), MSG.EMAIL_UNSUBSCRIBED(''))
self.redirect(enki.libutil.get_local_url('emailsubscriptions'))
def get(self, **kwargs):
token = kwargs['verifytoken']
delete_posts = False
tokenExists = EnkiModelTokenVerify.exist_by_token_type(
token, 'accountdelete')
if not tokenExists:
tokenExists = EnkiModelTokenVerify.exist_by_token_type(
token, 'accountandpostsdelete')
if tokenExists:
delete_posts = True
if tokenExists:
result = self.delete_account(delete_posts, token)
if delete_posts:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.ACCOUNT_AND_POSTS_DELETED())
else:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.ACCOUNT_DELETED())
self.redirect(enki.libutil.get_local_url())
else:
self.abort(404)
def post_reauthenticated(self, params):
choice = params.get('choice')
if choice != 'cancel':
tokenEntity = EnkiModelTokenVerify.get_by_user_id_auth_id_type(
user_id=self.user_id, auth_id=choice, type='loginaddconfirm_3')
if tokenEntity:
self.set_auth_id(tokenEntity.auth_ids_provider, self.user_id)
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.AUTH_PROVIDER_ADDED(str(
tokenEntity.auth_ids_provider)))
tokenEntity.key.delete()
self.redirect(enki.libutil.get_local_url('accountconnect'))
def post_reauthenticated(self, params):
app_id = params.get('delete')
if app_id:
enki.librestapi.delete_user_app_data(self.user_id, app_id)
self.add_infomessage('success', MSG.SUCCESS(),
MSG.APP_DATA_DELETED())
data_list = enki.librestapi.user_data_list(self.user_id)
self.render_tmpl(
'appdatastores.html',
active_menu='profile',
data=data_list,
apps_list=enki.librestapi.user_apps_list(data_list),
)
def post(self):
self.cleanup_item()
self.log_out()
self.check_CSRF()
token = self.session.get('tokenregisterauth')
tokenEntity = EnkiModelTokenVerify.get_by_token_type(token, 'register')
if tokenEntity:
submit_type = self.request.get('submittype')
# Log in with email and password
if submit_type == 'login':
email = tokenEntity.email
tokenEntity.key.delete()
password = self.request.get('password')
if self.log_in_with_email(email, password):
self.add_infomessage('success', MSG.SUCCESS(),
MSG.LOGGED_IN())
self.redirect_to_relevant_page()
else:
error_message = MSG.WRONG_EMAIL_OR_PW()
backoff_timer = self.get_backoff_timer(email)
if backoff_timer != 0:
error_message = MSG.TIMEOUT(
enki.libutil.format_timedelta(backoff_timer))
self.render_tmpl('login.html',
active_menu='login',
authhandlers=settings.HANDLERS,
email=email,
error=error_message)
elif submit_type == 'recoverpass':
email = tokenEntity.email
tokenEntity.key.delete()
self.redirect(
enki.libutil.get_local_url('passwordrecover',
{'email': email}))
# Create a new account using the OAuth provider but without the email
elif submit_type == 'register':
email = tokenEntity.email
tokenEntity.email = ''
tokenEntity.put()
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.REGISTRATION_INFO_EMAIL_CANNOT_USE(email))
self.redirect(
enki.libutil.get_local_url('registeroauthconfirm'))
else:
tokenEntity.key.delete()
self.add_infomessage('info', MSG.INFORMATION(),
MSG.LOGIN_FAILED())
self.redirect(enki.libutil.get_local_url('home'))
else:
self.abort(404)
def add_infomessage(self, message_header, message_body):
# reference: http://bootswatch.com/flatly/#indicators
# message_type values: 'success', 'info', 'warning', 'danger'
if message_header == MSG.SUCCESS():
message_type = 'success'
elif message_header == MSG.INFORMATION():
message_type = 'info'
elif message_header == MSG.WARNING():
message_type = 'warning'
else:
message_header = MSG.DANGER()
message_type = 'danger'
self.session['infomessage'] = self.session.pop(
'infomessage', []) + [[message_type, message_header, message_body]]
def post(self):
if self.ensure_is_logged_in():
self.check_CSRF()
submit_type = self.request.get('submittype')
if submit_type == 'reset':
self.redirect(enki.libutil.get_local_url('emailbatchsending'))
elif submit_type == 'send' or submit_type == 'sendtest':
ready_to_send = 'off'
newsletter = self.request.get('newsletter')
subject = self.request.get('subject')
body_text = self.request.get('body_text')
footer_template = self.get_mailgun_email_footer_template(
newsletter)
if submit_type == 'sendtest':
self.send_email(self.enki_user.email, subject,
body_text + footer_template)
self.add_infomessage(
MSG.INFORMATION(),
'Test email sent to ' + self.enki_user.email)
elif submit_type == 'send':
ready_to_send = self.request.get('readytosend')
if ready_to_send == 'on':
batches_emails, batches_emails_recipient_variables = EnkiModelEmailSubscriptions.get_mailgun_email_batches(
newsletter)
send_success = False
for batch_emails, batch_emails_recipient_variables in zip(
batches_emails,
batches_emails_recipient_variables):
send_success = self.send_mailgun_batch_email(
batch_emails, subject, body_text,
footer_template,
batch_emails_recipient_variables)
if send_success:
self.add_infomessage(MSG.SUCCESS(),
'Batch email sent')
self.redirect(
enki.libutil.get_local_url(
'emailbatchsending'))
return
else:
self.add_infomessage(MSG.WARNING(),
'Batch email sending failed')
self.render_tmpl('emailbatchsending.html',
newsletter=newsletter,
subject=subject,
body_text=body_text,
footer=footer_template,
ready_to_send=ready_to_send)
def post(self):
self.cleanup_item()
self.log_out()
self.check_CSRF()
submit_type = self.request.get('submittype')
email = self.request.get('email')
if submit_type == 'login':
password = self.request.get('password')
if self.log_in_with_email(email, password):
self.add_infomessage('success', MSG.SUCCESS(), MSG.LOGGED_IN())
self.redirect_to_relevant_page()
else:
error_message = MSG.WRONG_EMAIL_OR_PW()
if enki.libuser.exist_EnkiUser(email):
# if the email exist as part of an Auth account (doesn't have a password), silently email them to set a password.
user = enki.libuser.get_EnkiUser(email)
if not user.password:
self.add_debugmessage(
'''Comment - whether the email is available or not, the feedback through the UI is identical to prevent email checking.'''
)
link = enki.libutil.get_local_url(
'passwordrecover', {'email': email})
self.send_email(
email,
MSG.
SEND_EMAIL_LOGIN_ATTEMPT_WITH_YOUR_EMAIL_NO_PW_SUBJECT(
),
MSG.
SEND_EMAIL_LOGIN_ATTEMPT_WITH_YOUR_EMAIL_NO_PW_BODY(
link, email))
backoff_timer = self.get_backoff_timer(email)
if backoff_timer != 0:
error_message = MSG.TIMEOUT(
enki.libutil.format_timedelta(backoff_timer))
self.render_tmpl('login.html',
active_menu='login',
authhandlers=settings.HANDLERS,
email=email,
error=error_message)
elif submit_type == 'register':
self.redirect(
enki.libutil.get_local_url('register', {'email': email}))
else:
self.redirect(
enki.libutil.get_local_url('passwordrecover',
{'email': email}))
def post(self, **kwargs):
self.check_CSRF(),
token = kwargs['verifytoken']
tokenEntity = EnkiModelTokenVerify.get_by_token_type(token, 'register')
if tokenEntity:
email = tokenEntity.email
password = self.request.get('password')
result = enki.libuser.validate_password(password)
link = enki.libutil.get_local_url('registerconfirm',
{'verifytoken': token})
if result == enki.libutil.ENKILIB_OK:
result = self.create_user_from_email_pw(email, password)
if result == enki.libutil.ENKILIB_OK:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.ACCOUNT_CREATED())
self.log_in_with_email(email, password)
self.redirect_to_relevant_page()
elif result == enki.handlerbase.ERROR_USER_NOT_CREATED:
error_message = MSG.FAIL_REGISTRATION()
self.render_tmpl('register.html',
active_menu='register',
email=email,
error=error_message)
else:
error_message = ''
if result == enki.libuser.ERROR_PASSWORD_BLANK:
error_message = MSG.MISSING_PW()
elif result == enki.libuser.ERROR_PASSWORD_TOO_SHORT:
length = len(password)
error_message = " ".join([
MSG.PW_TOO_SHORT(length),
MSG.PW_ENSURE_MIN_LENGTH(
self.app.config.get('enki').get('user').get(
'PASSWORD_LENGTH_MIN'))
])
self.render_tmpl('registerconfirm.html',
active_menu='register',
email=email,
url=link,
error=error_message)
else:
self.abort(404)
def post_reauthenticated(self, params):
register = params.get('register')
deregister = params.get('deregister')
if register: # initiate adding a new authentication method to the account
for authhandler in settings.HANDLERS:
if register == authhandler.get_provider_name():
token = security.generate_random_string(entropy=256)
LoginAddToken = EnkiModelTokenVerify(
token=token,
user_id=self.user_id,
auth_ids_provider=register,
type='loginaddconfirm_1')
LoginAddToken.put()
self.redirect(authhandler.get_button().href)
break
elif deregister:
self.remove_auth_id(deregister)
self.add_infomessage('success', MSG.SUCCESS(),
MSG.AUTH_PROVIDER_REMOVED(deregister))
self.redirect(enki.libutil.get_local_url('accountconnect'))
def post(self):
if self.ensure_is_logged_in():
self.check_CSRF()
password = self.request.get('password')
email = self.enki_user.email
error_password_message = ''
error_passwordnew_message = ''
if self.log_in_with_id(self.enki_user.key.id(), password):
password_new = self.request.get('passwordnew')
result = enki.libuser.set_password(self.enki_user,
password_new)
if result == enki.libutil.ENKILIB_OK:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.PASSWORD_UPDATED())
self.redirect(enki.libutil.get_local_url('profile'))
return
else:
if result == enki.libuser.ERROR_PASSWORD_BLANK:
error_passwordnew_message = MSG.MISSING_NEW_PW()
elif result == enki.libuser.ERROR_PASSWORD_TOO_SHORT:
length = len(password_new)
error_passwordnew_message = " ".join([
MSG.PW_TOO_SHORT(length),
MSG.PW_ENSURE_MIN_LENGTH(
self.app.config.get('enki').get('user').get(
'PASSWORD_LENGTH_MIN'))
])
else:
error_password_message = MSG.WRONG_PW()
backoff_timer = self.get_backoff_timer(email)
if backoff_timer != 0:
error_password_message = MSG.TIMEOUT(
enki.libutil.format_timedelta(backoff_timer))
self.render_tmpl('passwordchange.html',
active_menu='profile',
error_password=error_password_message,
error_passwordnew=error_passwordnew_message)
def post(self, **kwargs):
self.check_CSRF()
token = kwargs['verifytoken']
tokenEntity = EnkiModelTokenVerify.get_by_token_type(
token, 'passwordchange')
if tokenEntity:
email = tokenEntity.email
user = enki.libuser.get_EnkiUser(email)
if user:
password = self.request.get('password')
result = enki.libuser.set_password(user, password)
if result == enki.libutil.ENKILIB_OK:
enki.libuser.delete_verifytoken_by_email(
email, 'passwordchange')
self.log_in_with_id(user.key.id(), password)
self.add_infomessage('success', MSG.SUCCESS(),
MSG.PASSWORD_SET())
self.redirect(enki.libutil.get_local_url('profile'))
return
else:
error_message = ''
if result == enki.libuser.ERROR_PASSWORD_BLANK:
error_message = MSG.MISSING_PW()
elif result == enki.libuser.ERROR_PASSWORD_TOO_SHORT:
length = len(password)
error_message = " ".join([
MSG.PW_TOO_SHORT(length),
MSG.PW_ENSURE_MIN_LENGTH(
self.app.config.get('enki').get('user').get(
'PASSWORD_LENGTH_MIN'))
])
self.render_tmpl('passwordrecoverconfirm.html',
error=error_message)
else:
self.abort(401)
else:
self.abort(404)
def post_reauthenticated(self, params):
email = params.get('email')
old_email_existed = True if (
self.enki_user.email
and self.enki_user.email != 'removed') else False
result = enki.libuser.validate_email(email)
error_message = ''
if result == enki.libutil.ENKILIB_OK or result == enki.libuser.ERROR_EMAIL_MISSING:
result_of_change_request = self.email_change_request(email)
if result_of_change_request == 'same':
error_message = MSG.CURRENT_EMAIL()
elif result_of_change_request == 'cannot_remove':
error_message = MSG.CANNOT_DELETE_EMAIL()
elif result_of_change_request == 'removed':
self.add_infomessage('success', MSG.SUCCESS(),
MSG.EMAIL_REMOVED())
if old_email_existed:
self.add_infomessage('info', MSG.INFORMATION(),
MSG.EMAIL_ROLLBACK_INFO_EMAIL_SENT())
self.redirect(enki.libutil.get_local_url('profile'))
elif result_of_change_request == 'change' or result_of_change_request == enki.handlerbase.ERROR_EMAIL_IN_USE:
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.EMAIL_CHANGE_CONFIRM_INFO_EMAIL_SENT(email))
if self.enki_user.email and self.enki_user.email != 'removed':
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.EMAIL_CHANGE_UNDO_INFO_EMAIL_SENT())
self.redirect(enki.libutil.get_local_url('profile'))
return
elif result == enki.libuser.ERROR_EMAIL_FORMAT_INVALID:
error_message = MSG.WRONG_EMAIL_FORMAT()
if error_message:
self.render_tmpl('emailchange.html',
active_menu='profile',
email=email,
error=error_message)
def post_reauthenticated(self, params):
prefix = params.get('prefix')
error_message = ''
result = enki.libdisplayname.make_unique_and_set_display_name(
self.user_id, prefix)
if result == enki.libutil.ENKILIB_OK:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.DISPLAYNAME_SET())
self.session['sessiondisplaynamerefpath'] = self.session.pop(
'sessionreauth', self.request.referrer)
self.redirect_to_relevant_page()
return
else:
if result == enki.libdisplayname.ERROR_DISPLAY_NAME_LENGTH:
length = len(prefix)
instruction = ''
if length < enki.libdisplayname.PREFIX_LENGTH_MIN:
instruction = MSG.DISPLAY_NAME_TOO_SHORT_LENGTHEN(
enki.libdisplayname.PREFIX_LENGTH_MIN)
elif length > enki.libdisplayname.PREFIX_LENGTH_MAX:
instruction = MSG.DISPLAY_NAME_TOO_LONG_SHORTEN(
enki.libdisplayname.PREFIX_LENGTH_MAX)
error_message = " ".join(
[MSG.DISPLAY_NAME_WRONG_LENGTH(length), instruction])
elif result == enki.libdisplayname.ERROR_DISPLAY_NAME_ALNUM:
error_message = MSG.DISPLAY_NAME_WRONG_SYMBOLS()
elif result == enki.libdisplayname.ERROR_DISPLAY_NAME_IN_USE:
error_message = MSG.DISPLAY_NAME_ALREADY_USED()
self.render_tmpl(
'displayname.html',
active_menu='profile',
prefix=prefix,
data=enki.libdisplayname.get_display_name_data(self.user_id),
prefix_length_min=enki.libdisplayname.PREFIX_LENGTH_MIN,
prefix_length_max=enki.libdisplayname.PREFIX_LENGTH_MAX,
error=error_message)
def provider_authenticated_callback(self, loginInfo):
# We expect the fields of the dictionary to be:
# - 'provider_name' unique 'pretty' provider name (e.g. google, facebook,...)
# - 'provider_uid' provider specific (a.k.a "locally unique") user Id, i.e unique to the provider (e.g. the google user id number)
# - 'email'
# - 'email_verified'
# We IGNORE: username, gender (facebook), avatar link, etc.
# get the verified email from the auth provider
email = None
if loginInfo['email'] and loginInfo['email_verified'] == True:
email = loginInfo['email']
# get the authId from the auth provider
auth_id = loginInfo['provider_name'] + ':' + loginInfo['provider_uid']
if auth_id:
# Modify existing or create user
# check if it's an add login method request
LoginAddToken = EnkiModelTokenVerify.get_by_user_id_state_type(
self.user_id, loginInfo['provider_name'], 'loginaddconfirm_1')
if LoginAddToken:
# Add a login method
if not EnkiModelUser.exist_by_auth_id(auth_id):
# store the new auth prov + id in the session
LoginAddToken.state = auth_id
LoginAddToken.type = 'loginaddconfirm_2'
LoginAddToken.put()
self.redirect(
enki.libutil.get_local_url('loginaddconfirm'))
else:
self.add_infomessage(
MSG.INFORMATION(),
MSG.AUTH_PROVIDER_CANNOT_BE_ADDED(str(auth_id)))
self.redirect(enki.libutil.get_local_url('accountconnect'))
return
else:
user = self.get_user_from_authid(auth_id, email)
if user:
# Existing authentication method / user
if self.is_logged_in() and self.user_id == user.key.id():
# Refresh the reauthenticated status
self.session['reauth_time'] = datetime.datetime.now()
self.add_infomessage(MSG.SUCCESS(),
MSG.REAUTHENTICATED())
self.redirect_to_relevant_page()
return
# Login
self.log_in_session_token_create(user)
self.add_infomessage(MSG.SUCCESS(), MSG.LOGGED_IN())
self.redirect_to_relevant_page()
else:
# New authentication method
register_token = EnkiModelTokenVerify.get_by_state_type(
auth_id, 'register')
if register_token:
# If a token already exists, get the token value and update the email
token = register_token.token
register_token.email = email # update in case the user changed their email or modified their email access permission
else:
# Create a new token
token = security.generate_random_string(entropy=256)
register_token = EnkiModelTokenVerify(token=token,
email=email,
state=auth_id,
type='register')
register_token.put()
self.session['tokenregisterauth'] = token
if EnkiModelUser.exist_by_email(email):
self.redirect(
enki.libutil.get_local_url(
'registeroauthwithexistingemail'))
else:
self.redirect(
enki.libutil.get_local_url('registeroauthconfirm'))
else:
self.redirect_to_relevant_page()
def post(self, forum):
if self.ensure_is_logged_in() and self.ensure_has_display_name():
if forum.isdigit() and EnkiModelForum.get_by_id(int(forum)):
user_id = self.user_id
thread_title = self.request.get('thread_title')
post_body = self.request.get('post_body')
submit_type = self.request.get('submittype')
error_message_threadtitle = ''
error_message_postbody = ''
preview_threadtitle = ''
preview_post = ''
pmtoken = self.request.get('preventmultitoken')
show_input = True
if submit_type == 'input':
thread_title = ''
post_body = ''
pmtoken = enki.libforum.add_preventmultipost_token()
else:
self.check_CSRF()
if submit_type != 'cancel':
if not thread_title:
error_message_threadtitle = MSG.THREAD_TITLE_NEEDED(
)
else:
exceed = len(
thread_title
) - enki.libforum.THREAD_TITLE_LENGTH_MAX
if exceed > 0:
error_message_threadtitle = MSG.THREAD_TITLE_TOO_LONG(
exceed)
if not post_body:
error_message_postbody = MSG.POST_BODY_NEEDED()
else:
exceed = len(
post_body) - enki.libforum.POST_LENGTH_MAX
if exceed > 0:
error_message_postbody = MSG.POST_BODY_TOO_LONG(
exceed)
if not error_message_threadtitle and not error_message_postbody:
if submit_type == 'submit':
if enki.libforum.check_and_delete_preventmultipost_token(
pmtoken):
result = enki.libforum.add_thread_and_post(
user_id, forum, thread_title, post_body)
if result == enki.libutil.ENKILIB_OK:
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.THREAD_PUBLISHED())
thread_title = ''
post_body = ''
self.redirect(
enki.libutil.get_local_url(
'forum', {'forum': forum}))
return
else:
error_threadtitle = MSG.FAIL_THREAD_SUBMISSION(
)
else:
thread_title = ''
post_body = ''
elif submit_type == 'preview':
preview_threadtitle = thread_title
preview_post = post_body
elif submit_type == 'cancel':
thread_title = ''
post_body = ''
self.render_tmpl(
'forum.html',
CSRFneeded=show_input,
active_menu='forums',
data=enki.libforum.get_forum_data(forum),
show_input=show_input,
preventmultitoken=pmtoken,
error_threadtitle=error_message_threadtitle,
error_postbody=error_message_postbody,
maxpostlength=enki.libforum.POST_LENGTH_MAX,
maxthreadtitlelength=enki.libforum.THREAD_TITLE_LENGTH_MAX,
threadtitle=thread_title,
postbody=post_body,
previewthreadtitle=preview_threadtitle,
previewpost=preview_post)
def post(self, post):
if self.ensure_is_logged_in() and self.ensure_has_display_name():
if post.isdigit() and enki.libforum.EnkiModelPost.get_by_id(
int(post)):
data = enki.libforum.get_post_data(post)
is_author = True if self.user_id == data.author_data.user_id else False
user = self.user_id
post_body = self.request.get('post_body')
submit_type = self.request.get('submittype')
change = self.request.get('change')
error_message = ''
preview = ''
if submit_type == 'delete':
self.check_CSRF()
result = enki.libforum.delete_post(user, post)
if result[0] == enki.libutil.ENKILIB_OK:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.POST_DELETED())
self.redirect(
enki.libutil.get_local_url(
'thread', {'thread': result[1]
})) # redirect to parent thread
return
else:
error_message = MSG.FAIL_POST_DELETION()
elif submit_type == 'cancel':
self.redirect(enki.libutil.get_local_url(data.post_page))
return
else:
if not post_body:
error_message = MSG.POST_BODY_NEEDED()
else:
exceed = len(post_body) - enki.libforum.POST_LENGTH_MAX
if exceed > 0:
error_message = MSG.POST_BODY_TOO_LONG(exceed)
if not error_message:
if submit_type == 'submit':
self.check_CSRF()
result = enki.libforum.edit_post(user, post, post_body)
if result[0] == enki.libutil.ENKILIB_OK:
self.add_infomessage('success', MSG.SUCCESS(),
MSG.POST_MODIFIED())
self.redirect(
enki.libutil.get_local_url(
'thread', {'thread': result[1]
})) # redirect to parent thread
return
else:
error_message = MSG.FAIL_POST_MODIFICATION()
elif submit_type == 'preview':
preview = post_body
self.render_tmpl('post.html',
active_menu='forums',
data=data,
change=change,
isauthor=is_author,
error=error_message,
postbody=post_body,
maxpostlength=enki.libforum.POST_LENGTH_MAX,
preview=preview)
def post(self, thread):
if self.ensure_is_logged_in() and self.ensure_has_display_name():
if thread.isdigit() and EnkiModelThread.get_by_id(int(thread)):
user = self.user_id
post_body = self.request.get('post_body')
submit_type = self.request.get('submittype')
post_count = str(self.request.get('count'))
post_requested = str(self.request.get('start'))
if not post_count:
post_count = enki.libforum.POSTS_PER_PAGE
if not post_requested:
post_requested = enki.libforum.get_first_post_on_page(
enki.libforum.get_page(
EnkiModelThread.get_by_id(int(thread)),
enki.libforum.POST_LAST, int(post_count)),
int(post_count))
error_message = ''
preview = ''
pmtoken = self.request.get('preventmultitoken')
show_input = True
if submit_type == 'input':
post_body = ''
pmtoken = enki.libforum.add_preventmultipost_token()
else:
self.check_CSRF()
if submit_type != 'cancel':
if not post_body:
error_message = MSG.POST_BODY_NEEDED()
else:
exceed = len(
post_body) - enki.libforum.POST_LENGTH_MAX
if exceed > 0:
error_message = MSG.POST_BODY_TOO_LONG(exceed)
if not error_message:
if submit_type == 'submit':
if enki.libforum.check_and_delete_preventmultipost_token(
pmtoken):
result = enki.libforum.add_post(
user, thread, post_body)
if result == enki.libutil.ENKILIB_OK:
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.POST_PUBLISHED())
post_body = ''
post_requested = enki.libforum.get_first_post_on_page(
enki.libforum.get_page(
EnkiModelThread.get_by_id(
int(thread)),
enki.libforum.POST_LAST,
int(post_count)), int(post_count))
self.redirect(
enki.libutil.get_local_url(
'thread', {
'thread': thread,
'start': str(post_requested),
'count': str(post_count)
}))
return
else:
error_message = MSG.FAIL_POST_SUBMISSION()
else:
post_body = ''
elif submit_type == 'preview':
preview = post_body
elif submit_type == 'cancel':
post_body = ''
data = enki.libforum.get_thread_data(thread, post_requested,
post_count)
pagination = enki.libforum.get_thread_pagination_data(
thread, post_requested, post_count)
self.render_tmpl('thread.html',
CSRFneeded=show_input,
active_menu='forums',
data=data,
pagination=pagination,
user_id=self.user_id,
show_input=show_input,
preventmultitoken=pmtoken,
error=error_message,
maxpostlength=enki.libforum.POST_LENGTH_MAX,
postbody=post_body,
preview=preview)
def post(self):
if self.ensure_is_logged_in():
self.check_CSRF()
user_id = self.enki_user.key.id()
if self.get_backoff_timer(str(user_id), True) == 0:
licence_key_preset = self.request.get(
'licence_key_preset').strip()[:(
enki.libstore.LICENCE_KEY_DASHES_LENGTH + 4
)] # 4 allows for some leading and trailing characters
licence_key_manual = self.request.get(
'licence_key_manual').strip()[:(
enki.libstore.LICENCE_KEY_DASHES_LENGTH + 4)]
licence_key = licence_key_manual
is_manual = True
if licence_key_preset and not licence_key_manual:
licence_key = licence_key_preset
is_manual = False
if licence_key:
if len(licence_key) <= (
enki.libstore.LICENCE_KEY_DASHES_LENGTH):
licence_key_reduced = re.sub(
r'[^\w]', '',
licence_key)[:enki.libstore.LICENCE_KEY_LENGTH]
item = enki.libstore.get_EnkiProductKey_by_licence_key(
licence_key_reduced)
if not item:
if is_manual:
self.session[
'error_library'] = MSG.LICENCE_INVALID()
self.session[
'error_library_licence'] = licence_key
elif item:
licence_key_formatted = enki.libstore.insert_dashes_5_10(
licence_key_reduced)
if not item.activated_by_user:
# the licence key is not activated.
if enki.libstore.exist_EnkiProductKey_product_activated_by(
user_id, item.product_name):
# the user has already activated a key for the same product
if is_manual:
self.session[
'error_library'] = MSG.LICENCE_ALREADY_ACTIVATED_GIVE(
settings.product_displayname[
item.product_name])
self.session[
'error_library_licence'] = licence_key_formatted
else:
# activate the licence
item.activated_by_user = user_id
item.put()
self.remove_backoff_timer(str(user_id))
self.add_infomessage(
'success', MSG.SUCCESS(),
MSG.PRODUCT_LICENCE_ACTIVATED(
settings.product_displayname[
item.product_name],
licence_key_formatted))
elif item.activated_by_user == user_id:
# the user has already activated this specific key
if is_manual:
self.session[
'error_library'] = MSG.PRODUCT_ALREADY_ACTIVATED(
settings.product_displayname[
item.product_name])
self.session[
'error_library_licence'] = licence_key_formatted
else:
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.PRODUCT_ALREADY_ACTIVATED(
settings.product_displayname[
item.product_name]))
else:
# another user has activated the key
if is_manual:
self.session[
'error_library'] = MSG.LICENCE_ANOTHER_USER_ACTIVATED(
settings.product_displayname[
item.product_name],
licence_key_formatted)
self.session[
'error_library_licence'] = licence_key_formatted
else:
self.add_infomessage(
'info', MSG.INFORMATION(),
MSG.LICENCE_ANOTHER_USER_ACTIVATED(
settings.product_displayname[
item.product_name],
licence_key_formatted))
else:
self.session['error_library'] = MSG.LICENCE_TOO_LONG()
self.session['error_library_licence'] = licence_key
elif is_manual:
self.session['error_library'] = MSG.LICENCE_MISSING()
else:
backoff_timer = self.get_backoff_timer(str(user_id))
if backoff_timer != 0:
self.session['error_library'] = MSG.TIMEOUT(
enki.libutil.format_timedelta(backoff_timer))
self.redirect_to_relevant_page()
