Exemplo n.º 1
0
    def post(self):

        kwargs = {}

        username = self.request.get('username')
        password = self.request.get('password')

        kwargs['username'] = username

        user = User.get_by_key_name(username)
        if user:
            h = user.password_hash_salt
            if not hashing.valid_pw(username, password, h):
                kwargs['password_error'] = "Invalid Password"
        else:
            kwargs['username_error'] = "Invalid Username"

        error_dict = {'username_error', 'password_error'}
        if error_dict & set(kwargs.keys()) != set():
            self.render("login.html", **kwargs)
        else:
            # create cookie using hashed id
            hashed_cookie = hashing.make_secure_val(username)
            self.response.headers.add_header('Set-Cookie',
                                             'username={}; '
                                             'Path=/'.format(hashed_cookie))
            self.redirect("/welcome")
Exemplo n.º 2
0
    def post(self):

        kwargs = {}

        username = self.request.get('username')
        password = self.request.get('password')
        verify = self.request.get('verify')
        email = self.request.get('email')

        username_taken = User.get_by_key_name(username)
        valid_username = validation.valid_username(username)
        valid_password = validation.valid_password(password)
        valid_verify = (verify == password)
        valid_email = True
        if email:
            valid_email = validation.valid_email(email)

        kwargs['username'] = username
        kwargs['email'] = email

        if username_taken:
            kwargs['username_exists'] = "That user already exists"
        if not valid_username:
            kwargs['username_error'] = "That's not a valid username"
        if not valid_password:
            kwargs['password_error'] = "That wasn't a valid password"
        if not valid_verify:
            kwargs['verify_error'] = "Your passwords didn't match"
        if not valid_email:
            kwargs['email_error'] = "That's not a valid email"

        error_dict = {'username_exists',
                      'username_error',
                      'password_error',
                      'verify_error',
                      'email_error'
                      }

        # check if any error messages are in kwargs
        if error_dict & set(kwargs.keys()) != set():
            self.render("signup.html", **kwargs)
        else:
            # salt and hash password
            password_hash_salt = hashing.make_pw_hash(username, password)

            # create new user
            new_user = User(key_name=username,
                            username=username,
                            password_hash_salt=password_hash_salt,
                            email=email
                            )
            new_user.put()

            # create cookie using hashed id
            hashed_cookie = hashing.make_secure_val(username)
            self.response.headers.add_header('Set-Cookie',
                                             'username={}; '
                                             'Path=/'.format(hashed_cookie))
            self.redirect("/welcome")
Exemplo n.º 3
0
    def post(self):
        user_username = self.request.get('username')
        user_password = self.request.get('password')
        user_verify = self.request.get('verify')
        user_email = self.request.get('email')

        username = valid_username(user_username)
        password = valid_password(user_password)
        if (user_verify != user_password):
            verify = None
        else:
            verify = user_verify
        if (user_email):
            email = valid_email(user_email)
        else:
            email = 'not_supplied'

        err_uname_ = ""
        err_pwd_ = ""
        err_ver_ = ""
        err_email_ = ""

        if not (username):
            err_uname_ = "That's not a valid username."
        if not (password):
            err_pwd_ = "That wasn't a valid password."
        if not (verify):
            err_ver_ = "Your passwords didn't match."
        if not (email):
            err_email_ = "That's not a valid email."

        if (username):
            username_query = db.GqlQuery(
                "SELECT * FROM BlogUser WHERE user_id=:1", user_username)
            username_used = username_query.fetch(1)
            if (username_used):
                username_new = False
                err_uname_ = "That user already exits"
            else:
                username_new = True

        if not (username and password and verify and email and username_new):
            self.write_form(err_uname_, err_pwd_, err_ver_, err_email_,
                            user_username, user_email)
        else:
            this_user = BlogUser(user_id=user_username,
                                 user_pw=make_pw_hash(user_username,
                                                      user_password),
                                 user_em=user_email)
            this_user.put()
            self.response.headers.add_header(
                'Set-Cookie',
                'user_id=%s; Path=/' % str(make_secure_val(user_username)))
            self.redirect("/blog/welcome")
    def post(self):
        user_username = self.request.get('username')
        user_password = self.request.get('password')

        username_query = db.GqlQuery("SELECT * FROM WikiUser WHERE user_id=:1", user_username)
        this_user = username_query.fetch(1)
        if (this_user and valid_pw(user_username, user_password, this_user[0].user_pw)):
            self.response.headers.add_header('Set-Cookie','user_id=%s; Path=/'
                                             % str(make_secure_val(user_username)))
            self.redirect("/wiki/")
        else:
            self.write_form("Invalid login")
Exemplo n.º 5
0
    def post(self):
        user_username = self.request.get('username')
        user_password = self.request.get('password')
        user_verify = self.request.get('verify')
        user_email = self.request.get('email')
        error_username = ''

        dubName = list(db.GqlQuery('SELECT * FROM User WHERE username = :1', user_username))

        if dubName and user_username == dubName[0].username:
            error_username = '******'s already been taken.'

        if error_username != '' or not valid_username(user_username) or not valid_password(user_password) or user_password != user_verify or not valid_email(user_email):
            if not valid_username(user_username) or not user_username:
                error_username = '******'s not a valid username.'
            elif error_username == 'That name\'s already been taken.':
                error_username = '******'s already been taken.'
            else:
                error_username = ''

            if not valid_password(user_password) or not user_password:
                error_password = '******'t a valid password.'
            else:
                error_password = ''

            if user_password != user_verify and error_password == '':
                error_verify = 'Your passwords didn\'t match.'
            else:
                error_verify = ''

            if not user_email or valid_email(user_email):
                error_email = ''
            else:
                error_email = 'That\'s not a valid email.'

            self.write_body(username=user_username,
                            error_username=error_username,
                            error_password=error_password,
                            error_verify=error_verify,
                            email=user_email,
                            error_email=error_email)
        else:
            user_db = User(username=user_username,
                           password=make_pw_hash(user_username, user_password),
                           email=user_email)
            user_db.put()  # Add user to database
            self.response.headers.add_header('Set-Cookie', 'username=%s; Path=/' % make_secure_val(str(user_username)))
            page = self.request.get('page')
            if not page:
                page = '/'
            self.redirect(page)  # Set cookie and redirect to page they were previously on
Exemplo n.º 6
0
 def post(self):
     user_username = self.request.get('username')
     user_password = self.request.get('password')
     if self.request.cookies.get('username', '') != '':
         self.redirect('/blog/welcome')
     
     user = list(db.GqlQuery('SELECT * FROM User WHERE username = :1', user_username))
     
     if user and valid_pw(user[0].username, user_password, user[0].password):
         self.response.headers.add_header('Set-Cookie', 'username=%s; Path=/' % make_secure_val(str(user_username)))
         self.redirect('/blog/welcome')
     else:
         error = 'Invalid Login'
         self.write_body(error)
Exemplo n.º 7
0
    def get(self):
        self.response.headers["Content-Type"] = 'text/plain'
        visits = 0
        visit_cookie_str = self.request.cookies.get("visits")

        if visit_cookie_str:
            cookie_val = hashing.check_secure_val(visit_cookie_str)
            if cookie_val:
                visits = int(cookie_val)


        visits += 1

        new_cookie_val = hashing.make_secure_val(str(visits))

        self.response.headers.add_header("Set-Cookie", 'visits=%s' % new_cookie_val)

        if visits > 20:
            self.write("You are the best ever")
        else:
            self.write("You've been here %s times!" % visits)
Exemplo n.º 8
0
 def set_cookie(self, username=''):
     self.response.headers.add_header(
         'Set-Cookie',
         str('username=%s; Path=/' % make_secure_val(username)))
Exemplo n.º 9
0
 def test_make_secure_val(self):
     h = "test|cea6b92de1c15cfdbcf333982d340d3f"
     assert make_secure_val("test") == h