def login_(self):
"Process login credentials"
# Check username
username = str(request.POST.get("username", ""))
person = Session.query(model.Person).filter_by(username=username).first()
# If the username does not exist,
if not person:
return dict(isOk=0)
# Check password
password_hash = model.hashString(str(request.POST.get("password", "")))
# If the password is incorrect,
if password_hash != StringIO.StringIO(person.password_hash).read():
# Increase and return rejection_count without a requery
rejection_count = person.rejection_count = person.rejection_count + 1
Session.commit()
return dict(isOk=0, rejection_count=rejection_count)
# If there have been too many rejections,
if person.rejection_count >= parameter.REJECTION_LIMIT:
# Expect recaptcha response
recaptchaChallenge = request.POST.get("recaptcha_challenge_field", "")
recaptchaResponse = request.POST.get("recaptcha_response_field", "")
recaptchaPrivateKey = config.get("recaptcha.private", "")
# Validate
result = captcha.submit(recaptchaChallenge, recaptchaResponse, recaptchaPrivateKey, h.getRemoteIP())
# If the response is not valid,
if not result.is_valid:
return dict(isOk=0, rejection_count=person.rejection_count)
# Get minutesOffset from UTC
minutesOffset = h.getMinutesOffset()
# Save session
session["minutesOffset"] = minutesOffset
session["personID"] = person.id
session["nickname"] = person.nickname
session["is_super"] = person.is_super
session.save()
# Save person
person.minutes_offset = minutesOffset
person.rejection_count = 0
Session.commit()
# Return
return dict(isOk=1)
def confirmPersonCandidate(ticket):
"Move changes from the PersonCandidate table into the Person table"
# Query
candidate = (
Session.query(model.PersonCandidate)
.filter(model.PersonCandidate.ticket == ticket)
.filter(model.PersonCandidate.when_expired >= datetime.datetime.utcnow())
.first()
)
# If the ticket exists,
if candidate:
# If the person exists,
if candidate.person_id:
# Update person
person = Session.query(model.Person).get(candidate.person_id)
person.username = candidate.username
person.password_hash = candidate.password_hash
person.nickname = candidate.nickname
person.email = candidate.email
person.email_sms = candidate.email_sms
# Reset rejection_count
person.rejection_count = 0
# If the person does not exist,
else:
# Add person
Session.add(
model.Person(
candidate.username,
candidate.password_hash,
candidate.nickname,
candidate.email,
candidate.email_sms,
)
)
# Delete ticket
Session.delete(candidate)
# Commit
Session.commit()
# Return
return candidate
# Validate form
form = JobForm().to_python(valueByName, job)
except formencode.Invalid, error:
return dict(isOk=0, errorByID=error.unpack_errors())
# If the job does not exist, add it
if not job:
job = model.Job()
Session.add(job)
# Set fields
job.title = form['title'].strip()
job.budget = form['budget']
job.description = form['description'].strip()
job.when_updated = datetime.datetime.utcnow()
job.owner_id = ownerID
# Commit
Session.commit()
# Return
return dict(isOk=1, jobID=job.id)
# Validators
class Unique(formencode.validators.FancyValidator):
'Validator to ensure unique values in a field'
def __init__(self, fieldName, errorMessage):
'Store fieldName and errorMessage'
super(Unique, self).__init__()
self.fieldName = fieldName
self.errorMessage = errorMessage
