def post(self, *args, **kwargs):
''' Attempts to create an account, with shitty form validation '''
form = Form(
account="Please enter an account name",
handle="Please enter a handle",
team="Please select a team to join",
pass1="Please enter a password",
pass2="Please confirm your password",
token="Please enter a registration token"
)
if form.validate(self.request.arguments):
config = ConfigManager.Instance()
account = self.get_argument('account').lower()
handle = self.get_argument('handle').lower()
rtok = self.get_argument('token', '__none__').lower()
passwd = self.get_argument('pass1')
if User.by_account(account) is not None:
self.render('public/registration.html',
errors=['Account name already taken']
)
elif account == handle:
self.render('public/registration.html',
errors=['Account name and hacker name must differ']
)
elif User.by_handle(handle) is not None:
self.render('public/registration.html',
errors=['Handle already taken']
)
elif not passwd == self.get_argument('pass2'):
self.render('public/registration.html',
errors=['Passwords do not match']
)
elif not 0 < len(passwd) <= config.max_password_length:
self.render('public/registration.html',
errors=['Password must be 1-%d characters'
% config.max_password_length]
)
elif Team.by_uuid(self.get_argument('team', '')) is None:
self.render('public/registration.html',
errors=["Please select a team to join"]
)
elif RegistrationToken.by_value(rtok) is None and not config.debug:
self.render('public/registration.html',
errors=["Invalid registration token"]
)
else:
self.create_user(account, handle, passwd, rtok)
self.render('public/successful_reg.html', account=account)
else:
self.render('public/registration.html', errors=form.errors)
def post(self, *args, **kwargs):
''' Checks submitted username and password '''
form = Form(
account="Enter an account name",
password="******",
)
if form.validate(self.request.arguments):
user = User.by_account(self.get_argument('account'))
password_attempt = self.get_argument('password')
if user is not None and user.validate_password(password_attempt):
if not user.locked:
self.successful_login(user)
self.redirect('/user')
else:
self.render('public/login.html',
errors=["Your account has been locked"]
)
else:
self.failed_login()
else:
self.render('public/login.html', errors=form.errors)
