def post(self):
# Session request handler
current_session = Session(self)
JINJA_ENVIRONMENT.globals['session'] = current_session
# Language request handler
Language.language(self)
# Check if user is already logged in
if current_session.get_id() is not None:
self.redirect("/")
# Language task
Language.language(self)
# Load form
template = JINJA_ENVIRONMENT.get_template('static/templates/login.html')
# Check user and password
submitted_username = cgi.escape(self.request.get("username"))
submitted_password = hashlib.sha1(cgi.escape(self.request.get("password"))).hexdigest()
user = database.UserManager.select_by_username(submitted_username)
# Check user exists
if user is not None:
# Check if user account is blocked or not
if user.attempts < 3:
# Check if user and password matches
if submitted_username == user.name and submitted_password == user.password:
# Session initialization
current_session.set(self, user.key.id())
# Login attempts to zero
database.UserManager.modify_user(user.key, attempts=0)
# Redirection to initial page
self.redirect("/")
else:
# Add an attempt to user login
database.UserManager.modify_user(user.key, attempts=user.attempts+1)
self.response.write(template.render(error=_("InvalidUsernameOrPassword")))
else:
self.response.write(template.render(error=_("AccountBlocked")))
else:
self.response.write(template.render(error=_("InvalidUsernameOrPassword")))
def post(self):
# Session request handler
current_session = Session(self)
JINJA_ENVIRONMENT.globals['session'] = current_session
# Language request handler
Language.language(self)
# Check if user is already logged in
if current_session.get_id() is not None:
self.redirect("/")
return None
# Retrieve request data
username = cgi.escape(self.request.get('username'))
password1 = cgi.escape(self.request.get('password1'))
password2 = cgi.escape(self.request.get('password2'))
email = cgi.escape(self.request.get('email'))
# Load success and fail templates
register_template = JINJA_ENVIRONMENT.get_template('static/templates/register.html')
registered_template = JINJA_ENVIRONMENT.get_template('static/templates/registered.html')
# Check email is well formed
if not re.match(r"[^@]+@[^@]+\.[^@]+", email):
self.response.write(register_template.render(error=_("BadEmail.")))
return None
# Check passwords min size is 6
if len(password1) < 6:
self.response.write(register_template.render(error=_("PasswordMinLengthNotReached.")))
return None
# Check passwords match
if password1 != password2:
self.response.write(register_template.render(error=_("PasswordMissmatch")))
return None
# Username not empty
if len(username) < 1:
self.response.write(register_template.render(error=_("EmptyUsername.")))
return None
# Check user exists
user = database.UserManager.select_by_username(username)
if user is not None:
self.response.write(register_template.render(error=_("UsernameExists")))
return None
# Check email exists
user = database.UserManager.select_by_email(email)
if user is not None:
self.response.write(register_template.render(error=_("EmailExists")))
return None
# Save new user in DB
user_key = database.UserManager.create(username, password1, email)
if user_key:
# Create activation token
token_key = database.TokenManager.create_token(user_key)
# Send activation email
email_handler.Email.send_activation(username, str(token_key.id()), email)
# Autologin new user
current_session.set(self, user_key.id())
JINJA_ENVIRONMENT.globals['session'] = current_session
self.response.write(registered_template.render(username=username))
else:
self.response.write(register_template.render(error=_("DatabaseError")))
return None
