Exemplo n.º 1
0
    def _changePassword(self, request):
        (appchange, script, args, myId) = yield self._getBasicArgs(request)

        currentPass = utils.getRequestArg(request, "curr_passwd", sanitize=False)
        newPass = utils.getRequestArg(request, "passwd1", sanitize=False)
        rptPass = utils.getRequestArg(request, "passwd2", sanitize=False)

        if not currentPass:
            request.write('$$.alerts.error("%s");' % _("Enter your current password"))
            defer.returnValue(None)
        if not newPass:
            request.write('$$.alerts.error("%s");' % _("Enter new password"))
            defer.returnValue(None)
        if not rptPass:
            request.write('$$.alerts.error("%s");' % _("Confirm new password"))
            defer.returnValue(None)
        if newPass != rptPass:
            request.write('$$.alerts.error("%s");' % _("Passwords do not match"))
            defer.returnValue(None)
        if currentPass == newPass:
            request.write('$$.alerts.error("%s");' % _("New password should be different from current password"))
            defer.returnValue(None)

        emailId = args["me"].basic["emailId"]
        col = yield db.get(emailId, "userAuth", "passwordHash")
        storedPass= col.column.value

        if not utils.checkpass(currentPass, storedPass):
            request.write('$$.alerts.error("%s");' % _("Incorrect Password"))
            defer.returnValue(None)

        newPasswd = utils.hashpass(newPass)
        yield db.insert(emailId, "userAuth", newPasswd, "passwordHash")
        request.write('$$.alerts.info("%s");' % _('Password changed'))
Exemplo n.º 2
0
    def _registerClient(self, request):
        (appchange, script, args, myId) = yield self._getBasicArgs(request)
        landing = not self._ajax
        myOrgId = args["orgId"]

        name = utils.getRequestArg(request, "name")
        desc = utils.getRequestArg(request, "desc")
        scope = utils.getRequestArg(request, "scope", multiValued=True)
        category = utils.getRequestArg(request, "category")
        redirect = utils.getRequestArg(request, "redirect", sanitize=False)

        if not name:
            raise errors.MissingParams(["Name"])

        if not scope:
            raise errors.MissingParams(["Permissions"])

        if category != "apikey" and not redirect:
            raise errors.MissingParams(["Redirect URL"])

        knownScopes = globals().get("scopes")
        unknownScopes = [x for x in scope if x not in knownScopes.keys()]
        if category not in ["webapp", "native", "apikey"] or unknownScopes:
            raise errors.BaseError("Invalid value sent for Type/Permissions")

        clientId = utils.getUniqueKey()
        clientSecret = utils.getRandomKey()

        meta = {
            "author": myId,
            "name": name,
            "org": myOrgId,
            "secret": utils.hashpass(clientSecret),
            "scope": " ".join(scope),
            "category": category,
        }

        if category != "apikey":
            meta["redirect"] = b64encode(redirect)
            meta["desc"] = desc
            yield db.batch_insert(clientId, "apps", {"meta": meta})
            yield db.insert(myId, "appsByOwner", "", clientId)
            yield db.insert(myOrgId, "appsByOwner", "", clientId)
        else:
            yield db.batch_insert(clientId, "apps", {"meta": meta})
            yield db.insert(myId, "entities", "", clientId, "apikeys")

        self.setTitle(request, name)

        args["clientId"] = clientId
        args["client"] = meta
        args["client"]["secret"] = clientSecret
        t.renderScriptBlock(request, "apps.mako", "registrationResults", landing, "#apps-contents", "set", **args)
Exemplo n.º 3
0
    def _secret(self, request):
        myId = request.getSession(IAuthInfo).username
        clientId = utils.getRequestArg(request, "id", sanitize=False)

        client = yield db.get_slice(clientId, "apps")
        client = utils.supercolumnsToDict(client)
        if not client:
            raise errors.InvalidApp(clientId)

        if client["meta"]["author"] != myId:
            raise errors.AppAccessDenied(clientId)

        clientSecret = utils.getRandomKey()
        yield db.insert(clientId, "apps", utils.hashpass(clientSecret), "secret", "meta")

        args = {"clientId": clientId, "client": client["meta"], "info": "New application secret was generated"}
        args["client"]["secret"] = clientSecret
        t.renderScriptBlock(request, "apps.mako", "registrationResults", False, "#apps-contents", "set", **args)
Exemplo n.º 4
0
    def resetPassword(self, request):
        email = utils.getRequestArg(request, 'email')
        token = utils.getRequestArg(request, 'token')
        passwd = utils.getRequestArg(request, 'password', False)
        pwdrepeat = utils.getRequestArg(request, 'pwdrepeat', False)

        if not (email and token and passwd and pwdrepeat):
            raise MissingParams(['Email', 'Password Reset Token'])

        if (passwd != pwdrepeat):
            raise errors.PasswordsNoMatch()

        validEmail, tokens, deleteTokens, leastTimestamp = yield _getResetPasswordTokens(email)
        if validEmail:
            if token not in tokens:
                raise PermissionDenied("Invalid token. <a href='/password/resend?email=%s'>Click here</a> to reset password" % (email))
            yield db.insert(email, "userAuth", utils.hashpass(passwd), 'passwordHash')
            yield db.batch_remove({"userAuth": [email]}, names=deleteTokens)
        request.redirect('/signin')