def login(request): """ login(request) No return value Function called from route_url('apex_login', request) """ title = _('You need to login') came_from = get_came_from(request) if not apex_settings('exclude_local'): if asbool(apex_settings('use_recaptcha_on_login')): if apex_settings('recaptcha_public_key') and apex_settings( 'recaptcha_private_key'): LoginForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = LoginForm( request.POST, captcha={'ip_address': request.environ['REMOTE_ADDR']}) else: form = LoginForm(request.POST) else: form = None velruse_forms = generate_velruse_forms(request, came_from) if request.method == 'POST' and form.validate(): user = AuthUser.get_by_login(form.data.get('login')) if user: headers = apex_remember(request, user) return HTTPFound(location=came_from, headers=headers) return {'title': title, 'form': form, 'velruse_forms': velruse_forms, \ 'form_url': request.route_url('apex_login'), 'action': 'login'}
def login(request): """ login(request) No return value Function called from route_url('apex_login', request) """ title = _('You need to login') came_from = get_came_from(request) if not apex_settings('exclude_local'): if asbool(apex_settings('use_recaptcha_on_login')): if apex_settings('recaptcha_public_key') and apex_settings('recaptcha_private_key'): LoginForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = LoginForm(request.POST, captcha={'ip_address': request.environ['REMOTE_ADDR']}) else: form = LoginForm(request.POST) else: form = None velruse_forms = generate_velruse_forms(request, came_from) if request.method == 'POST' and form.validate(): user = AuthUser.get_by_login(form.data.get('login')) if user: headers = apex_remember(request, user) return HTTPFound(location=came_from, headers=headers) return {'title': title, 'form': form, 'velruse_forms': velruse_forms, \ 'form_url': request.route_url('apex_login'), 'action': 'login'}
def create_public_workspace(registry=None): project_name = PUBLIC_PROJECT_NAME username = PUBLIC_PROJECT_USERNAME project_desc = "%s description" % project_name user_public_email = "%s@internal" % username # imports here for circular import references from apex.models import create_user, AuthUser from mobyle2.core.models.user import User import transaction ausr = AuthUser.get_by_login(username) modified = False if ausr is None: kwargs = {"email": user_public_email, "username": username, "login": username} if registry: kwargs["registry"] = registry ausr = create_user(**kwargs) else: ausr.username = username ausr.email = user_public_email ausr.login = username modified = True # running mobyle2 __init__ recreate default project if deleted # only after we are sure user is created usr = User.by_id(ausr.id) if modified: transaction.commit()
def log_in_success(self, form): request = self.request user = ( AuthUser.get_by_login(form['username']) or AuthUser.get_by_email(form['username']) ) headers = remember(request, user.auth_id) return HTTPSeeOther(headers=headers, location=get_came_from(request))
def search_user(username): user = None if '@' in username: user = AuthUser.get_by_email(username) if not user: user = AuthUser.get_by_username(username) if not user: user = AuthUser.get_by_login(username) return user
def register_validator(node, kw): """Validate a username and password.""" valid = False if "password" in kw: if kw["password"] != kw.get("password2", None): raise Invalid(node, "Passwords should match!") used = AuthUser.get_by_login(kw["username"]) used = used or AuthUser.get_by_email(kw["email"]) if used: raise Invalid(node, "That username or email is taken.")
def apex_callback(request): """ apex_callback(request): no return value, called with route_url('apex_callback', request) This is the URL that Velruse returns an OpenID request to """ redir = request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)) headers = [] if 'token' in request.POST: auth = apexid_from_token(request.POST['token']) if auth: user = AuthUser.get_by_login(auth['id']) if not user: auth_info = auth['profile']['accounts'][0] id = AuthID() DBSession.add(id) user = AuthUser( login=auth_info['userid'], provider=auth_info['domain'], ) if auth['profile'].has_key('verifiedEmail'): user.email = auth['profile']['verifiedEmail'] id.users.append(user) if apex_settings('default_user_group'): for name in apex_settings('default_user_group'). \ split(','): group = DBSession.query(AuthGroup). \ filter(AuthGroup.name==name.strip()).one() id.groups.append(group) if apex_settings('create_openid_after'): openid_after = get_module( apex_settings('create_openid_after')) openid_after().after_signup(user) DBSession.flush() if apex_settings('openid_required'): openid_required = False for required in apex_settings('openid_required').split(','): if not getattr(user, required): openid_required = True if openid_required: request.session['id'] = id.id request.session['userid'] = user.id return HTTPFound(location='%s?came_from=%s' % \ (route_url('apex_openid_required', request), \ request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)))) headers = apex_remember(request, user) redir = request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)) flash(_('Successfully Logged in, welcome!'), 'success') return HTTPFound(location=redir, headers=headers)
def apex_callback(request): """ apex_callback(request): no return value, called with route_url('apex_callback', request) This is the URL that Velruse returns an OpenID request to """ redir = request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)) headers = [] if 'token' in request.POST: auth = apexid_from_token(request.POST['token']) if auth: user = AuthUser.get_by_login(auth['id']) if not user: auth_info = auth['profile']['accounts'][0] id = AuthID() DBSession.add(id) user = AuthUser( login=auth_info['userid'], provider=auth_info['domain'], ) if auth['profile'].has_key('verifiedEmail'): user.email = auth['profile']['verifiedEmail'] id.users.append(user) if apex_settings('default_user_group'): for name in apex_settings('default_user_group'). \ split(','): group = DBSession.query(AuthGroup). \ filter(AuthGroup.name==name.strip()).one() id.groups.append(group) if apex_settings('create_openid_after'): openid_after = get_module(apex_settings('create_openid_after')) openid_after().after_signup(user) DBSession.flush() if apex_settings('openid_required'): openid_required = False for required in apex_settings('openid_required').split(','): if not getattr(user, required): openid_required = True if openid_required: request.session['id'] = id.id request.session['userid'] = user.id return HTTPFound(location='%s?came_from=%s' % \ (route_url('apex_openid_required', request), \ request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)))) headers = apex_remember(request, user) redir = request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)) flash(_('Successfully Logged in, welcome!'), 'success') return HTTPFound(location=redir, headers=headers)
def forgot_password(request): """ forgot_password(request): no return value, called with route_url('apex_forgot_password', request) """ title = _('Forgot my password') if asbool(apex_settings('use_recaptcha_on_forgot')): if apex_settings('recaptcha_public_key') and \ apex_settings('recaptcha_private_key'): ForgotForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ForgotForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): """ Special condition - if email imported from OpenID/Auth, we can direct the person to the appropriate login through a flash message. """ if form.data['email']: user = AuthUser.get_by_email(form.data['email']) if user.provider != 'local': provider_name = user.provider flash(_('You used %s as your login provider' % \ provider_name)) return HTTPFound(location=route_url('apex_login', \ request)) if form.data['login']: user = AuthUser.get_by_login(form.data['login']) if user: timestamp = time.time() + 3600 hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), timestamp), \ user.email).hexdigest()[0:10] time_key = base64.urlsafe_b64encode('%d' % timestamp) email_hash = '%s%s' % (hmac_key, time_key) apex_email_forgot(request, user.id, user.email, email_hash) flash(_('Password Reset email sent.')) return HTTPFound(location=route_url('apex_login', \ request)) flash(_('An error occurred, please contact the support team.')) return {'title': title, 'form': form, 'action': 'forgot'}
def forgot_password(request): """ forgot_password(request): no return value, called with route_url('apex_forgot_password', request) """ title = _('Forgot my password') if asbool(apex_settings('use_recaptcha_on_forgot')): if apex_settings('recaptcha_public_key') and \ apex_settings('recaptcha_private_key'): ForgotForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ForgotForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): """ Special condition - if email imported from OpenID/Auth, we can direct the person to the appropriate login through a flash message. """ if form.data['email']: user = AuthUser.get_by_email(form.data['email']) if user.provider != 'local': provider_name = user.provider flash(_('You used %s as your login provider' % \ provider_name)) return HTTPFound(location=route_url('apex_login', \ request)) if form.data['login']: user = AuthUser.get_by_login(form.data['login']) if user: timestamp = time.time()+3600 hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), timestamp), \ user.email).hexdigest()[0:10] time_key = base64.urlsafe_b64encode('%d' % timestamp) email_hash = '%s%s' % (hmac_key, time_key) apex_email_forgot(request, user.id, user.email, email_hash) flash(_('Password Reset email sent.')) return HTTPFound(location=route_url('apex_login', \ request)) flash(_('An error occurred, please contact the support team.')) return {'title': title, 'form': form, 'action': 'forgot'}
def callback(request): user = None profile = request.context.profile if 'id' not in request.session: user = AuthUser.get_by_login(profile['preferredUsername']) if not user: if 'id' in request.session: auth_id = AuthID.get_by_id(request.session['id']) else: auth_id = AuthID() DBSession.add(auth_id) user = AuthUser( login=profile['preferredUsername'], provider=request.context.provider_name, ) if 'verifiedEmail' in profile: user.email = profile['verifiedEmail'] if 'displayName' in profile: user.display_name = profile['displayName'] # TODO: This may not be unique, handle the error here. auth_id.users.append(user) DBSession.add(user) DBSession.flush() if apex_settings('default_user_group'): for name in apex_settings('default_user_group'). \ split(','): group = DBSession.query(AuthGroup). \ filter(AuthGroup.name == name.strip()).one() auth_id.groups.append(group) if apex_settings('create_openid_after'): openid_after = get_module(apex_settings('create_openid_after')) openid_after().after_signup(request=request, user=user) DBSession.flush() headers = apex_remember(request, user) redir = request.GET.get( 'came_from', request.route_path( apex_settings('came_from_route') ) ) flash(_('Successfully Logged in, welcome!'), 'success') return HTTPFound(location=redir, headers=headers)
def validate_login(form, field): if AuthUser.get_by_login(field.data) is None: raise validators.ValidationError( _('Sorry that username doesn\'t exist.'))
def validate_login(form, field): if AuthUser.get_by_login(field.data) is not None: raise validators.ValidationError( _('Sorry that username already exists.'))
def log_in_success(self, form): user = AuthUser.get_by_login(form["username"]) headers = remember(self.request, user.auth_id) return HTTPSeeOther(headers=headers, location=self._came_from)
def validate_login(form, field): if AuthUser.get_by_login(field.data) is not None: raise validators.ValidationError(_('Sorry that username already exists.'))
def log_in_success(self, form): request = self.request user = (AuthUser.get_by_login(form['username']) or AuthUser.get_by_email(form['username'])) headers = remember(request, user.auth_id) return HTTPSeeOther(headers=headers, location=get_came_from(request))
def validate_login(form, field): if AuthUser.get_by_login(field.data) is None: raise validators.ValidationError(_('Sorry that username doesn\'t exist.'))
def register_validator(node, kw): used = AuthUser.get_by_login(kw['username']) used = used or AuthUser.get_by_email(kw['email']) if used: raise Invalid(node, "That username or email is taken.")