def edit(request): """ edit(request) no return value, called with route_url('apex_edit', request) This function will only work if you have set apex.auth_profile. This is a very simple edit function it works off your auth_profile class, all columns inside your auth_profile class will be rendered. """ title = _('Edit') ProfileForm = model_form( model=get_module(apex_settings('auth_profile')), base_class=ExtendedForm, exclude=('id', 'user_id'), ) record = AuthUser.get_profile(request) form = ProfileForm(obj=record) if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() flash(_('Profile Updated')) return HTTPFound(location=request.url) return {'title': title, 'form': form, 'action': 'edit'}
def profile_edit(request): form = ProfileRecordForm(request.POST) if 'record_id' in request.matchdict: record = get_profile_record(request.matchdict['id'], \ request.matchdict['record_id']) if not request.POST: form.record_type.data = record.record_type form.name.data = record.name form.contents.data = record.contents else: record = Profile_Record(profile_id=request.matchdict['id']) if request.method == 'POST' and form.validate(): if request.POST['record_type'] in ['TXT', 'SPF']: request.POST['contents'] = '"' + request.POST['contents'] \ .replace('"','') + '"' record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_profile_edit', request, \ id=request.matchdict['id'])) return {'title':'Edit Profile Records', \ 'form':form, \ 'profile':get_profile(request.matchdict['id']), \ 'profile_records':get_profile_records(request.matchdict['id'])}
def activate(request): """ """ user_id = request.matchdict.get('user_id') user = AuthUser.get_by_id(user_id) submitted_hmac = request.matchdict.get('hmac') current_time = time.time() time_key = int(base64.b64decode(submitted_hmac[10:])) if current_time < time_key: hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), time_key), \ user.email).hexdigest()[0:10] if hmac_key == submitted_hmac[0:10]: user.active = 'Y' DBSession.merge(user) DBSession.flush() flash(_('Account activated. Please log in.')) activated_route = apex_settings('activated_route') if not activated_route: activated_route = 'apex_login' return HTTPFound(location=route_url(activated_route, request)) flash(_('Invalid request, please try again')) return HTTPFound(location=route_url(apex_settings('came_from_route'), \ request))
def profiles(request): form = ProfileForm(request.POST) if request.method == 'POST' and form.validate(): record = Profile() record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_profiles', request)) return {'title': 'Profiles', 'form': form, 'profiles': get_profiles()}
def profiles(request): form = ProfileForm(request.POST) if request.method == 'POST' and form.validate(): record = Profile() record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_profiles', request)) return {'title':'Profiles', 'form':form, 'profiles':get_profiles()}
def registrars(request): form = RegistrarForm(request.POST) registrars = get_registrars() record = Registrar() if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_registrars', request)) return {'title':'Registrars', 'form':form, 'registrars':registrars}
def webhosts(request): form = ProviderForm(request.POST) providers = DBSession.query(Provider).order_by(Provider.name).all() record = Provider() if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_webhosts', request)) return {'title':'Web Hosts', 'form':form, 'providers':providers}
def registrars(request): form = RegistrarForm(request.POST) registrars = get_registrars() record = Registrar() if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_registrars', request)) return {'title': 'Registrars', 'form': form, 'registrars': registrars}
def webhosts(request): form = ProviderForm(request.POST) providers = DBSession.query(Provider).order_by(Provider.name).all() record = Provider() if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_webhosts', request)) return {'title': 'Web Hosts', 'form': form, 'providers': providers}
def change_password(request): """ change_password(request): no return value, called with route_url('apex_change_password', request) """ title = _('Change your Password') came_from = get_came_from(request) form = ChangePasswordForm(request.POST) if request.method == 'POST' and form.validate(): user = AuthUser.get_by_id(authenticated_userid(request)) user.password = form.data['password'] DBSession.merge(user) DBSession.flush() return HTTPFound(location=came_from) return {'title': title, 'form': form, 'action': 'changepass'}
def ips(request): providers = get_providers() ips = get_ips() if not providers: flash('You have no providers defined, please add at least one') return HTTPFound(location=route_url('apex_route53_webhosts', request)) form = IPForm(request.POST, providers=providers) form.provider_id.choices = providers record = IP() if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_ips', request)) return {'title': 'IP Addresses', 'form': form, 'ips': ips}
def ips(request): providers = get_providers() ips = get_ips() if not providers: flash('You have no providers defined, please add at least one') return HTTPFound(location=route_url('apex_route53_webhosts', request)) form = IPForm(request.POST, providers=providers) form.provider_id.choices = providers record = IP() if request.method == 'POST' and form.validate(): record = merge_session_with_post(record, request.POST.items()) DBSession.merge(record) DBSession.flush() return HTTPFound(location= \ route_url('apex_route53_ips', request)) return {'title':'IP Addresses', 'form':form, 'ips':ips}
def activate(request): user_id = request.matchdict.get('user_id') user = AuthID.get_by_id(user_id) submitted_hmac = request.matchdict.get('hmac') current_time = time.time() time_key = int(base64.b64decode(submitted_hmac[10:])) if current_time < time_key: hmac_key = get_hmac_key(user, time_key) if hmac_key == submitted_hmac[0:10]: user.active = 'Y' DBSession.merge(user) DBSession.flush() flash(_('Account activated. Please log in.')) return HTTPFound(location=route_url('apex_login', request)) flash(_('Invalid request, please try again')) return HTTPFound(location=route_url(apex_settings('came_from_route'), request))
def openid_required(request): """ openid_required(request) no return value If apex_settings.openid_required is set, and the ax/sx from the OpenID auth doesn't return the required fields, this is called which builds a dynamic form to ask for the missing information. Called on Registration or Login with OpenID Authentication. """ title = _('OpenID Registration') came_from = request.params.get('came_from', \ route_url(apex_settings('came_from_route'), request)) #This fixes the issue with RegisterForm throwing an UnboundLocalError if apex_settings('openid_register_form_class'): OpenIDRequiredForm = get_module( apex_settings('openid_register_form_class')) else: from apex.forms import OpenIDRequiredForm for required in apex_settings('openid_required').split(','): setattr(OpenIDRequiredForm, required, \ TextField(required, [validators.Required()])) form = OpenIDRequiredForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): """ need to have the AuthUser id that corresponds to the login method. """ user = AuthUser.get_by_id(request.session['userid']) for required in apex_settings('openid_required').split(','): setattr(user, required, form.data[required]) DBSession.merge(user) DBSession.flush() headers = apex_remember(request, user) return HTTPFound(location=came_from, headers=headers) return {'title': title, 'form': form, 'action': 'openid_required'}
def reset_password(request): """ reset_password(request): no return value, called with route_url('apex_reset_password', request) """ title = _('Reset My Password') if asbool(apex_settings('use_recaptcha_on_reset')): if (apex_settings('recaptcha_public_key') and apex_settings('recaptcha_private_key')): ResetPasswordForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ResetPasswordForm(request.POST, captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): user_id = request.matchdict.get('user_id') user = AuthUser.get_by_id(user_id) submitted_hmac = request.matchdict.get('hmac') current_time = int(time.time()) time_key = int(base64.b64decode(submitted_hmac[10:])) if current_time < time_key: hmac_key = get_hmac_key(user, time_key) if hmac_key == submitted_hmac[0:10]: #FIXME reset email, no such attribute email user.password = form.data['password'] DBSession.merge(user) DBSession.flush() flash(_('Password Changed. Please log in.')) return HTTPFound(location=route_url('apex_login', request)) else: flash(_('Invalid request, please try again')) return HTTPFound(location=route_url('apex_forgot', request)) else: flash(_('Change request email expired, please try again')) return HTTPFound(location=route_url('apex_forgot', request)) return {'title': title, 'form': form, 'form_url': request.url, "velruse_forms": None}
def openid_required(request): """ openid_required(request) no return value If apex_settings.openid_required is set, and the ax/sx from the OpenID auth doesn't return the required fields, this is called which builds a dynamic form to ask for the missing inforation. Called on Registration or Login with OpenID Authentication. """ title = _('OpenID Registration') came_from = request.params.get('came_from', route_url(apex_settings('came_from_route'), request)) # This fixes the issue with RegisterForm throwing an UnboundLocalError if apex_settings('openid_register_form_class'): OpenIDRequiredForm = get_module( apex_settings('openid_register_form_class')) else: from apex.forms import OpenIDRequiredForm for required in apex_settings('openid_required').split(','): setattr(OpenIDRequiredForm, required, TextField(required, [validators.Required()])) form = OpenIDRequiredForm(request.POST, captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): """ need to have the AuthUser id that corresponds to the login method. """ user = AuthUser.get_by_id(request.session['userid']) for required in apex_settings('openid_required').split(','): setattr(user, required, form.data[required]) DBSession.merge(user) DBSession.flush() headers = apex_remember(request, user) return HTTPFound(location=came_from, headers=headers) return {'title': title, 'form': form, 'action': 'openid_required'}
def activate(request): """ """ user_id = request.matchdict.get('user_id') user = AuthUser.get_by_id(user_id) submitted_hmac = request.matchdict.get('hmac') current_time = time.time() time_key = int(base64.b64decode(submitted_hmac[10:])) if current_time < time_key: hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), time_key), \ user.email).hexdigest()[0:10] if hmac_key == submitted_hmac[0:10]: user.active = 'Y' DBSession.merge(user) DBSession.flush() flash(_('Account activated. Please log in.')) return HTTPFound(location=route_url('apex_login', \ request)) flash(_('Invalid request, please try again')) return HTTPFound(location=route_url(apex_settings('came_from_route'), \ request))
def reset_password(request): """ reset_password(request): no return value, called with route_url('apex_reset_password', request) """ title = _('Reset My Password') if asbool(apex_settings('use_recaptcha_on_reset')): if apex_settings('recaptcha_public_key') and \ apex_settings('recaptcha_private_key'): ResetPasswordForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ResetPasswordForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): user_id = request.matchdict.get('user_id') user = AuthUser.get_by_id(user_id) submitted_hmac = request.matchdict.get('hmac') current_time = time.time() time_key = int(base64.b64decode(submitted_hmac[10:])) if current_time < time_key: hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), time_key), \ user.email).hexdigest()[0:10] if hmac_key == submitted_hmac[0:10]: #FIXME reset email, no such attribute email user.password = form.data['password'] DBSession.merge(user) DBSession.flush() flash(_('Password Changed. Please log in.')) return HTTPFound(location=route_url('apex_login', \ request)) else: flash(_('Invalid request, please try again')) return HTTPFound(location=route_url('apex_forgot', \ request)) return {'title': title, 'form': form, 'action': 'reset'}
def change_password(request): """ change_password(request): no return value, called with route_url('apex_change_password', request) FIXME doesn't adjust auth_user based on local ID, how do we handle multiple IDs that are local? Do we tell person that they don't have local permissions? """ title = _('Change your Password') came_from = get_came_from(request) user = DBSession.query(AuthUser). \ filter(AuthUser.auth_id==authenticated_userid(request)). \ filter(AuthUser.provider=='local').first() form = ChangePasswordForm(request.POST, user_id=user.id) if request.method == 'POST' and form.validate(): #user = AuthID.get_by_id(authenticated_userid(request)) user.password = form.data['password'] DBSession.merge(user) DBSession.flush() return HTTPFound(location=came_from) return {'title': title, 'form': form, 'action': 'changepass'}
def reset_password(request): """ reset_password(request): no return value, called with route_url('apex_reset_password', request) """ title = _('Reset My Password') if asbool(apex_settings('use_recaptcha_on_reset')): if apex_settings('recaptcha_public_key') and apex_settings('recaptcha_private_key'): ResetPasswordForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ResetPasswordForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): user_id = request.matchdict.get('user_id') user = AuthUser.get_by_id(user_id) submitted_hmac = request.matchdict.get('hmac') current_time = time.time() time_key = int(base64.b64decode(submitted_hmac[10:])) if current_time < time_key: hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), time_key), \ user.email).hexdigest()[0:10] if hmac_key == submitted_hmac[0:10]: user.password = form.data['password'] DBSession.merge(user) DBSession.flush() flash(_('Password Changed. Please log in.')) return HTTPFound(location=route_url('apex_login', \ request)) else: flash(_('Invalid request, please try again')) return HTTPFound(location=route_url('apex_forgot', \ request)) return {'title': title, 'form': form, 'action': 'reset'}
def referrer_update(user, refer_id): """ user = user object refer_id = referring user ID No return value """ try: fkp = DBSession.query(ForeignKeyProfile). \ filter(ForeignKeyProfile.user_id==refer_id).one() except: fkp = ForeignKeyProfile(user_id = refer_id, score = 0) fkp.score = fkp.score + 1 DBSession.merge(fkp) try: fkp = DBSession.query(ForeignKeyProfile). \ filter(ForeignKeyProfile.user_id==user.id).one() except: fkp = ForeignKeyProfile(user_id = user.id, score = 0) fkp.parent_id = refer_id DBSession.merge(fkp) DBSession.flush()