def account_activate(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
username = params.get('username', None)
activation = params.get('code', None)
password = params.get('password', None)
if not UserMgr.acceptable_password(password):
request.response.status_int = 406
return {
'error': "Come on, pick a real password please",
}
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
return {
'message': "Account activated, please log in.",
'username': username,
}
else:
AuthLog.reactivate(username, success=False, code=activation)
request.response.status_int = 500
return {
'error': "There was an issue attempting to activate this account.",
}
def account_activate(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
username = params.get('username', None)
activation = params.get('code', None)
password = params.get('password', None)
new_username = params.get('new_username', None)
if username is None and activation is None and password is None:
# then try to get the same fields out of a json body
json_body = request.json_body
username = json_body.get('username', None)
activation = json_body.get('code', None)
password = json_body.get('password', None)
new_username = json_body.get('new_username', None)
if not UserMgr.acceptable_password(password):
request.response.status_int = 406
return _api_response(request, {
'error': "Come on, pick a real password please",
})
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our current
# username, update it
if new_username and new_username != username:
try:
user = UserMgr.get(username=username)
user.username = new_username
except IntegrityError, exc:
request.response.status_int = 500
return _api_response(
request, {
'error':
'There was an issue setting your new username',
'exc': str(exc)
})
return _api_response(request, {
'message': "Account activated, please log in.",
'username': username,
})
def account_activate(request):
"""Reset a user after being suspended
:param username: required to know what user we're resetting
:param activation: code needed to activate
:param password: new password to use for the user
"""
params = request.params
username = params.get('username', None)
activation = params.get('code', None)
password = params.get('password', None)
new_username = params.get('new_username', None)
if username is None and activation is None and password is None:
# then try to get the same fields out of a json body
json_body = request.json_body
username = json_body.get('username', None)
activation = json_body.get('code', None)
password = json_body.get('password', None)
new_username = json_body.get('new_username', None)
if not UserMgr.acceptable_password(password):
request.response.status_int = 406
return {
'error': "Come on, pick a real password please",
}
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our current
# username, update it
if new_username and new_username != username:
try:
user = UserMgr.get(username=username)
user.username = new_username
except IntegrityError, exc:
request.response.status_int = 500
return {
'error': 'There was an issue setting your new username',
'exc': str(exc)
}
return {
'message': "Account activated, please log in.",
'username': username,
}
def reset_password(request):
"""Change a user's password from the current string
:params current_password:
:params new_password:
Callable by either a logged in user or the api key for mobile apps/etc
"""
params = request.params
# now also load the password info
current = params.get('current_password', None)
new = params.get('new_password', None)
# if we don't have any password info, try a json_body in case it's a json
#POST
if current is None and new is None:
params = request.json_body
current = params.get('current_password', None)
new = params.get('new_password', None)
user_acct = request.user
LOG.error("PASSWD")
LOG.error(current)
LOG.error(new)
if not UserMgr.acceptable_password(new):
request.response.status_int = 406
return {
'username': user_acct.username,
'error': "Come on, let's try a real password this time"
}
# before we change the password, let's verify it
if user_acct.validate_password(current):
# we're good to change it
user_acct.password = new
return {
'username': user_acct.username,
'message': "Password changed",
}
else:
request.response.status_int = 403
return {
'username': user_acct.username,
'error': "There was a typo somewhere. Please check your request"
}
def reset_password(request):
"""Change a user's password from the current string
:params current_password:
:params new_password:
Callable by either a logged in user or the api key for mobile apps/etc
"""
params = request.params
# now also load the password info
current = params.get('current_password', None)
new = params.get('new_password', None)
# if we don't have any password info, try a json_body in case it's a json
#POST
if current is None and new is None:
params = request.json_body
current = params.get('current_password', None)
new = params.get('new_password', None)
user_acct = request.user
LOG.error("PASSWD")
LOG.error(current)
LOG.error(new)
if not UserMgr.acceptable_password(new):
request.response.status_int = 406
return {
'username': user_acct.username,
'error': "Come on, let's try a real password this time"
}
# before we change the password, let's verify it
if user_acct.validate_password(current):
# we're good to change it
user_acct.password = new
return {
'username': user_acct.username,
'message': "Password changed",
}
else:
request.response.status_int = 403
return {
'username': user_acct.username,
'error': "There was a typo somewhere. Please check your request"
}
def reset(request):
"""Once deactivated, allow for changing the password via activation key"""
rdict = request.matchdict
params = request.params
# This is an initial request to show the activation form.
username = rdict.get('username', None)
activation_key = rdict.get('reset_key', None)
user = ActivationMgr.get_user(username, activation_key)
if user is None:
# just 404 if we don't have an activation code for this user
raise HTTPNotFound()
if 'code' in params:
# This is a posted form with the activation, attempt to unlock the
# user's account.
username = params.get('username', None)
activation = params.get('code', None)
password = params.get('new_password', None)
new_username = params.get('new_username', None)
error = None
if not UserMgr.acceptable_password(password):
# Set an error message to the template.
error = "Come on, pick a real password please."
else:
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our current
# username, update it
if new_username and new_username != username:
try:
user = UserMgr.get(username=username)
user.username = new_username
except IntegrityError, exc:
error = 'There was an issue setting your new username'
else:
AuthLog.reactivate(username, success=False, code=activation)
error = 'There was an issue attempting to activate this account.'
def reset(request):
"""Once deactivated, allow for changing the password via activation key"""
rdict = request.matchdict
params = request.params
# This is an initial request to show the activation form.
username = rdict.get('username', None)
activation_key = rdict.get('reset_key', None)
user = ActivationMgr.get_user(username, activation_key)
if user is None:
# just 404 if we don't have an activation code for this user
raise HTTPNotFound()
if 'code' in params:
# This is a posted form with the activation, attempt to unlock the
# user's account.
username = params.get('username', None)
activation = params.get('code', None)
password = params.get('new_password', None)
new_username = params.get('new_username', None)
error = None
if not UserMgr.acceptable_password(password):
# Set an error message to the template.
error = "Come on, pick a real password please."
else:
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our current
# username, update it
if new_username and new_username != username:
try:
user = UserMgr.get(username=username)
user.username = new_username
except IntegrityError, exc:
error = 'There was an issue setting your new username'
else:
AuthLog.reactivate(username, success=False, code=activation)
error = 'There was an issue attempting to activate this account.'
def reset(request):
"""Once deactivated, allow for changing the password via activation key"""
rdict = request.matchdict
params = request.params
# This is an initial request to show the activation form.
username = rdict.get('username', None)
activation_key = rdict.get('reset_key', None)
user = ActivationMgr.get_user(username, activation_key)
if user is None:
# just 404 if we don't have an activation code for this user
raise HTTPNotFound()
if 'code' in params:
# This is a posted form with the activation, attempt to unlock the
# user's account.
username = params.get('username', None)
activation = params.get('code', None)
password = params.get('new_password', None)
new_username = params.get('new_username', None)
error = None
if not UserMgr.acceptable_password(password):
# Set an error message to the template.
error = "Come on, pick a real password please."
else:
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our
# current username, update it
if new_username and new_username != username:
try:
user = UserMgr.get(username=username)
user.username = new_username
except IntegrityError:
error = 'There was an issue setting your new username'
else:
AuthLog.reactivate(username, success=False, code=activation)
error = ('There was an issue attempting to activate'
'this account.')
if error:
return {'message': error, 'user': user}
else:
# Log the user in and move along.
headers = remember(request, user.id, max_age=60 * 60 * 24 * 30)
user.last_login = datetime.utcnow()
# log the successful login
AuthLog.login(user.username, True)
# we're always going to return a user to their own /recent after a
# login
return HTTPFound(location=request.route_url(
'user_bmark_recent', username=user.username),
headers=headers)
else:
LOG.error("CHECKING")
LOG.error(username)
if user is None:
# just 404 if we don't have an activation code for this user
raise HTTPNotFound()
LOG.error(user.username)
LOG.error(user.email)
return {
'user': user,
}
def reset(request):
"""Once deactivated, allow for changing the password via activation key"""
rdict = request.matchdict
params = request.params
# This is an initial request to show the activation form.
username = rdict.get("username", None)
activation_key = rdict.get("reset_key", None)
user = ActivationMgr.get_user(username, activation_key)
if user is None:
# just 404 if we don't have an activation code for this user
raise HTTPNotFound()
if "code" in params:
# This is a posted form with the activation, attempt to unlock the
# user's account.
username = params.get("username", None)
activation = params.get("code", None)
password = params.get("new_password", None)
new_username = params.get("new_username", None)
error = None
if not UserMgr.acceptable_password(password):
# Set an error message to the template.
error = "Come on, pick a real password please."
else:
res = ActivationMgr.activate_user(username, activation, password)
if res:
# success so respond nicely
AuthLog.reactivate(username, success=True, code=activation)
# if there's a new username and it's not the same as our
# current username, update it
if new_username and new_username != username:
try:
user = UserMgr.get(username=username)
user.username = new_username
except IntegrityError:
error = "There was an issue setting your new username"
else:
AuthLog.reactivate(username, success=False, code=activation)
error = "There was an issue attempting to activate" "this account."
if error:
return {"message": error, "user": user}
else:
# Log the user in and move along.
headers = remember(request, user.id, max_age=60 * 60 * 24 * 30)
user.last_login = datetime.utcnow()
# log the successful login
AuthLog.login(user.username, True)
# we're always going to return a user to their own /recent after a
# login
return HTTPFound(location=request.route_url("user_bmark_recent", username=user.username), headers=headers)
else:
LOG.error("CHECKING")
LOG.error(username)
if user is None:
# just 404 if we don't have an activation code for this user
raise HTTPNotFound()
LOG.error(user.username)
LOG.error(user.email)
return {"user": user}