def get(self):
"""
Handles the /password/reset endpoint.
Resets password of the user.
"""
if self.GET("password_token") and self.GET("uid"):
user = User.get_by_id(int(self.GET("uid")))
if user:
if user.password_token == self.GET("password_token"):
self.tv["reset"] = True
self.tv["token"] = self.GET("password_token")
self.tv["uid"] = self.GET("uid")
self.render("password-reset.html")
else:
error = "You may have clicked an expired link "
error += "or mistyped the address."
error_message(self, error)
self.redirect("/login")
else:
error = "Sorry, we couldn't process your request. "
error += "Please try again."
error_message(self, error)
self.redirect("/password/reset")
else:
self.render("password-reset.html")
def drop_object(main_server_path, main_server_name):
print "Confirm, you want to drop database. Type this code and hit enter:"
print "YeSDROBJ"
code = raw_input()
if code != "YeSDROBJ":
print "Incorrect confirmation code. Interrupting..."
raw_input("Press enter...")
return
dirs = os.walk(main_server_path).next()[1]
objects = os.walk(main_server_name).next()[1]
if len(objects) == 0:
print "No objects in database. Hit enter to continue."
raw_input()
return
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for x in objects:
print str(i) + " " + x
i += 1
print "Please select, what type of object you want to insert into database:"
number = int(raw_input())
if number < 1 or number > len(objects):
error_message()
else:
break
except ValueError:
error_message()
# print objects[number - 1]
for directory in dirs:
working_path = main_server_path + directory + "/" + objects[number - 1]
config_file = main_server_path + directory + "/" + objects[number -
1] + ".txt"
shutil.rmtree(working_path, ignore_errors=True)
os.remove(config_file)
raw_input("Object has been dropped. Hit enter to continue")
return
def drop_object(main_server_path, main_server_name):
print "Confirm, you want to drop database. Type this code and hit enter:"
print "YeSDROBJ"
code = raw_input()
if code != "YeSDROBJ":
print "Incorrect confirmation code. Interrupting..."
raw_input("Press enter...")
return
dirs = os.walk(main_server_path).next()[1]
objects = os.walk(main_server_name).next()[1]
if len(objects) == 0:
print "No objects in database. Hit enter to continue."
raw_input()
return
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for x in objects:
print str(i) + " " + x
i += 1
print "Please select, what type of object you want to insert into database:"
number = int(raw_input())
if number < 1 or number > len(objects):
error_message()
else:
break
except ValueError:
error_message()
# print objects[number - 1]
for directory in dirs:
working_path = main_server_path + directory + "/" + objects[number - 1]
config_file = main_server_path + directory + "/" + objects[number - 1] + ".txt"
shutil.rmtree(working_path, ignore_errors=True)
os.remove(config_file)
raw_input("Object has been dropped. Hit enter to continue")
return
def post(self):
"""
Handles the /register/verify/send endpoint.
Resends email verification.
"""
if self.POST("email"):
email = self.POST("email").lower().strip()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if user:
if user.status == "PENDING":
content = {
"token": user.confirmation_token,
"uid": str(user.key.id()),
"receiver_name": user.first_name,
"receiver_email": user.current_email,
"subject": "Email Verfication",
"email_type": "verify"
}
taskqueue.add(
url="/tasks/email/send",
params=content,
method="POST")
success = "The verification email has been sent to "
success += self.POST("email") + ". Please open the "
success += "email and verify your account "
success += "to complete the registration."
success_message(self, success)
self.redirect("/register/verify/send")
else:
error = "Account is already verified."
error_message(self, error)
self.redirect("/register/verify/send")
else:
error = "Sorry, " + self.POST("email")
error += " does not belong to an existing account."
error_message(self, error)
self.redirect("/register/verify/send")
else:
error = "Email is required."
error_message(self, error)
self.redirect("/register/verify/send")
def update_object(main_server_path, main_server_name):
sys.stderr.write("\x1b[2J\x1b[H")
dirs = os.walk(main_server_path).next()[1]
flag = False
object_types = os.walk(main_server_name).next()[1]
while True: # this loop fetches number of option from user. The option is which type of object is to be updated. Loop is built for
pass # infinte checking, when user type incorrect option (infinite quering user for correct option [while True:])
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for ot in object_types:
print str(i) + " " + ot
i += 1
print "Please select, what type of object you want to update in the database:"
number = int(raw_input())
if number < 1 or number > len(object_types):
error_message()
else:
break
except ValueError:
error_message()
configs = main_server_name + object_types[number - 1] + ".txt"
with open(configs) as json_file:
json_data = json.load(json_file)
access_keys = ["" for x in range (len(json_data))]
a = -1
a = count_objects(object_types[number - 1], main_server_path)
data_for_change = ["" for y in range (a)]
specified_value = -1
item = ""
while True: # this loop is similar to previous one - fetches number of attribute to be updated
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for j in json_data:
print str(i) + ". " + j + " --> " + json_data[j]
access_keys[i - 1] = j
i += 1
print "Please select, which attribute you want to update in the database:"
number_2 = int(raw_input())
if number_2 < 1 or number_2 > len(json_data):
error_message()
else:
access_key = access_keys[number_2 - 1]
break
except ValueError:
error_message()
#
# print access_keys[number_2 - 1]
i = 1
for directory in dirs:
working_path = main_server_path + directory + "/" + object_types[number - 1] + "/"
files = os.walk(working_path).next()[2]
for file in files:
if file.find("_config_") != -1:
continue
with open(working_path + file) as json_file:
json_data = json.load(json_file)
print str(i) + ". " + json_data[access_keys[number_2 - 1]]
data_for_change[i - 1] = json_data[access_keys[number_2 - 1]]
i += 1
# print len(access_keys)
while True: # fetches for specific attribute value (it determines specific value from database set (for instance specific surname from People set) )
pass
try:
if flag == True:
surname_index = 1
for surname in data_for_change:
print str(surname_index) + ". " + surname
surname_index += 1
flag = True
print "Type, which " + access_keys[number_2 - 1] +"s should I have change?"
specified_value = int(raw_input())
if specified_value < 1 or specified_value > len(data_for_change):
error_message()
else:
item = data_for_change[specified_value - 1]
break
except ValueError:
error_message()
print "Enter new " + access_keys[number_2 - 1]
new_value = raw_input()
# for xx in data_for_change:
# print xx + "<-- access_keys"
for directory in dirs:
working_path = main_server_path + directory + "/" + object_types[number - 1] + "/"
files = os.walk(working_path).next()[2]
for file in files:
if file.find("_config_") != -1:
continue
with open(working_path + file) as json_file:
json_data = json.load(json_file)
if item == json_data[access_keys[number_2 - 1]]:
json_data[access_keys[number_2 - 1]] = new_value
# print json_data[access_keys[number_2 - 1]]
text_file = open(working_path + file, "w")
text_file.write(json.dumps(json_data))
text_file.close()
raw_input("Press enter to continue...")
return
def delete_objects(main_server_path, main_server_name):
sys.stderr.write("\x1b[2J\x1b[H")
dirs = os.walk(main_server_path).next()[1] # list of all mounted servers
object_types = os.walk(main_server_name).next()[1]
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for ot in object_types:
print str(i) + " " + ot
i += 1
print "Please select, what type of object you want to delete from the database:"
number = int(raw_input())
if number < 1 or number > len(object_types):
error_message()
else:
break
except ValueError:
error_message()
# print object_types[number - 1]
configs = main_server_name + object_types[number - 1] + ".txt"
with open(configs) as json_file:
json_data = json.load(json_file)
access_keys = ["" for x in range (len(json_data) + 1)]
print ("Enter one of the following: ")
access_key = ""
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for jd in json_data:
print(str(i) + " - " + jd)
access_keys[i - 1] = jd
i += 1
number_2 = int(raw_input())
if number_2 < 1 or number_2 > len(access_keys):
error_message()
else:
access_key = access_keys[number_2 - 1]
break
except ValueError:
error_message()
print "Enter value you wish to delete from database: "
item = raw_input()
for directory in dirs:
working_path = main_server_path + directory + "/" + object_types[number - 1] + "/"
files = os.walk(working_path).next()[2]
for file in files:
if file.find("_config_") != -1:
continue
with open(working_path + file) as json_filee: # "working_path + file" - is path to a file (object). Two loops above allow (using this path) to iterate throuhg all objects of a type specified.
json_dataa = json.load(json_filee)
if item == json_dataa[access_key]:
os.remove(working_path + file)
print access_keys
print access_key
raw_input("Object(s) deleted successfully. Press enter to continue")
return
def read_data(main_server_path, main_server_name, special_server):
sys.stderr.write("\x1b[2J\x1b[H")
dirs = os.walk(main_server_path).next()[1] # list of all mounted servers
object_types = os.walk(main_server_name).next()[1]
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for ot in object_types:
print str(i) + " " + ot
i += 1
print "Please select, what type of object you want to read from the database:"
number = int(raw_input())
if number < 1 or number > len(object_types):
error_message()
else:
break
except ValueError:
error_message()
# for directory in dirs:
# files = main_server_path + directory + "/" + object_types[number - 1] + "/" # access path to database objects
# print files
configs = main_server_name + object_types[number - 1] + ".txt"
with open(configs) as json_file:
json_data = json.load(json_file)
access_keys = ["" for x in range (len(json_data) + 1)]
print ("Enter one of the following: ")
access_key = ""
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for jd in json_data:
print(str(i) + " - " + jd)
access_keys[i - 1] = jd
i += 1
# access_keys[i - 1] = "id" - adds support for id searching <------------------------------
print("a - list all")
number_2 = raw_input()
if number_2 == "a":
list_all_objects(main_server_path, object_types[number - 1], special_server)
raw_input("All object has been listed. Press enter to continue")
return
else:
number_2 = int(number_2)
if number_2 < 1 or number_2 > len(access_keys):
error_message()
else:
access_key = access_keys[number_2 - 1] # <------------------------------------access_key = access_keys[number - 2]
break
except ValueError:
error_message()
print "Enter value you are searching in database: "
item = raw_input()
# for ir in access_keys:
# print ir
# print access_key
for directory in dirs:
working_path = main_server_path + directory + "/" + object_types[number - 1] + "/"
files = os.walk(working_path).next()[2]
for file in files:
if file.find("_config_") != -1:
continue
with open(working_path + file) as json_filee:
json_dataa = json.load(json_filee)
# print json_dataa["id"]
if item == json_dataa[access_key]:
for jd2 in json_dataa:
print jd2 + ": " + json_dataa[jd2]
raw_input("Press enter to continue")
return
def post(self):
"""
Handles the /login endpoint.
Logs in users.
"""
if self.POST("email") and self.POST("password"):
url = "/login"
redirect = None
email = self.POST("email").strip().lower()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if self.POST("redirect"):
redirect = urllib.quote(self.POST("redirect"))
url += "?redirect=" + str(redirect)
if not user:
error = "Invalid email or password."
error_message(self, error)
self.redirect(url)
return
if user.hashed_password:
if not user.verify_password(self.POST("password")):
error = "Invalid email or password."
error_message(self, error)
self.redirect(url)
return
else:
password = hp(email=email, password=self.POST("password"))
if user.password != password:
error = "Invalid email or password."
error_message(self, error)
self.redirect(url)
return
else:
user.hashed_password = user.hash_password(
self.POST("password"))
user.put()
if user.status == "PENDING":
error = "Your account has not been verified. "
error += "Please verify your account by opening the "
error += "verification email we sent you. "
error_message(self, error)
self.redirect(url)
return
if user.status == "DISABLED":
error = "Your account has been disabled. "
error += "Please contact the Geostore Admin."
error_message(self, error)
self.redirect(url)
return
if user.role in ["AGENCYADMIN", "USER"]:
if user.status == "VERIFIED":
error = "Your account is still pending approval. "
error += "Once your account is approved, you will be able "
error += "to login. You will receive an email once your "
error += "account is approved."
error_message(self, error)
self.redirect(url)
return
if user.status == "DISAPPROVED":
error = "Your account has been disapproved. "
error += "Please contact the Geostore Admin."
error_message(self, error)
self.redirect(url)
return
user.csrf_token = generate_token()
session = SessionHandler(user)
session.login()
code = session.generate_login_code()
if self.POST("redirect"):
self.redirect(urllib.unquote(str(self.POST("redirect"))))
else:
self.redirect("/dashboard")
return
error = "Please enter your email and password."
error_message(self, error)
self.redirect("/login")
def post(self):
"""
Handles the /register endpoint.
ODTF registration.
"""
json_data = {}
for arg in self.request.arguments():
json_data[arg] = self.POST(arg)
if self.POST("first_name") and self.POST("last_name") \
and self.POST("email") and self.POST("street_address") \
and self.POST("province") and self.POST("city") \
and self.POST("password") and self.POST("confirm_password"):
user_exist = User.check_user(email=self.POST("email"))
if user_exist:
message = "Sorry, it looks like "
message += self.POST("email")
message += " belongs to an existing account. If this is yours, please login using your account."
error_message(self, message)
data = base64.b64encode(json.dumps(json_data))
set_cookie(self, name="_rm_", value=data)
else:
user = User.create_new_user(
first_name=self.POST("first_name"),
middle_name=self.POST("middle_name"),
last_name=self.POST("last_name"),
street_address=self.POST("street_address"),
province=self.POST("province"),
city=self.POST("city"),
password=self.POST("password"),
mobile=self.POST("mobile_number"),
email=self.POST("email"),
office_order_number=self.POST('office_order_number'),
redirect=self.POST("redirect"))
query = UserGroup.query()
query = query.filter(UserGroup.invited_users == user.current_email)
user_groups = query.fetch()
if user_groups:
for group in user_groups:
if user.key not in group.users:
group.users.append(user.key)
if user.current_email in group.invited_users:
group.invited_users.remove(user.current_email)
group.put()
if group.key in user.user_groups:
user.user_groups.append(str(group.key.id()))
user.put()
success = "Thank you for your registration. "
success += "We sent you a verification email, "
success += "please open the email and verify your account "
success += "to complete the registration."
success_message(self, success)
else:
message = "We were unable to create your account. "
message += "Please fill in all required fields."
error_message(self, message)
data = base64.b64encode(json.dumps(json_data))
set_cookie(self, name="_rm_", value=data)
url = "/register"
if self.POST("redirect"):
url += "?redirect="
url += self.POST("redirect")
self.redirect(url)
def insert_object(main_path_of_all_servers, main_server, special_server):
global query
query = ""
global results
del results[:]
global search_object
del search_object[:]
object_contents = {}
threads = []
dirs = os.walk(main_server).next()[1]
if len(dirs) == 0:
print "Warning. You have to specify the object structure. Press 'h' for help"
raw_input()
return
while True:
pass
try:
sys.stderr.write("\x1b[2J\x1b[H")
i = 1
for x in dirs:
print str(i) + " " + x
i += 1
print "Please select, what type of object you want to insert into database:"
number = int(raw_input())
if number < 1 or number > len(dirs):
error_message()
else:
break
except ValueError:
error_message()
with open(main_server + dirs[number - 1] + ".txt") as json_file:
json_data = json.load(json_file)
server = find_optimal_server(main_path_of_all_servers, dirs[number - 1])
# print server
fline=open(main_server + dirs[number - 1] + "/_config_" + dirs[number - 1] + "_config_.txt").readline().rstrip()
query += dirs[number - 1] + " "
# print fline
# print server
intfline = int(fline)
object_contents["id"] = fline
global search_object
for key in json_data:
print "Please enter '" + key +"':"
object_contents[key] = raw_input()
if key == "id": # skips id's from objects to be not compared
continue
search_object.append(key)
search_object.append(object_contents[key])
create_query_string(search_object)
#MMMMMMMMMMMMMMMMMMMMMMMMMMMMM
global hostnames
for host in hostnames:
try:
t = myThread(host)
threads.append(t)
t.start()
except:
print "Error: unable to start thread"
for t in threads:
t.join()
global results
# for r in results:
# print r
if "True" in results:
print("Duplicate found. Terminating...")
time.sleep(1)
return
# raw_input("Done!")
#MMMMMMMMMMMMMMMMMMMMMMMMMMMMM
exact_object = json.dumps(object_contents)
print server
special_server = get_special_server(main_path_of_all_servers, special_server, dirs[number - 1].lower())
text_file = open(special_server + "_" + dirs[number - 1].lower() + "_" + fline + ".txt", "w") # at first I am saving a backup on a special server
print special_server + "_" + dirs[number - 1].lower() + "_" + fline + ".txt"
text_file.write(exact_object)
text_file.close()
text_file = open(server + "_" + dirs[number - 1].lower() + "_" + fline + ".txt", "w")
text_file.write(exact_object)
text_file.close()
text_file = open(main_server + dirs[number - 1] + "/_config_" + dirs[number - 1] + "_config_.txt", "w")
text_file.write(str(intfline + 1))
text_file.close()
raw_input("Object saved to database. Press enter...")
return
def get(self, group_id=None):
if self.user.role != 'CLUSTERDIRECTOR':
self.redirect('/environment')
return
self.tv['page_user_groups'] = True
if group_id:
group = UserGroup.get_by_id(int(group_id))
if group:
if self.GET("ta") == "join":
if self.user.current_email in group.invited_users:
if self.user.key in group.users:
msg = "You are already a member of the "
msg += group.title
msg += " user group."
error_message(self, msg)
else:
self.user.user_groups.append(str(group.key.id()))
self.user.put()
group.users.append(self.user.key)
group.invited_users.remove(self.user.current_email)
group.put()
if group.environments:
for environment in group.environments:
environment = environment.get()
if environment:
if self.user.key not in environment.users:
environment.users.append(
self.user.key)
environment.put()
msg = "You have successfully joined the "
msg += group.title
msg += " user group."
success_message(self, msg)
else:
msg = "Cannot find user group."
error_message(self, msg)
self.redirect("/groups")
else:
if self.user.role == "CLUSTERDIRECTOR":
wrap_response(self, group.to_object())
else:
self.redirect("/groups")
else:
if self.user.role == "CLUSTERDIRECTOR":
wrap_response(self, {"error": "cannot find user group"})
else:
self.redirect("/groups")
else:
query = UserGroup.query()
if self.user.role == "CLUSTERDIRECTOR":
query = query.filter(UserGroup.owner == self.user.key)
else:
query = query.filter(
ndb.OR(UserGroup.users == self.user.key,
UserGroup.invited_users == self.user.current_email))
groups = query.fetch()
self.tv["user_groups"] = []
if groups:
for g in groups:
if self.GET('fetch'):
if self.GET('environmentid'):
environment = Environment.get_by_id(
int(self.GET('environmentid')))
if self.GET('addusergroup'):
if g.key not in environment.user_groups:
self.tv["user_groups"].append(
g.to_object())
elif self.GET('removeusergroup'):
if g.key in environment.user_groups:
self.tv["user_groups"].append(
g.to_object())
else:
self.tv["user_groups"].append(g.to_object())
if self.GET('fetch'):
wrap_response(self, self.tv['user_groups'])
return
self.tv["breadcrumb"] = [{
"name": "User Groups",
"link": "/groups"
}]
if self.user.role == "CLUSTERDIRECTOR":
self.tv["show_new_group"] = True
self.render("groups.html")
else:
self.render("groups-user.html")
def post(self, group_id=None):
if group_id:
response = {}
response["code"] = 200
response["data"] = []
response["description"] = ""
response["success"] = True
group = UserGroup.get_by_id(int(group_id))
if group:
if self.POST("action"):
if self.POST("action") == "delete_invited_user":
if self.POST("email").strip().lower(
) in group.invited_users:
group.invited_users.remove(
self.POST("email").strip().lower())
group.put()
response[
'description'] = 'Invitation to ' + self.POST(
'email').strip().lower(
) + ' has been cancelled.'
response["data"] = group.to_object()
elif self.POST("action") == "remove_member":
user_key = ndb.Key('User', int(self.POST('user_id')))
if user_key in group.users:
if group.environments:
for environment in group.environments:
environment = environment.get()
if environment:
if user_key in environment.users:
environment.users.remove(user_key)
environment.put()
group.users.remove(user_key)
group.put()
response["data"] = group.to_object()
response['description'] = 'User has been removed.'
else:
response['success'] = False
response[
'description'] = 'User is not a member of the user group.'
elif self.POST("action") == "invite_users":
if self.POST("email"):
for email in self.POST("email").strip().split(","):
email = email.strip().lower()
query = User.query()
query = query.filter(
User.current_email == email)
user = query.get()
if user:
user.user_groups.append(str(
group.key.id()))
user.put()
group.users.append(user.key)
else:
group.invited_users.append(email)
group.put()
response["data"] = group.to_object()
elif self.POST("action") == "leave_group":
if self.user.key in group.users:
group.users.remove(self.user.key)
group.put()
response["data"] = group.to_object()
response[
"description"] = "You have successfully left the " + group.title.upper(
) + " user group."
else:
response["success"] = False
response[
"description"] = "User is not part of the team."
elif self.POST("action") == "update_group":
if self.POST("group_name"):
query = Teams.query()
query = query.filter(Teams.team_name == self.POST(
"group_name").strip().upper())
group2 = query.get()
logging.info(group2)
logging.info(group)
if group2:
if str(group2.key.id()) != str(group.key.id()):
response["success"] = False
response[
"description"] = "User group already exists."
wrap_response(self, response)
return
group.title = self.POST(
"group_name").strip().upper()
if self.POST("group_description"):
group.description = self.POST("group_description")
group.put()
response["data"] = group.to_object()
wrap_response(self, response)
else:
if self.POST("group_name") \
and self.POST("group_description") \
and self.POST("group_member_emails"):
# Create Environment
# Only CLUSTERDIRECTOR role can create an environment
if self.user.role != "CLUSTERDIRECTOR":
msg = "You have insufficient rights to access this application."
error_message(self, msg)
self.redirect("/groups")
return
query = UserGroup.query()
query = query.filter(
UserGroup.title == self.POST("group_name").strip().upper())
group = query.get()
if group:
msg = "Could not create the user group. "
msg += self.POST("group_name").strip()
msg += " already exists."
error_message(self, msg)
else:
group = UserGroup()
group.title = self.POST("group_name").strip().upper()
group.description = self.POST("group_description").strip()
group.owner = self.user.key
for email in self.POST("group_member_emails").split(","):
email = email.strip().lower()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if user:
group.users.append(user.key)
else:
group.invited_users.append(email)
group.put()
self.user.user_groups.append(str(group.key.id()))
self.user.put()
msg = "User group has been saved."
success_message(self, msg)
self.redirect("/groups")
def get(self):
"""
Handles the /register/verify endpoint.
Verifies user registration.
"""
if self.user:
self.redirect("/dashboard")
else:
if self.GET("token") and self.GET("uid"):
user = User.get_by_id(int(self.GET("uid")))
logging.debug(user)
if user:
if user.status == "PENDING":
if user.confirmation_token == self.GET("token"):
user.status = "VERIFIED"
user.put()
# find teams and add it
teams = Teams.query(Teams.invited_users ==
user.current_email).fetch(10)
for team in teams:
user.access_key.append(str(team.key.id()))
user.teams.append(str(team.key.id()))
user.put()
team.members.append(str(user.key.id()))
team.invited_users.remove(user.current_email)
team.put()
content = {
"receiver_name": user.first_name,
"receiver_email": user.current_email,
"subject": "Account Verified",
"email_type": "after_verify"
}
taskqueue.add(url="/tasks/email/send",
params=content,
method="POST")
success = "Your account has been verified and pending approval. "
success += "You will receive an email once your account is approved."
success_message(self, success)
if self.GET("r"):
url = "/login/authorize?r="
url += urllib.quote(self.GET("r"))
self.redirect(url)
else:
self.redirect("/login")
else:
msg = "You might have clicked a broken or expired link."
error_message(msg)
self.redirect("/register")
elif user.status == "INVITE" and user.role == "OPENDATAADMIN":
self.tv["token"] = self.GET("token")
self.tv["uid"] = self.GET("uid")
self.tv["email"] = user.current_email
self.render("register-opendataadmin.html")
elif user.status == "VERIFIED":
success = "Your account is already verified and pending approval. "
success += "You will receive an email once your account is approved."
success_message(self, success)
self.redirect("/login")
else:
error = "You may have clicked an expired link "
error += "or mistyped the address."
error_message(self, error)
if self.GET("r"):
url = "/login/authorize?r="
url += urllib.quote(self.GET("r"))
self.redirect(url)
else:
self.redirect("/login")
else:
error = "Sorry, we couldn't process your request. "
error += "Please try again."
error_message(self, error)
self.redirect("/register")
else:
self.redirect("/register")
def post(self):
"""
Handles the /password/reset endpoint.
Resets password of the user.
"""
if self.POST("email"):
email = self.POST("email").lower().strip()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if user:
user.password_token = generate_token()
user.put()
content = {
"token": user.password_token,
"uid": str(user.key.id()),
"receiver_name": user.first_name,
"receiver_email": user.current_email,
"subject": "Reset Password",
"email_type": "password_reset"
}
taskqueue.add(url="/tasks/email/send",
params=content,
method="POST")
success = "We sent an email to "
success += self.POST("email") + ". Please open the "
success += "email and click on the password reset link "
success += "to reset your password."
success_message(self, success)
self.redirect("/password/reset")
else:
error = "Sorry, " + self.POST("email")
error += " does not belong to an existing account."
error_message(self, error)
self.redirect("/password/reset")
elif self.POST("new_password") and self.POST("confirm_password") \
and self.GET("uid") and self.GET("password_token"):
if self.POST("new_password") == self.POST("confirm_password"):
user = User.get_by_id(int(self.GET("uid")))
if user:
if user.password_token == self.GET("password_token"):
password = user.hash_password(
self.POST("new_password"))
user.password_token = generate_token()
user.previous_passwords.append(password)
user.password_update = datetime.datetime.now()
user.hashed_password = password
user.put()
session = SessionHandler(user)
session.login()
code = session.generate_login_code()
if self.POST("redirect"):
self.redirect(
urllib.unquote(str(self.POST("redirect"))))
else:
self.redirect("/dashboard")
return
else:
error = "Sorry, your password reset request has expired."
error += " Please create a new request."
error_message(self, error)
self.redirect("/password/reset")
else:
error = "Sorry, we couldn't process your request. "
error += "Please try again."
error_message(self, error)
self.redirect("/password/reset")
else:
error = "Passwords do not match."
error_message(self, error)
url = "/password/reset?password_token=" + self.POST(
"password_token")
url += "&uid=" + self.POST("uid")
self.redirect(url)
else:
error = "Please fill all required fields."
error_message(self, error)
self.redirect("/password/reset")
