Пример #1
0
def email_exists(node, value):
    '''Colander validator that ensures a user with this email exists.'''
    user = User.get_by_email(value)
    if not user:
        msg = _('We have no user with the email address "{}". Try correcting '
                'this address or try another.')
        raise colander.Invalid(node, msg)
Пример #2
0
def unique_email(node, value):
    '''Colander validator that ensures no user with this email exists.'''
    user = User.get_by_email(value)
    if user:
        msg = _("Sorry, an account with this email address already exists. "
                "Try logging in instead.")
        raise colander.Invalid(node, msg)
Пример #3
0
def unique_email(node, value):
    '''Colander validator that ensures no user with this email exists.'''
    user = User.get_by_email(value)
    if user:
        msg = _("Sorry, an account with this email address already exists. "
                "Try logging in instead.")
        raise colander.Invalid(node, msg)
Пример #4
0
    def validator(self, node, value):
        super(LoginSchema, self).validator(node, value)

        username = value.get('username')
        password = value.get('password')

        user = User.get_by_username(username)
        if user is None:
            user = User.get_by_email(username)

        if user is None:
            err = colander.Invalid(node)
            err['username'] = _('User does not exist.')
            raise err

        if not User.validate_user(user, password):
            err = colander.Invalid(node)
            err['password'] = _('Incorrect password. Please try again.')
            raise err

        if not user.is_activated:
            reason = _('Your account is not active. Please check your e-mail.')
            raise colander.Invalid(node, reason)

        value['user'] = user
Пример #5
0
def email_exists(node, value):
    '''Colander validator that ensures a user with this email exists.'''
    user = User.get_by_email(value)
    if not user:
        msg = _('We have no user with the email address "{}". Try correcting '
                'this address or try another.').format(value)
        raise colander.Invalid(node, msg)
Пример #6
0
    def validator(self, node, value):
        super(LoginSchema, self).validator(node, value)

        username = value.get('username')
        password = value.get('password')

        user = User.get_by_username(username)
        if user is None:
            user = User.get_by_email(username)

        if user is None:
            err = colander.Invalid(node)
            err['username'] = _('User does not exist.')
            raise err

        if not User.validate_user(user, password):
            err = colander.Invalid(node)
            err['password'] = _('Incorrect password. Please try again.')
            raise err

        if not user.is_activated:
            reason = _('Your account is not active. Please check your e-mail.')
            raise colander.Invalid(node, reason)

        value['user'] = user
Пример #7
0
    def edit_profile(self):
        """Handle POST payload from profile update form."""
        if self.request.method != 'POST':
            return httpexceptions.HTTPMethodNotAllowed()

        # Nothing to do here for non logged-in users
        if self.request.authenticated_userid is None:
            return httpexceptions.HTTPUnauthorized()

        err, appstruct = validate_form(self.form, self.request.POST.items())
        if err is not None:
            return err

        user = User.get_by_userid(self.request.domain,
                                  self.request.authenticated_userid)
        response = {'model': {'email': user.email}}

        # We allow updating subscriptions without validating a password
        subscriptions = appstruct.get('subscriptions')
        if subscriptions:
            data = json.loads(subscriptions)
            err = _update_subscription_data(self.request, data)
            if err is not None:
                return err
            return response

        # Any updates to fields below this point require password validation.
        #
        #   `pwd` is the current password
        #   `password` (used below) is optional, and is the new password
        #
        if not User.validate_user(user, appstruct.get('pwd')):
            return {'errors': {'pwd': _('Invalid password')}, 'code': 401}

        email = appstruct.get('email')
        if email:
            email_user = User.get_by_email(email)

            if email_user:
                if email_user.id != user.id:
                    return {
                        'errors': {
                            'pwd': _('That email is already used')
                        },
                    }

            response['model']['email'] = user.email = email

        password = appstruct.get('password')
        if password:
            user.password = password

        return response
Пример #8
0
    def edit_profile(self):
        """Handle POST payload from profile update form."""
        if self.request.method != 'POST':
            return httpexceptions.HTTPMethodNotAllowed()

        # Nothing to do here for non logged-in users
        if self.request.authenticated_userid is None:
            return httpexceptions.HTTPUnauthorized()

        err, appstruct = validate_form(self.form, self.request.POST.items())
        if err is not None:
            return err

        user = User.get_by_userid(
            self.request.domain, self.request.authenticated_userid)
        response = {'model': {'email': user.email}}

        # We allow updating subscriptions without validating a password
        subscriptions = appstruct.get('subscriptions')
        if subscriptions:
            data = json.loads(subscriptions)
            err = _update_subscription_data(self.request, data)
            if err is not None:
                return err
            return response

        # Any updates to fields below this point require password validation.
        #
        #   `pwd` is the current password
        #   `password` (used below) is optional, and is the new password
        #
        if not User.validate_user(user, appstruct.get('pwd')):
            return {'errors': {'pwd': _('Invalid password')}, 'code': 401}

        email = appstruct.get('email')
        if email:
            email_user = User.get_by_email(email)

            if email_user:
                if email_user.id != user.id:
                    return {
                        'errors': {'pwd': _('That email is already used')},
                    }

            response['model']['email'] = user.email = email

        password = appstruct.get('password')
        if password:
            user.password = password

        return response
Пример #9
0
Файл: views.py Проект: hylhero/h
    def forgot_password(self):
        """
        Handle submission of the forgot password form.

        Validates that the email is one we know about, and then generates a new
        activation for the associated user, and dispatches a "reset your
        password" email which contains a token and/or link to the reset
        password form.
        """
        schema = schemas.ForgotPasswordSchema().bind(request=self.request)
        form = deform.Form(schema)

        # Nothing to do here for logged-in users
        if self.request.authenticated_userid is not None:
            return httpexceptions.HTTPFound(
                location=self.forgot_password_redirect)

        err, appstruct = validate_form(form, self.request.POST.items())
        if err is not None:
            return err

        # If the validation passes, we assume the user exists.
        #
        # TODO: fix this latent race condition by returning a user object in
        # the appstruct.
        user = User.get_by_email(appstruct['email'])

        # Create a new activation for this user. Any previous activation will
        # get overwritten.
        activation = Activation()
        self.request.db.add(activation)
        user.activation = activation

        # Write the new activation to the database in order to set up the
        # foreign key field and generate the code.
        self.request.db.flush()

        # Send the reset password email
        code = user.activation.code
        link = reset_password_link(self.request, code)
        message = reset_password_email(user, code, link)
        mailer = get_mailer(self.request)
        mailer.send(message)

        self.request.session.flash(_("Please check your email to finish "
                                     "resetting your password."),
                                   "success")

        return httpexceptions.HTTPFound(location=self.reset_password_redirect)
Пример #10
0
    def forgot_password(self):
        """
        Handle submission of the forgot password form.

        Validates that the email is one we know about, and then generates a new
        activation for the associated user, and dispatches a "reset your
        password" email which contains a token and/or link to the reset
        password form.
        """
        schema = schemas.ForgotPasswordSchema().bind(request=self.request)
        form = deform.Form(schema)

        # Nothing to do here for logged-in users
        if self.request.authenticated_userid is not None:
            return httpexceptions.HTTPFound(
                location=self.forgot_password_redirect)

        err, appstruct = validate_form(form, self.request.POST.items())
        if err is not None:
            return err

        # If the validation passes, we assume the user exists.
        #
        # TODO: fix this latent race condition by returning a user object in
        # the appstruct.
        user = User.get_by_email(appstruct['email'])

        # Create a new activation for this user. Any previous activation will
        # get overwritten.
        activation = Activation()
        self.request.db.add(activation)
        user.activation = activation

        # Write the new activation to the database in order to set up the
        # foreign key field and generate the code.
        self.request.db.flush()

        # Send the reset password email
        code = user.activation.code
        link = reset_password_link(self.request, code)
        message = reset_password_email(user, code, link)
        mailer = get_mailer(self.request)
        mailer.send(message)

        self.request.session.flash(
            _("Please check your email to finish "
              "resetting your password."), "success")

        return httpexceptions.HTTPFound(location=self.reset_password_redirect)
Пример #11
0
Файл: views.py Проект: stuk88/h
    def edit_profile(self):
        """Handle POST payload from profile update form."""
        if self.request.method != "POST":
            return httpexceptions.HTTPMethodNotAllowed()

        # Nothing to do here for non logged-in users
        if self.request.authenticated_userid is None:
            return httpexceptions.HTTPUnauthorized()

        err, appstruct = validate_form(self.form, self.request.POST.items())
        if err is not None:
            return err

        user = User.get_by_id(self.request, self.request.authenticated_userid)
        response = {"model": {"email": user.email}}

        # We allow updating subscriptions without validating a password
        subscriptions = appstruct.get("subscriptions")
        if subscriptions:
            data = json.loads(subscriptions)
            err = _update_subscription_data(self.request, data)
            if err is not None:
                return err
            return response

        # Any updates to fields below this point require password validation.
        #
        #   `pwd` is the current password
        #   `password` (used below) is optional, and is the new password
        #
        if not User.validate_user(user, appstruct.get("pwd")):
            return {"errors": {"pwd": _("Invalid password")}, "code": 401}

        email = appstruct.get("email")
        if email:
            email_user = User.get_by_email(email)

            if email_user:
                if email_user.id != user.id:
                    return {"errors": {"pwd": _("That email is already used")}}

            response["model"]["email"] = user.email = email

        password = appstruct.get("password")
        if password:
            user.password = password

        return response