def email_exists(node, value):
'''Colander validator that ensures a user with this email exists.'''
user = User.get_by_email(value)
if not user:
msg = _('We have no user with the email address "{}". Try correcting '
'this address or try another.')
raise colander.Invalid(node, msg)
def unique_email(node, value):
'''Colander validator that ensures no user with this email exists.'''
user = User.get_by_email(value)
if user:
msg = _("Sorry, an account with this email address already exists. "
"Try logging in instead.")
raise colander.Invalid(node, msg)
def unique_email(node, value):
'''Colander validator that ensures no user with this email exists.'''
user = User.get_by_email(value)
if user:
msg = _("Sorry, an account with this email address already exists. "
"Try logging in instead.")
raise colander.Invalid(node, msg)
def validator(self, node, value):
super(LoginSchema, self).validator(node, value)
username = value.get('username')
password = value.get('password')
user = User.get_by_username(username)
if user is None:
user = User.get_by_email(username)
if user is None:
err = colander.Invalid(node)
err['username'] = _('User does not exist.')
raise err
if not User.validate_user(user, password):
err = colander.Invalid(node)
err['password'] = _('Incorrect password. Please try again.')
raise err
if not user.is_activated:
reason = _('Your account is not active. Please check your e-mail.')
raise colander.Invalid(node, reason)
value['user'] = user
def email_exists(node, value):
'''Colander validator that ensures a user with this email exists.'''
user = User.get_by_email(value)
if not user:
msg = _('We have no user with the email address "{}". Try correcting '
'this address or try another.').format(value)
raise colander.Invalid(node, msg)
def validator(self, node, value):
super(LoginSchema, self).validator(node, value)
username = value.get('username')
password = value.get('password')
user = User.get_by_username(username)
if user is None:
user = User.get_by_email(username)
if user is None:
err = colander.Invalid(node)
err['username'] = _('User does not exist.')
raise err
if not User.validate_user(user, password):
err = colander.Invalid(node)
err['password'] = _('Incorrect password. Please try again.')
raise err
if not user.is_activated:
reason = _('Your account is not active. Please check your e-mail.')
raise colander.Invalid(node, reason)
value['user'] = user
def edit_profile(self):
"""Handle POST payload from profile update form."""
if self.request.method != 'POST':
return httpexceptions.HTTPMethodNotAllowed()
# Nothing to do here for non logged-in users
if self.request.authenticated_userid is None:
return httpexceptions.HTTPUnauthorized()
err, appstruct = validate_form(self.form, self.request.POST.items())
if err is not None:
return err
user = User.get_by_userid(self.request.domain,
self.request.authenticated_userid)
response = {'model': {'email': user.email}}
# We allow updating subscriptions without validating a password
subscriptions = appstruct.get('subscriptions')
if subscriptions:
data = json.loads(subscriptions)
err = _update_subscription_data(self.request, data)
if err is not None:
return err
return response
# Any updates to fields below this point require password validation.
#
# `pwd` is the current password
# `password` (used below) is optional, and is the new password
#
if not User.validate_user(user, appstruct.get('pwd')):
return {'errors': {'pwd': _('Invalid password')}, 'code': 401}
email = appstruct.get('email')
if email:
email_user = User.get_by_email(email)
if email_user:
if email_user.id != user.id:
return {
'errors': {
'pwd': _('That email is already used')
},
}
response['model']['email'] = user.email = email
password = appstruct.get('password')
if password:
user.password = password
return response
def edit_profile(self):
"""Handle POST payload from profile update form."""
if self.request.method != 'POST':
return httpexceptions.HTTPMethodNotAllowed()
# Nothing to do here for non logged-in users
if self.request.authenticated_userid is None:
return httpexceptions.HTTPUnauthorized()
err, appstruct = validate_form(self.form, self.request.POST.items())
if err is not None:
return err
user = User.get_by_userid(
self.request.domain, self.request.authenticated_userid)
response = {'model': {'email': user.email}}
# We allow updating subscriptions without validating a password
subscriptions = appstruct.get('subscriptions')
if subscriptions:
data = json.loads(subscriptions)
err = _update_subscription_data(self.request, data)
if err is not None:
return err
return response
# Any updates to fields below this point require password validation.
#
# `pwd` is the current password
# `password` (used below) is optional, and is the new password
#
if not User.validate_user(user, appstruct.get('pwd')):
return {'errors': {'pwd': _('Invalid password')}, 'code': 401}
email = appstruct.get('email')
if email:
email_user = User.get_by_email(email)
if email_user:
if email_user.id != user.id:
return {
'errors': {'pwd': _('That email is already used')},
}
response['model']['email'] = user.email = email
password = appstruct.get('password')
if password:
user.password = password
return response
def forgot_password(self):
"""
Handle submission of the forgot password form.
Validates that the email is one we know about, and then generates a new
activation for the associated user, and dispatches a "reset your
password" email which contains a token and/or link to the reset
password form.
"""
schema = schemas.ForgotPasswordSchema().bind(request=self.request)
form = deform.Form(schema)
# Nothing to do here for logged-in users
if self.request.authenticated_userid is not None:
return httpexceptions.HTTPFound(
location=self.forgot_password_redirect)
err, appstruct = validate_form(form, self.request.POST.items())
if err is not None:
return err
# If the validation passes, we assume the user exists.
#
# TODO: fix this latent race condition by returning a user object in
# the appstruct.
user = User.get_by_email(appstruct['email'])
# Create a new activation for this user. Any previous activation will
# get overwritten.
activation = Activation()
self.request.db.add(activation)
user.activation = activation
# Write the new activation to the database in order to set up the
# foreign key field and generate the code.
self.request.db.flush()
# Send the reset password email
code = user.activation.code
link = reset_password_link(self.request, code)
message = reset_password_email(user, code, link)
mailer = get_mailer(self.request)
mailer.send(message)
self.request.session.flash(_("Please check your email to finish "
"resetting your password."),
"success")
return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def forgot_password(self):
"""
Handle submission of the forgot password form.
Validates that the email is one we know about, and then generates a new
activation for the associated user, and dispatches a "reset your
password" email which contains a token and/or link to the reset
password form.
"""
schema = schemas.ForgotPasswordSchema().bind(request=self.request)
form = deform.Form(schema)
# Nothing to do here for logged-in users
if self.request.authenticated_userid is not None:
return httpexceptions.HTTPFound(
location=self.forgot_password_redirect)
err, appstruct = validate_form(form, self.request.POST.items())
if err is not None:
return err
# If the validation passes, we assume the user exists.
#
# TODO: fix this latent race condition by returning a user object in
# the appstruct.
user = User.get_by_email(appstruct['email'])
# Create a new activation for this user. Any previous activation will
# get overwritten.
activation = Activation()
self.request.db.add(activation)
user.activation = activation
# Write the new activation to the database in order to set up the
# foreign key field and generate the code.
self.request.db.flush()
# Send the reset password email
code = user.activation.code
link = reset_password_link(self.request, code)
message = reset_password_email(user, code, link)
mailer = get_mailer(self.request)
mailer.send(message)
self.request.session.flash(
_("Please check your email to finish "
"resetting your password."), "success")
return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def edit_profile(self):
"""Handle POST payload from profile update form."""
if self.request.method != "POST":
return httpexceptions.HTTPMethodNotAllowed()
# Nothing to do here for non logged-in users
if self.request.authenticated_userid is None:
return httpexceptions.HTTPUnauthorized()
err, appstruct = validate_form(self.form, self.request.POST.items())
if err is not None:
return err
user = User.get_by_id(self.request, self.request.authenticated_userid)
response = {"model": {"email": user.email}}
# We allow updating subscriptions without validating a password
subscriptions = appstruct.get("subscriptions")
if subscriptions:
data = json.loads(subscriptions)
err = _update_subscription_data(self.request, data)
if err is not None:
return err
return response
# Any updates to fields below this point require password validation.
#
# `pwd` is the current password
# `password` (used below) is optional, and is the new password
#
if not User.validate_user(user, appstruct.get("pwd")):
return {"errors": {"pwd": _("Invalid password")}, "code": 401}
email = appstruct.get("email")
if email:
email_user = User.get_by_email(email)
if email_user:
if email_user.id != user.id:
return {"errors": {"pwd": _("That email is already used")}}
response["model"]["email"] = user.email = email
password = appstruct.get("password")
if password:
user.password = password
return response
