def validator(self, node, value): super(LoginSchema, self).validator(node, value) username = value.get('username') password = value.get('password') user = User.get_by_username(username) if user is None: user = User.get_by_email(username) if user is None: err = colander.Invalid(node) err['username'] = _('User does not exist.') raise err if not User.validate_user(user, password): err = colander.Invalid(node) err['password'] = _('Incorrect password. Please try again.') raise err if not user.is_activated: reason = _('Your account is not active. Please check your e-mail.') raise colander.Invalid(node, reason) value['user'] = user
def unique_username(node, value): '''Colander validator that ensures the username does not exist.''' user = User.get_by_username(value) if user: msg = _("Sorry, an account with this username already exists. " "Please enter another one.") raise colander.Invalid(node, msg)
def unique_username(node, value): '''Colander validator that ensures the username does not exist.''' user = User.get_by_username(value) if user: msg = _("Sorry, an account with this username already exists. " "Please enter another one.") raise colander.Invalid(node, msg)
def validator(self, node, value): super(LoginSchema, self).validator(node, value) username = value.get('username') password = value.get('password') user = User.get_by_username(username) if user is None: user = User.get_by_email(username) if user is None: err = colander.Invalid(node) err['username'] = _('User does not exist.') raise err if not User.validate_user(user, password): err = colander.Invalid(node) err['password'] = _('Incorrect password. Please try again.') raise err if not user.is_activated: reason = _('Your account is not active. Please check your e-mail.') raise colander.Invalid(node, reason) value['user'] = user
def delete(self): """Remove a user from the admins.""" if len(User.admins()) > 1: try: username = self.request.params["remove"] except KeyError: raise httpexceptions.HTTPNotFound user = User.get_by_username(username) user.admin = False return httpexceptions.HTTPSeeOther(location=self.request.route_url("admin_users_index"))
def _validate_request(request): """ Check that the passed request is appropriate for proceeding with account claim. Asserts that: - the 'claim' feature is toggled on - no-one is logged in - the claim token is provided and authentic - the user referred to in the token exists - the user referred to in the token has not already claimed their account and raises for redirect or 404 otherwise. """ if not request.feature('claim'): raise exc.HTTPNotFound() # If signed in, redirect to stream if request.authenticated_userid is not None: _perform_logged_in_redirect(request) payload = _validate_token(request) if payload is None: raise exc.HTTPNotFound() try: username = util.split_user(payload['userid'])['username'] except ValueError: log.warn('got claim token with invalid userid=%r', payload['userid']) raise exc.HTTPNotFound() user = User.get_by_username(username) if user is None: log.warn('got claim token with invalid userid=%r', payload['userid']) raise exc.HTTPNotFound() # User already has a password? Claimed already. if user.password: _perform_already_claimed_redirect(request) return user
def _validate_request(request): """ Check that the passed request is appropriate for proceeding with account claim. Asserts that: - the 'claim' feature is toggled on - no-one is logged in - the claim token is provided and authentic - the user referred to in the token exists - the user referred to in the token has not already claimed their account and raises for redirect or 404 otherwise. """ if not request.feature('claim'): raise exc.HTTPNotFound() # If signed in, redirect to stream if request.authenticated_userid is not None: _perform_logged_in_redirect(request) payload = _validate_token(request) if payload is None: raise exc.HTTPNotFound() try: username = util.split_user(payload['userid'])['username'] except ValueError: log.warn('got claim token with invalid userid=%r', payload['userid']) raise exc.HTTPNotFound() user = User.get_by_username(username) if user is None: log.warn('got claim token with invalid userid=%r', payload['userid']) raise exc.HTTPNotFound() # User already has a password? Claimed already. if user.password: _perform_already_claimed_redirect(request) return user