Пример #1
0
    def reset(self):
        """Once deactivated, allow for changing the password via activation key"""
        rdict = self.R.matchdict
        params = self.R.params

        # This is an initial request to show the activation form.
        username = rdict.get('username', None)
        activation_key = rdict.get('reset_key', None)
        user = ActivationMgr.get_user(username, activation_key)

        if user is None:
            # just 404 if we don't have an activation code for this user
            raise HTTPNotFound()

        if 'code' in params:
            # This is a posted form with the activation, attempt to unlock the
            # user's account.
            username = params.get('username', None)
            activation = params.get('code', None)
            password = params.get('new_password', None)
            new_username = params.get('new_username', None)
            error = None

            if not UserMgr.acceptable_password(password):
                # Set an error message to the template.
                error = "Come on, pick a real password please."
            else:
                res = ActivationMgr.activate_user(username, activation,
                                                  password)
                if res:
                    # success so respond nicely
                    # AuthLog.reactivate(username, success=True, code=activation)

                    # if there's a new username and it's not the same as our current
                    # username, update it
                    if new_username and new_username != username:
                        try:
                            user = UserMgr.get(username=username)
                            user.username = new_username
                        except IntegrityError, exc:
                            error = 'There was an issue setting your new username'
                else:
                    # AuthLog.reactivate(username, success=False, code=activation)
                    error = 'There was an issue attempting to activate this account.'
Пример #2
0
    def reset(self):
        """Once deactivated, allow for changing the password via activation key"""
        rdict = self.R.matchdict
        params = self.R.params

        # This is an initial request to show the activation form.
        username = rdict.get("username", None)
        activation_key = rdict.get("reset_key", None)
        user = ActivationMgr.get_user(username, activation_key)

        if user is None:
            # just 404 if we don't have an activation code for this user
            raise HTTPNotFound()

        if "code" in params:
            # This is a posted form with the activation, attempt to unlock the
            # user's account.
            username = params.get("username", None)
            activation = params.get("code", None)
            password = params.get("new_password", None)
            new_username = params.get("new_username", None)
            error = None

            if not UserMgr.acceptable_password(password):
                # Set an error message to the template.
                error = "Come on, pick a real password please."
            else:
                res = ActivationMgr.activate_user(username, activation, password)
                if res:
                    # success so respond nicely
                    # AuthLog.reactivate(username, success=True, code=activation)

                    # if there's a new username and it's not the same as our current
                    # username, update it
                    if new_username and new_username != username:
                        try:
                            user = UserMgr.get(username=username)
                            user.username = new_username
                        except IntegrityError, exc:
                            error = "There was an issue setting your new username"
                else:
                    # AuthLog.reactivate(username, success=False, code=activation)
                    error = "There was an issue attempting to activate this account."
Пример #3
0
 def user(self):
     # <your database connection, however you get it, the below line
     # is just an example>
     # dbconn = self.registry.settings['dbconn']
     user_id = unauthenticated_userid(self)
     if user_id is not None:
         # this should return None if the user doesn't exist
         # in the database
         user = UserMgr.get(user_id=user_id)
         return user
Пример #4
0
 def user(self):
     # <your database connection, however you get it, the below line
     # is just an example>
     # dbconn = self.registry.settings['dbconn']
     user_id = unauthenticated_userid(self)
     if user_id is not None:
         # this should return None if the user doesn't exist
         # in the database
         user = UserMgr.get(user_id=user_id)
         return user
Пример #5
0
    def login(self):
        """Login for API Mobile"""
        with ResponseHTTP(response=self.R.response) as t:
            if 'POST' in self.R.method:
                params = self.R.params
                login = params.get('email')
                password = params.get('password')
                data = {}

                auth = UserMgr.get(email=login)
                if auth and auth.validate_password(
                        password) and auth.is_activated:
                    auth.last_login = datetime.utcnow()

                    code, status = ResponseHTTP.OK
                    _in = u'success'
                    message = "Login is successfully."
                    data = {
                        'key': auth.api_key,
                        'secret': auth.secret,
                        'client_id': auth.id
                    }
                else:
                    _in = u'failed'

                    message = "Failed login"
                    # log the right level of problem
                    if auth and not auth.validate_password(password):

                        # AuthLog.login(login, False, password=password)
                        message = 'Your login attempt has failed.'
                        code, status = ResponseHTTP.NOT_AUTHORIZED

                    elif auth and not auth.is_activated:

                        message = "User account deactivated. Please check your email."
                        code, status = ResponseHTTP.NOT_AUTHORIZED
                        # AuthLog.login(login, False, password=password)
                        # AuthLog.disabled(login)

                    elif auth is None:

                        message = "Failed login"
                        code, status = ResponseHTTP.NOT_AUTHORIZED
                        # AuthLog.login(login, False, password=password)

        return t.to_json(_in,
                         data=data,
                         message=message,
                         code=code,
                         status=status)
Пример #6
0
    def login(self):
        """Login for API Mobile"""
        with ResponseHTTP(response=self.R.response) as t:
            if "POST" in self.R.method:
                params = self.R.params
                login = params.get("email")
                password = params.get("password")
                data = {}

                auth = UserMgr.get(email=login)
                if auth and auth.validate_password(password) and auth.is_activated:
                    auth.last_login = datetime.utcnow()

                    code, status = ResponseHTTP.OK
                    _in = u"success"
                    message = "Login is successfully."
                    data = {"key": auth.api_key, "secret": auth.secret, "client_id": auth.id}
                else:
                    _in = u"failed"

                    message = "Failed login"
                    # log the right level of problem
                    if auth and not auth.validate_password(password):

                        # AuthLog.login(login, False, password=password)
                        message = "Your login attempt has failed."
                        code, status = ResponseHTTP.NOT_AUTHORIZED

                    elif auth and not auth.is_activated:

                        message = "User account deactivated. Please check your email."
                        code, status = ResponseHTTP.NOT_AUTHORIZED
                        # AuthLog.login(login, False, password=password)
                        # AuthLog.disabled(login)

                    elif auth is None:

                        message = "Failed login"
                        code, status = ResponseHTTP.NOT_AUTHORIZED
                        # AuthLog.login(login, False, password=password)

        return t.to_json(_in, data=data, message=message, code=code, status=status)
Пример #7
0
    def signup_process(self):
        """Process the signup request

        If there are any errors drop to the same template with the error
        information.

        """
        with ResponseHTTP(response=self.R.response) as t:
            # request.response.status_code = 401
            params = self.R.params
            email = params.get('email', None)
            password = params.get('password', None)
            _in = u'Failed'

            if not email:
                # if still no email, I give up!
                message = 'Please supply an email address to sign up.'
                code, status = ResponseHTTP.NOT_AUTHORIZED

            elif UserMgr.get(email=email):
                message = 'The user has already signed up.'
                code, status = ResponseHTTP.NOT_AUTHORIZED

            elif not UserMgr.acceptable_password(password):
                # @Surya
                # Custom case exception for not use email activation
                # Set an error message to the template.
                message = 'Come on, pick a real password please.'
                code, status = ResponseHTTP.NOT_AUTHORIZED

            else:
                _in = u'success'
                # set default allowed scopes untuk client / member
                new_user = UserMgr.signup_user(email, 'signup',
                                               ['member:basic'])
                activation = new_user.activation.code
                res = ActivationMgr.activate_user(new_user.username,
                                                  activation, password)

                if new_user:
                    code, status = ResponseHTTP.OK
                    # then this user is able to invite someone
                    # log it
                    # AuthLog.reactivate(new_user.username)

                    # and then send an email notification
                    # @todo the email side of things
                    # settings = self.R.registry.settings

                    # Add a queue job to send the user a notification email.
                    # tasks.email_signup_user.delay(
                    #     new_user.email,
                    #     "Enable your Bookie account",
                    #     settings,
                    #     request.route_url(
                    #         'reset',
                    #         username=new_user.username,
                    #         reset_key=new_user.activation.code
                    #     )
                    # )

                    # And let the user know they're signed up.
                    message = 'Thank you for signing up from: ' + new_user.email
                else:
                    code, status = ResponseHTTP.BAD_REQUEST
                    message = 'There was an unknown error signing up.'

        return t.to_json(_in, message=message, code=code, status=status)
Пример #8
0
    def signup_process(self):
        """Process the signup request

        If there are any errors drop to the same template with the error
        information.

        """
        with ResponseHTTP(response=self.R.response) as t:
            # request.response.status_code = 401
            params = self.R.params
            email = params.get("email", None)
            password = params.get("password", None)
            _in = u"Failed"

            if not email:
                # if still no email, I give up!
                message = "Please supply an email address to sign up."
                code, status = ResponseHTTP.NOT_AUTHORIZED

            elif UserMgr.get(email=email):
                message = "The user has already signed up."
                code, status = ResponseHTTP.NOT_AUTHORIZED

            elif not UserMgr.acceptable_password(password):
                # @Surya
                # Custom case exception for not use email activation
                # Set an error message to the template.
                message = "Come on, pick a real password please."
                code, status = ResponseHTTP.NOT_AUTHORIZED

            else:
                _in = u"success"
                # set default allowed scopes untuk client / member
                new_user = UserMgr.signup_user(email, "signup", ["member:basic"])
                activation = new_user.activation.code
                res = ActivationMgr.activate_user(new_user.username, activation, password)

                if new_user:
                    code, status = ResponseHTTP.OK
                    # then this user is able to invite someone
                    # log it
                    # AuthLog.reactivate(new_user.username)

                    # and then send an email notification
                    # @todo the email side of things
                    # settings = self.R.registry.settings

                    # Add a queue job to send the user a notification email.
                    # tasks.email_signup_user.delay(
                    #     new_user.email,
                    #     "Enable your Bookie account",
                    #     settings,
                    #     request.route_url(
                    #         'reset',
                    #         username=new_user.username,
                    #         reset_key=new_user.activation.code
                    #     )
                    # )

                    # And let the user know they're signed up.
                    message = "Thank you for signing up from: " + new_user.email
                else:
                    code, status = ResponseHTTP.BAD_REQUEST
                    message = "There was an unknown error signing up."

        return t.to_json(_in, message=message, code=code, status=status)