def change_password(request):
"""Change user password."""
# Unpack.
user = request.user
notify = request.registry.notify
# Validate the request.
form = Form(request, schema=schema.ChangePassword,
defaults={'failed': False})
location = get_redirect_location(request)
if request.method == 'POST':
if form.validate():
d = form.data
user = model.authenticate(user.username, d['old_password'])
if user:
# Save new password to the db.
user.password = model.encrypt(d['new_password'])
model.save(user)
# Notify that the password changed.
notify(events.UserChangedPassword(request, user))
# Log the user out, so that a change of password will lock out
# someone who has compromised the existing password.
headers = forget(request)
# Notify that the user is logged out.
notify(events.UserLoggedOut(request, request.user))
# Redirect.
return HTTPFound(location=location, headers=headers)
else:
form.errors['old_password'] = '******'
form.data['next'] = location
return {'renderer': FormRenderer(form), 'user': request.user}
def change_password(request):
"""Change user password."""
# Unpack.
user = request.user
notify = request.registry.notify
# Validate the request.
form = Form(request,
schema=schema.ChangePassword,
defaults={'failed': False})
location = get_redirect_location(request)
if request.method == 'POST':
if form.validate():
d = form.data
user = authenticate_user(request, user.username, d['old_password'])
if user:
# Save new password to the db.
user.password = model.encrypt(d['new_password'])
model.save(user)
# Notify that the password changed.
notify(events.UserChangedPassword(request, user))
# Log the user out, so that a change of password will lock out
# someone who has compromised the existing password.
headers = forget(request)
# Notify that the user is logged out.
notify(events.UserLoggedOut(request, request.user))
# Redirect.
return HTTPFound(location=location, headers=headers)
else:
form.errors['old_password'] = '******'
form.data['next'] = location
return {'renderer': FormRenderer(form), 'user': request.user}
def makeUser(self, username, password):
"""Create and save a user with the credentials provided."""
user = model.User()
user.username = unicode(username)
user.password = model.encrypt(password)
model.save(user)
transaction.commit()
Session.add(user)
return user
def makeUser(self, username, password):
"""Create and save a user with the credentials provided."""
user = model.User()
user.username = username
user.password = model.encrypt(password)
model.save(user)
transaction.commit()
Session.add(user)
return user
def change_password(request):
"""Change user password."""
form = Form(request, schema=schema.ChangePassword,
defaults={'failed': False})
user = request.user
location = get_redirect_location(request)
if request.method == 'POST':
if form.validate():
d = form.data
user = model.authenticate(user.username, d['old_password'])
if user:
# Save new password to the db
user.password = model.encrypt(d['new_password'])
model.save(user)
request.registry.notify(
events.UserChangedPassword(request, user))
return HTTPFound(location=location)
else:
form.errors['old_password'] = '******'
form.data['next'] = location
return {'renderer': FormRenderer(form), 'user': request.user}
def change_password(request):
"""Change user password."""
form = Form(request,
schema=schema.ChangePassword,
defaults={'failed': False})
user = request.user
location = get_redirect_location(request)
if request.method == 'POST':
if form.validate():
d = form.data
user = model.authenticate(user.username, d['old_password'])
if user:
# Save new password to the db
user.password = model.encrypt(d['new_password'])
model.save(user)
request.registry.notify(
events.UserChangedPassword(request, user))
return HTTPFound(location=location)
else:
form.errors['old_password'] = '******'
form.data['next'] = location
return {'renderer': FormRenderer(form), 'user': request.user}
def signup_view(request):
"""Render and handle signup form.
Setup::
>>> from mock import Mock
>>> from pyramid.testing import DummyRequest
>>> from pyramid_simpleauth import model, view
>>> _get_existing_email = model.get_existing_email
>>> _get_existing_user = model.get_existing_user
>>> _save = model.save
>>> _remember = view.remember
>>> view.remember = Mock()
>>> model.save = Mock()
>>> model.get_existing_user = Mock()
>>> model.get_existing_user.return_value = None
>>> model.get_existing_email = Mock()
>>> model.get_existing_email.return_value = None
If it's not a POST, renders the form::
>>> dummy_request = DummyRequest()
>>> return_value = signup_view(dummy_request)
>>> return_value['renderer'].data
{'failed': False}
Otherwise it validates the request data against ``schema.Signup``::
>>> dummy_request = DummyRequest(post={'foo': 'bar'})
>>> return_value = signup_view(dummy_request)
>>> return_value['renderer'].data
{'failed': True, 'foo': 'bar'}
If provided with valid data, it saves a ``User`` with related ``Email``,
logs them in by calling ``remember`` and redirects to the user's
profile::
>>> valid_post = {
... 'username': '******',
... 'email': '*****@*****.**',
... 'password': '******',
... 'confirm': 'password'
... }
>>> dummy_request = DummyRequest(post=valid_post)
>>> dummy_request.registry.settings = {}
>>> dummy_request.route_url = Mock()
>>> return_value = signup_view(dummy_request)
>>> model.save.called
True
>>> view.remember.called
True
>>> isinstance(return_value, HTTPFound)
True
Teardown::
>>> view.remember = _remember
>>> model.save = _save
>>> model.get_existing_user = _get_existing_user
>>> model.get_existing_email = _get_existing_email
"""
form = Form(request, schema=schema.Signup, defaults={'failed': False})
if request.method == 'POST':
if form.validate():
d = form.data
# Determine whether to skip confirmation.
s = request.registry.settings
should_skip_confirmation = s.get('auth.skip_confirmation', False)
# Instantiate the email instance.
email = model.Email()
email.address = d['email']
email.is_confirmed = should_skip_confirmation
# Instantiate the user instance.
user = model.User()
user.username = d['username']
user.password = model.encrypt(d['password'])
user.emails = [email]
# Save the user and email to the db.
model.save(user)
# Log the user in.
remember(request, user.canonical_id)
# Fire a ``UserSignedUp`` event.
request.registry.notify(events.UserSignedUp(request, user))
# Redirect to the user's profile url.
settings = request.registry.settings
route_name = settings.get('simpleauth.after_signup_route', 'users')
try:
location = request.route_url(route_name,
traverse=(user.username,))
except (KeyError, ComponentLookupError):
location = '/'
return HTTPFound(location=location)
form.data['failed'] = True
return {'renderer': FormRenderer(form)}
def signup_view(request):
"""Render and handle signup form.
Setup::
>>> from mock import Mock
>>> from pyramid.testing import DummyRequest
>>> from pyramid_simpleauth import model, view
>>> _get_existing_email = model.get_existing_email
>>> _get_existing_user = model.get_existing_user
>>> _save = model.save
>>> _remember = view.remember
>>> view.remember = Mock()
>>> model.save = Mock()
>>> model.get_existing_user = Mock()
>>> model.get_existing_user.return_value = None
>>> model.get_existing_email = Mock()
>>> model.get_existing_email.return_value = None
If it's not a POST, renders the form::
>>> dummy_request = DummyRequest()
>>> return_value = signup_view(dummy_request)
>>> return_value['renderer'].data
{'failed': False}
Otherwise it validates the request data against ``schema.Signup``::
>>> dummy_request = DummyRequest(post={'foo': 'bar'})
>>> return_value = signup_view(dummy_request)
>>> return_value['renderer'].data
{'failed': True, 'foo': 'bar'}
If provided with valid data, it saves a ``User`` with related ``Email``,
logs them in by calling ``remember`` and redirects to the user's
profile::
>>> valid_post = {
... 'username': '******',
... 'email': '*****@*****.**',
... 'password': '******',
... 'confirm': 'password'
... }
>>> dummy_request = DummyRequest(post=valid_post)
>>> dummy_request.registry.settings = {}
>>> dummy_request.route_url = Mock()
>>> return_value = signup_view(dummy_request)
>>> model.save.called
True
>>> view.remember.called
True
>>> isinstance(return_value, HTTPFound)
True
Teardown::
>>> view.remember = _remember
>>> model.save = _save
>>> model.get_existing_user = _get_existing_user
>>> model.get_existing_email = _get_existing_email
"""
form = Form(request, schema=schema.Signup, defaults={'failed': False})
if request.method == 'POST':
if form.validate():
d = form.data
# Determine whether to skip confirmation.
s = request.registry.settings
should_skip_confirmation = s.get('auth.skip_confirmation', False)
# Instantiate the email instance.
email = model.Email()
email.address = d['email']
email.is_confirmed = should_skip_confirmation
# Instantiate the user instance.
user = model.User()
user.username = d['username']
user.password = model.encrypt(d['password'])
user.emails = [email]
# Save the user and email to the db.
model.save(user)
# Log the user in.
remember(request, user.canonical_id)
# Fire a ``UserSignedUp`` event.
request.registry.notify(events.UserSignedUp(request, user))
# Redirect to the user's profile url.
settings = request.registry.settings
route_name = settings.get('simpleauth.after_signup_route', 'users')
try:
location = request.route_url(route_name,
traverse=(user.username, ))
except (KeyError, ComponentLookupError):
location = '/'
return HTTPFound(location=location)
form.data['failed'] = True
return {'renderer': FormRenderer(form)}
