def update_auth_token(user): r = g.redis r.delete("auth:%s" % user['auth']) new_auth_token = util.get_rand() r.hset("user:%s" % user['id'], "auth", new_auth_token) r.set("auth:%s" % new_auth_token, user['id']) return new_auth_token
def create_user_github(username, email): r = g.redis username = username.lower() if r.exists("username.to.id:" + username): return None, "Username exists, please try a different one." if not util.lock('create_user.' + username): return None, "Please wait some time before creating a new user." user_id = r.incr("users.count") auth_token = util.get_rand() now = int(time.time()) pl = r.pipeline() pl.hmset( "user:%s" % user_id, { "id": user_id, "username": username, "ctime": now, "karma": config.UserInitialKarma, "about": "", "email": email, "auth": auth_token, "apisecret": util.get_rand(), "flags": "g", #github user "karma_incr_time": now, "replies": 0, }) pl.set("username.to.id:" + username, user_id) pl.set("auth:" + auth_token, user_id) pl.execute() util.unlock('create_user.' + username) return auth_token, None
def create_user(username, password, userip): r = g.redis username = username.lower() if r.exists("username.to.id:" + username): return None, "Username exists, please try a different one." if not util.lock('create_user.' + username): return None, "Please wait some time before creating a new user." user_id = r.incr("users.count") auth_token = util.get_rand() salt = util.get_rand() now = int(time.time()) pl = r.pipeline() pl.hmset("user:%s" % user_id, { "id": user_id, "username": username, "salt": salt, "password": util.hash_password(password, salt), "ctime": now, "karma": config.UserInitialKarma, "about": "", "email": "", "auth": auth_token, "apisecret": util.get_rand(), "flags": "", "karma_incr_time": now, "replies": 0, }) pl.set("username.to.id:" + username, user_id) pl.set("auth:" + auth_token, user_id) pl.execute() util.unlock('create_user.' + username) return auth_token, None
def update_profile(request): auth_user(request.cookies.get('auth')) if not g.user: result = {'status': 'error', 'error': 'Not authenticated.'} return util.json_response(result) if request.POST.get('apisecret') != g.user["apisecret"]: result = {'status': 'error', 'error': 'Wrong form secret'} return util.json_response(result) password = request.POST.get('password') #optinal email = request.POST.get('email') about = request.POST.get('about') email, msg = util.check_string(email, maxlen=128) if email is None: result = {'status': 'error', 'error': 'email ' + msg} return util.json_response(result) about, msg = util.check_string(about, maxlen=256) if about is None: result = {'status': 'error', 'error': 'about ' + msg} return util.json_response(result) r = g.redis if password: password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = {'status': 'error', 'error': 'password ' + msg} return util.json_response(result) salt = g.user.get('salt', util.get_rand()) r.hmset("user:"******"password": util.hash_password(password, salt), "salt": salt }) r.hmset("user:"******"about": about.rstrip(), "email": email}) return util.json_response({'status': "ok"})
def update_profile(request): auth_user(request.cookies.get("auth")) if not g.user: result = {"status": "error", "error": "Not authenticated."} return util.json_response(result) if request.POST.get("apisecret") != g.user["apisecret"]: result = {"status": "error", "error": "Wrong form secret"} return util.json_response(result) password = request.POST.get("password") # optinal email = request.POST.get("email") about = request.POST.get("about") email, msg = util.check_string(email, maxlen=128) if email is None: result = {"status": "error", "error": "email " + msg} return util.json_response(result) about, msg = util.check_string(about, maxlen=256) if about is None: result = {"status": "error", "error": "about " + msg} return util.json_response(result) r = g.redis if password: password, msg = util.check_string(password, config.PasswordMinLength) if not password: result = {"status": "error", "error": "password " + msg} return util.json_response(result) salt = g.user.get("salt", util.get_rand()) r.hmset("user:"******"id"], {"password": util.hash_password(password, salt), "salt": salt}) r.hmset("user:"******"id"], {"about": about.rstrip(), "email": email}) return util.json_response({"status": "ok"})