def post(self): user = g.current_user username = request.form.get('name', None) password = request.form.get('password', None) domain = request.form.get('domain', None) if username != user.name: status = check_username(username) if status: return render_template('account.setting.html', error=status[1]) user.change_username(username) if domain and not user.domain: for status in [check_domain(domain), check_domain_exists(domain)]: if status: return render_template('account.setting.html', error=status[1]) user.set_domain(domain) if password: status = check_password(password) if status: return render_template('account.setting.html', error=status[1]) user.change_password(password) #clear cache clear_user_cache(user) account_login(user) g.current_user = get_current_user() return render_template('account.setting.html', error=code.ACCOUNT_SETTING_SUCCESS)
def post(self): user = g.current_user password = request.form.get('password', None) display = request.form.get('display', None) city = request.form.get('city', '') title = request.form.get('title', '') attrs = {} if display != user.display: status = check_display(display) if not status: return self.render_template( error=code.ACCOUNT_USERNAME_INVAILD) attrs['display'] = display if password: status = check_password(password) if not status: return self.render_template( error=code.ACCOUNT_PASSWORD_INVAILD) attrs['password'] = password attrs['city'] = city attrs['title'] = title error = update_account(user, **attrs) if error: return self.render_template(error=error) #relogin account_login(user) g.current_user = get_current_user() return self.render_template(error=code.ACCOUNT_SETTING_SUCCESS)
def new_register(self, verify): username = request.form.get('name', None) password = request.form.get('password', None) email = request.form.get('email', None) check, error = check_register_info(username, email, password) if not check: return self.render_template(verify=verify, error=error) user, error = create_user(username, password, email) if error: return self.render_template(verify=verify, error=error) # clear cache account_login(user) return self.join_organization(verify, user)
def post(self): username = request.form.get('name', None) password = request.form.get('password', None) email = request.form.get('email', None) check, error = check_register_info(username, email, password) if not check: return render_template('account.register.html', error=error) oauth = session.pop('from_oauth', None) user = create_user(username, password, email) #clear cache clear_user_cache(user) account_login(user) if oauth: oauth.bind(user.id) return redirect(url_for('index'))
def post(self): login_url = url_for('account.login', **request.args) password = request.form.get('password', None) email = request.form.get('email', None) check, error = check_login_info(email, password) if not check: return render_template('account.login.html', login_info=error, login_url=login_url) user = get_user_by(email=email).limit(1).first() if not user: logger.info('no such user') return render_template('account.login.html', login_info='no such user', login_url=login_url) if not user.check_password(password): logger.info('invaild passwd') return render_template('account.login.html', login_info='invaild passwd', login_url=login_url) account_login(user) redirect_url = request.args.get('redirect', None) return redirect(redirect_url or url_for('index'))
def bind(self, verify): if g.current_user: user = g.current_user else: email = request.form.get('email', None) password = request.form.get('password', None) check, error = check_login_info(email, password) if not check: return self.render_template(verify=verify, error=error) user = get_user_by(email=email).limit(1).first() if not user: return self.render_template(verify=verify, error=code.ACCOUNT_NO_SUCH_USER) if not user.check_password(password): return self.render_template( verify=verify, error=code.ACCOUNT_LOGIN_INFO_INVAILD) account_login(user) return self.join_organization(verify, user)
def post(self, stub): forget = get_forget_by_stub(stub=stub) if g.current_user: if forget: forget.delete() return redirect(url_for('index')) if not forget: raise abort(404) password = request.form.get('password', None) status = check_password(password) if status: return render_template('account.reset.html', stub=stub, \ error=status[1]) user = get_user(forget.uid) user.change_password(password) account_login(user) forget.delete() clear_user_cache(user) backend.delete('account:%s' % forget.stub) return render_template('account.reset.html', ok=1)
def post(self): login_url = url_for('account.login', **request.args) password = request.form.get('password', None) email = request.form.get('email', None) check, error = check_login_info(email, password) if not check: return self.render_template(login_info=error, login_url=login_url) user = get_user_by(email=email).limit(1).first() if not user: logger.info('no such user') return self.render_template(login_info=code.ACCOUNT_NO_SUCH_USER, login_url=login_url) if not user.check_password(password): logger.info('invaild passwd') return self.render_template( login_info=code.ACCOUNT_LOGIN_INFO_INVAILD, login_url=login_url) account_login(user) redirect_url = request.args.get('redirect', None) return redirect(redirect_url or url_for('index'))
def authorized(self, resp): csrf = session.pop('%s_oauthcsrf' % self.name, None) state = request.args.get('state') if state and urllib.unquote(state) != csrf: return redirect(url_for('index')) if not session: return redirect(url_for('index')) next_url = session.pop('%s_oauthnext' % self.name) or url_for('index') logger.info(resp) if not resp or not resp.get(self.uid_str, None) \ or not resp.get(self.token_str, None): return redirect(next_url) #safe escape #uid = resp.get(self.uid_str, None) token = resp.get(self.token_str, None) oauth = get_oauth_by(oauth_uid=resp[self.uid_str]) if oauth is None: oauth = create_oauth(None, resp[self.uid_str], self.name) old_token = oauth.oauth_token oauth.oauth_token = token if not g.current_user and oauth.uid: #need profile! user = get_user(oauth.uid) if user: account_login(user) if old_token != oauth.oauth_token: logger.info(old_token) logger.info(oauth.oauth_token) oauth.store() self.update_token(oauth) return redirect(url_for('index')) session['from_oauth'] = oauth return redirect(next_url)