示例#1
0
    def POST(self):
        f = forms.ChangeEmail()
        i = web.input()

        if not f.validates(i):
            return render["account/email"](self.get_email(), f)
        else:
            username = web.ctx.site.get_user().key.split("/")[-1]

            code = _generate_salted_hash(get_secret_key(), username + "," + i.email)
            link = (
                web.ctx.home
                + "/account/email/verify"
                + "?"
                + urllib.urlencode({"username": username, "email": i.email, "code": code})
            )

            msg = render["email/email/verify"](username=username, email=i.email, link=link)
            sendmail(i.email, msg)

            title = _("Hi %(user)s", user=username)
            message = _(
                "We've sent an email to %(email)s. You'll need to read that and click on the verification link to update your email.",
                email=i.email,
            )
            return render.message(title, message)
示例#2
0
class account_login(delegate.page):
    """Account login.

    Login can fail because of the following reasons:

    * account_not_found: Error message is displayed.
    * account_bad_password: Error message is displayed with a link to reset password.
    * account_not_verified: Error page is dispalyed with button to "resend verification email".
    """
    path = "/account/login"

    def render_error(self, error_key, i):
        f = forms.Login()
        f.fill(i)
        f.note = LOGIN_ERRORS[error_key]
        return render.login(f)

    def GET(self):
        referer = web.ctx.env.get('HTTP_REFERER', '/')
        i = web.input(redirect=referer)
        f = forms.Login()
        f['redirect'].value = i.redirect
        return render.login(f)

    def POST(self):
        i = web.input(username="", connect=None, password="", remember=False,
                      redirect='/', test=False, access=None, secret=None)
        email = i.username  # XXX username is now email
        audit = audit_accounts(email, i.password, require_link=True,
                               s3_access_key=i.access,
                               s3_secret_key=i.secret, test=i.test)
        error = audit.get('error')
        if error:
            return self.render_error(error, i)

        expires = (i.remember and 3600 * 24 * 7) or ""
        web.setcookie(config.login_cookie_name, web.ctx.conn.get_auth_token(),
                      expires=expires)
        blacklist = ["/account/login", "/account/password", "/account/email",
                     "/account/create"]
        if i.redirect == "" or any([path in i.redirect for path in blacklist]):
            i.redirect = "/"
        raise web.seeother(i.redirect)

    def POST_resend_verification_email(self, i):
        try:
            ol_login = OpenLibraryAccount.authenticate(i.email, i.password)
        except ClientException, e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = OpenLibraryAccount.get(email=i.email)
        account.send_verification_email()

        title = _("Hi %(user)s", user=account.displayname)
        message = _("We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.", email=account.email)
        return render.message(title, message)
示例#3
0
    def POST(self):
        i = web.input(username='', code='')

        try:
            web.ctx.site.check_reset_code(i.username, i.code)
        except ClientException, e:
            title = _("Password reset failed.")
            message = web.safestr(e)
            return render.message(title, message)
示例#4
0
    def GET(self, code):
        docs = web.ctx.site.store.values(type="account-link", name="code", value=code)
        if not docs:
            title = _("Password reset failed.")
            message = "Your password reset link seems invalid or expired."
            return render.message(title, message)

        f = forms.ResetPassword()
        return render['account/password/reset'](f)
示例#5
0
    def POST(self):
        i = web.input(username='', code='')

        try:
            web.ctx.site.check_reset_code(i.username, i.code)
        except ClientException, e:
            title = _("Password reset failed.")
            message = web.safestr(e)
            return render.message(title, message)
示例#6
0
    def GET(self, code):
        docs = web.ctx.site.store.values(type="account-link", name="code", value=code)
        if not docs:
            title = _("Password reset failed.")
            message = "Your password reset link seems invalid or expired."
            return render.message(title, message)

        f = forms.ResetPassword()
        return render['account/password/reset'](f)
示例#7
0
 def update_email(self, username, email):
     if accounts.find(email=email):
         title = _("Email address is already used.")
         message = _("Your email address couldn't be updated. The specified email address is already used.")
     else:
         logger.info("updated email of %s to %s", username, email)
         accounts.update_account(username=username, email=email, status="active")
         title = _("Email verification successful.")
         message = _('Your email address has been successfully verified and updated in your account.')
     return render.message(title, message)
示例#8
0
 def update_email(self, username, email):
     if accounts.find(email=email):
         title = _("Email address is already used.")
         message = _("Your email address couldn't be updated. The specified email address is already used.")
     else:
         logger.info("updated email of %s to %s", username, email)
         accounts.update_account(username=username, email=email, status="active")
         title = _("Email verification successful.")
         message = _('Your email address has been successfully verified and updated in your account.')
     return render.message(title, message)
示例#9
0
    def POST(self, code):
        link = accounts.get_link(code)
        if not link:
            title = _("Password reset failed.")
            message = "The password reset link seems invalid or expired."
            return render.message(title, message)

        username = link['username']
        i = web.input()

        accounts.update_account(username, password=i.password)
        link.delete()
        return render_template("account/password/reset_success", username=username)
示例#10
0
    def POST(self, code):
        link = accounts.get_link(code)
        if not link:
            title = _("Password reset failed.")
            message = "The password reset link seems invalid or expired."
            return render.message(title, message)

        username = link['username']
        i = web.input()

        accounts.update_account(username, password=i.password)
        link.delete()
        return render_template("account/password/reset_success", username=username)
示例#11
0
 def POST(self, code=None):
     """Called to regenerate account verification code.
     """
     i = web.input(email=None)
     account = accounts.find(email=i.email)
     if not account:
         return render_template("account/verify/failed", email=i.email)
     elif account['status'] != "pending":
         return render['account/verify/activated'](account)
     else:
         account.send_verification_email()
         title = _("Hi %(user)s", user=account.displayname)
         message = _("We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.", email=account.email)
         return render.message(title, message)
示例#12
0
    def POST_resend_verification_email(self, i):
        try:
            ol_login = OpenLibraryAccount.authenticate(i.email, i.password)
        except ClientException as e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = OpenLibraryAccount.get(email=i.email)
        account.send_verification_email()

        title = _("Hi, %(user)s", user=account.displayname)
        message = _("We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.", email=account.email)
        return render.message(title, message)
示例#13
0
 def POST(self, code=None):
     """Called to regenerate account verification code.
     """
     i = web.input(email=None)
     account = accounts.find(email=i.email)
     if not account:
         return render_template("account/verify/failed", email=i.email)
     elif account['status'] != "pending":
         return render['account/verify/activated'](account)
     else:
         account.send_verification_email()
         title = _("Hi, %(user)s", user=account.displayname)
         message = _("We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.", email=account.email)
         return render.message(title, message)
示例#14
0
    def POST(self, code):
        docs = web.ctx.site.store.values(type="account-link", name="code", value=code)
        if not docs:
            title = _("Password reset failed.")
            message = "The password reset link seems invalid or expired."
            return render.message(title, message)

        doc = docs[0]
        username = doc['username']
        i = web.input()
        
        web.ctx.site.update_account(username, password=i.password)
        del web.ctx.site.store[doc['_key']]
        return render_template("account/password/reset_success", username=username)
示例#15
0
    def POST_resend_verification_email(self, i):
        try:
            ol_login = OpenLibraryAccount.authenticate(i.email, i.password)
        except ClientException as e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = OpenLibraryAccount.get(email=i.email)
        account.send_verification_email()

        title = _("Hi, %(user)s", user=account.displayname)
        message = _("We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.", email=account.email)
        return render.message(title, message)
示例#16
0
    def POST(self, code):
        docs = web.ctx.site.store.values(type="account-link",
                                         name="code",
                                         value=code)
        if not docs:
            title = _("Password reset failed.")
            message = "The password reset link seems invalid or expired."
            return render.message(title, message)

        doc = docs[0]
        username = doc['username']
        i = web.input()

        web.ctx.site.update_account(username, password=i.password)
        del web.ctx.site.store[doc['_key']]
        return render_template("account/password/reset_success",
                               username=username)
示例#17
0
    def POST(self):
        f = forms.ChangeEmail()
        i = web.input()

        if not f.validates(i):
            return render['account/email'](self.get_email(), f)
        else:
            user = accounts.get_current_user()
            username = user.key.split('/')[-1]

            displayname = user.displayname or username

            send_email_change_email(username, i.email)

            title = _("Hi %(user)s", user=user.displayname or username)
            message = _("We've sent an email to %(email)s. You'll need to read that and click on the verification link to update your email.", email=i.email)
            return render.message(title, message)
示例#18
0
 def GET(self):
     i = web.input(username='', email='', code='')
     
     verified = _verify_salted_hash(get_secret_key(), i.username + ',' + i.email, i.code)
     if verified:
         if web.ctx.site.find_user_by_email(i.email) is not None:
             title = _("Email address is already used.")
             message = _("Your email address couldn't be updated. The specified email address is already used.")
         else:
             web.ctx.site.update_user_details(i.username, email=i.email)
             title = _("Email verification successful.")
             message = _('Your email address has been successfully verified and updated in your account.')
     else:
         title = _("Email address couldn't be verified.")
         message = _("Your email address couldn't be verified. The verification link seems invalid.")
         
     return render.message(title, message)
示例#19
0
    def POST(self):
        f = forms.ChangeEmail()
        i = web.input()

        if not f.validates(i):
            return render['account/email'](self.get_email(), f)
        else:
            user = accounts.get_current_user()
            username = user.key.split('/')[-1]

            displayname = user.displayname or username

            send_email_change_email(username, i.email)

            title = _("Hi %(user)s", user=user.displayname or username)
            message = _("We've sent an email to %(email)s. You'll need to read that and click on the verification link to update your email.", email=i.email)
            return render.message(title, message)
示例#20
0
    def POST(self):
        f = forms.ChangeEmail()
        i = web.input()
        
        if not f.validates(i):
            return render['account/email'](self.get_email(), f)
        else:
            user = web.ctx.site.get_user()
            username = user.key.split('/')[-1]
            
            code = _generate_salted_hash(get_secret_key(), username + ',' + i.email)
            link = web.ctx.home + '/account/email/verify' + '?' + urllib.urlencode({"username": username, 'email': i.email, 'code': code})

            msg = render['email/email/verify'](username=username, email=i.email, link=link)
            sendmail(i.email, msg)
            
            title = _("Hi %(user)s", user=user.displayname or username)
            message = _("We've sent an email to %(email)s. You'll need to read that and click on the verification link to update your email.", email=i.email)
            return render.message(title, message)
示例#21
0
    def POST_resend_verification_email(self, i):
        try:
            web.ctx.site.login(i.username, i.password)
        except ClientException, e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = web.ctx.site.find_account(username=i.username)
        send_verification_email(i.username, account.email)

        user = web.ctx.site.get('/people/' + i.username)
        title = _("Hi %(user)s", user=user.displayname or i.username)
        message = _("We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.", email=account.email)
        return render.message(title, message)

class account_verify(delegate.page):
    """Verify user account.
    """
    path = "/account/verify/([0-9a-f]*)"

    def GET(self, code):
        docs = web.ctx.site.store.values(type="account-link", name="code", value=code)
        if docs:
            doc = docs[0]

            web.ctx.site.activate_account(username=doc['username'])
            del web.ctx.site.store[doc['_key']]

            user = web.ctx.site.get("/people/" + doc['username'])
示例#22
0
class account_login(delegate.page):
    """Account login.

    Login can fail because of the following reasons:

    * account_not_found: Error message is displayed.
    * account_bad_password: Error message is displayed with a link to reset password.
    * account_not_verified: Error page is dispalyed with button to "resend verification email".
    """
    path = "/account/login"

    def GET(self):
        referer = web.ctx.env.get('HTTP_REFERER', '/')
        i = web.input(redirect=referer)
        f = forms.Login()
        f['redirect'].value = i.redirect
        return render.login(f)

    def POST(self):
        i = web.input(remember=False, redirect='/', action="login")

        if i.action == "resend_verification_email":
            return self.POST_resend_verification_email(i)
        else:
            return self.POST_login(i)

    def error(self, name, i):
        f = forms.Login()
        f.fill(i)
        f.note = utils.get_error(name)
        return render.login(f)

    def POST_login(self, i):
        # make sure the username is valid
        if not forms.vlogin.valid(i.username):
            return self.error("account_user_notfound", i)

        # Try to find account with exact username, failing which try for case variations.
        account = accounts.find(username=i.username) or accounts.find(
            lusername=i.username)

        if not account:
            return self.error("account_user_notfound", i)

        if i.redirect == "/account/login" or i.redirect == "":
            i.redirect = "/"

        status = account.login(i.password)
        if status == 'ok':
            expires = (i.remember and 3600 * 24 * 7) or ""
            web.setcookie(config.login_cookie_name,
                          web.ctx.conn.get_auth_token(),
                          expires=expires)
            raise web.seeother(i.redirect)
        elif status == "account_not_verified":
            return render_template("account/not_verified",
                                   username=account.username,
                                   password=i.password,
                                   email=account.email)
        elif status == "account_not_found":
            return self.error("account_user_notfound", i)
        elif status == "account_blocked":
            return self.error("account_blocked", i)
        else:
            return self.error("account_incorrect_password", i)

    def POST_resend_verification_email(self, i):
        try:
            accounts.login(i.username, i.password)
        except ClientException, e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = accounts.find(username=i.username)
        account.send_verification_email()

        title = _("Hi %(user)s", user=account.displayname)
        message = _(
            "We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.",
            email=account.email)
        return render.message(title, message)
示例#23
0
class account_login(delegate.page):
    """Account login.

    Login can fail because of the following reasons:

    * account_not_found: Error message is displayed.
    * account_bad_password: Error message is displayed with a link to reset password.
    * account_not_verified: Error page is dispalyed with button to "resend verification email".
    """
    path = "/account/login"

    def GET(self):
        referer = web.ctx.env.get('HTTP_REFERER', '/')
        i = web.input(redirect=referer)
        f = forms.Login()
        f['redirect'].value = i.redirect
        return render.login(f)

    def POST(self):
        i = web.input(email='',
                      connect=None,
                      remember=False,
                      redirect='/',
                      action="login")

        if i.action == "resend_verification_email":
            return self.POST_resend_verification_email(i)
        else:
            return self.POST_login(i)

    def error(self, name, i):
        f = forms.Login()
        f.fill(i)
        f.note = utils.get_error(name)
        return render.login(f)

    def error_check(self, audit, i):
        if 'error' in audit:
            error = audit['error']
            if error == "account_not_verified":
                return render_template("account/not_verified",
                                       username=account.username,
                                       password=i.password,
                                       email=account.email)
            elif error == "account_not_found":
                return self.error("account_user_notfound", i)
            elif error == "account_blocked":
                return self.error("account_blocked", i)
            else:
                return self.error(audit['error'], i)
        if not audit['link']:
            # This needs to be overriden w/ `test`
            return self.error("accounts_not_connected", i)
        return None

    def POST_login(self, i):
        i = web.input(username="", password="", remember=False, redirect='')

        audit = audit_accounts(i.username, i.password)
        errors = self.error_check(audit, i)
        if errors:
            return errors

        blacklist = [
            "/account/login", "/account/password", "/account/email",
            "/account/create"
        ]
        if i.redirect == "" or any([path in i.redirect for path in blacklist]):
            i.redirect = "/"
        expires = (i.remember and 3600 * 24 * 7) or ""

        web.setcookie(config.login_cookie_name,
                      web.ctx.conn.get_auth_token(),
                      expires=expires)
        raise web.seeother(i.redirect)

    def POST_resend_verification_email(self, i):
        try:
            accounts.login(i.username, i.password)
        except ClientException, e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = accounts.find(username=i.username)
        account.send_verification_email()

        title = _("Hi %(user)s", user=account.displayname)
        message = _(
            "We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.",
            email=account.email)
        return render.message(title, message)
示例#24
0
    def POST_resend_verification_email(self, i):
        try:
            web.ctx.site.login(i.username, i.password)
        except ClientException, e:
            code = e.get_data().get("code")
            if code != "account_not_verified":
                return self.error("account_incorrect_password", i)

        account = Account.find(username=i.username)
        send_verification_email(i.username, account.email)

        title = _("Hi %(user)s", user=account.displayname)
        message = _(
            "We've sent the verification email to %(email)s. You'll need to read that and click on the verification link to verify your email.",
            email=account.email)
        return render.message(title, message)


class account_verify(delegate.page):
    """Verify user account.
    """
    path = "/account/verify/([0-9a-f]*)"

    def GET(self, code):
        docs = web.ctx.site.store.values(type="account-link",
                                         name="code",
                                         value=code)
        if docs:
            doc = docs[0]

            web.ctx.site.activate_account(username=doc['username'])
示例#25
0
 def bad_link(self):
     title = _("Email address couldn't be verified.")
     message = _(
         "Your email address couldn't be verified. The verification link seems invalid."
     )
     return render.message(title, message)
示例#26
0
 def bad_link(self):
     title = _("Email address couldn't be verified.")
     message = _("Your email address couldn't be verified. The verification link seems invalid.")
     return render.message(title, message)