def login_(self): "Process login credentials" # Check username username = str(request.POST.get("username", "")) person = Session.query(model.Person).filter_by(username=username).first() # If the username does not exist, if not person: return dict(isOk=0) # Check password password_hash = model.hashString(str(request.POST.get("password", ""))) # If the password is incorrect, if password_hash != StringIO.StringIO(person.password_hash).read(): # Increase and return rejection_count without a requery rejection_count = person.rejection_count = person.rejection_count + 1 Session.commit() return dict(isOk=0, rejection_count=rejection_count) # If there have been too many rejections, if person.rejection_count >= parameter.REJECTION_LIMIT: # Expect recaptcha response recaptchaChallenge = request.POST.get("recaptcha_challenge_field", "") recaptchaResponse = request.POST.get("recaptcha_response_field", "") recaptchaPrivateKey = config.get("recaptcha.private", "") # Validate result = captcha.submit(recaptchaChallenge, recaptchaResponse, recaptchaPrivateKey, h.getRemoteIP()) # If the response is not valid, if not result.is_valid: return dict(isOk=0, rejection_count=person.rejection_count) # Get minutesOffset from UTC minutesOffset = h.getMinutesOffset() # Save session session["minutesOffset"] = minutesOffset session["personID"] = person.id session["nickname"] = person.nickname session["is_super"] = person.is_super session.save() # Save person person.minutes_offset = minutesOffset person.rejection_count = 0 Session.commit() # Return return dict(isOk=1)
def confirmPersonCandidate(ticket): "Move changes from the PersonCandidate table into the Person table" # Query candidate = ( Session.query(model.PersonCandidate) .filter(model.PersonCandidate.ticket == ticket) .filter(model.PersonCandidate.when_expired >= datetime.datetime.utcnow()) .first() ) # If the ticket exists, if candidate: # If the person exists, if candidate.person_id: # Update person person = Session.query(model.Person).get(candidate.person_id) person.username = candidate.username person.password_hash = candidate.password_hash person.nickname = candidate.nickname person.email = candidate.email person.email_sms = candidate.email_sms # Reset rejection_count person.rejection_count = 0 # If the person does not exist, else: # Add person Session.add( model.Person( candidate.username, candidate.password_hash, candidate.nickname, candidate.email, candidate.email_sms, ) ) # Delete ticket Session.delete(candidate) # Commit Session.commit() # Return return candidate
# Validate form form = JobForm().to_python(valueByName, job) except formencode.Invalid, error: return dict(isOk=0, errorByID=error.unpack_errors()) # If the job does not exist, add it if not job: job = model.Job() Session.add(job) # Set fields job.title = form['title'].strip() job.budget = form['budget'] job.description = form['description'].strip() job.when_updated = datetime.datetime.utcnow() job.owner_id = ownerID # Commit Session.commit() # Return return dict(isOk=1, jobID=job.id) # Validators class Unique(formencode.validators.FancyValidator): 'Validator to ensure unique values in a field' def __init__(self, fieldName, errorMessage): 'Store fieldName and errorMessage' super(Unique, self).__init__() self.fieldName = fieldName self.errorMessage = errorMessage