def authenticate(self, request, user_id=None, username=None, email=None, user=None, password=None, **kw): odm = request.app.odm() try: if not user: with odm.begin() as session: query = session.query(odm.user) if user_id: user = query.get(user_id) elif username: user = query.filter_by(username=username).one() elif email: email = normalise_email(email) user = query.filter_by(email=email).one() else: raise AuthenticationError('Invalid credentials') if user and self.crypt_verify(user.password, password): return user else: raise NoResultFound except NoResultFound: if username: raise AuthenticationError('Invalid username or password') elif email: raise AuthenticationError('Invalid email or password') else: raise AuthenticationError('Invalid credentials')
def create_user(self, request, username=None, password=None, email=None, first_name=None, last_name=None, active=False, superuser=False, **kwargs): '''Create a new user. Either ``username`` or ``email`` must be provided. ''' odm = request.app.odm() email = normalise_email(email) assert username or email with odm.begin() as session: if not username: username = email user = odm.user(username=username, password=self.password(password), email=email, first_name=first_name, last_name=last_name, active=active, superuser=superuser) session.add(user) return user
def create_user(self, request, username=None, password=None, email=None, name=None, surname=None, active=False, superuser=False, **kwargs): manager = request.app.odm('nosql').user email = normalise_email(email) assert username or email if username: if manager.filter(username=username).all(): raise sessions.AuthenticationError( '%s already used' % username) if email and manager.filter(email=email).all(): raise sessions.AuthenticationError('%s already used' % email) if not username: username = email active = False registration = False else: registration = not active user = manager(username=username, password=self.password(password), email=email, name=name, surname=surname, active=active, superuser=superuser, **kwargs).save() if registration: # create registration email if user is not active self.get_or_create_registration(request, user) return user
def authenticate(self, request, user_id=None, username=None, email=None, password=None, **kw): odm = request.app.odm() with odm.begin() as session: query = session.query(odm.user) try: if user_id: user = query.get(user_id) elif username: user = query.filter_by(username=username).one() elif email: user = query.filter_by(email=normalise_email(email)).one() else: raise AuthenticationError('Invalid credentials') if user and self.decript(user.password) == password: return user else: raise odm.ModelNotFound except NoResultFound: if username: raise AuthenticationError('Invalid username or password') elif email: raise AuthenticationError('Invalid email or password') else: raise AuthenticationError('Invalid credentials')
def get_user(self, request, user_id=None, token_id=None, username=None, email=None, auth_key=None, **kw): '''Securely fetch a user by id, username or email Returns user or nothing ''' odm = request.app.odm() if token_id and user_id: with odm.begin() as session: query = session.query(odm.token) query = query.filter_by(user_id=user_id, id=token_id) query.update({'last_access': datetime.utcnow()}, synchronize_session=False) if not query.count(): return if auth_key: with odm.begin() as session: query = session.query(odm.registration) reg = query.get(auth_key) if reg and not reg.confirmed and reg.expiry > datetime.now(): user_id = reg.user_id else: return with odm.begin() as session: query = session.query(odm.user) try: if user_id: user = query.get(user_id) elif username: user = query.filter_by(username=username).one() elif email: user = query.filter_by(email=normalise_email(email)).one() else: return except NoResultFound: return return user
def get_user(self, request, user_id=None, username=None, email=None, **kw): '''Securely fetch a user by id, username or email Returns user or nothing ''' odm = request.app.odm() with odm.begin() as session: query = session.query(odm.user) try: if user_id: user = query.get(user_id) elif username: user = query.filter_by(username=username).one() elif email: user = query.filter_by(email=normalise_email(email)).one() else: return except NoResultFound: return return user
def authenticate(self, request, user_id=None, username=None, email=None, password=None, **kw): manager = request.app.odm('nosql').user user = None try: if user_id: user = manager.get(user_id) elif username: user = manager.get(username=username) elif email: user = manager.get(email=normalise_email(email)) else: raise AuthenticationError('Invalid credentials') if user and self.decript(user.password) == password: return user else: raise odm.ModelNotFound except odm.ModelNotFound: if username: raise AuthenticationError('Invalid username or password') elif email: raise AuthenticationError('Invalid email or password') else: raise AuthenticationError('Invalid credentials')
def run(self, options, interactive=False): username = options.username password = options.password email = options.email if not username or not password or not email: interactive = True request = self.app.wsgi_request() auth_backend = self.app.auth_backend if interactive: # pragma nocover def_username = get_def_username(request, auth_backend) input_msg = 'Username' if def_username: input_msg += ' (Leave blank to use %s)' % def_username username = None email = None password = None try: # Get a username while not username: username = input(input_msg + ': ') if def_username and username == '': username = def_username if not RE_VALID_USERNAME.match(username): self.write_err('Error: That username is invalid. Use ' 'only letters, digits and underscores.') username = None else: user = auth_backend.get_user(request, username=username) if user is not None: self.write_err( "Error: That username is already taken.\n") username = None while not email: email = input('Email: ') try: email = normalise_email(email) except Exception: self.write_err('Error: That email is invalid.') email = None else: user = auth_backend.get_user(request, email=email) if user is not None: self.write_err( "Error: That email is already taken.") email = None # Get a password while 1: if not password: password = getpass.getpass() password2 = getpass.getpass('Password (again): ') if password != password2: self.write_err( "Error: Your passwords didn't match.") password = None continue if password.strip() == '': self.write_err( "Error: Blank passwords aren't allowed.") password = None continue break except KeyboardInterrupt: self.write_err('\nOperation cancelled.') sys.exit(1) user = auth_backend.create_superuser(request, username=username, email=normalise_email(email), password=password) if user: self.write("Superuser %s created successfully.\n" % user.username) else: self.write_err("ERROR: could not create superuser") return user