示例#1
0
def send_fp_verification_email(user, request):
    """
    Send the verification email to users to change their password.

    Args:
    - user: a user object
    - request: the request
    """
    fp_verification_key = get_timed_signer_url('mail_verification_token') \
            .dumps(user.id)

    rendered_email = render_template(
        request, 'mediagoblin/plugins/basic_auth/fp_verification_email.txt', {
            'username':
            user.username,
            'verification_url':
            EMAIL_FP_VERIFICATION_TEMPLATE.format(
                uri=request.urlgen(
                    'mediagoblin.plugins.basic_auth.verify_forgot_password',
                    qualified=True),
                fp_verification_key=fp_verification_key)
        })

    # TODO: There is no error handling in place
    send_email(mg_globals.app_config['email_sender_address'], [user.email],
               'GNU MediaGoblin - Change forgotten password!', rendered_email)
示例#2
0
def send_fp_verification_email(user, request):
    """
    Send the verification email to users to change their password.

    Args:
    - user: a user object
    - request: the request
    """
    fp_verification_key = get_timed_signer_url('mail_verification_token') \
            .dumps(user.id)

    rendered_email = render_template(
        request, 'mediagoblin/plugins/basic_auth/fp_verification_email.txt',
        {'username': user.username,
         'verification_url': EMAIL_FP_VERIFICATION_TEMPLATE.format(
             uri=request.urlgen('mediagoblin.plugins.basic_auth.verify_forgot_password',
                                qualified=True),
             fp_verification_key=fp_verification_key)})

    # TODO: There is no error handling in place
    send_email(
        mg_globals.app_config['email_sender_address'],
        [user.email],
        'GNU MediaGoblin - Change forgotten password!',
        rendered_email)
示例#3
0
def _update_email(request, form, user):
    new_email = form.new_email.data
    users_with_email = User.query.filter_by(email=new_email).count()

    if users_with_email:
        form.new_email.errors.append(
            _('Sorry, a user with that email address'
              ' already exists.'))

    elif not users_with_email:
        verification_key = get_timed_signer_url(
            'mail_verification_token').dumps({
                'user': user.id,
                'email': new_email
            })

        rendered_email = render_template(
            request, 'mediagoblin/edit/verification.txt', {
                'username':
                user.username,
                'verification_url':
                EMAIL_VERIFICATION_TEMPLATE.format(
                    uri=request.urlgen('mediagoblin.edit.verify_email',
                                       qualified=True),
                    verification_key=verification_key)
            })

        email_debug_message(request)
        auth_tools.send_verification_email(user, request, new_email,
                                           rendered_email)
示例#4
0
def send_verification_email(user, request, email=None,
                            rendered_email=None):
    """
    Send the verification email to users to activate their accounts.

    Args:
    - user: a user object
    - request: the request
    """
    if not email:
        email = user.email

    if not rendered_email:
        verification_key = get_timed_signer_url('mail_verification_token') \
                .dumps(user.id)
        rendered_email = render_template(
            request, 'mediagoblin/auth/verification_email.txt',
            {'username': user.username,
            'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
                    uri=request.urlgen('mediagoblin.auth.verify_email',
                                       qualified=True),
                    verification_key=verification_key)})

    # TODO: There is no error handling in place
    send_email(
        mg_globals.app_config['email_sender_address'],
        [email],
        # TODO
        # Due to the distributed nature of GNU MediaGoblin, we should
        # find a way to send some additional information about the
        # specific GNU MediaGoblin instance in the subject line. For
        # example "GNU MediaGoblin @ Wandborg - [...]".
        'GNU MediaGoblin - Verify your email!',
        rendered_email)
示例#5
0
def verify_email(request):
    """
    Email verification view for changing email address
    """
    # If no token, we can't do anything
    if not "token" in request.GET:
        return render_404(request)

    # Catch error if token is faked or expired
    token = None
    try:
        token = get_timed_signer_url("mail_verification_token").loads(request.GET["token"], max_age=10 * 24 * 3600)
    except BadSignature:
        messages.add_message(request, messages.ERROR, _("The verification key or user id is incorrect."))

        return redirect(request, "index")

    user = User.query.filter_by(id=int(token["user"])).first()

    if user:
        user.email = token["email"]
        user.save()

        messages.add_message(request, messages.SUCCESS, _("Your email address has been verified."))

    else:
        messages.add_message(request, messages.ERROR, _("The verification key or user id is incorrect."))

    return redirect(request, "mediagoblin.user_pages.user_home", user=user.username)
示例#6
0
def send_verification_email(user, request, email=None,
                            rendered_email=None):
    """
    Send the verification email to users to activate their accounts.

    Args:
    - user: a user object
    - request: the request
    """
    if not email:
        email = user.email

    if not rendered_email:
        verification_key = get_timed_signer_url('mail_verification_token') \
                .dumps(user.id)
        rendered_email = render_template(
            request, 'mediagoblin/auth/verification_email.txt',
            {'username': user.username,
            'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
                    uri=request.urlgen('mediagoblin.auth.verify_email',
                                       qualified=True),
                    verification_key=verification_key)})

    # TODO: There is no error handling in place
    send_email(
        mg_globals.app_config['email_sender_address'],
        [email],
        # TODO
        # Due to the distributed nature of GNU MediaGoblin, we should
        # find a way to send some additional information about the
        # specific GNU MediaGoblin instance in the subject line. For
        # example "GNU MediaGoblin @ Wandborg - [...]".
        'GNU MediaGoblin - Verify your email!',
        rendered_email)
示例#7
0
def change_email(request):
    """ View to change the user's email """
    form = forms.ChangeEmailForm(request.method == 'POST' and request.form
                                 or None)
    user = request.user

    # If no password authentication, no need to enter a password
    if 'pass_auth' not in request.template_env.globals or not user.pw_hash:
        form.__delitem__('password')

    if request.method == 'POST' and form.validate():
        new_email = form.new_email.data
        users_with_email = User.query.filter(
            LocalUser.email == new_email).count()

        if users_with_email:
            form.new_email.errors.append(
                _('Sorry, a user with that email address'
                  ' already exists.'))

        if form.password and user.pw_hash and not check_password(
                form.password.data, user.pw_hash):
            form.password.errors.append(_('Wrong password'))

        if not form.errors:
            verification_key = get_timed_signer_url(
                'mail_verification_token').dumps({
                    'user': user.id,
                    'email': new_email
                })

            rendered_email = render_template(
                request, 'mediagoblin/edit/verification.txt', {
                    'username':
                    user.username,
                    'verification_url':
                    EMAIL_VERIFICATION_TEMPLATE.format(
                        uri=request.urlgen('mediagoblin.edit.verify_email',
                                           qualified=True),
                        verification_key=verification_key)
                })

            email_debug_message(request)
            auth_tools.send_verification_email(user, request, new_email,
                                               rendered_email)

            return redirect(request, 'mediagoblin.edit.account')

    return render_to_response(request, 'mediagoblin/edit/change_email.html', {
        'form': form,
        'user': user
    })
示例#8
0
def change_email(request):
    """ View to change the user's email """
    form = forms.ChangeEmailForm(request.form)
    user = request.user

    # If no password authentication, no need to enter a password
    if 'pass_auth' not in request.template_env.globals or not user.pw_hash:
        form.__delitem__('password')

    if request.method == 'POST' and form.validate():
        new_email = form.new_email.data
        users_with_email = User.query.filter(
            LocalUser.email==new_email
        ).count()

        if users_with_email:
            form.new_email.errors.append(
                _('Sorry, a user with that email address'
                    ' already exists.'))

        if form.password and user.pw_hash and not check_password(
                form.password.data, user.pw_hash):
            form.password.errors.append(
                _('Wrong password'))

        if not form.errors:
            verification_key = get_timed_signer_url(
                'mail_verification_token').dumps({
                    'user': user.id,
                    'email': new_email})

            rendered_email = render_template(
                request, 'mediagoblin/edit/verification.txt',
                {'username': user.username,
                    'verification_url': EMAIL_VERIFICATION_TEMPLATE.format(
                    uri=request.urlgen('mediagoblin.edit.verify_email',
                                    qualified=True),
                    verification_key=verification_key)})

            email_debug_message(request)
            auth_tools.send_verification_email(user, request, new_email,
                                            rendered_email)

            return redirect(request, 'mediagoblin.edit.account')

    return render_to_response(
        request,
        'mediagoblin/edit/change_email.html',
        {'form': form,
         'user': user})
示例#9
0
def verify_email(request):
    """
    Email verification view

    validates GET parameters against database and unlocks the user account, if
    you are lucky :)
    """
    # If we don't have userid and token parameters, we can't do anything; 404
    if not 'token' in request.GET:
        return render_404(request)

    # Catch error if token is faked or expired
    try:
        token = get_timed_signer_url("mail_verification_token") \
                .loads(request.GET['token'], max_age=10*24*3600)
    except BadSignature:
        messages.add_message(
            request,
            messages.ERROR,
            _('The verification key or user id is incorrect.'))

        return redirect(
            request,
            'index')

    user = User.query.filter_by(id=int(token)).first()

    if user and user.has_privilege(u'active') is False:
        user.verification_key = None
        user.all_privileges.append(
            Privilege.query.filter(
            Privilege.privilege_name==u'active').first())

        user.save()

        messages.add_message(
            request,
            messages.SUCCESS,
            _("Your email address has been verified. "
              "You may now login, edit your profile, and submit images!"))
    else:
        messages.add_message(
            request,
            messages.ERROR,
            _('The verification key or user id is incorrect'))

    return redirect(
        request, 'mediagoblin.user_pages.user_home',
        user=user.username)
示例#10
0
def verify_email(request):
    """
    Email verification view

    validates GET parameters against database and unlocks the user account, if
    you are lucky :)
    """
    # If we don't have userid and token parameters, we can't do anything; 404
    if not 'token' in request.GET:
        return render_404(request)

    # Catch error if token is faked or expired
    try:
        token = get_timed_signer_url("mail_verification_token") \
                .loads(request.GET['token'], max_age=10*24*3600)
    except BadSignature:
        messages.add_message(
            request, messages.ERROR,
            _('The verification key or user id is incorrect.'))

        return redirect(request, 'index')

    user = User.query.filter_by(id=int(token)).first()

    if user and user.has_privilege(u'active') is False:
        user.verification_key = None
        user.all_privileges.append(
            Privilege.query.filter(
                Privilege.privilege_name == u'active').first())

        user.save()

        messages.add_message(
            request, messages.SUCCESS,
            _("Your email address has been verified. "
              "You may now login, edit your profile, and submit images!"))
    else:
        messages.add_message(request, messages.ERROR,
                             _('The verification key or user id is incorrect'))

    return redirect(request,
                    'mediagoblin.user_pages.user_home',
                    user=user.username)
示例#11
0
def verify_email(request):
    """
    Email verification view for changing email address
    """
    # If no token, we can't do anything
    if not 'token' in request.GET:
        return render_404(request)

    # Catch error if token is faked or expired
    token = None
    try:
        token = get_timed_signer_url("mail_verification_token") \
                .loads(request.GET['token'], max_age=10*24*3600)
    except BadSignature:
        messages.add_message(
            request,
            messages.ERROR,
            _('The verification key or user id is incorrect.'))

        return redirect(
            request,
            'index')

    user = User.query.filter_by(id=int(token['user'])).first()

    if user:
        user.email = token['email']
        user.save()

        messages.add_message(
            request,
            messages.SUCCESS,
            _('Your email address has been verified.'))

    else:
            messages.add_message(
                request,
                messages.ERROR,
                _('The verification key or user id is incorrect.'))

    return redirect(
        request, 'mediagoblin.user_pages.user_home',
        user=user.username)
示例#12
0
def _update_email(request, form, user):
    new_email = form.new_email.data
    users_with_email = User.query.filter_by(email=new_email).count()

    if users_with_email:
        form.new_email.errors.append(_("Sorry, a user with that email address" " already exists."))

    elif not users_with_email:
        verification_key = get_timed_signer_url("mail_verification_token").dumps({"user": user.id, "email": new_email})

        rendered_email = render_template(
            request,
            "mediagoblin/edit/verification.txt",
            {
                "username": user.username,
                "verification_url": EMAIL_VERIFICATION_TEMPLATE.format(
                    uri=request.urlgen("mediagoblin.edit.verify_email", qualified=True),
                    verification_key=verification_key,
                ),
            },
        )

        email_debug_message(request)
        auth_tools.send_verification_email(user, request, new_email, rendered_email)
示例#13
0
def verify_forgot_password(request):
    """
    Check the forgot-password verification and possibly let the user
    change their password because of it.
    """
    # get form data variables, and specifically check for presence of token
    formdata = _process_for_token(request)
    if not formdata['has_token']:
        return render_404(request)

    formdata_vars = formdata['vars']

    # Catch error if token is faked or expired
    try:
        token = get_timed_signer_url("mail_verification_token") \
                .loads(formdata_vars['token'], max_age=10*24*3600)
    except BadSignature:
        messages.add_message(
            request,
            messages.ERROR,
            _('The verification key or user id is incorrect.'))

        return redirect(
            request,
            'index')

    # check if it's a valid user id
    user = User.query.filter_by(id=int(token)).first()

    # no user in db
    if not user:
        messages.add_message(
            request, messages.ERROR,
            _('The user id is incorrect.'))
        return redirect(
            request, 'index')

    # check if user active and has email verified
    if user.email_verified and user.status == 'active':

        cp_form = forms.ChangeForgotPassForm(formdata_vars)

        if request.method == 'POST' and cp_form.validate():
            user.pw_hash = tools.bcrypt_gen_password_hash(
                cp_form.password.data)
            user.save()

            messages.add_message(
                request,
                messages.INFO,
                _("You can now log in using your new password."))
            return redirect(request, 'mediagoblin.auth.login')
        else:
            return render_to_response(
                request,
                'mediagoblin/plugins/basic_auth/change_fp.html',
                {'cp_form': cp_form})

    if not user.email_verified:
        messages.add_message(
            request, messages.ERROR,
            _('You need to verify your email before you can reset your'
              ' password.'))

    if not user.status == 'active':
        messages.add_message(
            request, messages.ERROR,
            _('You are no longer an active user. Please contact the system'
              ' admin to reactivate your accoutn.'))

    return redirect(
        request, 'index')
示例#14
0
 def __init__(self, cookie_name='MGSession', namespace=None):
     if namespace is None:
         namespace = cookie_name
     self.signer = crypto.get_timed_signer_url(namespace)
     self.cookie_name = cookie_name
示例#15
0
def verify_forgot_password(request):
    """
    Check the forgot-password verification and possibly let the user
    change their password because of it.
    """
    # get form data variables, and specifically check for presence of token
    formdata = _process_for_token(request)
    if not formdata['has_token']:
        return render_404(request)

    formdata_vars = formdata['vars']

    # Catch error if token is faked or expired
    try:
        token = get_timed_signer_url("mail_verification_token") \
                .loads(formdata_vars['token'], max_age=10*24*3600)
    except BadSignature:
        messages.add_message(
            request, messages.ERROR,
            _('The verification key or user id is incorrect.'))

        return redirect(request, 'index')

    # check if it's a valid user id
    user = User.query.filter_by(id=int(token)).first()

    # no user in db
    if not user:
        messages.add_message(request, messages.ERROR,
                             _('The user id is incorrect.'))
        return redirect(request, 'index')

    # check if user active and has email verified
    if user.has_privilege(u'active'):
        cp_form = forms.ChangeForgotPassForm(formdata_vars)

        if request.method == 'POST' and cp_form.validate():
            user.pw_hash = tools.bcrypt_gen_password_hash(
                cp_form.password.data)
            user.save()

            messages.add_message(
                request, messages.INFO,
                _("You can now log in using your new password."))
            return redirect(request, 'mediagoblin.auth.login')
        else:
            return render_to_response(
                request, 'mediagoblin/plugins/basic_auth/change_fp.html',
                {'cp_form': cp_form})

    ## Commenting this out temporarily because I'm checking into
    ## what's going on with user.email_verified.
    ##
    ## ... if this commit lasts long enough for anyone but me (cwebber) to
    ## notice it, they should pester me to remove this or remove it
    ## themselves ;)
    #
    # if not user.email_verified:
    #     messages.add_message(
    #         request, messages.ERROR,
    #         _('You need to verify your email before you can reset your'
    #           ' password.'))

    if not user.status == 'active':
        messages.add_message(
            request, messages.ERROR,
            _('You are no longer an active user. Please contact the system'
              ' admin to reactivate your account.'))

    return redirect(request, 'index')
def verify_forgot_password(request):
    """
    Check the forgot-password verification and possibly let the user
    change their password because of it.
    """
    # get form data variables, and specifically check for presence of token
    formdata = _process_for_token(request)
    if not formdata['has_token']:
        return render_404(request)

    formdata_vars = formdata['vars']

    # Catch error if token is faked or expired
    try:
        token = get_timed_signer_url("mail_verification_token") \
                .loads(formdata_vars['token'], max_age=10*24*3600)
    except BadSignature:
        messages.add_message(
            request,
            messages.ERROR,
            _('The verification key or user id is incorrect.'))

        return redirect(
            request,
            'index')

    # check if it's a valid user id
    user = User.query.filter_by(id=int(token)).first()

    # no user in db
    if not user:
        messages.add_message(
            request, messages.ERROR,
            _('The user id is incorrect.'))
        return redirect(
            request, 'index')

    # check if user active and has email verified
    if user.has_privilege(u'active'):
        cp_form = auth_forms.ChangeForgotPassForm(formdata_vars)

        if request.method == 'POST' and cp_form.validate():
            user.pw_hash = tools.bcrypt_gen_password_hash(
                cp_form.password.data)
            user.save()

            messages.add_message(
                request,
                messages.INFO,
                _("You can now log in using your new password."))
            return redirect(request, 'mediagoblin.auth.login')
        else:
            return render_to_response(
                request,
                'mediagoblin/plugins/recaptcha/change_fp.html',
                {'cp_form': cp_form})

    ## Commenting this out temporarily because I'm checking into
    ## what's going on with user.email_verified.
    ##
    ## ... if this commit lasts long enough for anyone but me (cwebber) to
    ## notice it, they should pester me to remove this or remove it
    ## themselves ;)
    #
    # if not user.email_verified:
    #     messages.add_message(
    #         request, messages.ERROR,
    #         _('You need to verify your email before you can reset your'
    #           ' password.'))

    if not user.status == 'active':
        messages.add_message(
            request, messages.ERROR,
            _('You are no longer an active user. Please contact the system'
              ' admin to reactivate your account.'))

    return redirect(
        request, 'index')
示例#17
0
 def __init__(self, cookie_name='MGSession', namespace=None):
     if namespace is None:
         namespace = cookie_name
     self.signer = crypto.get_timed_signer_url(namespace)
     self.cookie_name = cookie_name