示例#1
0
def loginWithSecureStorage(request, user, password):
  """Django handler to log user in with a secure storage key."""
  # Mark user as logged in via django auth
  login(request, user)

  # Compute user's secure storage key
  salt = m.UserInfo.objects.get(user=user).secure_storage_salt
  request.session['secureStorageKey'] = secureStorage.getEncryptionKey(password, salt)
示例#2
0
def loginWithSecureStorage(request, user, password):
    """Django handler to log user in with a secure storage key."""
    # Mark user as logged in via django auth
    login(request, user)

    # Compute user's secure storage key
    salt = m.UserInfo.objects.get(user=user).secure_storage_salt
    request.session['secureStorageKey'] = secureStorage.getEncryptionKey(
        password, salt)
示例#3
0
def userSettings(request):
    def createUserInfoForm(user):
        userInfo = m.UserInfo.objects.get(user=request.user)

        return UserInfoForm(initial={
            'company': userInfo.company,
            'email': user.email,
            'name': user.first_name,
            'website': userInfo.website,
        },
                            user=request.user)

    if request.method == 'GET':
        return render(
            request, 'settings.tmpl',
            dict(userinfo_form=createUserInfoForm(request.user),
                 password_form=PasswordForm()))

    if request.method == 'POST':
        action = request.REQUEST.get('action', None)

        if action == 'change-pswd':
            user = request.user
            password_form = PasswordForm(request.REQUEST, user=user)
            result = None
            errorMsg = None

            if password_form.is_valid():
                new = password_form.cleaned_data['new']
                user.set_password(new)
                user.save()

                salt = m.UserInfo.objects.get(user=user).secure_storage_salt
                request.session[
                    'secureStorageKey'] = secureStorage.getEncryptionKey(
                        new, salt)

                result = 'success'
            else:
                if password_form.errors.get('__all__', None):
                    errorMsg = password_form.errors['__all__'][0]
                else:
                    errorMsg = "There was an error while updating the password."

                result = 'error'

            return render(
                request, 'settings.tmpl',
                dict(userinfo_form=createUserInfoForm(request.user),
                     password_form=password_form,
                     action=action,
                     result=result,
                     errorMsg=errorMsg))

        if action == 'update-info':
            user = request.user
            userinfo_form = UserInfoForm(request.REQUEST, user=user)
            result = None
            errorMsg = None

            if userinfo_form.is_valid():
                user.email = userinfo_form.cleaned_data['email']
                user.first_name = userinfo_form.cleaned_data['name']
                try:
                    user.save()
                except django.db.IntegrityError:
                    # TODO - error must be handled here.
                    logging.exception(
                        'error while changing the email of the user.')
                else:
                    # update the company info.
                    userinfo = user.userinfo
                    userinfo.company = userinfo_form.cleaned_data['company']
                    userinfo.website = userinfo_form.cleaned_data['website']
                    userinfo.save()

                    result = 'success'
            else:
                if userinfo_form.errors.get('__all__', None):
                    errorMsg = userinfo_form.errors['__all__'][0]
                else:
                    errorMsg = "There was an error while updating the personal information."

                result = 'error'

            return render(
                request, 'settings.tmpl',
                dict(userinfo_form=userinfo_form,
                     password_form=PasswordForm(),
                     action=action,
                     result=result,
                     errorMsg=errorMsg))

        return render(request, 'settings.tmpl')
示例#4
0
文件: user.py 项目: Polychart/builder
def userSettings(request):
  def createUserInfoForm(user):
    userInfo = m.UserInfo.objects.get(user=request.user)

    return UserInfoForm(
      initial={
        'company': userInfo.company,
        'email': user.email,
        'name': user.first_name,
        'website': userInfo.website,
      },
      user=request.user
    )

  if request.method == 'GET':
    return render(request, 'settings.tmpl', dict(
      userinfo_form=createUserInfoForm(request.user),
      password_form=PasswordForm()
    ))

  if request.method == 'POST':
    action = request.REQUEST.get('action', None)

    if action == 'change-pswd':
      user          = request.user
      password_form = PasswordForm(request.REQUEST, user = user)
      result        = None
      errorMsg      = None

      if password_form.is_valid():
        new = password_form.cleaned_data['new']
        user.set_password(new)
        user.save()

        salt = m.UserInfo.objects.get(user=user).secure_storage_salt
        request.session['secureStorageKey'] = secureStorage.getEncryptionKey(new, salt)

        result = 'success'
      else:
        if password_form.errors.get('__all__', None):
          errorMsg = password_form.errors['__all__'][0]
        else:
          errorMsg = "There was an error while updating the password."

        result = 'error'

      return render(request, 'settings.tmpl', dict(
        userinfo_form = createUserInfoForm(request.user),
        password_form = password_form,
        action        = action,
        result        = result,
        errorMsg      = errorMsg
      ))

    if action == 'update-info':
      user          = request.user
      userinfo_form = UserInfoForm(request.REQUEST, user = user)
      result        = None
      errorMsg      = None

      if userinfo_form.is_valid():
        user.email      = userinfo_form.cleaned_data['email']
        user.first_name = userinfo_form.cleaned_data['name']
        try:
          user.save()
        except django.db.IntegrityError:
          # TODO - error must be handled here.
          logging.exception('error while changing the email of the user.')
        else:
          # update the company info.
          userinfo         = user.userinfo
          userinfo.company = userinfo_form.cleaned_data['company']
          userinfo.website = userinfo_form.cleaned_data['website']
          userinfo.save()

          result = 'success'
      else:
        if userinfo_form.errors.get('__all__', None):
          errorMsg = userinfo_form.errors['__all__'][0]
        else:
          errorMsg = "There was an error while updating the personal information."

        result = 'error'

      return render(request, 'settings.tmpl', dict(
        userinfo_form = userinfo_form,
        password_form = PasswordForm(),
        action        = action,
        result        = result,
        errorMsg      = errorMsg
      ))

    return render(request, 'settings.tmpl')