def loginWithSecureStorage(request, user, password): """Django handler to log user in with a secure storage key.""" # Mark user as logged in via django auth login(request, user) # Compute user's secure storage key salt = m.UserInfo.objects.get(user=user).secure_storage_salt request.session['secureStorageKey'] = secureStorage.getEncryptionKey(password, salt)
def loginWithSecureStorage(request, user, password): """Django handler to log user in with a secure storage key.""" # Mark user as logged in via django auth login(request, user) # Compute user's secure storage key salt = m.UserInfo.objects.get(user=user).secure_storage_salt request.session['secureStorageKey'] = secureStorage.getEncryptionKey( password, salt)
def userSettings(request): def createUserInfoForm(user): userInfo = m.UserInfo.objects.get(user=request.user) return UserInfoForm(initial={ 'company': userInfo.company, 'email': user.email, 'name': user.first_name, 'website': userInfo.website, }, user=request.user) if request.method == 'GET': return render( request, 'settings.tmpl', dict(userinfo_form=createUserInfoForm(request.user), password_form=PasswordForm())) if request.method == 'POST': action = request.REQUEST.get('action', None) if action == 'change-pswd': user = request.user password_form = PasswordForm(request.REQUEST, user=user) result = None errorMsg = None if password_form.is_valid(): new = password_form.cleaned_data['new'] user.set_password(new) user.save() salt = m.UserInfo.objects.get(user=user).secure_storage_salt request.session[ 'secureStorageKey'] = secureStorage.getEncryptionKey( new, salt) result = 'success' else: if password_form.errors.get('__all__', None): errorMsg = password_form.errors['__all__'][0] else: errorMsg = "There was an error while updating the password." result = 'error' return render( request, 'settings.tmpl', dict(userinfo_form=createUserInfoForm(request.user), password_form=password_form, action=action, result=result, errorMsg=errorMsg)) if action == 'update-info': user = request.user userinfo_form = UserInfoForm(request.REQUEST, user=user) result = None errorMsg = None if userinfo_form.is_valid(): user.email = userinfo_form.cleaned_data['email'] user.first_name = userinfo_form.cleaned_data['name'] try: user.save() except django.db.IntegrityError: # TODO - error must be handled here. logging.exception( 'error while changing the email of the user.') else: # update the company info. userinfo = user.userinfo userinfo.company = userinfo_form.cleaned_data['company'] userinfo.website = userinfo_form.cleaned_data['website'] userinfo.save() result = 'success' else: if userinfo_form.errors.get('__all__', None): errorMsg = userinfo_form.errors['__all__'][0] else: errorMsg = "There was an error while updating the personal information." result = 'error' return render( request, 'settings.tmpl', dict(userinfo_form=userinfo_form, password_form=PasswordForm(), action=action, result=result, errorMsg=errorMsg)) return render(request, 'settings.tmpl')
def userSettings(request): def createUserInfoForm(user): userInfo = m.UserInfo.objects.get(user=request.user) return UserInfoForm( initial={ 'company': userInfo.company, 'email': user.email, 'name': user.first_name, 'website': userInfo.website, }, user=request.user ) if request.method == 'GET': return render(request, 'settings.tmpl', dict( userinfo_form=createUserInfoForm(request.user), password_form=PasswordForm() )) if request.method == 'POST': action = request.REQUEST.get('action', None) if action == 'change-pswd': user = request.user password_form = PasswordForm(request.REQUEST, user = user) result = None errorMsg = None if password_form.is_valid(): new = password_form.cleaned_data['new'] user.set_password(new) user.save() salt = m.UserInfo.objects.get(user=user).secure_storage_salt request.session['secureStorageKey'] = secureStorage.getEncryptionKey(new, salt) result = 'success' else: if password_form.errors.get('__all__', None): errorMsg = password_form.errors['__all__'][0] else: errorMsg = "There was an error while updating the password." result = 'error' return render(request, 'settings.tmpl', dict( userinfo_form = createUserInfoForm(request.user), password_form = password_form, action = action, result = result, errorMsg = errorMsg )) if action == 'update-info': user = request.user userinfo_form = UserInfoForm(request.REQUEST, user = user) result = None errorMsg = None if userinfo_form.is_valid(): user.email = userinfo_form.cleaned_data['email'] user.first_name = userinfo_form.cleaned_data['name'] try: user.save() except django.db.IntegrityError: # TODO - error must be handled here. logging.exception('error while changing the email of the user.') else: # update the company info. userinfo = user.userinfo userinfo.company = userinfo_form.cleaned_data['company'] userinfo.website = userinfo_form.cleaned_data['website'] userinfo.save() result = 'success' else: if userinfo_form.errors.get('__all__', None): errorMsg = userinfo_form.errors['__all__'][0] else: errorMsg = "There was an error while updating the personal information." result = 'error' return render(request, 'settings.tmpl', dict( userinfo_form = userinfo_form, password_form = PasswordForm(), action = action, result = result, errorMsg = errorMsg )) return render(request, 'settings.tmpl')