def change_password(request): """Change user password.""" # Unpack. user = request.user notify = request.registry.notify # Validate the request. form = Form(request, schema=schema.ChangePassword, defaults={'failed': False}) location = get_redirect_location(request) if request.method == 'POST': if form.validate(): d = form.data user = model.authenticate(user.username, d['old_password']) if user: # Save new password to the db. user.password = model.encrypt(d['new_password']) model.save(user) # Notify that the password changed. notify(events.UserChangedPassword(request, user)) # Log the user out, so that a change of password will lock out # someone who has compromised the existing password. headers = forget(request) # Notify that the user is logged out. notify(events.UserLoggedOut(request, request.user)) # Redirect. return HTTPFound(location=location, headers=headers) else: form.errors['old_password'] = '******' form.data['next'] = location return {'renderer': FormRenderer(form), 'user': request.user}
def change_password(request): """Change user password.""" # Unpack. user = request.user notify = request.registry.notify # Validate the request. form = Form(request, schema=schema.ChangePassword, defaults={'failed': False}) location = get_redirect_location(request) if request.method == 'POST': if form.validate(): d = form.data user = authenticate_user(request, user.username, d['old_password']) if user: # Save new password to the db. user.password = model.encrypt(d['new_password']) model.save(user) # Notify that the password changed. notify(events.UserChangedPassword(request, user)) # Log the user out, so that a change of password will lock out # someone who has compromised the existing password. headers = forget(request) # Notify that the user is logged out. notify(events.UserLoggedOut(request, request.user)) # Redirect. return HTTPFound(location=location, headers=headers) else: form.errors['old_password'] = '******' form.data['next'] = location return {'renderer': FormRenderer(form), 'user': request.user}
def makeUser(self, username, password): """Create and save a user with the credentials provided.""" user = model.User() user.username = unicode(username) user.password = model.encrypt(password) model.save(user) transaction.commit() Session.add(user) return user
def makeUser(self, username, password): """Create and save a user with the credentials provided.""" user = model.User() user.username = username user.password = model.encrypt(password) model.save(user) transaction.commit() Session.add(user) return user
def change_password(request): """Change user password.""" form = Form(request, schema=schema.ChangePassword, defaults={'failed': False}) user = request.user location = get_redirect_location(request) if request.method == 'POST': if form.validate(): d = form.data user = model.authenticate(user.username, d['old_password']) if user: # Save new password to the db user.password = model.encrypt(d['new_password']) model.save(user) request.registry.notify( events.UserChangedPassword(request, user)) return HTTPFound(location=location) else: form.errors['old_password'] = '******' form.data['next'] = location return {'renderer': FormRenderer(form), 'user': request.user}
def signup_view(request): """Render and handle signup form. Setup:: >>> from mock import Mock >>> from pyramid.testing import DummyRequest >>> from pyramid_simpleauth import model, view >>> _get_existing_email = model.get_existing_email >>> _get_existing_user = model.get_existing_user >>> _save = model.save >>> _remember = view.remember >>> view.remember = Mock() >>> model.save = Mock() >>> model.get_existing_user = Mock() >>> model.get_existing_user.return_value = None >>> model.get_existing_email = Mock() >>> model.get_existing_email.return_value = None If it's not a POST, renders the form:: >>> dummy_request = DummyRequest() >>> return_value = signup_view(dummy_request) >>> return_value['renderer'].data {'failed': False} Otherwise it validates the request data against ``schema.Signup``:: >>> dummy_request = DummyRequest(post={'foo': 'bar'}) >>> return_value = signup_view(dummy_request) >>> return_value['renderer'].data {'failed': True, 'foo': 'bar'} If provided with valid data, it saves a ``User`` with related ``Email``, logs them in by calling ``remember`` and redirects to the user's profile:: >>> valid_post = { ... 'username': '******', ... 'email': '*****@*****.**', ... 'password': '******', ... 'confirm': 'password' ... } >>> dummy_request = DummyRequest(post=valid_post) >>> dummy_request.registry.settings = {} >>> dummy_request.route_url = Mock() >>> return_value = signup_view(dummy_request) >>> model.save.called True >>> view.remember.called True >>> isinstance(return_value, HTTPFound) True Teardown:: >>> view.remember = _remember >>> model.save = _save >>> model.get_existing_user = _get_existing_user >>> model.get_existing_email = _get_existing_email """ form = Form(request, schema=schema.Signup, defaults={'failed': False}) if request.method == 'POST': if form.validate(): d = form.data # Determine whether to skip confirmation. s = request.registry.settings should_skip_confirmation = s.get('auth.skip_confirmation', False) # Instantiate the email instance. email = model.Email() email.address = d['email'] email.is_confirmed = should_skip_confirmation # Instantiate the user instance. user = model.User() user.username = d['username'] user.password = model.encrypt(d['password']) user.emails = [email] # Save the user and email to the db. model.save(user) # Log the user in. remember(request, user.canonical_id) # Fire a ``UserSignedUp`` event. request.registry.notify(events.UserSignedUp(request, user)) # Redirect to the user's profile url. settings = request.registry.settings route_name = settings.get('simpleauth.after_signup_route', 'users') try: location = request.route_url(route_name, traverse=(user.username,)) except (KeyError, ComponentLookupError): location = '/' return HTTPFound(location=location) form.data['failed'] = True return {'renderer': FormRenderer(form)}
def signup_view(request): """Render and handle signup form. Setup:: >>> from mock import Mock >>> from pyramid.testing import DummyRequest >>> from pyramid_simpleauth import model, view >>> _get_existing_email = model.get_existing_email >>> _get_existing_user = model.get_existing_user >>> _save = model.save >>> _remember = view.remember >>> view.remember = Mock() >>> model.save = Mock() >>> model.get_existing_user = Mock() >>> model.get_existing_user.return_value = None >>> model.get_existing_email = Mock() >>> model.get_existing_email.return_value = None If it's not a POST, renders the form:: >>> dummy_request = DummyRequest() >>> return_value = signup_view(dummy_request) >>> return_value['renderer'].data {'failed': False} Otherwise it validates the request data against ``schema.Signup``:: >>> dummy_request = DummyRequest(post={'foo': 'bar'}) >>> return_value = signup_view(dummy_request) >>> return_value['renderer'].data {'failed': True, 'foo': 'bar'} If provided with valid data, it saves a ``User`` with related ``Email``, logs them in by calling ``remember`` and redirects to the user's profile:: >>> valid_post = { ... 'username': '******', ... 'email': '*****@*****.**', ... 'password': '******', ... 'confirm': 'password' ... } >>> dummy_request = DummyRequest(post=valid_post) >>> dummy_request.registry.settings = {} >>> dummy_request.route_url = Mock() >>> return_value = signup_view(dummy_request) >>> model.save.called True >>> view.remember.called True >>> isinstance(return_value, HTTPFound) True Teardown:: >>> view.remember = _remember >>> model.save = _save >>> model.get_existing_user = _get_existing_user >>> model.get_existing_email = _get_existing_email """ form = Form(request, schema=schema.Signup, defaults={'failed': False}) if request.method == 'POST': if form.validate(): d = form.data # Determine whether to skip confirmation. s = request.registry.settings should_skip_confirmation = s.get('auth.skip_confirmation', False) # Instantiate the email instance. email = model.Email() email.address = d['email'] email.is_confirmed = should_skip_confirmation # Instantiate the user instance. user = model.User() user.username = d['username'] user.password = model.encrypt(d['password']) user.emails = [email] # Save the user and email to the db. model.save(user) # Log the user in. remember(request, user.canonical_id) # Fire a ``UserSignedUp`` event. request.registry.notify(events.UserSignedUp(request, user)) # Redirect to the user's profile url. settings = request.registry.settings route_name = settings.get('simpleauth.after_signup_route', 'users') try: location = request.route_url(route_name, traverse=(user.username, )) except (KeyError, ComponentLookupError): location = '/' return HTTPFound(location=location) form.data['failed'] = True return {'renderer': FormRenderer(form)}