def changepassword(self, email, oldpassword, newpassword):
Validator.email(email)
Validator.password(newpassword)
if self.user.get(email)['password'] != Secret.hash(oldpassword, SALT):
raise RiverException(_('The old password is incorrect for this user.'))
self.user.update(email, password=Secret.hash(newpassword, SALT))
def changepassword(self, email, oldpassword, newpassword):
Validator.email(email)
Validator.password(oldpassword)
Validator.password(newpassword)
if self.user.get(email)['password'] != Secret.hash(oldpassword, SALT):
raise RiverException(
_('The old password is incorrect for this user.'))
self.user.update(email, password=Secret.hash(newpassword, SALT))
def register(self, email, password):
Validator.email(email)
Validator.password(password)
if self.user.exists(email):
raise RiverException(_('The given email address has already been registered.'))
user_id = Secret.generate(128)
self.user.insert(email, enabled=True, id=user_id, password=Secret.hash(password, SALT))
return user_id
def changeemail(self, oldemail, newemail, password):
Validator.email(oldemail)
Validator.email(newemail)
Validator.password(password)
if self.user.get(oldemail)['password'] != Secret.hash(password, SALT):
raise RiverException('The password is incorrect for this user.')
token = Secret.generate(16)
self.user.update(oldemail, email=newemail, enabled=False, token=token)
Mail.send(MAIL_FROM, newemail, 'RiverID Email Change', token)
def setpassword(self, email, token, password):
Validator.email(email)
Validator.token(token)
Validator.password(password)
user = self.user.get(email)
if not user['token']:
raise RiverException('No password change has been requested for this email address.')
if user['token'] != token:
raise RiverException('The token is not valid for this email address.')
self.user.update(email, enabled=True, token=False, password=Secret.hash(password, SALT))
def register(self, email, password):
Validator.email(email)
Validator.password(password)
if self.user.exists(email):
raise RiverException(
_('The given email address has already been registered.'))
user_id = Secret.generate(128)
self.user.insert(email,
enabled=True,
id=user_id,
password=Secret.hash(password, SALT))
return user_id
def changeemail(self, oldemail, newemail, password, mailbody):
Validator.email(oldemail)
Validator.email(newemail)
Validator.password(password)
if self.user.get(oldemail)['password'] != Secret.hash(password, SALT):
raise RiverException(_('The password is incorrect for this user.'))
token = Secret.generate(16)
self.user.update(oldemail, email=newemail, enabled=False, token=token)
Mail.send(MAIL_FROM,
newemail,
_('RiverID Email Change'),
mailbody,
token=token)
def signin(self, email, password):
Validator.email(email)
Validator.password(password)
user = self.user.get(email)
if user['enabled'] == False:
raise RiverException(_('The account is disabled.'))
if user['password'] != Secret.hash(password, SALT):
raise RiverException(_('The password is incorrect for this user.'))
session_id = Secret.generate(64)
session_start = datetime.utcnow().isoformat()
self.user.add(email, 'session', id=session_id, start=session_start)
return dict(user_id=user['id'], session_id=session_id)
def signin(self, email, password):
Validator.email(email)
Validator.password(password)
user = self.user.get(email)
if user['enabled'] == False:
raise RiverException('The account is disabled.')
if user['password'] != Secret.hash(password, SALT):
raise RiverException('The password is incorrect for this user.')
session_id = Secret.generate(64)
session_start = datetime.utcnow().isoformat()
self.user.add(email, 'session', id=session_id, start=session_start)
return dict(user_id=user['id'], session_id=session_id)
def setpassword(self, email, token, password):
Validator.email(email)
Validator.token(token)
Validator.password(password)
user = self.user.get(email)
if not user['token']:
raise RiverException(
_('No password change has been requested for this email address.'
))
if user['token'] != token:
raise RiverException(
_('The token is not valid for this email address.'))
self.user.update(email,
enabled=True,
token=False,
password=Secret.hash(password, SALT))
def changeemail(self, oldemail, newemail, password, mailbody, mailfrom = None, mailsubject = None):
Validator.email(oldemail)
Validator.email(newemail)
Validator.password(password)
if self.user.get(oldemail)['password'] != Secret.hash(password, SALT):
raise RiverException(_('The password is incorrect for this user.'))
if self.user.exists(newemail):
raise RiverException(_('The new email address has already been registered.'))
if mailsubject is None:
mailsubject = _('CrowdmapID Email Change')
if mailfrom is None:
mailfrom = MAIL_FROM
token = Secret.generate(16)
self.user.update(oldemail, email=newemail, enabled=False, token=token)
Mail.send(mailfrom, newemail, mailsubject, mailbody, token=token)
def checkpassword(self, email, password):
Validator.email(email)
Validator.password(password)
return self.user.get(email)['password'] == Secret.hash(password, SALT)
def checkpassword(self, email, password):
Validator.email(email)
Validator.password(password)
return self.user.get(email)['password'] == Secret.hash(password, SALT)
