def test_valid_email(self): self.assertFalse(valid_email('tarek')) self.assertFalse(valid_email('tarek@moz')) self.assertFalse(valid_email('[email protected]')) self.assertTrue(valid_email('*****@*****.**')) self.assertTrue(valid_email('*****@*****.**')) self.assertTrue(valid_email('[email protected]'))
def change_email(self, request): """Changes the user e-mail""" # the body is in plain text email = request.body if not valid_email(email): raise HTTPJsonBadRequest(ERROR_NO_EMAIL_ADDRESS) if not hasattr(request, 'user_password'): raise HTTPBadRequest() if not self.auth.update_field(request.user, request.user_password, 'mail', email): raise HTTPInternalServerError('User update failed.') return text_response(email)
def create_user(self, request): """Creates a user.""" if self.auth.get_user_id(request.user): raise HTTPJsonBadRequest(ERROR_INVALID_WRITE) username = request.user['username'] try: data = json.loads(request.body) except ValueError: raise HTTPJsonBadRequest(ERROR_MALFORMED_JSON) email = data.get('email') if email and not valid_email(email): raise HTTPJsonBadRequest(ERROR_NO_EMAIL_ADDRESS) # checking that the e-mail matches the username munged_email = extract_username(email) if munged_email != username and self.strict_usernames: raise HTTPJsonBadRequest(ERROR_USERNAME_EMAIL_MISMATCH) password = data.get('password') if not password: raise HTTPJsonBadRequest(ERROR_MISSING_PASSWORD) if not valid_password(username, password): raise HTTPJsonBadRequest(ERROR_WEAK_PASSWORD) # check if captcha info are provided or if we bypass it if (self.shared_secret is None or request.headers.get('X-Weave-Secret') != self.shared_secret): self._check_captcha(request, data) # all looks good, let's create the user if not self.auth.create_user(request.user['username'], password, email): raise HTTPInternalServerError('User creation failed.') return request.user['username']
def forgot_step_2(request, **args): """Tries to send the email with a reset code, then lets the user know we've done that """ data = {} auth = request.registry["auth"] username = extract_username(request.params['username']) request.user['username'] = username user_id = auth.get_user_id(request.user) if not user_id: request.errors.append(_('Unable to locate your account. ' 'Please check your username.')) return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) if not request.registry.settings['app.captcha'].check(request): log_cef('Captcha failed on forgot password', 3, request.environ, request.registry.settings.get('config').get_map(), username, signature=CAPTCHA_FAILURE) request.errors.append(_('The captcha did not match. ' 'Please try again')) return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) try: reset = request.registry.settings.get('app.console.reset') reset_code = reset.generate_reset_code(request.user, True) if not reset_code: request.errors.append(_('Getting a reset code failed ' 'unexpectedly. Please try again later.')) logger.error("Could not generate a reset code") return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) auth.get_user_info(request.user, ['mail']) if not valid_email(request.user['mail']): raise NoEmailError() maildata = {'forgot_url': '%s/forgot' % request.host_url, 'username': username, 'code': reset_code} template_path = get_template_lookup('console') template = \ template_path.get_template('password_reset_mail.mako') body = template.render(**maildata) subject = _('Resetting your Mozilla Services password') smtp = request.registry.settings.get('config').get_map('smtp') #sender has a required position, so we can't pass it in in the #dict sender = smtp['sender'] del smtp['sender'] send_email(sender, request.user['mail'], subject, body, **smtp) except AlreadySentError: #backend handled the reset code email. Keep going pass except NoEmailError: request.errors.append(_('We do not have an email on file for this ' 'account and cannot send you a reset code.')) return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) return data