web.user.login

1 import web 2 from decorators import i18n 3 from model import User 4 from userdecorators import authenticated, has_permissions

5 6 -class LoginView:

7 name_regexp = web.form.regexp("\w{3,60}$", 'Alphanumeric from 3 to 60 characters') 8 pass_regexp = web.form.regexp(r".{7,}", 'Must have more than 7 characters') 9 10 form = web.form.Form( 11 web.form.Textbox('username', name_regexp, description=_('Username')), 12 web.form.Password('password', pass_regexp, description=_('Password')), 13 web.form.Button('submit', type='submit', value=_('Login'))) 14

15 - def GET(self):

16 getdata = web.input() 17 if 'next' in getdata: 18 web.ctx.session.go_next = getdata.next 19 return web.ctx.normal_render.user.login(self.form)

20

21 - def POST(self):

22 self.form.username.note = '' 23 self.form.password.note 24 if not self.form.validates(): 25 return web.ctx.render.user.login(self.form) 26 27 # Check if user doesn't exist 28 query = web.ctx.orm.query(User).filter(User.name == web.input().username) 29 if not query.count(): 30 self.form.username.note = _('User doesn\'t exist') 31 return web.ctx.render.user.login(self.form) 32 33 # Check if password is valid 34 user = query.one() 35 36 if not user.is_active(): 37 self.form.username.note = _('User is not active yet') 38 return web.ctx.render.user.login(self.form) 39 40 if not user.auth(web.input().password): 41 self.form.password.note = _('Invalid password') 42 return web.ctx.render.user.login(self.form) 43 44 web.ctx.session.loggedin = True 45 web.ctx.session.username = user.name 46 raise web.seeother(web.ctx.session.get('go_next', '/'))

47

48 -class LogoutView:

49 @authenticated

50 - def GET(self):

51 web.ctx.session.pop('loggedin', '') 52 web.ctx.session.pop('username', '') 53 raise web.seeother('/')

54

55 -class ConfirmEmailView:

56 - def GET(self, username, temp_token):

57 query = web.ctx.orm.query(User).filter(User.name == username) 58 if not query.count(): 59 web.ctx.notify(_('Confirmation email: Invalid user'), 'notification') 60 raise web.seeother('/') 61 62 user = query.one() 63 if user.is_active(): 64 web.ctx.notify(_('Confirmation email: User %s already active') % username, 'notification') 65 raise web.seeother('/') 66 67 if not user.validate_temp_token(temp_token): 68 web.ctx.notify(_('Confirmation email: invalid token %s') % temp_token, 'notification') 69 raise web.seeother('/') 70 71 web.ctx.notify(_('Confirmation email: user %s activated successfully') % username, 72 'notification') 73 web.ctx.session.loggedin = True 74 web.ctx.session.username = username 75 raise web.seeother('/')

76

77 -class RecoverPasswordView:

78 ''' 79 Shows a form that will let the user receive an email for recovering his password 80 ''' 81 form = web.form.Form( 82 web.form.Textbox('username', description=_('Username or email')), 83 web.form.Button('submit', type='submit', value=_('Recover pasword'))) 84

85 - def GET(self):

86 return web.ctx.render.user.sendrecoveremail(self.form)

87

88 - def POST(self):

89 self.form.username.note = '' 90 if not self.form.validates(): 91 return web.ctx.render.user.sendrecoveremail(self.form) 92 93 # Check if user doesn't exist 94 query = web.ctx.orm.query(User).filter(User.name == web.input().username) 95 if not query.count(): 96 query = web.ctx.orm.query(User).filter(User.email == web.input().username) 97 if not query.count(): 98 self.form.username.note = _('User doesn\'t exist') 99 return web.ctx.render.user.sendrecoveremail(self.form) 100 user = query.one() 101 user = query.one() 102 user.send_recover_password_mail() 103 web.ctx.notify(_('Password recovery email sent to %s') % web.input().username, 104 'notification') 105 raise web.seeother('/')

106

107 -class ChangePasswordView:

108 ''' 109 Once the user has received the password recovery email, this form actually lets him change 110 his password 111 ''' 112 pass_regexp = web.form.regexp(r".{7,}", 'Must have more than 7 characters') 113 114 form = web.form.Form( 115 web.form.Password('password', pass_regexp, description=_('New Password')), 116 web.form.Password('password2', pass_regexp, description=_('Repeat New Password')), 117 web.form.Button('submit', type='submit', value=_('Change password')), 118 validators = [ 119 web.form.Validator(_('Passwords did\'t match'), 120 lambda i: i.password == i.password2)]) 121

122 - def GET(self, username, temp_token):

123 query = web.ctx.orm.query(User).filter(User.name == username) 124 if not query.count(): 125 web.ctx.notify(_('Password recovery: Invalid user'), 'notification') 126 raise web.seeother('/') 127 128 user = query.one() 129 if not user.is_active(): 130 web.ctx.notify(_('Password recovery: User %s is not active') % username, 'notification') 131 raise web.seeother('/') 132 133 if not user.validate_temp_token(temp_token): 134 web.ctx.notify(_('Password recovery: invalid token %s') % temp_token, 'notification') 135 raise web.seeother('/') 136 137 web.ctx.session.loggedin = True 138 web.ctx.session.username = username 139 return web.ctx.render.user.changepassword(self.form)

140 141 @authenticated

142 - def POST(self, username, temp_token):

143 if not self.form.validates(): 144 return web.ctx.render.user.changepassword(self.form) 145 user = web.ctx.orm.query(User).filter(User.name == web.ctx.session.username).one() 146 user.set_password(web.input().password) 147 web.ctx.orm.add(user) 148 web.ctx.notify(_('Password changed for user %s') % user.name, 'notification') 149 web.seeother('/')

150

Source Code for Module web.user.login