Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if get_session(req).query(User).filter(User.username == value).count():
Str = req.registry.getUtility(IUIStrings)
raise c.Invalid(node, Str.registration_username_exists)
def unix_username(node, value): # TODO This is currently not used
'''Colander validator that ensures the username is alphanumeric.'''
if not ALPHANUM.match(value):
raise c.Invalid(node, _("Contains unacceptable characters."))
ALPHANUM = re.compile(r'^[a-zA-Z0-9_.-]+$')
class LoginSchema(CSRFSchema):
username = c.SchemaNode(c.String())
password = c.SchemaNode(c.String(), validator=c.Length(min=2),
widget=deform.widget.PasswordWidget())
class RegisterSchema(CSRFSchema):
username = c.SchemaNode(c.String(), title=_('User name'),
description=_("Name with which you will log in"),
validator=unique_username)
email = c.SchemaNode(
c.String(),
title=_('Email'),
validator=c.All(c.Email(), unique_email),
description=_("Example: joe@example.com"),
widget=w.TextInputWidget(size=40, maxlength=260, type='email'))
password = c.SchemaNode(
c.String(),
validator=c.Length(min=4),
widget=deform.widget.CheckedPasswordWidget(),
def password_node(**kwargs):
"""Return a Colander schema node for an existing user password."""
kwargs.setdefault('widget', deform.widget.PasswordWidget())
return colander.SchemaNode(
colander.String(),
**kwargs)
def new_password_node(**kwargs):
"""Return a Colander schema node for a new user password."""
kwargs.setdefault('widget', deform.widget.PasswordWidget())
return colander.SchemaNode(
colander.String(),
validator=validators.Length(min=PASSWORD_MIN_LENGTH),
**kwargs)
pwd_len = 20
return ''.join(chars[int(c) % len(chars)] for c in os.urandom(pwd_len))
class Password(SchemaNode):
"""UTF-8 encoded text.
Minimal length=6, maximal length=100 characters.
Example value: secret password?
"""
schema_type = StringType
default = deferred_password_default
missing = drop
validator = Length(min=6, max=100)
widget = PasswordWidget(redisplay=True)
@deferred
def deferred_date_default(node: MappingSchema, kw: dict) -> datetime:
"""Return current date."""
return now()
class DateTime(SchemaNode):
"""DateTime object.
This type serializes python ``datetime.datetime`` objects to a
`ISO8601 `_ string format.
The format includes the date, the time, and the timezone of the
datetime.
def modify_login_schema(self, schema):
schema.add(colander.SchemaNode(colander.String(),
name = "password",
title = _('Password'),
widget = deform.widget.PasswordWidget(size=20)))
schema.validator = deferred_login_password_validator
# -*- coding: utf-8 -*-
import deform
from h import i18n
from h.accounts.schemas import CSRFSchema
from h.accounts.schemas import password_node
_ = i18n.TranslationString
class UpdateAccountSchema(CSRFSchema):
password = password_node(title=_('New password'),
widget=deform.widget.PasswordWidget(
autofocus=True))
def password_node():
return colander.SchemaNode(colander.String(),
validator=colander.All(password_validation, html_string_validator,),
widget=deform.widget.CheckedPasswordWidget(size=20),
title=_('Password'),
description = _(u"password_creation_tip",
default = u"Use at least 6 chars. A good rule is to use long passwords that "
u"doesn't contain any personal information or things that someone else might guess."))
@schema_factory('ChangePasswordSchema', title = _(u"Change password"))
class ChangePasswordSchema(colander.Schema):
current_password = colander.SchemaNode(colander.String(),
title=_('Current password'),
widget=deform.widget.PasswordWidget(size=20),
validator=deferred_current_password_validator)
password = password_node()
@schema_factory('ChangePasswordAdminSchema', title = _(u"Change password"), description = _(u"Use this form to change password"))
class ChangePasswordAdminSchema(colander.Schema):
password = password_node()
@schema_factory('RequestNewPasswordSchema', title = _(u"Request new password"), description = _(u"Use this form to request a new password"))
class RequestNewPasswordSchema(colander.Schema):
userid_or_email = colander.SchemaNode(colander.String(),
title = _(u"UserID or email address."))
@schema_factory('TokenPasswordChangeSchema')
from h import i18n
from h.schemas.base import CSRFSchema
from h.services.user import UserNotActivated
_ = i18n.TranslationString
class LoginSchema(CSRFSchema):
username = colander.SchemaNode(
colander.String(),
title=_("Username / email"),
widget=deform.widget.TextInputWidget(autofocus=True),
)
password = colander.SchemaNode(
colander.String(), title=_("Password"), widget=deform.widget.PasswordWidget()
)
def validator(self, node, value):
super(LoginSchema, self).validator(node, value)
request = node.bindings["request"]
username = value.get("username")
password = value.get("password")
user_service = request.find_service(name="user")
user_password_service = request.find_service(name="user_password")
try:
user = user_service.fetch_for_login(username_or_email=username)
except UserNotActivated:
err = colander.Invalid(node)
def deserialize(self, node, cstruct):
if cstruct is colander.null:
return colander.null
if not isinstance(cstruct, basestring):
raise colander.Invalid(node, '%r is not a valid username' % cstruct)
user = DBSession.query(User).filter_by(name=cstruct).first()
if not user:
raise colander.Invalid(node, 'User with name %r does not exist' % cstruct)
return user
class LoginFormSchema(colander.MappingSchema):
login = colander.SchemaNode(TypeUser())
password = colander.SchemaNode(colander.Str(),
widget=deform.widget.PasswordWidget()
)
def password_validator(form, value):
user = value['login']
password = value['password']
if user.password != password:
raise colander.Invalid(form, 'Password does not match user %s' % user.name)
@view_config(route_name='login', renderer='templates/login.pt')
def login_view(request):
deform_static.need()
search_path = ('myShop/templates/deform/',)