annotate MoinMoin/action/recoverpass.py @ 5928:d97e3b0d6b49

reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 21 Jan 2013 16:24:06 +0100
parents bf0b4b96dcb4
children 9a273076b808
rev   line source
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
1 # -*- coding: iso-8859-1 -*-
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
2 """
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
3 MoinMoin - create account action
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
4
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
5 @copyright: 2007 MoinMoin:JohannesBerg
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
6 @license: GNU GPL, see COPYING for details.
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
7 """
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
8
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
9 from MoinMoin import user, wikiutil
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
10 from MoinMoin.Page import Page
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
11 from MoinMoin.widget import html
3704
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
12 from MoinMoin.auth import MoinAuth
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
13
3563
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
14 def _do_email(request, u):
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
15 _ = request.getText
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
16
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
17 if u and u.valid:
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
18 is_ok, msg = u.mailAccountData()
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
19 if not is_ok:
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
20 return wikiutil.escape(msg)
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
21
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
22 return _("If this account exists an email was sent.")
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
23
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
24
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
25 def _do_recover(request):
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
26 _ = request.getText
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
27 form = request.form
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
28 if not request.cfg.mail_enabled:
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
29 return _("""This wiki is not enabled for mail processing.
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
30 Contact the owner of the wiki, who can enable email.""")
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
31
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
32 try:
4201
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
33 email = wikiutil.clean_input(form['email'].lower())
3069
15d744f727c9 UserPreferences 'send account data' also accepts username now (not only email addr), thanks to Joel Nackman (ported from 1.6)
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2967
diff changeset
34 if not email:
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
35 # continue if email not given
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
36 raise KeyError
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
37
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
38 u = user.get_by_email_address(request, email)
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
39
3563
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
40 return _do_email(request, u)
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
41 except KeyError:
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
42 pass
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
43
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
44 try:
4201
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
45 username = wikiutil.clean_input(form['name'])
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
46 if not username:
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
47 # continue if name not given
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
48 raise KeyError
3069
15d744f727c9 UserPreferences 'send account data' also accepts username now (not only email addr), thanks to Joel Nackman (ported from 1.6)
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2967
diff changeset
49
3179
d2352196da6a recoverpass action: fix AttributeError
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3122
diff changeset
50 u = user.User(request, user.getUserId(request, username))
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
51
3563
8140f31ada6d recoverpass: consolidate mail sending
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3562
diff changeset
52 return _do_email(request, u)
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
53 except KeyError:
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
54 pass
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
55
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
56 # neither succeeded, give error message
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
57 return _("Please provide a valid email address or a username!")
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
58
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
59
2366
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
60 def _create_form(request):
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
61 _ = request.getText
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
62 url = request.page.url(request)
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
63 ret = html.FORM(action=url)
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
64 ret.append(html.INPUT(type='hidden', name='action', value='recoverpass'))
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
65 lang_attr = request.theme.ui_lang_attr()
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
66 ret.append(html.Raw('<div class="userpref"%s>' % lang_attr))
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
67 tbl = html.TABLE(border="0")
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
68 ret.append(tbl)
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
69 ret.append(html.Raw('</div>'))
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
70
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
71 row = html.TR()
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
72 tbl.append(row)
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
73 row.append(html.TD().append(html.STRONG().append(html.Text(_("Username")))))
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
74 row.append(html.TD().append(html.INPUT(type="text", size="36",
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
75 name="name")))
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
76
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
77 row = html.TR()
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
78 tbl.append(row)
2366
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
79 row.append(html.TD().append(html.STRONG().append(html.Text(_("Email")))))
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
80 row.append(html.TD().append(html.INPUT(type="text", size="36",
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
81 name="email")))
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
82
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
83 row = html.TR()
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
84 tbl.append(row)
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
85 row.append(html.TD())
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
86 td = html.TD()
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
87 row.append(td)
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
88 td.append(html.INPUT(type="submit", name="account_sendmail",
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
89 value=_('Mail me my account data')))
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
90
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
91 return unicode(ret)
2f36b737022a split recoverpass form from prefs
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2295
diff changeset
92
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
93
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
94 def _create_token_form(request, name=None, token=None):
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
95 _ = request.getText
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
96 url = request.page.url(request)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
97 ret = html.FORM(action=url)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
98 ret.append(html.INPUT(type='hidden', name='action', value='recoverpass'))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
99 lang_attr = request.theme.ui_lang_attr()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
100 ret.append(html.Raw('<div class="userpref"%s>' % lang_attr))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
101 tbl = html.TABLE(border="0")
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
102 ret.append(tbl)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
103 ret.append(html.Raw('</div>'))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
104
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
105 row = html.TR()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
106 tbl.append(row)
5928
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
107 row.append(html.TD().append(html.STRONG().append(html.Text(_("Recovery token")))))
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
108 value = token or ''
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
109 row.append(html.TD().append(html.INPUT(type='text', size="36",
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
110 name="token", value=value)))
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
111
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
112 row = html.TR()
d97e3b0d6b49 reorder input fields in recoverpass form, to help browsers remember the user name (not the recovery token)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5687
diff changeset
113 tbl.append(row)
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
114 row.append(html.TD().append(html.STRONG().append(html.Text(_("Username")))))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
115 value = name or ''
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
116 row.append(html.TD().append(html.INPUT(type='text', size="36",
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
117 name="name", value=value)))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
118
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
119 row = html.TR()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
120 tbl.append(row)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
121 row.append(html.TD().append(html.STRONG().append(html.Text(_("New password")))))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
122 row.append(html.TD().append(html.INPUT(type="password", size="36",
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
123 name="password")))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
124
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
125 row = html.TR()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
126 tbl.append(row)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
127 row.append(html.TD().append(html.STRONG().append(html.Text(_("New password (repeat)")))))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
128 row.append(html.TD().append(html.INPUT(type="password", size="36",
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
129 name="password_repeat")))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
130
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
131 row = html.TR()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
132 tbl.append(row)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
133 row.append(html.TD())
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
134 td = html.TD()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
135 row.append(td)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
136 td.append(html.INPUT(type="submit", name="recover", value=_('Reset my password')))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
137
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
138 return unicode(ret)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
139
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
140
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
141 def execute(pagename, request):
3704
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
142 found = False
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
143 for auth in request.cfg.auth:
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
144 if isinstance(auth, MoinAuth):
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
145 found = True
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
146 break
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
147
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
148 if not found:
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
149 # we will not have linked, so forbid access
5252
6f6736e7683c makeForbidden403() is makeForbidden(403, ...) now
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4434
diff changeset
150 request.makeForbidden(403, 'No MoinAuth in auth list')
3704
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
151 return
6b3274cd86c6 make recoverpass/newaccount refuse access unless MoinAuth is enabled
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3567
diff changeset
152
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
153 page = Page(request, pagename)
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
154 _ = request.getText
4434
56f985bff6cf recoverpass needs to work with GET also
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4376
diff changeset
155 form = request.values # link in mail -> GET request
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
156
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
157 if not request.cfg.mail_enabled:
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
158 request.theme.add_msg(_("""This wiki is not enabled for mail processing.
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
159 Contact the owner of the wiki, who can enable email."""), 'warning')
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
160 page.send_page()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
161 return
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
162
4201
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
163 submitted = form.get('account_sendmail', '')
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
164 token = form.get('token', '')
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
165 newpass = form.get('password', '')
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
166 name = form.get('name', '')
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
167
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
168 if token and name and newpass:
4201
40acd13fb3d6 Changed form access to MultiDict forms
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4186
diff changeset
169 newpass2 = form.get('password_repeat', '')
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
170 msg = _("Passwords don't match!")
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
171 msg_type = 'error'
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
172 if newpass == newpass2:
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
173 pw_checker = request.cfg.password_checker
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
174 pw_error = None
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
175 if pw_checker:
4336
4f3d0b92d1c9 add i18n to the password checker result messages, add request param
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3704
diff changeset
176 pw_error = pw_checker(request, name, newpass)
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
177 if pw_error:
5685
37306fba2189 Fixing security issues related to MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg (possible XSS)
Eugene Syromyatnikov <evgsyr@gmail.com>
parents: 3704
diff changeset
178 msg = _("Password not acceptable: %s") % wikiutil.escape(pw_error)
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
179 if not pw_error:
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
180 u = user.User(request, user.getUserId(request, name))
3567
ddf31f2ae8e3 use hmac and make recoverpass token only valid for 12 hours
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3566
diff changeset
181 if u and u.valid and u.apply_recovery_token(token, newpass):
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
182 msg = _("Your password has been changed, you can log in now.")
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
183 msg_type = 'info'
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
184 else:
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
185 msg = _('Your token is invalid!')
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
186 if msg:
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
187 request.theme.add_msg(msg, msg_type)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
188 if msg_type != 'error':
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
189 page.send_page()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
190 return
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
191
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
192 if token and name:
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
193 request.theme.send_title(_("Password reset"), pagename=pagename)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
194
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
195 request.write(request.formatter.startContent("content"))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
196
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
197 request.write(_("""
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
198 == Password reset ==
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
199 Enter a new password below.""", wiki=True))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
200 request.write(_create_token_form(request, name=name, token=token))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
201
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
202 request.write(request.formatter.endContent())
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
203
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
204 request.theme.send_footer(pagename)
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
205 request.theme.send_closing_html()
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
206 elif submitted: # user pressed create button
4186
126559845d4b Use Werkzeug-property names instead of old MoinMoin attribute names
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4176
diff changeset
207 if request.method != 'POST':
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
208 return
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
209 msg = _do_recover(request)
2967
a310264ad186 Added a few add_msg calls (by Federico Lorenzi).
Alexander Schremmer <alex AT alexanderweb DOT de>
parents: 2725
diff changeset
210 request.theme.add_msg(msg, "dialog")
a310264ad186 Added a few add_msg calls (by Federico Lorenzi).
Alexander Schremmer <alex AT alexanderweb DOT de>
parents: 2725
diff changeset
211 page.send_page()
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
212 else: # show create form
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
213 request.theme.send_title(_("Lost password"), pagename=pagename)
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
214
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
215 request.write(request.formatter.startContent("content"))
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
216
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
217 request.write(_("""
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
218 == Recovering a lost password ==
3566
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
219 If you have forgotten your password, provide your email address or
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
220 username and click on '''Mail me my account data'''.
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
221 You will receive an email containing a recovery token that can be
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
222 used to change your password. The email will also contain further
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
223 instructions.""", wiki=True))
2295
66cc37b8f297 recoverpass: give message about no mail right away
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2294
diff changeset
224
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
225 request.write(_create_form(request))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
226
3566
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
227 request.write(request.formatter.rule())
0ef5a8ca610f recoverpass: fix help text
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3564
diff changeset
228
3564
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
229 request.write(_("""
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
230 === Password reset ===
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
231 If you already have received the email with the recovery token, enter your
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
232 username, the recovery token and a new password (twice) below.""", wiki=True))
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
233
474f6ad01900 recoverpass: email password reset token rather than sha1
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3563
diff changeset
234 request.write(_create_token_form(request))
3562
58a97376342c recoverpass: allow using username, make code nicer, remove completely useless comment
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 3179
diff changeset
235
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
236 request.write(request.formatter.endContent())
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
237
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
238 request.theme.send_footer(pagename)
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
239 request.theme.send_closing_html()