6 from __future__
import unicode_literals
11 from pyramid.response
import Response
12 from pyramid.security
import authenticated_userid, forget, remember
13 from pyramid.threadlocal
import get_current_request
16 from wowf.models import Group, InviteToken, LoginToken, PasswordToken, User
20 DEFAULT_GROUPS = [LOGIN_GROUP]
22 LOGIN_TOKEN_KEY =
'auth_token'
24 LOGIN_TOKEN_LIFETIME = datetime.timedelta(days=30)
25 PASSWORD_TOKEN_LIFETIME = datetime.timedelta(hours=24)
26 INVITE_TOKEN_LIFETIME = datetime.timedelta(days=30)
38 invite_token = InviteToken.create(user, INVITE_TOKEN_LIFETIME)
40 extra_headers = {
'Reply-To': user.email}
43 send_mail(subject=
"You've Been Invited To Join Workout With Friends", recipients=emails,
44 template=
'emails/invite.html',
45 variables=dict(user=user, token=invite_token.token,
47 extra_headers=extra_headers)
55 invite_token = InviteToken.get_by_token(token)
56 return invite_token
and invite_token.is_valid()
67 for group
in DEFAULT_GROUPS:
68 user.groups.append(Group.get_by_name(group))
69 send_mail(subject=
'Welcome to Workout With Friends', recipients=user.email,
70 template=
'emails/welcome.html', variables=dict(user=user))
72 return Auth.login(user, remember_me=
False)
81 user = User.get_by_email(email)
82 if user
and user.password == Auth.hash_password(password, user.password):
83 login_group = Group.get_by_name(LOGIN_GROUP)
84 return user
and login_group
in user.groups
97 def login(user, remember_me=False):
98 request = get_current_request()
100 response.headerlist.extend(remember(request, user.id))
102 login_token = LoginToken.create(user, LOGIN_TOKEN_LIFETIME, request.user_agent)
103 response.set_cookie(LOGIN_TOKEN_KEY, login_token.token, max_age=LOGIN_TOKEN_LIFETIME)
104 if not user.is_active:
105 user.is_active =
True
107 return response.headers
120 request = get_current_request()
121 token = request.cookies.get(LOGIN_TOKEN_KEY)
123 login_token = LoginToken.get_by_token(token)
124 if login_token
and login_token.is_valid(request.user_agent):
125 return Auth.login(login_token.user, remember_me=
False)
135 request = get_current_request()
136 response = Response()
137 response.headerlist.extend(forget(request))
138 auth_token = request.cookies.get(LOGIN_TOKEN_KEY)
140 response.delete_cookie(LOGIN_TOKEN_KEY)
141 token = LoginToken.get_by_token(auth_token)
144 return response.headers
153 user = User.get_by_email(email)
154 password_token = PasswordToken.create(user, PASSWORD_TOKEN_LIFETIME)
155 send_mail(subject=
'Reset Password Request', recipients=user.email,
156 template=
'emails/request_password.html',
157 variables=dict(user=user, token=password_token.token,
170 password_token = PasswordToken.get_by_token(token)
171 if password_token
and password_token.is_valid():
172 random_password = Auth.generate_random_password()
173 user = password_token.user
174 user.password = random_password
175 send_mail(subject=
'Temporary Password', recipients=user.email,
176 template=
'emails/temporary_password.html',
177 variables=dict(user=user, random_password=random_password))
178 password_token.delete()
190 if isinstance(password, unicode):
191 password = password.encode(
'utf-8')
192 if check_password
is None:
194 salt = bcrypt.gensalt(12)
197 salt = check_password
198 return bcrypt.hashpw(password, salt)
208 chars = chars
or string.letters + string.digits +
'!@#$*?'
209 return ''.join(random.sample(chars, length))
219 request = get_current_request()
220 user_id = authenticated_userid(request)
222 return User.get_by_id(user_id)