X-Git-Url: https://scm.cri.ensmp.fr/git/Plinn.git/blobdiff_plain/63f5e85cdbd05ac9a00a6dab60548c226981fb62..ba3300649023e250c9279f7833a5dd08a19c58a5:/RegistrationTool.py?ds=inline diff --git a/RegistrationTool.py b/RegistrationTool.py index c35cb6a..bddd44b 100644 --- a/RegistrationTool.py +++ b/RegistrationTool.py @@ -32,15 +32,18 @@ from AccessControl.Permission import Permission from BTrees.OOBTree import OOBTree from Products.CMFCore.permissions import ManagePortal, AddPortalMember from Products.CMFCore.exceptions import AccessControl_Unauthorized +from Products.CMFDefault.exceptions import EmailAddressInvalid from Products.CMFCore.utils import getToolByName from Products.CMFCore.utils import getUtilityByInterfaceName +from Products.CMFDefault.utils import checkEmailAddress from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups from Products.Plinn.utils import Message as _ +from Products.Plinn.utils import translate from Products.Plinn.utils import encodeQuopriEmail +from Products.Plinn.utils import encodeMailHeader from DateTime import DateTime from types import TupleType, ListType from uuid import uuid4 -from quopri import encodestring security = ModuleSecurityInfo('Products.Plinn.RegistrationTool') MODE_ANONYMOUS = 'anonymous' @@ -199,8 +202,19 @@ class RegistrationTool(BaseRegistrationTool) : self.clearExpiredPasswordResetRequests() mtool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IMembershipTool') member = mtool.getMemberById(userid) + if not member : + try : + checkEmailAddress(userid) + member = mtool.searchMembers('email', userid) + if member : + userid = member[0]['username'] + member = mtool.getMemberById(userid) + except EmailAddressInvalid : + pass if member : uuid = str(uuid4()) + while self._passwordResetRequests.has_key(uuid) : + uuid = str(uuid4()) self._passwordResetRequests[uuid] = (userid, DateTime() + 1) utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool') ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool') @@ -211,11 +225,12 @@ class RegistrationTool(BaseRegistrationTool) : mailhost = portal.MailHost sender = encodeQuopriEmail(ptool.getProperty('email_from_name'), ptool.getProperty('email_from_address')) to = encodeQuopriEmail(member.getMemberFullName(nameBefore=0), member.getProperty('email')) - subject = "=?utf-8?q?%s?=" % encodestring('Password reset') - lines = [] - pr = lines.append - pr('%s/password_reset_form/%s' % (utool(), uuid)) - body = '\n'.join(lines) + subject = translate(_('How to reset your password on the %s website')) % ptool.getProperty('title') + subject = encodeMailHeader(subject) + options = {'fullName' : member.getMemberFullName(nameBefore=0), + 'siteName' : ptool.getProperty('title'), + 'resetPasswordUrl' : '%s/password_reset_form/%s' % (utool(), uuid)} + body = self.password_reset_mail(options) message = self.echange_mail_template(From=sender, To=to, Subject=subject, @@ -223,6 +238,9 @@ class RegistrationTool(BaseRegistrationTool) : charset = 'UTF-8', body=body) mailhost.send(message) + return + + return _('Unknown user name. Please retry.') security.declarePrivate('clearExpiredPasswordResetRequests') def clearExpiredPasswordResetRequests(self): @@ -234,19 +252,16 @@ class RegistrationTool(BaseRegistrationTool) : security.declarePublic('resetPassword') - def resetPassword(self, userid, uuid, password, confirm) : + def resetPassword(self, uuid, password, confirm) : record = self._passwordResetRequests.get(uuid) if not record : - return _('Invalid reset password request.') - - recUserid, expiration = record - - if recUserid != userid : - return _('Invalid userid.') + return None, _('Invalid reset password request.') + userid, expiration = record + now = DateTime() if expiration < now : self.clearExpiredPasswordResetRequests() - return _('Your reset password request has expired. You can ask a new one.') + return None, _('Your reset password request has expired. You can ask a new one.') msg = self.testPasswordValidity(password, confirm=confirm) if not msg : # None if everything ok. Err message otherwise. @@ -255,9 +270,9 @@ class RegistrationTool(BaseRegistrationTool) : if member : member.setSecurityProfile(password=password) del self._passwordResetRequests[uuid] - return _('Password successfully resetted.') + return userid, _('Password successfully reset.') else : - return _('"%s" username not found.') % userid + return None, _('"%s" username not found.') % userid InitializeClass(RegistrationTool) \ No newline at end of file