/[glsr]/trunk/htdocs/account.py
Gentoo

Contents of /trunk/htdocs/account.py

Parent Directory Parent Directory | Revision Log Revision Log


Revision 62 - (show annotations) (download) (as text)
Tue Jul 5 16:52:04 2005 UTC (9 years ago) by port001
File MIME type: text/x-python
File size: 8669 byte(s)
Captcha for the registration page
1
2 import os
3 import re
4 import sha
5 import hmac
6 import StringIO
7 from random import Random
8
9 import Image
10 import ImageDraw
11 import ImageFont
12 import ImageFilter
13 import ImageColor
14
15 from harmonious import harm
16 from harmonious.utils import html_escape
17
18 from glsr.setup import config
19 from glsr.site.basedomain import BaseDomain
20 from glsr.site.user import get_uid_by_alias, get_uid_by_email, create_user
21
22 class Account(BaseDomain):
23
24 @harm.default
25 @harm.exposed
26 def register(self):
27
28 self._do_header()
29 self._template.param('GLSR_URL', config.url)
30 self._template.param('GLSR_REPORT', '')
31 self._template.compile(os.path.join(config.template_loc, 'register.tpl'))
32 harm.response.append_body(self._template.output())
33 self._do_footer()
34
35 @harm.exposed
36 def do_register(self):
37
38 alias_expr = re.compile('^[\w\- ]+$', re.UNICODE)
39 fullname_expr = re.compile('^[\w\- ]+$', re.UNICODE)
40 email_expr = re.compile('^[\w\-\.0-9]+\@[\w\-\.0-9]+$', re.UNICODE)
41 language_expr = re.compile('^[\w0-9\-\+\# ]+$', re.UNICODE)
42 location_expr = re.compile('^[\w\-\,\.0-9\:\/ ]+$', re.UNICODE)
43 website_expr = re.compile('^[\w\-\.\~\?\#0-9]+$', re.UNICODE)
44
45 alias = ''
46 passwd1 = ''
47 passwd2 = ''
48 fullname = ''
49 email = ''
50 language = ''
51 location = ''
52 website = ''
53 catpcha = ''
54
55 # Alias
56 if harm.request.forms.has_key('alias'):
57
58 alias = harm.request.forms.getvalue('alias')
59
60 if len(alias) > 25:
61
62 self.__failed_register('Value of \'alias\' field is too big! Maximum is 25 characters.')
63 return
64
65 if len(alias) < 2:
66
67 self.__failed_register('Value of \'alias\' field is too small! Minimum is 2 characters.')
68 return
69
70 if len(alias) > 0:
71
72 if not alias_expr.match(alias):
73
74 self.__failed_register('Value of \'alias\' contained illegal characters.')
75 return
76
77 else:
78
79 self.__failed_login('Missing required field \'alias\'.')
80 return
81
82 # Passwd - No need to restrict caharacters used as the password will
83 # never be displayed back to the user. Only its length needs checking.
84
85 if harm.request.forms.has_key('password1'):
86
87 passwd = harm.request.forms.getvalue('password1')
88
89 if len(passwd) > 32:
90
91 self.__failed_register('Value of \'password1\' field is too big! Maximum is 32 characters.')
92 return
93
94 if len(passwd) < 6:
95
96 self.__failed_register('Value of \'password1\' field is too small! Miniumum is 6 characters.')
97 return
98
99 else:
100
101 self.__failed_register('Missing required field \'alias\'.')
102 return
103
104 # Email
105 if harm.request.forms.has_key('email'):
106
107 email = harm.request.forms.getvalue('email')
108
109 if len(email) > 50:
110
111 self.__failed_register('Value of \'email\' is too big! Maximum is 50 characters.')
112 return
113
114 if len(email) < 6:
115
116 self.__failed_register('Value of \'email\' is too small! Minimum is 6 characters.')
117 return
118
119 if len(email) > 0:
120
121 if not email_expr.match(email):
122
123 self.__failed_register('Value of \'email\' field contained illegal chatacters.')
124 return
125
126 # Fullname
127 if harm.request.forms.has_key('fullname'):
128
129 fullname = harm.request.forms.getvalue('fullname')
130
131 if len(fullname) > 40:
132
133 self.__failed_register('Value of \'fullname\' field is too big! Maximum is 40 characters.')
134 return
135
136 if len(fullname) > 0:
137
138 if not fullname_expr.match(fullname):
139
140 self.__failed_register('Value of \'fullname\' field contained illegal characters.')
141 return
142
143 # Language
144 if harm.request.forms.has_key('language'):
145
146 language = harm.request.forms.getvalue('language')
147
148 if len(language) > 100:
149
150 self.__failed_register('Value of \'language\' field is too big! Maximum is 100 characters')
151 return
152
153 if len(language) > 0:
154
155 if not language_expr.match(language):
156
157 self.__failed_register('Value of \'language\' field contained illegal characters.')
158 return
159
160 # Location
161 if harm.request.forms.has_key('location'):
162
163 location = harm.request.forms.getvalue('location')
164
165 if len(location) > 100:
166
167 self.__failed_register('Vaue of \'location\' field is too big! Maximum is 100 characters.')
168 return
169
170 if len(location) > 0:
171
172 if not location_expr.match(location):
173
174 self.__failed_register('Value of \'location\' field contained illegal characters.')
175 return
176
177 # Website
178 if harm.request.forms.has_key('website'):
179
180 website = harm.request.forms.getvalue('website')
181
182 if len(website) > 100:
183
184 self.__failed_register('Value of \'website\' field is too big! Maximum is 100 characters.')
185 return
186
187 if len(website) > 0:
188
189 if not website_expr.match(website):
190
191 self.__failed_register('Value of \'website\' contained illegal characters.')
192 return
193
194 # Captcha
195 if harm.request.forms.has_key('captcha'):
196
197 captcha = harm.request.forms.getvalue('captcha')
198
199 if captcha != self.__gen_captcha_code():
200
201 self.__failed_register('Your authentication code is incorrect.')
202 return
203
204 # Check password
205 if not harm.request.forms.has_key('password2'):
206
207 self.__failed_register('Your verification password does not match.')
208 return
209
210 else:
211
212 passwd2 = harm.request.forms.getvalue('password2')
213
214 if passwd != passwd2:
215
216 self.__failed_register('Your verification password does not match.')
217 return
218
219 # Just incase
220 alias = html_escape(alias)
221 email = html_escape(email)
222 fullname = html_escape(fullname)
223 lanuage = html_escape(language)
224 location = html_escape(location)
225 website = html_escape(website)
226
227 if get_uid_by_alias(alias) != None:
228
229 self.__failed_register("The username '%s' is already in use." % alias)
230 return
231
232 if get_uid_by_email(email) != None:
233
234 self.__failed_register("The email address '%s' has already been registered by another user." % email)
235 return
236
237 create_user(alias=alias, email=email, passwd=passwd, fullname=fullname,
238 language=language, location=location, website=website, user_type=0)
239
240 # Replace this with a confirmation page
241 harm.response.status = 303
242 harm.response.add_header('Location', os.path.join(config.url, 'index.py?page=main'))
243
244 def get_captcha(self):
245
246 rand = Random()
247 colour = ImageColor.getcolor('rgb(255,255,255)', 'RGB')
248 im = Image.new('RGB', (200, 80), colour)
249 font = ImageFont.truetype(os.path.join(config.template_loc, 'verdana.ttf'), 40)
250 draw = ImageDraw.Draw(im)
251 y_pos = 15
252 code = self.__gen_captcha_code()
253
254 # Draw each character
255 for i in range(0, 6):
256
257 (char_width, char_height) = font.getsize(code[i])
258 # Pick a random X co-ord
259 x_pos = rand.randint(0, 30)
260 draw.text((y_pos, x_pos), code[i], font=font, fill=(0,0,0))
261 y_pos = y_pos + 30
262
263 # Blur the text
264 im = im.filter(ImageFilter.BLUR)
265
266 image_data = StringIO.StringIO()
267 im.save(image_data, 'JPEG')
268 image_data.seek(0)
269
270 harm.response.append_body(image_data.read())
271 harm.response.add_header('Content-Type', 'image/jpeg')
272
273 def __gen_captcha_code(self):
274
275 return hmac.new(harm.config.server['SecretKey'], harm.request.session.get_id(), \
276 sha).hexdigest()[:6]
277
278 def __failed_register(self, msg):
279
280 self._do_header()
281 self._template.param('GLSR_REPORT', msg)
282 self._template.param('GLSR_REPORT_TYPE', 'fatal')
283 self._template.compile(os.path.join(config.template_loc, 'register.tpl'))
284 harm.response.append_body(self._template.output())
285 self._do_footer()

  ViewVC Help
Powered by ViewVC 1.1.20