##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

merge
marcink -
r1419:febb3f95 merge beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
1 NO CONTENT: new file 100644
Show file before | Show file after | Hide comments
@@ -294,6 +294,10 b' def make_map(config):'
294 294 rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX,
295 295 controller='login', action='password_reset')
296 296
297 rmap.connect('reset_password_confirmation',
298 '%s/password_reset_confirmation' % ADMIN_PREFIX,
299 controller='login', action='password_reset_confirmation')
300
297 301 #FEEDS
298 302 rmap.connect('rss_feed_home', '/{repo_name:.*}/feed/rss',
299 303 controller='feed', action='rss',
Show file before | Show file after | Hide comments
@@ -129,8 +129,8 b' class LoginController(BaseController):'
129 129 password_reset_form = PasswordResetForm()()
130 130 try:
131 131 form_result = password_reset_form.to_python(dict(request.POST))
132 user_model.reset_password(form_result)
133 h.flash(_('Your new password was sent'),
132 user_model.reset_password_link(form_result)
133 h.flash(_('Your password reset link was sent'),
134 134 category='success')
135 135 return redirect(url('login_home'))
136 136
@@ -144,6 +144,23 b' class LoginController(BaseController):'
144 144
145 145 return render('/password_reset.html')
146 146
147 def password_reset_confirmation(self):
148
149 if request.GET and request.GET.get('key'):
150 try:
151 user_model = UserModel()
152 user = User.get_by_api_key(request.GET.get('key'))
153 data = dict(email=user.email)
154 user_model.reset_password(data)
155 h.flash(_('Your password reset was successful, '
156 'new password has been sent to your email'),
157 category='success')
158 except Exception, e:
159 log.error(e)
160 return redirect(url('reset_password'))
161
162 return redirect(url('login_home'))
163
147 164 def logout(self):
148 165 del session['rhodecode_user']
149 166 session.save()
Show file before | Show file after | Hide comments
@@ -34,7 +34,7 b' from time import mktime'
34 34 from operator import itemgetter
35 35 from string import lower
36 36
37 from pylons import config
37 from pylons import config, url
38 38 from pylons.i18n.translation import _
39 39
40 40 from rhodecode.lib import LANGUAGES_EXTENSIONS_MAP, safe_str
@@ -249,6 +249,45 b' def get_commits_stats(repo_name, ts_min_'
249 249 log.info('LockHeld')
250 250 return 'Task with key %s already running' % lockkey
251 251
252 @task(ignore_result=True)
253 def send_password_link(user_email):
254 try:
255 log = reset_user_password.get_logger()
256 except:
257 log = logging.getLogger(__name__)
258
259 from rhodecode.lib import auth
260 from rhodecode.model.db import User
261
262 try:
263 sa = get_session()
264 user = sa.query(User).filter(User.email == user_email).scalar()
265
266 if user:
267 link = url('reset_password_confirmation', key=user.api_key,
268 qualified=True)
269 tmpl = """
270 Hello %s
271
272 We received a request to create a new password for your account.
273
274 You can generate it by clicking following URL:
275
276 %s
277
278 If you didn't request new password please ignore this email.
279 """
280 run_task(send_email, user_email,
281 "RhodeCode password reset link",
282 tmpl % (user.short_contact, link))
283 log.info('send new password mail to %s', user_email)
284
285 except:
286 log.error('Failed to update user password')
287 log.error(traceback.format_exc())
288 return False
289
290 return True
252 291
253 292 @task(ignore_result=True)
254 293 def reset_user_password(user_email):
@@ -280,8 +319,8 b' def reset_user_password(user_email):'
280 319 sa.rollback()
281 320
282 321 run_task(send_email, user_email,
283 "Your new rhodecode password",
284 'Your new rhodecode password:%s' % (new_passwd))
322 "Your new RhodeCode password",
323 'Your new RhodeCode password:%s' % (new_passwd))
285 324 log.info('send new password mail to %s', user_email)
286 325
287 326 except:
Show file before | Show file after | Hide comments
@@ -74,13 +74,19 b' class SmtpMailer(object):'
74 74
75 75 date_ = formatdate(localtime=True)
76 76 msg = MIMEMultipart()
77 msg.set_type('multipart/alternative')
78 msg.preamble = 'You will not see this in a MIME-aware mail reader.\n'
79
80 text_msg = MIMEText(body)
81 text_msg.set_type('text/plain')
82 text_msg.set_param('charset', 'UTF-8')
83
77 84 msg['From'] = self.mail_from
78 85 msg['To'] = ','.join(recipients)
79 86 msg['Date'] = date_
80 87 msg['Subject'] = subject
81 msg.preamble = 'You will not see this in a MIME-aware mail reader.\n'
82 88
83 msg.attach(MIMEText(body))
89 msg.attach(text_msg)
84 90
85 91 if attachment_files:
86 92 self.__atach_files(msg, attachment_files)
Show file before | Show file after | Hide comments
@@ -243,6 +243,11 b' class User(Base, BaseModel):'
243 243 else:
244 244 return Session.query(cls).filter(cls.username == username).one()
245 245
246 @classmethod
247 def get_by_api_key(cls, api_key):
248 return Session.query(cls).filter(cls.api_key == api_key).one()
249
250
246 251 def update_lastlogin(self):
247 252 """Update user lastlogin"""
248 253
Show file before | Show file after | Hide comments
@@ -213,6 +213,10 b' class UserModel(BaseModel):'
213 213 self.sa.rollback()
214 214 raise
215 215
216 def reset_password_link(self, data):
217 from rhodecode.lib.celerylib import tasks, run_task
218 run_task(tasks.send_password_link, data['email'])
219
216 220 def reset_password(self, data):
217 221 from rhodecode.lib.celerylib import tasks, run_task
218 222 run_task(tasks.reset_user_password, data['email'])
Show file before | Show file after | Hide comments
@@ -198,7 +198,8 b' margin-bottom:5px !important;'
198 198 -moz-border-radius: 0px 0px 8px 8px;
199 199 border-radius: 0px 0px 8px 8px;
200 200 height:37px;
201 background:url("../images/header_inner.png") repeat-x scroll 0 0 #003367
201 background:url("../images/header_inner.png") repeat-x scroll 0 0 #003367;
202 box-shadow: 0 2px 2px rgba(0, 0, 0, 0.6);
202 203 }
203 204
204 205 #header ul#logged-user li {
@@ -1383,6 +1384,13 b' position: absolute;'
1383 1384 margin-left: -16px;
1384 1385 width: 281px;
1385 1386 border-radius: 0 0 8px 8px;
1387 box-shadow: 0 2px 2px rgba(0, 0, 0, 0.6);
1388 }
1389
1390 #quick_login .password_forgoten{
1391 padding-right:10px;
1392 padding-top:10px;
1393 float:left;
1386 1394 }
1387 1395
1388 1396 #quick_login div.form div.fields{
Show file before | Show file after | Hide comments
@@ -30,7 +30,7 b''
30 30
31 31 </div>
32 32 <div class="buttons">
33 ${h.submit('sign_in','Sign In',class_="ui-button")}
33 <div class="password_forgoten">${h.link_to(_('Forgot password ?'),h.url('reset_password'))}</div>${h.submit('sign_in','Sign In',class_="ui-button")}
34 34 </div>
35 35 </div>
36 36 </div>
Show file before | Show file after | Hide comments
@@ -28,7 +28,7 b''
28 28 <div class="buttons">
29 29 <div class="nohighlight">
30 30 ${h.submit('send','Reset my password',class_="ui-button")}
31 <div class="activation_msg">${_('Your new password will be send to matching email address')}</div>
31 <div class="activation_msg">${_('Password reset link will be send to matching email address')}</div>
32 32 </div>
33 33 </div>
34 34 </div>
Show file before | Show file after | Hide comments
@@ -1,6 +1,7 b''
1 1 # -*- coding: utf-8 -*-
2 2 from rhodecode.tests import *
3 3 from rhodecode.model.db import User
4 from rhodecode.lib import generate_api_key
4 5 from rhodecode.lib.auth import check_password
5 6
6 7
@@ -8,39 +9,42 b' class TestLoginController(TestController'
8 9
9 10 def test_index(self):
10 11 response = self.app.get(url(controller='login', action='index'))
11 assert response.status == '200 OK', 'Wrong response from login page got %s' % response.status
12 self.assertEqual(response.status, '200 OK')
12 13 # Test response...
13 14
14 15 def test_login_admin_ok(self):
15 16 response = self.app.post(url(controller='login', action='index'),
16 17 {'username':'test_admin',
17 18 'password':'test12'})
18 assert response.status == '302 Found', 'Wrong response code from login got %s' % response.status
19 assert response.session['rhodecode_user'].username == 'test_admin', 'wrong logged in user'
19 self.assertEqual(response.status, '302 Found')
20 self.assertEqual(response.session['rhodecode_user'].username ,
21 'test_admin')
20 22 response = response.follow()
21 assert '%s repository' % HG_REPO in response.body
23 self.assertTrue('%s repository' % HG_REPO in response.body)
22 24
23 25 def test_login_regular_ok(self):
24 26 response = self.app.post(url(controller='login', action='index'),
25 27 {'username':'test_regular',
26 28 'password':'test12'})
27 print response
28 assert response.status == '302 Found', 'Wrong response code from login got %s' % response.status
29 assert response.session['rhodecode_user'].username == 'test_regular', 'wrong logged in user'
29
30 self.assertEqual(response.status, '302 Found')
31 self.assertEqual(response.session['rhodecode_user'].username ,
32 'test_regular')
30 33 response = response.follow()
31 assert '%s repository' % HG_REPO in response.body
32 assert '<a title="Admin" href="/_admin">' not in response.body
34 self.assertTrue('%s repository' % HG_REPO in response.body)
35 self.assertTrue('<a title="Admin" href="/_admin">' not in response.body)
33 36
34 37 def test_login_ok_came_from(self):
35 38 test_came_from = '/_admin/users'
36 response = self.app.post(url(controller='login', action='index', came_from=test_came_from),
39 response = self.app.post(url(controller='login', action='index',
40 came_from=test_came_from),
37 41 {'username':'test_admin',
38 42 'password':'test12'})
39 assert response.status == '302 Found', 'Wrong response code from came from redirection'
43 self.assertEqual(response.status, '302 Found')
40 44 response = response.follow()
41 45
42 assert response.status == '200 OK', 'Wrong response from login page got %s' % response.status
43 assert 'Users administration' in response.body, 'No proper title in response'
46 self.assertEqual(response.status, '200 OK')
47 self.assertTrue('Users administration' in response.body)
44 48
45 49
46 50 def test_login_short_password(self):
@@ -48,24 +52,24 b' class TestLoginController(TestController'
48 52 {'username':'test_admin',
49 53 'password':'as'})
50 54 self.assertEqual(response.status, '200 OK')
51 print response.body
55
52 56 self.assertTrue('Enter 3 characters or more' in response.body)
53 57
54 58 def test_login_wrong_username_password(self):
55 59 response = self.app.post(url(controller='login', action='index'),
56 60 {'username':'error',
57 61 'password':'test12'})
58 assert response.status == '200 OK', 'Wrong response from login page'
62 self.assertEqual(response.status , '200 OK')
59 63
60 assert 'invalid user name' in response.body, 'No error username message in response'
61 assert 'invalid password' in response.body, 'No error password message in response'
64 self.assertTrue('invalid user name' in response.body)
65 self.assertTrue('invalid password' in response.body)
62 66
63 67 #==========================================================================
64 68 # REGISTRATIONS
65 69 #==========================================================================
66 70 def test_register(self):
67 71 response = self.app.get(url(controller='login', action='register'))
68 assert 'Sign Up to RhodeCode' in response.body, 'wrong page for user registration'
72 self.assertTrue('Sign Up to RhodeCode' in response.body)
69 73
70 74 def test_register_err_same_username(self):
71 75 response = self.app.post(url(controller='login', action='register'),
@@ -76,8 +80,8 b' class TestLoginController(TestController'
76 80 'name':'test',
77 81 'lastname':'test'})
78 82
79 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
80 assert 'This username already exists' in response.body
83 self.assertEqual(response.status , '200 OK')
84 self.assertTrue('This username already exists' in response.body)
81 85
82 86 def test_register_err_same_email(self):
83 87 response = self.app.post(url(controller='login', action='register'),
@@ -88,7 +92,7 b' class TestLoginController(TestController'
88 92 'name':'test',
89 93 'lastname':'test'})
90 94
91 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
95 self.assertEqual(response.status , '200 OK')
92 96 assert 'This e-mail address is already taken' in response.body
93 97
94 98 def test_register_err_same_email_case_sensitive(self):
@@ -99,7 +103,7 b' class TestLoginController(TestController'
99 103 'email':'TesT_Admin@mail.COM',
100 104 'name':'test',
101 105 'lastname':'test'})
102 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
106 self.assertEqual(response.status , '200 OK')
103 107 assert 'This e-mail address is already taken' in response.body
104 108
105 109 def test_register_err_wrong_data(self):
@@ -110,7 +114,7 b' class TestLoginController(TestController'
110 114 'email':'goodmailm',
111 115 'name':'test',
112 116 'lastname':'test'})
113 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
117 self.assertEqual(response.status , '200 OK')
114 118 assert 'An email address must contain a single @' in response.body
115 119 assert 'Enter a value 6 characters long or more' in response.body
116 120
@@ -124,8 +128,7 b' class TestLoginController(TestController'
124 128 'name':'test',
125 129 'lastname':'test'})
126 130
127 print response.body
128 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
131 self.assertEqual(response.status , '200 OK')
129 132 assert 'An email address must contain a single @' in response.body
130 133 assert ('Username may only contain '
131 134 'alphanumeric characters underscores, '
@@ -141,7 +144,7 b' class TestLoginController(TestController'
141 144 'name':'test',
142 145 'lastname':'test'})
143 146
144 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
147 self.assertEqual(response.status , '200 OK')
145 148 assert 'An email address must contain a single @' in response.body
146 149 assert 'This username already exists' in response.body
147 150
@@ -156,8 +159,7 b' class TestLoginController(TestController'
156 159 'name':'test',
157 160 'lastname':'test'})
158 161
159 print response.body
160 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
162 self.assertEqual(response.status , '200 OK')
161 163 assert 'Invalid characters in password' in response.body
162 164
163 165
@@ -170,8 +172,7 b' class TestLoginController(TestController'
170 172 'name':'test',
171 173 'lastname':'test'})
172 174
173 assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status
174 print response.body
175 self.assertEqual(response.status , '200 OK')
175 176 assert 'Password do not match' in response.body
176 177
177 178 def test_register_ok(self):
@@ -188,7 +189,7 b' class TestLoginController(TestController'
188 189 'email':email,
189 190 'name':name,
190 191 'lastname':lastname})
191 assert response.status == '302 Found', 'Wrong response from register page got %s' % response.status
192 self.assertEqual(response.status , '302 Found')
192 193 assert 'You have successfully registered into rhodecode' in response.session['flash'][0], 'No flash message about user registration'
193 194
194 195 ret = self.sa.query(User).filter(User.username == 'test_regular4').one()
@@ -206,8 +207,9 b' class TestLoginController(TestController'
206 207 assert "This e-mail address doesn't exist" in response.body, 'Missing error message about wrong email'
207 208
208 209 def test_forgot_password(self):
209 response = self.app.get(url(controller='login', action='password_reset'))
210 assert response.status == '200 OK', 'Wrong response from login page got %s' % response.status
210 response = self.app.get(url(controller='login',
211 action='password_reset'))
212 self.assertEqual(response.status , '200 OK')
211 213
212 214 username = 'test_password_reset_1'
213 215 password = 'qweqwe'
@@ -215,16 +217,45 b' class TestLoginController(TestController'
215 217 name = 'passwd'
216 218 lastname = 'reset'
217 219
218 response = self.app.post(url(controller='login', action='register'),
219 {'username':username,
220 'password':password,
221 'password_confirmation':password,
222 'email':email,
223 'name':name,
224 'lastname':lastname})
225 #register new user for email test
226 response = self.app.post(url(controller='login', action='password_reset'),
227 {'email':email, })
228 print response.session['flash']
229 assert 'You have successfully registered into rhodecode' in response.session['flash'][0], 'No flash message about user registration'
230 assert 'Your new password was sent' in response.session['flash'][1], 'No flash message about password reset'
220 new = User()
221 new.username = username
222 new.password = password
223 new.email = email
224 new.name = name
225 new.lastname = lastname
226 new.api_key = generate_api_key(username)
227 self.sa.add(new)
228 self.sa.commit()
229
230 response = self.app.post(url(controller='login',
231 action='password_reset'),
232 {'email':email, })
233
234 self.checkSessionFlash(response, 'Your password reset link was sent')
235
236 response = response.follow()
237
238 # BAD KEY
239
240 key = "bad"
241 response = self.app.get(url(controller='login',
242 action='password_reset_confirmation',
243 key=key))
244 self.assertEqual(response.status, '302 Found')
245 self.assertTrue(response.location.endswith(url('reset_password')))
246
247 # GOOD KEY
248
249 key = User.by_username(username).api_key
250
251 response = self.app.get(url(controller='login',
252 action='password_reset_confirmation',
253 key=key))
254 self.assertEqual(response.status, '302 Found')
255 self.assertTrue(response.location.endswith(url('login_home')))
256
257 self.checkSessionFlash(response,
258 ('Your password reset was successful, '
259 'new password has been sent to your email'))
260
261 response = response.follow()
Show file before | Show file after | Hide comments
@@ -6,10 +6,10 b' tag_svn_revision = true'
6 6 find_links = http://www.pylonshq.com/download/
7 7
8 8 [nosetests]
9 verbose=False
9 verbose=True
10 10 verbosity=2
11 11 with-pylons=test.ini
12 detailed-errors=0
12 detailed-errors=1
13 13 nologcapture=1
14 14
15 15 # Babel configuration
General Comments 0
You need to be logged in to leave comments. Login now