130 lines
6.0 KiB
Python
130 lines
6.0 KiB
Python
'''
|
|
Created on 19.09.2010
|
|
|
|
@author: Sergey Morozov
|
|
'''
|
|
|
|
import sys, os, cgitb, cgi
|
|
from wsgiref.util import application_uri
|
|
cgitb.enable()
|
|
serverdir = os.path.dirname(__file__)
|
|
sys.path.append(serverdir)
|
|
sys.path.append(serverdir + os.sep + 'include')
|
|
import config
|
|
from siphon import user
|
|
|
|
def genHeader(environ):
|
|
output = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">\n'\
|
|
'<html lang="en">\n'\
|
|
'<head>\n'\
|
|
' <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />\n'\
|
|
' <title>Change password - Siphon Server</title>\n'\
|
|
'</head>\n'\
|
|
'<body>\n'\
|
|
' <H1>Fill the form to change password</H1>\n'
|
|
return(output)
|
|
|
|
|
|
def genForm(environ, submitUrl, printOldPassword = True):
|
|
output = ' <form method="post" enctype="multipart/form-data" action="' + submitUrl + '">\n'\
|
|
' <table>\n'
|
|
if printOldPassword == True:
|
|
output += ' <tr>\n'\
|
|
' <td>\n'\
|
|
' E-mail:\n'\
|
|
' </td>\n'\
|
|
' <td>\n'\
|
|
' <input type="text" name="email" id="email" size="30">\n'\
|
|
' </td>\n'\
|
|
' </tr>\n'\
|
|
' <tr>\n'\
|
|
' <td>\n'\
|
|
' Old password:\n'\
|
|
' </td>\n'\
|
|
' <td>\n'\
|
|
' <input type="password" name="old_password" id="old_password" size="30"><br>\n'\
|
|
' </td>\n'\
|
|
' </tr>\n'
|
|
output += ' <tr>\n'\
|
|
' <td>\n'\
|
|
' New password:\n'\
|
|
' </td>\n'\
|
|
' <td>\n'\
|
|
' <input type="password" name="new_password" id="new_password" size="30"><br>\n'\
|
|
' </td>\n'\
|
|
' </tr>\n'\
|
|
' <tr>\n'\
|
|
' <td>\n'\
|
|
' Retype new password:\n'\
|
|
' </td>\n'\
|
|
' <td>\n'\
|
|
' <input type="password" name="retype_new_password" id="retype_new_password" size="30"><br>\n'\
|
|
' </td>\n'\
|
|
' </table>\n'\
|
|
' <input type="submit">\n'\
|
|
' </form>\n'
|
|
return(output)
|
|
|
|
def genAlert(environ, alertMessage):
|
|
output = ' <table width = 100% bgcolor="#FFF9B4">\n'\
|
|
' <tr>\n'\
|
|
' <td>\n'\
|
|
' <font color="red">' + alertMessage + '</font>\n'\
|
|
' </td>\n'\
|
|
' </tr>\n'\
|
|
' </table>\n'
|
|
return(output)
|
|
|
|
def genFooter(environ):
|
|
output = '</body>\n'
|
|
return(output)
|
|
|
|
def application(environ, start_response):
|
|
output = genHeader(environ)
|
|
#webForm = cgi.FieldStorage(environ=os.environ,keep_blank_values=1)
|
|
webForm = cgi.FieldStorage(fp = environ['wsgi.input'], environ = environ, keep_blank_values = 1)
|
|
printOldPassword = True
|
|
|
|
if webForm:
|
|
if webForm.has_key('email') and webForm.has_key('old_password') and webForm.has_key('new_password') and webForm.has_key('retype_new_password'):
|
|
if len(webForm.getfirst('email')) > 4 and len(webForm.getfirst('old_password')) > 1 and len(webForm.getfirst('new_password')) > 1 and webForm.getfirst('new_password') == webForm.getfirst('retype_new_password'):
|
|
form = {'email': webForm.getfirst('email'),
|
|
'password': webForm.getfirst('old_password')}
|
|
u = user(form)
|
|
if u.status['retval'] == 0:
|
|
authstatus = u.auth()
|
|
if authstatus['retval'] == 0:
|
|
output += genAlert(environ, u.setPass(webForm.getfirst('new_password'))['alert_message'])
|
|
else:
|
|
output += genAlert(environ, authstatus['alert_message'])
|
|
else:
|
|
output += genAlert(environ, u.status['alert_message'])
|
|
else:
|
|
output += genAlert(environ, 'Please, fill the form')
|
|
elif webForm.has_key('user') and webForm.has_key('key') and webForm.has_key('new_password') and webForm.has_key('retype_new_password'):
|
|
if len(webForm.getfirst('new_password')) > 1 and webForm.getfirst('new_password') == webForm.getfirst('retype_new_password') and len(webForm.getfirst('key')) == 20:
|
|
form = {'email': webForm.getfirst('user'),
|
|
'password': webForm.getfirst('new_password')}
|
|
u = user(form)
|
|
if u.status['retval'] ==0:
|
|
if webForm.getfirst('key') == u.getKey():
|
|
output += genAlert(environ, u.setPass(webForm.getfirst('new_password'))['alert_message'])
|
|
else:
|
|
output += genAlert(environ, 'Error: key missmatch.')
|
|
else:
|
|
output += genAlert(environ, authstatus['alert_message'])
|
|
else:
|
|
output += genAlert(environ, 'Please, fill the form')
|
|
elif webForm.has_key('user') and webForm.has_key('key'):
|
|
printOldPassword = False
|
|
submitUrl = application_uri(environ)
|
|
if webForm and webForm.has_key('key') and webForm.has_key('user'):
|
|
submitUrl += '?key=' + webForm.getfirst('key') + '&user=' + webForm.getfirst('user')
|
|
output += genForm(environ, submitUrl, printOldPassword)
|
|
output += genFooter(environ)
|
|
status = '200 OK'
|
|
response_headers = [('Content-type', 'text/html'),
|
|
('Content-Length', str(len(output)))]
|
|
start_response(status, response_headers)
|
|
return([output])
|