diff options
Diffstat (limited to 'src/web/controllers')
-rw-r--r-- | src/web/controllers/abstract.py | 2 | ||||
-rw-r--r-- | src/web/controllers/user.py | 25 |
2 files changed, 26 insertions, 1 deletions
diff --git a/src/web/controllers/abstract.py b/src/web/controllers/abstract.py index f33d241e..99d92ff3 100644 --- a/src/web/controllers/abstract.py +++ b/src/web/controllers/abstract.py @@ -84,7 +84,7 @@ class AbstractController(object): def create(self, **attrs): assert self._user_id_key is None or self._user_id_key in attrs \ - or self.user_id is not None, \ + or self.user_id is None, \ "You must provide user_id one way or another" if self._user_id_key is not None and self._user_id_key not in attrs: diff --git a/src/web/controllers/user.py b/src/web/controllers/user.py index 3f96b185..d8bf1fa1 100644 --- a/src/web/controllers/user.py +++ b/src/web/controllers/user.py @@ -1,3 +1,6 @@ +import random +import hashlib +from werkzeug import generate_password_hash from .abstract import AbstractController from web.models import User @@ -5,3 +8,25 @@ from web.models import User class UserController(AbstractController): _db_cls = User _user_id_key = 'id' + + def unset_activation_key(self, obj_id): + self.update({'id': obj_id}, {'activation_key': ""}) + + def set_activation_key(self, obj_id): + key = str(random.getrandbits(256)).encode("utf-8") + key = hashlib.sha512(key).hexdigest()[:86] + self.update({'id': obj_id}, {'activation_key': key}) + + def _handle_password(self, attrs): + if attrs.get('password'): + attrs['pwdhash'] = generate_password_hash(attrs.pop('password')) + elif 'password' in attrs: + del attrs['password'] + + def create(self, **attrs): + self._handle_password(attrs) + return super().create(**attrs) + + def update(self, filters, attrs): + self._handle_password(attrs) + return super().update(filters, attrs) |