|
8687.15.18
by Karl Fogel
Add the copyright header block to files under lib/canonical/. |
1 |
# Copyright 2009 Canonical Ltd. This software is licensed under the
|
2 |
# GNU Affero General Public License version 3 (see the file LICENSE).
|
|
3 |
||
|
7675.61.3
by Bjorn Tillenius
Undo the commit that removed all db changes. |
4 |
# pylint: disable-msg=E0211,E0213
|
5 |
||
6 |
"""Login token interfaces."""
|
|
7 |
||
8 |
__metaclass__ = type |
|
9 |
||
10 |
__all__ = [ |
|
11 |
'LoginTokenType', |
|
12 |
'IAuthToken', |
|
13 |
]
|
|
14 |
||
|
11403.1.4
by Henning Eggers
Reformatted imports using format-imports script r32. |
15 |
from lazr.enum import ( |
16 |
DBEnumeratedType, |
|
17 |
DBItem, |
|
18 |
)
|
|
19 |
from zope.interface import ( |
|
20 |
Attribute, |
|
21 |
Interface, |
|
22 |
)
|
|
23 |
from zope.schema import ( |
|
24 |
Choice, |
|
25 |
Datetime, |
|
26 |
Int, |
|
27 |
Text, |
|
28 |
TextLine, |
|
29 |
)
|
|
|
7675.61.3
by Bjorn Tillenius
Undo the commit that removed all db changes. |
30 |
|
|
14600.1.12
by Curtis Hovey
Move i18n to lp. |
31 |
from lp import _ |
|
11318.5.1
by j.c.sackett
Migrated canonical.launchpad.fields to lp.services.fields |
32 |
from lp.services.fields import PasswordField |
|
7675.61.3
by Bjorn Tillenius
Undo the commit that removed all db changes. |
33 |
|
34 |
||
35 |
class LoginTokenType(DBEnumeratedType): |
|
36 |
"""Login token type
|
|
37 |
||
38 |
Tokens are emailed to users in workflows that require email address
|
|
39 |
validation, such as forgotten password recovery or account merging.
|
|
40 |
We need to identify the type of request so we know what workflow
|
|
41 |
is being processed.
|
|
42 |
"""
|
|
43 |
||
44 |
PASSWORDRECOVERY = DBItem(1, """ |
|
45 |
Password Recovery
|
|
46 |
||
47 |
User has forgotten or never known their password and need to
|
|
48 |
reset it.
|
|
49 |
""") |
|
50 |
||
51 |
ACCOUNTMERGE = DBItem(2, """ |
|
52 |
Account Merge
|
|
53 |
||
54 |
User has requested that another account be merged into their
|
|
55 |
current one.
|
|
56 |
""") |
|
57 |
||
58 |
NEWACCOUNT = DBItem(3, """ |
|
59 |
New Account
|
|
60 |
||
61 |
A new account is being setup. They need to verify their email address
|
|
62 |
before we allow them to set a password and log in.
|
|
63 |
""") |
|
64 |
||
65 |
VALIDATEEMAIL = DBItem(4, """ |
|
66 |
Validate Email
|
|
67 |
||
68 |
A user has added more email addresses to their account and they
|
|
69 |
need to be validated.
|
|
70 |
""") |
|
71 |
||
72 |
VALIDATETEAMEMAIL = DBItem(5, """ |
|
73 |
Validate Team Email
|
|
74 |
||
75 |
One of the team administrators is trying to add a contact email
|
|
76 |
address for the team, but this address need to be validated first.
|
|
77 |
""") |
|
78 |
||
79 |
VALIDATEGPG = DBItem(6, """ |
|
80 |
Validate GPG key
|
|
81 |
||
82 |
A user has submited a new GPG key to his account and it need to
|
|
83 |
be validated.
|
|
84 |
""") |
|
85 |
||
86 |
VALIDATESIGNONLYGPG = DBItem(7, """ |
|
87 |
Validate a sign-only GPG key
|
|
88 |
||
89 |
A user has submitted a new sign-only GPG key to his account and it
|
|
90 |
needs to be validated.
|
|
91 |
""") |
|
92 |
||
93 |
NEWPROFILE = DBItem(9, """ |
|
94 |
A user created a new Launchpad profile for another person.
|
|
95 |
||
96 |
Any Launchpad user can create new "placeholder" profiles to represent
|
|
97 |
people who don't use Launchpad. The person that a given profile
|
|
98 |
represents has to first use the token to finish the registration
|
|
99 |
process in order to be able to login with that profile.
|
|
100 |
""") |
|
101 |
||
102 |
TEAMCLAIM = DBItem(10, """ |
|
103 |
Turn an unvalidated Launchpad profile into a team.
|
|
104 |
||
105 |
A user has found an unvalidated profile in Launchpad and is trying
|
|
106 |
to turn it into a team.
|
|
107 |
""") |
|
108 |
||
109 |
BUGTRACKER = DBItem(11, """ |
|
110 |
Launchpad is authenticating itself with a remote bug tracker.
|
|
111 |
||
112 |
The remote bug tracker will use the LoginToken to authenticate
|
|
113 |
Launchpad.
|
|
114 |
""") |
|
115 |
||
116 |
NEWPERSONLESSACCOUNT = DBItem(12, """ |
|
117 |
New Personless Account
|
|
118 |
||
119 |
A new personless account is being setup. They need to verify their
|
|
120 |
email address before we allow them to set a password and log in. At
|
|
121 |
the end, this account will not have a Person associated with.
|
|
122 |
""") |
|
123 |
||
124 |
||
|
7675.613.1
by Guilherme Salgado
Remove all code related to account creation and password reset as this is now |
125 |
# XXX: Guilherme Salgado, 2010-03-30: This interface was created to be used by
|
126 |
# our old OpenID provider, but that doesn't exist anymore, so we should merge
|
|
127 |
# it with ILoginToken.
|
|
|
7675.61.3
by Bjorn Tillenius
Undo the commit that removed all db changes. |
128 |
class IAuthToken(Interface): |
129 |
"""The object that stores one time tokens used for validating email
|
|
130 |
addresses and other tasks that require verifying if an email address is
|
|
131 |
valid such as password recovery, account merging and registration of new
|
|
132 |
accounts. All LoginTokens must be deleted once they are "consumed"."""
|
|
133 |
id = Int( |
|
134 |
title=_('ID'), required=True, readonly=True, |
|
135 |
)
|
|
136 |
date_created = Datetime( |
|
137 |
title=_('The timestamp that this request was made.'), required=True, |
|
138 |
)
|
|
139 |
date_consumed = Datetime( |
|
140 |
title=_('Date and time this was consumed'), |
|
141 |
required=False, readonly=False |
|
142 |
)
|
|
143 |
||
144 |
tokentype = Choice( |
|
145 |
title=_('The type of request.'), required=True, |
|
146 |
vocabulary=LoginTokenType |
|
147 |
)
|
|
148 |
token = Text( |
|
149 |
title=_('The token (not the URL) emailed used to uniquely identify ' |
|
150 |
'this request.'), |
|
151 |
required=True, |
|
152 |
)
|
|
153 |
||
154 |
requester = Int( |
|
155 |
title=_('The Person that made this request.'), required=True, |
|
156 |
)
|
|
157 |
requester_account = Int( |
|
158 |
title=_('The account that made this request.'), required=True) |
|
159 |
requesteremail = Text( |
|
160 |
title=_('The email address that was used to login when making this ' |
|
161 |
'request.'), |
|
162 |
required=False, |
|
163 |
)
|
|
164 |
||
165 |
email = TextLine( |
|
166 |
title=_('Email address'), |
|
167 |
required=True, |
|
168 |
)
|
|
169 |
||
170 |
redirection_url = Text( |
|
171 |
title=_('The URL to where we should redirect the user after ' |
|
172 |
'processing his request'), |
|
173 |
required=False, |
|
174 |
)
|
|
175 |
||
176 |
# used for launchpad page layout
|
|
177 |
title = Attribute('Title') |
|
178 |
||
179 |
# Quick fix for Bug #2481
|
|
180 |
password = PasswordField( |
|
181 |
title=_('Password'), required=True, readonly=False) |
|
182 |
||
183 |
def consume(): |
|
184 |
"""Mark this token as consumed by setting date_consumed.
|
|
185 |
||
186 |
As a consequence of a token being consumed, all tokens requested by
|
|
187 |
the same person and with the same requester email will also be marked
|
|
188 |
as consumed.
|
|
189 |
"""
|
|
190 |
||
191 |
def sendEmailValidationRequest(): |
|
192 |
"""Send an email message with a magic URL to validate self.email."""
|
|
193 |
||
194 |
def sendPasswordResetEmail(): |
|
195 |
"""Send an email message to the requester with a magic URL that allows
|
|
196 |
him to reset his password.
|
|
197 |
"""
|
|
198 |
||
199 |
def sendNewUserEmail(): |
|
200 |
"""Send an email message to the requester with a magic URL that allows
|
|
201 |
him to finish the Launchpad registration process.
|
|
202 |
"""
|