#LOGIN/LOGOUT/REGISTER/SIGN IN

    rmap.connect('login_home', '%s/login' % ADMIN_PREFIX, controller='login')

    rmap.connect('logout_home', '%s/logout' % ADMIN_PREFIX, controller='login',

                 action='logout')

    rmap.connect('register', '%s/register' % ADMIN_PREFIX, controller='login',

                 action='register')

    rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX,

                 controller='login', action='password_reset')

    #FEEDS

    rmap.connect('rss_feed_home', '/{repo_name:.*}/feed/rss',

                controller='feed', action='rss',

                conditions=dict(function=check_repo))

    rmap.connect('atom_feed_home', '/{repo_name:.*}/feed/atom',

                controller='feed', action='atom',

                conditions=dict(function=check_repo))

    #==========================================================================

    # REPOSITORY ROUTES

    #==========================================================================

                    prefix_error=False,

                    encoding="UTF-8")

        return render('/register.html')

    def password_reset(self):

        user_model = UserModel()

        if request.POST:

            password_reset_form = PasswordResetForm()()

            try:

                form_result = password_reset_form.to_python(dict(request.POST))

                            category='success')

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/password_reset.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

        return render('/password_reset.html')

    def logout(self):

        del session['rhodecode_user']

        session.save()

        log.info('Logging out and setting user as Empty')

        redirect(url('home'))

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from celery.decorators import task

import os

import traceback

import logging

from os.path import dirname as dn, join as jn

from time import mktime

from operator import itemgetter

from string import lower

from pylons.i18n.translation import _

from rhodecode.lib import LANGUAGES_EXTENSIONS_MAP, safe_str

from rhodecode.lib.celerylib import run_task, locked_task, str2bool, \

    __get_lockkey, LockHeld, DaemonLock

from rhodecode.lib.helpers import person

from rhodecode.lib.smtp_mailer import SmtpMailer

from rhodecode.lib.utils import add_cache

from rhodecode.lib.odict import OrderedDict

from rhodecode.model import init_model

from rhodecode.model import meta

from rhodecode.model.db import RhodeCodeUi, Statistics, Repository

        #final release

        lock.release()

        #execute another task if celery is enabled

        if len(repo.revisions) > 1 and CELERY_ON:

            run_task(get_commits_stats, repo_name, ts_min_y, ts_max_y)

        return True

    except LockHeld:

        log.info('LockHeld')

        return 'Task with key %s already running' % lockkey

@task(ignore_result=True)

def reset_user_password(user_email):

    try:

        log = reset_user_password.get_logger()

    except:

        log = logging.getLogger(__name__)

    from rhodecode.lib import auth

    from rhodecode.model.db import User

    try:

                user.api_key = auth.generate_api_key(user.username)

                sa.add(user)

                sa.commit()

                log.info('change password for %s', user_email)

            if new_passwd is None:

                raise Exception('unable to generate new password')

        except:

            log.error(traceback.format_exc())

            sa.rollback()

        run_task(send_email, user_email,

        log.info('send new password mail to %s', user_email)

    except:

        log.error('Failed to update user password')

        log.error(traceback.format_exc())

    return True

@task(ignore_result=True)

def send_email(recipients, subject, body):

    """

        if self.debug:

            smtp_serv.set_debuglevel(1)

        smtp_serv.ehlo()

        #if server requires authorization you must provide login and password

        #but only if we have them

        if self.user and self.passwd:

            smtp_serv.login(self.user, self.passwd)

        date_ = formatdate(localtime=True)

        msg = MIMEMultipart()

        msg['From'] = self.mail_from

        msg['To'] = ','.join(recipients)

        msg['Date'] = date_

        msg['Subject'] = subject

        if attachment_files:

            self.__atach_files(msg, attachment_files)

        smtp_serv.sendmail(self.mail_from, recipients, msg.as_string())

        logging.info('MAIL SEND TO: %s' % recipients)

        try:

            smtp_serv.quit()

        except sslerror:

            # sslerror is raised in tls connections on closing sometimes

            pass

            return "<%s('id:%s:%s')>" % (self.__class__.__name__,

                                             self.user_id, self.username)

        except:

            return self.__class__.__name__

    @classmethod

    def by_username(cls, username, case_insensitive=False):

        if case_insensitive:

            return Session.query(cls).filter(cls.username.like(username)).one()

        else:

            return Session.query(cls).filter(cls.username == username).one()

    def update_lastlogin(self):

        """Update user lastlogin"""

        self.last_login = datetime.datetime.now()

        Session.add(self)

        Session.commit()

        log.debug('updated user %s lastlogin', self.username)

class UserLog(Base, BaseModel):

    __tablename__ = 'user_logs'

    __table_args__ = {'extend_existing':True}

                raise UserOwnsReposException(_('This user still owns %s '

                                               'repositories and cannot be '

                                               'removed. Switch owners or '

                                               'remove those repositories') \

                                               % user.repositories)

            self.sa.delete(user)

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def reset_password(self, data):

        from rhodecode.lib.celerylib import tasks, run_task

        run_task(tasks.reset_user_password, data['email'])

    def fill_data(self, auth_user, user_id=None, api_key=None):

        """

        Fetches auth_user by user_id,or api_key if present.

        Fills auth_user attributes with those taken from database.

        Additionally set's is_authenitated if lookup fails

        present in database

        :param auth_user: instance of user to set attributes

margin:0;

padding:0 10px;

}

#header ul#logged-user{

margin-bottom:5px !important;

-webkit-border-radius: 0px 0px 8px 8px;

-khtml-border-radius: 0px 0px 8px 8px; 

-moz-border-radius: 0px 0px 8px 8px;

border-radius: 0px 0px 8px 8px;

height:37px;

}

#header ul#logged-user li {

list-style:none;

float:left;

margin:8px 0 0;

padding:4px 12px;

border-left: 1px solid #316293;

}

#header ul#logged-user li.first {

border-left:none;

padding:0 0 2px;

}

#quick_login{

top: 31px;

background-color: rgb(0, 51, 103);

z-index: 999; 

height: 150px;

position: absolute;

margin-left: -16px;

width: 281px;

border-radius: 0 0 8px 8px;

}

#quick_login div.form div.fields{

padding-top: 2px;

padding-left:10px;

}

#quick_login div.form div.fields div.field{

 padding: 5px;

}

#quick_login div.form div.fields div.field div.label label{

			        </div>                     

			        <div class="field">

			            <div class="label">

			                <label for="password">${_('Password')}:</label>

			            </div>

			            <div class="input">

			                ${h.password('password',class_='focus',size=40)}

			            </div>

			        </div>

			        <div class="buttons">

			        </div>

			    </div>

			</div>

			${h.end_form()}

			<script type="text/javascript">

			YUE.on('quick_login_link','click',function(e){

				if(YUD.hasClass('quick_login_link','enabled')){

					YUD.setStyle('quick_login','display','none');

					YUD.removeClass('quick_login_link','enabled');

				}

				else{

	             <div class="field">

	                <div class="label">

	                    <label for="email">${_('Email address')}:</label>

	                </div>

	                <div class="input">

	                    ${h.text('email')}

	                </div>

	             </div>

	            <div class="buttons">

		            <div class="nohighlight">

		              ${h.submit('send','Reset my password',class_="ui-button")}

		            </div>

	            </div>             

	    	</div>

	    </div>

	    ${h.end_form()}

        <script type="text/javascript">

        YUE.onDOMReady(function(){

            YUD.get('email').focus();

        })

        </script>	    

	</div>    

   </div>

# -*- coding: utf-8 -*-

from rhodecode.tests import *

from rhodecode.model.db import User

from rhodecode.lib.auth import check_password

class TestLoginController(TestController):

    def test_index(self):

        response = self.app.get(url(controller='login', action='index'))

        # Test response...

    def test_login_admin_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username':'test_admin',

                                  'password':'test12'})

        response = response.follow()

    def test_login_regular_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username':'test_regular',

                                  'password':'test12'})

        response = response.follow()

    def test_login_ok_came_from(self):

        test_came_from = '/_admin/users'

                                 {'username':'test_admin',

                                  'password':'test12'})

        response = response.follow()

    def test_login_short_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username':'test_admin',

                                  'password':'as'})

        self.assertEqual(response.status, '200 OK')

        self.assertTrue('Enter 3 characters or more' in response.body)

    def test_login_wrong_username_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username':'error',

                                  'password':'test12'})

    #==========================================================================

    # REGISTRATIONS

    #==========================================================================

    def test_register(self):

        response = self.app.get(url(controller='login', action='register'))

    def test_register_err_same_username(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'test_admin',

                                             'password':'test12',

                                             'password_confirmation':'test12',

                                             'email':'goodmail@domain.com',

                                             'name':'test',

                                             'lastname':'test'})

    def test_register_err_same_email(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'test_admin_0',

                                             'password':'test12',

                                             'password_confirmation':'test12',

                                             'email':'test_admin@mail.com',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'This e-mail address is already taken' in response.body

    def test_register_err_same_email_case_sensitive(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'test_admin_1',

                                             'password':'test12',

                                             'password_confirmation':'test12',

                                             'email':'TesT_Admin@mail.COM',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'This e-mail address is already taken' in response.body

    def test_register_err_wrong_data(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'xs',

                                             'password':'test',

                                             'password_confirmation':'test',

                                             'email':'goodmailm',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'An email address must contain a single @' in response.body

        assert 'Enter a value 6 characters long or more' in response.body

    def test_register_err_username(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'error user',

                                             'password':'test12',

                                             'password_confirmation':'test12',

                                             'email':'goodmailm',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'An email address must contain a single @' in response.body

        assert ('Username may only contain '

                'alphanumeric characters underscores, '

                'periods or dashes and must begin with '

                'alphanumeric character') in response.body

    def test_register_err_case_sensitive(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'Test_Admin',

                                             'password':'test12',

                                             'password_confirmation':'test12',

                                             'email':'goodmailm',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'An email address must contain a single @' in response.body

        assert 'This username already exists' in response.body

    def test_register_special_chars(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'xxxaxn',

                                             'password':'ąćźżąśśśś',

                                             'password_confirmation':'ąćźżąśśśś',

                                             'email':'goodmailm@test.plx',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'Invalid characters in password' in response.body

    def test_register_password_mismatch(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':'xs',

                                             'password':'123qwe',

                                             'password_confirmation':'qwe123',

                                             'email':'goodmailm@test.plxa',

                                             'name':'test',

                                             'lastname':'test'})

        assert 'Password do not match' in response.body

    def test_register_ok(self):

        username = 'test_regular4'

        password = 'qweqwe'

        email = 'marcin@test.com'

        name = 'testname'

        lastname = 'testlastname'

        response = self.app.post(url(controller='login', action='register'),

                                            {'username':username,

                                             'password':password,

                                             'password_confirmation':password,

                                             'email':email,

                                             'name':name,

                                             'lastname':lastname})

        assert 'You have successfully registered into rhodecode' in response.session['flash'][0], 'No flash message about user registration'

        ret = self.sa.query(User).filter(User.username == 'test_regular4').one()

        assert ret.username == username , 'field mismatch %s %s' % (ret.username, username)

        assert check_password(password, ret.password) == True , 'password mismatch'

        assert ret.email == email , 'field mismatch %s %s' % (ret.email, email)

        assert ret.name == name , 'field mismatch %s %s' % (ret.name, name)

        assert ret.lastname == lastname , 'field mismatch %s %s' % (ret.lastname, lastname)

    def test_forgot_password_wrong_mail(self):

        response = self.app.post(url(controller='login', action='password_reset'),

                                            {'email':'marcin@wrongmail.org', })

        assert "This e-mail address doesn't exist" in response.body, 'Missing error message about wrong email'

    def test_forgot_password(self):

        username = 'test_password_reset_1'

        password = 'qweqwe'

        email = 'marcin@python-works.com'

        name = 'passwd'

        lastname = 'reset'

                                            {'email':email, })

[egg_info]

tag_build = beta

tag_svn_revision = true

[easy_install]

find_links = http://www.pylonshq.com/download/

[nosetests]

verbosity=2

with-pylons=test.ini

nologcapture=1

# Babel configuration

[compile_catalog]

domain = rhodecode

directory = rhodecode/i18n

statistics = true

[extract_messages]

add_comments = TRANSLATORS:

output_file = rhodecode/i18n/rhodecode.pot

width = 80