hooks.py 2.25 KB
Newer Older
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
1
2
3
""" this module contains server side hooks for cleaning forgotpwd table
"""

Sylvain Thénault's avatar
Sylvain Thénault committed
4
5
from datetime import datetime

6
from cubicweb.selectors import is_instance
Sylvain Thénault's avatar
Sylvain Thénault committed
7
from cubicweb.server import hook
8
9
10
from cubicweb.sobjects.notification import NotificationView

_ = unicode
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
11

Sylvain Thénault's avatar
Sylvain Thénault committed
12
13
14
class ServerStartupHook(hook.Hook):
    """on startup, register a task to delete old revocation key"""
    __regid__ = 'fpwd_startup'
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
15
    events = ('server_startup',)
Sylvain Thénault's avatar
Sylvain Thénault committed
16
17
18
19
20

    def __call__(self):
        # XXX use named args and inner functions to avoid referencing globals
        # which may cause reloading pb
        def cleaning_revocation_key(repo, now=datetime.now):
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
21
            session = repo.internal_session()
Sylvain Thénault's avatar
Sylvain Thénault committed
22
23
24
25
26
27
            try:
                session.execute('DELETE Fpasswd F WHERE F revocation_date < %(date)s',
                                {'date': now()})
                session.commit()
            finally:
                session.close()
28
        # run looping task often enough to purge pwd-reset requests
Sylvain Thénault's avatar
Sylvain Thénault committed
29
30
        limit = self.repo.vreg.config['revocation-limit'] * 60
        self.repo.looping_task(limit, cleaning_revocation_key, self.repo)
31
32
33


class PasswordResetNotification(NotificationView):
Sylvain Thénault's avatar
Sylvain Thénault committed
34
    __regid__ = 'notif_after_add_entity'
35
    __select__ = is_instance('Fpasswd')
36
37
38
39
40
41
42
43
44
45
46
47
48
49

    content = _('''There was recently a request to change the password on your account.
If you requested this password change, please set a new password by following
the link below:

%(resetlink)s

If you do not want to change your password, you may ignore this message. The
link expires in %(limit)s minutes.

See you soon on %(base_url)s !
''')

    def subject(self):
Sylvain Thénault's avatar
Sylvain Thénault committed
50
        return self._cw._(u'Request to change your password')
51
52

    def recipients(self):
53
        fpasswd = self.cw_rset.get_entity(self.cw_row or 0, self.cw_col or 0)
54
        user = fpasswd.reverse_has_fpasswd[0]
55
        return [(user.cw_adapt_to('IEmailable').get_email(), user.property_value('ui.language'))]
56
57
58

    def context(self, **kwargs):
        return {
Sylvain Thénault's avatar
Sylvain Thénault committed
59
            'resetlink': self._cw.get_shared_data('resetlink', pop=True),
60
61
            # NOTE: it would probably be better to display the expiration date
            #       (with correct timezone)
Sylvain Thénault's avatar
Sylvain Thénault committed
62
63
            'limit': self._cw.vreg.config['revocation-limit'],
            'base_url': self._cw.base_url(),
64
            }