hooks.py 2.01 KB
Newer Older
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
1
2
3
""" this module contains server side hooks for cleaning forgotpwd table
"""

4
from cubicweb.selectors import implements
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
5
from cubicweb.server import hooksmanager
6
7
8
from cubicweb.sobjects.notification import NotificationView

_ = unicode
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
9
10
11
12
13
14

class ServerStartupHook(hooksmanager.Hook):
    """ Delete old revocation key
    """
    events = ('server_startup',)
    def call(self, repo):
15
        from datetime import datetime
Charles Hebert's avatar
0.1.0  
Charles Hebert committed
16
17
18
19
20
        def cleaning_revocation_key(repo):
            session = repo.internal_session()
            session.execute('DELETE Fpasswd F WHERE F revocation_date < %(date)s', {'date': datetime.now()})
            session.commit()
            session.close()
21
22
        # revocation keu must be deleted
        cleaning_revocation_key(repo)
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
        # run looping task often enough to purge pwd-reset requests
        limit = self.vreg.config['revocation-limit']
        repo.looping_task(limit * 60, cleaning_revocation_key, repo)


class PasswordResetNotification(NotificationView):
    id = 'notif_after_add_entity'
    __select__ = implements('Fpasswd')

    content = _('''There was recently a request to change the password on your account.
If you requested this password change, please set a new password by following
the link below:

%(resetlink)s

If you do not want to change your password, you may ignore this message. The
link expires in %(limit)s minutes.

See you soon on %(base_url)s !
''')

    def subject(self):
        return self.req._(u'Request to change your password')

    def recipients(self):
        fpasswd = self.rset.get_entity(0, 0)
        user = fpasswd.reverse_has_fpasswd[0]
        return [(user.get_email(), user.property_value('ui.language'))]

    def context(self, **kwargs):
        return {
            'resetlink': self.req.get_shared_data('resetlink', pop=True),
            # NOTE: it would probably be better to display the expiration date
            #       (with correct timezone)
            'limit': self.vreg.config['revocation-limit'],
            'base_url': self.req.base_url(),
            }