#13121: Upgrade sagenb to 0.10.x
---------------------------------------------------------+------------------
Reporter: kini | Owner:
jason, mpatel, was
Type: enhancement | Status:
closed
Priority: major | Milestone:
sage-5.4
Component: notebook | Resolution:
fixed
Keywords: sagenb | Work issues:
Report Upstream: N/A | Reviewers: John
Palmieri, Jonathan Gutow
Authors: Keshav Kini | Merged in:
sage-5.4.beta0
Dependencies: #11080, #9774, #11913, #12299, #13384 | Stopgaps:
---------------------------------------------------------+------------------
Comment (by mmarco):
When you try to recover a forgotten password in the new notebook, you are
asked for the username, and then get the response "invalid username" even
if the username is valid, and the email has been confirmed.
I think that the problem is in the file authentication.py
The function forgot_pass() has the following lines:
{{{
def forgot_pass():
if not g.notebook.conf()['email']:
return current_app.message('The account recovery system is not
active.')
username = request.values.get('username', '').strip()
if not username:
return render_template(os.path.join('html', 'accounts',
'account_recovery.html'))
def error(msg):
return current_app.message(msg, url_for('forgot_pass'))
try:
user = g.notebook.user(request.values[username])
except KeyError:
return error('Username is invalid.')
if not user.is_email_confirmed():
return error("The e-mail address hasn't been confirmed.")
#XXX: some of this could be factored out into a random passowrd
#function. There are a few places in admin.py that also use it.
from random import choice
import string
chara = string.letters + string.digits
old_pass = user.password()
password = ''.join([choice(chara) for i in range(8)])
user.set_password(password)
from sagenb.notebook.smtpsend import send_mail
from sagenb.notebook.register import build_password_msg
# TODO: make this come from the server settings
listenaddr = g.notebook.interface
port = g.notebook.port
fromaddr = 'no-reply@%s' % listenaddr
body = build_password_msg(password, username, listenaddr, port,
g.notebook.secure)
destaddr = user.get_email()
try:
send_mail(fromaddr, destaddr, "Sage Notebook Account Recovery",
body)
except ValueError:
# the email address is invalid
user.set_password(old_pass)
return error("The new password couldn't be sent."%destaddr)
return current_app.message("A new password has been sent to your
e-mail address.", url_for('base.index'))
}}}
But
{{{
try:
user = g.notebook.user(request.values[username])
}}}
doesn't work because username is already defined as
{{{
username = request.values.get('username', '').strip()
}}}
Also, the process of changing passwords with user.set_password() does not
work. I think g.notebook.user_manager().set_password(g.username, new)
should be used instead (that is what settings.py does).
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/13121#comment:131>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
