]>
Commit | Line | Data |
---|---|---|
11e72535 | 1 | import md5, os, hmac, time |
f14f0b7b CP |
2 | from rc4 import RC4 |
3 | ||
11e72535 CP |
4 | try: |
5 | import hashlib | |
6 | sha256 = hashlib.sha256 | |
7 | sha256m = hashlib.sha256 | |
8 | except ImportError: | |
9 | import sha256 as __sha256 | |
10 | sha256 = __sha256.sha256 | |
11 | sha256m = __sha256 | |
12 | ||
f14f0b7b CP |
13 | def generate_url(config, obj): |
14 | s = os.urandom(4) | |
15 | r = RC4(md5.md5("%s %s" % (s, config["urlkey"])).hexdigest()) | |
16 | a = r.crypt(obj["user.password"]) | |
17 | b = md5.md5(md5.md5("%s %s %s %s" % (config["urlsecret"], obj["user.username"], a, s)).hexdigest()).hexdigest() | |
18 | obj["url"] = "%s?m=%s&h=%s&u=%s&r=%s" % (config["url"], a.encode("hex"), b, obj["user.username"].encode("hex"), s.encode("hex")) | |
19 | ||
d81d847b CP |
20 | def generate_activation_url(config, obj): |
21 | r = os.urandom(16).encode("hex") | |
f6a7c5d0 CP |
22 | uid = int(obj["user.id"]) |
23 | h = hmac.HMAC(sha256("hmac %s %s" % (r, config["activationkey"])).hexdigest()) | |
24 | h.update("%d %s %s" % (uid, obj["user.username"], obj["user.password"])) | |
d81d847b | 25 | hd = h.hexdigest() |
f6a7c5d0 CP |
26 | |
27 | r2 = RC4(sha256("rc4 %s %s" % (r, config["activationkey"])).hexdigest()) | |
28 | a = r2.crypt(obj["user.password"]) | |
29 | obj["url"] = "%s?id=%d&h=%s&r=%s&u=%s&p=%s" % (config["activationurl"], uid, hd, r, obj["user.username"].encode("hex"), a.encode("hex")) | |
d81d847b | 30 | |
11e72535 | 31 | def generate_resetcode(config, obj): |
dbec52da CP |
32 | if obj["user.lockuntil"] == 0: |
33 | obj["resetline"] = "LOCK UNTIL NOT SET. STAFF ACCOUNT'S CAN'T USE RESET" | |
039e298c | 34 | obj["lockuntil"] = "never" |
dbec52da CP |
35 | return |
36 | ||
11e72535 CP |
37 | if not config.has_key("__codegensecret"): |
38 | config["__codegenhmac"] = hmac.HMAC(key=sha256(sha256("%s:codegenerator" % config["q9secret"]).digest()).hexdigest(), digestmod=sha256m) | |
39 | ||
40 | h = config["__codegenhmac"].copy() | |
41 | h.update(sha256("%s:%d" % (obj["user.username"], obj["user.lockuntil"])).hexdigest()) | |
42 | ||
43 | obj["resetcode"] = h.hexdigest() | |
11e72535 | 44 | obj["lockuntil"] = time.ctime(obj["user.lockuntil"]) |
dbec52da | 45 | obj["resetline"] = "/MSG %(config.bot)s RESET #%(user.username)s %(resetcode)s" % obj |
11e72535 | 46 | |
f14f0b7b CP |
47 | MAILTEMPLATES = { |
48 | "mutators": { | |
49 | 1: generate_url, | |
11e72535 CP |
50 | 3: generate_resetcode, |
51 | 5: generate_resetcode, | |
d81d847b | 52 | 6: generate_activation_url, |
f14f0b7b | 53 | }, |
58fadfc0 CP |
54 | "sendto": { |
55 | 5: "prevemail", | |
56 | }, | |
f14f0b7b CP |
57 | "languages": { |
58 | "en": { | |
59 | 1: { | |
58fadfc0 | 60 | "subject": "%(config.bot)s account registration", |
f14f0b7b CP |
61 | "body": """ |
62 | Thank you for registering. | |
06c8032a CP |
63 | To get your password please visit: |
64 | %(url)s | |
f14f0b7b | 65 | |
a8a392ba CP |
66 | Note that this URL will not work forever, you should make a note of your password |
67 | or change it (as on the site). | |
68 | ||
06c8032a | 69 | In case you forget your login/password use: |
a8a392ba | 70 | /msg %(config.bot)s REQUESTPASSWORD %(user.email)s |
06c8032a | 71 | |
58fadfc0 | 72 | Make sure you've read the %(config.bot)s FAQ at %(config.siteurl)s for a complete |
06c8032a CP |
73 | reference on Q's commands and usage. |
74 | ||
58fadfc0 | 75 | ** PLEASE READ %(config.securityurl)s -- |
06c8032a CP |
76 | it contains important information about keeping your account secure. |
77 | Note that QuakeNet Operators will not intervene if you fail to read | |
78 | the above URL and your account is compromised as a result. | |
79 | ||
80 | PLEASE REMEMBER THAT UNUSED ACCOUNTS ARE AUTOMATICALLY REMOVED | |
81 | AFTER %(config.cleanup)d DAYS, AND ALL CHANLEVS ARE LOST! | |
82 | ||
83 | NB: Save this email for future reference. | |
f14f0b7b CP |
84 | """, |
85 | }, | |
58fadfc0 CP |
86 | 2: { "subject": "%(config.bot)s password request", "body": """ |
87 | Your username/password is: | |
88 | ||
89 | Username: %(user.username)s | |
90 | Password: %(user.password)s | |
91 | ||
92 | To auth yourself to %(config.bot)s, type the following command | |
93 | ||
94 | /MSG %(config.bot)s@%(config.server)s AUTH %(user.username)s %(user.password)s | |
95 | """, }, | |
11e72535 CP |
96 | 3: { "subject": "%(config.bot)s password change", "body": """ |
97 | Your password has recently changed. If this was not requested by you, | |
98 | please use: | |
dbec52da | 99 | %(resetline)s |
11e72535 CP |
100 | |
101 | You have until %(lockuntil)s to perform this command. | |
102 | """, }, | |
103 | 4: { "subject": "%(config.bot)s account reset", "body": """ | |
104 | Your %(config.bot)s account settings have been restored: | |
105 | E-mail address: %(user.email)s | |
106 | Password: %(user.password)s | |
107 | ||
108 | Make sure you read the %(config.bot)s security FAQ at %(config.securityurl)s. | |
109 | """, }, | |
58fadfc0 | 110 | 5: { "subject": "%(config.bot)s email change", "body": """ |
11e72535 | 111 | Your email address has been changed on %(config.bot)s from %(prevemail)s to %(user.email)s. |
58fadfc0 | 112 | |
11e72535 | 113 | If you did not request this please use: |
dbec52da | 114 | %(resetline)s |
58fadfc0 | 115 | |
11e72535 | 116 | You have until %(lockuntil)s to perform this command. |
d81d847b CP |
117 | """, }, |
118 | 6: { "subject": "Please complete your QuakeNet account registration", "body": """ | |
119 | Hi %(user.username)s, | |
120 | ||
121 | You're just one click away from completing your registration for a QuakeNet account! | |
122 | ||
123 | Just visit the link below to complete the process: | |
124 | %(url)s | |
125 | ||
126 | For reference, your username/password is: | |
127 | ||
128 | Username: %(user.username)s | |
129 | Password: %(user.password)s | |
130 | ||
131 | After activation you can auth yourself to QuakeNet by typing the following command: | |
132 | ||
133 | /AUTH %(user.username)s %(user.password)s | |
58fadfc0 | 134 | """, }, |
f14f0b7b CP |
135 | }, |
136 | }, | |
137 | } |