[irc/quakenet/newserv.git] / chanserv / batcher / templates.py

import md5, os, hmac, time
from rc4 import RC4

try:
  import hashlib
  sha256 = hashlib.sha256
  sha256m = hashlib.sha256
except ImportError:
  import sha256 as __sha256
  sha256 = __sha256.sha256
  sha256m = __sha256

def generate_url(config, obj):
  s = os.urandom(4)
  r = RC4(md5.md5("%s %s" % (s, config["urlkey"])).hexdigest())
  a = r.crypt(obj["user.password"])
  b = md5.md5(md5.md5("%s %s %s %s" % (config["urlsecret"], obj["user.username"], a, s)).hexdigest()).hexdigest()
  obj["url"] = "%s?m=%s&h=%s&u=%s&r=%s" % (config["url"], a.encode("hex"), b, obj["user.username"].encode("hex"), s.encode("hex"))

def generate_activation_url(config, obj):
  r = os.urandom(16).encode("hex")
  uid = int(obj["user.id"])
  h = hmac.HMAC(sha256("hmac %s %s" % (r, config["activationkey"])).hexdigest())
  h.update("%d %s %s" % (uid, obj["user.username"], obj["user.password"]))
  hd = h.hexdigest()

  r2 = RC4(sha256("rc4 %s %s" % (r, config["activationkey"])).hexdigest())
  a = r2.crypt(obj["user.password"])
  obj["url"] = "%s?id=%d&h=%s&r=%s&u=%s&p=%s" % (config["activationurl"], uid, hd, r, obj["user.username"].encode("hex"), a.encode("hex"))

def generate_resetcode(config, obj):
  if obj["user.lockuntil"] == 0:
    obj["resetline"] = "LOCK UNTIL NOT SET. STAFF ACCOUNT'S CAN'T USE RESET"
    obj["lockuntil"] = "never"
    return

  if not config.has_key("__codegensecret"):
    config["__codegenhmac"] = hmac.HMAC(key=sha256(sha256("%s:codegenerator" % config["q9secret"]).digest()).hexdigest(), digestmod=sha256m)

  h = config["__codegenhmac"].copy()
  h.update(sha256("%s:%d" % (obj["user.username"], obj["user.lockuntil"])).hexdigest())

  obj["resetcode"] = h.hexdigest()
  obj["lockuntil"] = time.ctime(obj["user.lockuntil"])
  obj["resetline"] = "/MSG %(config.bot)s RESET #%(user.username)s %(resetcode)s" % obj

MAILTEMPLATES = {
  "mutators": {
    1: generate_url,
    3: generate_resetcode,
    5: generate_resetcode,
    6: generate_activation_url,
  },
  "sendto": {
    5: "prevemail",
  },
  "languages": {
    "en": {
      1: {
        "subject": "%(config.bot)s account registration",
        "body": """
Thank you for registering.
To get your password please visit:
%(url)s

Note that this URL will not work forever, you should make a note of your password
or change it (as on the site).

In case you forget your login/password use:
/msg %(config.bot)s REQUESTPASSWORD %(user.email)s

Make sure you've read the %(config.bot)s FAQ at %(config.siteurl)s for a complete
reference on Q's commands and usage.

 ** PLEASE READ %(config.securityurl)s --
    it contains important information about keeping your account secure.
    Note that QuakeNet Operators will not intervene if you fail to read
    the above URL and your account is compromised as a result.

PLEASE REMEMBER THAT UNUSED ACCOUNTS ARE AUTOMATICALLY REMOVED
AFTER %(config.cleanup)d DAYS, AND ALL CHANLEVS ARE LOST!

NB: Save this email for future reference.
""",
      },
      2: { "subject": "%(config.bot)s password request", "body": """
Your username/password is:

Username: %(user.username)s
Password: %(user.password)s

To auth yourself to %(config.bot)s, type the following command

   /MSG %(config.bot)s@%(config.server)s AUTH %(user.username)s %(user.password)s
""", },
      3: { "subject": "%(config.bot)s password change", "body": """
Your password has recently changed. If this was not requested by you,
please use:
%(resetline)s

You have until %(lockuntil)s to perform this command.
""", },
      4: { "subject": "%(config.bot)s account reset", "body": """
Your %(config.bot)s account settings have been restored:
  E-mail address: %(user.email)s
  Password:       %(user.password)s

Make sure you read the %(config.bot)s security FAQ at %(config.securityurl)s.
""", },
      5: { "subject": "%(config.bot)s email change", "body": """
Your email address has been changed on %(config.bot)s from %(prevemail)s to %(user.email)s.

If you did not request this please use:
%(resetline)s

You have until %(lockuntil)s to perform this command.
""", },
      6: { "subject": "Please complete your QuakeNet account registration", "body": """
Hi %(user.username)s,

You're just one click away from completing your registration for a QuakeNet account!

Just visit the link below to complete the process:
%(url)s

For reference, your username/password is:

Username: %(user.username)s
Password: %(user.password)s

After activation you can auth yourself to QuakeNet by typing the following command:

   /AUTH %(user.username)s %(user.password)s
""", },
    },
  },
}
Commit	Line	Data
11e72535	1	import md5, os, hmac, time
f14f0b7b CP	2	from rc4 import RC4
f14f0b7b CP	3
11e72535 CP	4	try:
	5	import hashlib
	6	sha256 = hashlib.sha256
	7	sha256m = hashlib.sha256
	8	except ImportError:
	9	import sha256 as __sha256
	10	sha256 = __sha256.sha256
	11	sha256m = __sha256
	12
f14f0b7b CP	13	def generate_url(config, obj):
	14	s = os.urandom(4)
	15	r = RC4(md5.md5("%s %s" % (s, config["urlkey"])).hexdigest())
	16	a = r.crypt(obj["user.password"])
	17	b = md5.md5(md5.md5("%s %s %s %s" % (config["urlsecret"], obj["user.username"], a, s)).hexdigest()).hexdigest()
	18	obj["url"] = "%s?m=%s&h=%s&u=%s&r=%s" % (config["url"], a.encode("hex"), b, obj["user.username"].encode("hex"), s.encode("hex"))
	19
d81d847b CP	20	def generate_activation_url(config, obj):
d81d847b CP	21	r = os.urandom(16).encode("hex")
f6a7c5d0 CP	22	uid = int(obj["user.id"])
	23	h = hmac.HMAC(sha256("hmac %s %s" % (r, config["activationkey"])).hexdigest())
	24	h.update("%d %s %s" % (uid, obj["user.username"], obj["user.password"]))
d81d847b	25	hd = h.hexdigest()
f6a7c5d0 CP	26
	27	r2 = RC4(sha256("rc4 %s %s" % (r, config["activationkey"])).hexdigest())
	28	a = r2.crypt(obj["user.password"])
	29	obj["url"] = "%s?id=%d&h=%s&r=%s&u=%s&p=%s" % (config["activationurl"], uid, hd, r, obj["user.username"].encode("hex"), a.encode("hex"))
d81d847b	30
11e72535	31	def generate_resetcode(config, obj):
dbec52da CP	32	if obj["user.lockuntil"] == 0:
dbec52da CP	33	obj["resetline"] = "LOCK UNTIL NOT SET. STAFF ACCOUNT'S CAN'T USE RESET"
039e298c	34	obj["lockuntil"] = "never"
dbec52da CP	35	return
dbec52da CP	36
11e72535 CP	37	if not config.has_key("__codegensecret"):
	38	config["__codegenhmac"] = hmac.HMAC(key=sha256(sha256("%s:codegenerator" % config["q9secret"]).digest()).hexdigest(), digestmod=sha256m)
	39
	40	h = config["__codegenhmac"].copy()
	41	h.update(sha256("%s:%d" % (obj["user.username"], obj["user.lockuntil"])).hexdigest())
	42
	43	obj["resetcode"] = h.hexdigest()
11e72535	44	obj["lockuntil"] = time.ctime(obj["user.lockuntil"])
dbec52da	45	obj["resetline"] = "/MSG %(config.bot)s RESET #%(user.username)s %(resetcode)s" % obj
11e72535	46
f14f0b7b CP	47	MAILTEMPLATES = {
	48	"mutators": {
	49	1: generate_url,
11e72535 CP	50	3: generate_resetcode,
11e72535 CP	51	5: generate_resetcode,
d81d847b	52	6: generate_activation_url,
f14f0b7b	53	},
58fadfc0 CP	54	"sendto": {
	55	5: "prevemail",
	56	},
f14f0b7b CP	57	"languages": {
	58	"en": {
	59	1: {
58fadfc0	60	"subject": "%(config.bot)s account registration",
f14f0b7b CP	61	"body": """
f14f0b7b CP	62	Thank you for registering.
06c8032a CP	63	To get your password please visit:
06c8032a CP	64	%(url)s
f14f0b7b	65
a8a392ba CP	66	Note that this URL will not work forever, you should make a note of your password
	67	or change it (as on the site).
	68
06c8032a	69	In case you forget your login/password use:
a8a392ba	70	/msg %(config.bot)s REQUESTPASSWORD %(user.email)s
06c8032a	71
58fadfc0	72	Make sure you've read the %(config.bot)s FAQ at %(config.siteurl)s for a complete
06c8032a CP	73	reference on Q's commands and usage.
06c8032a CP	74
58fadfc0	75	** PLEASE READ %(config.securityurl)s --
06c8032a CP	76	it contains important information about keeping your account secure.
	77	Note that QuakeNet Operators will not intervene if you fail to read
	78	the above URL and your account is compromised as a result.
	79
	80	PLEASE REMEMBER THAT UNUSED ACCOUNTS ARE AUTOMATICALLY REMOVED
	81	AFTER %(config.cleanup)d DAYS, AND ALL CHANLEVS ARE LOST!
	82
	83	NB: Save this email for future reference.
f14f0b7b CP	84	""",
f14f0b7b CP	85	},
58fadfc0 CP	86	2: { "subject": "%(config.bot)s password request", "body": """
	87	Your username/password is:
	88
	89	Username: %(user.username)s
	90	Password: %(user.password)s
	91
	92	To auth yourself to %(config.bot)s, type the following command
	93
	94	/MSG %(config.bot)s@%(config.server)s AUTH %(user.username)s %(user.password)s
	95	""", },
11e72535 CP	96	3: { "subject": "%(config.bot)s password change", "body": """
	97	Your password has recently changed. If this was not requested by you,
	98	please use:
dbec52da	99	%(resetline)s
11e72535 CP	100
	101	You have until %(lockuntil)s to perform this command.
	102	""", },
	103	4: { "subject": "%(config.bot)s account reset", "body": """
	104	Your %(config.bot)s account settings have been restored:
	105	E-mail address: %(user.email)s
	106	Password: %(user.password)s
	107
	108	Make sure you read the %(config.bot)s security FAQ at %(config.securityurl)s.
	109	""", },
58fadfc0	110	5: { "subject": "%(config.bot)s email change", "body": """
11e72535	111	Your email address has been changed on %(config.bot)s from %(prevemail)s to %(user.email)s.
58fadfc0	112
11e72535	113	If you did not request this please use:
dbec52da	114	%(resetline)s
58fadfc0	115
11e72535	116	You have until %(lockuntil)s to perform this command.
d81d847b CP	117	""", },
	118	6: { "subject": "Please complete your QuakeNet account registration", "body": """
	119	Hi %(user.username)s,
	120
	121	You're just one click away from completing your registration for a QuakeNet account!
	122
	123	Just visit the link below to complete the process:
	124	%(url)s
	125
	126	For reference, your username/password is:
	127
	128	Username: %(user.username)s
	129	Password: %(user.password)s
	130
	131	After activation you can auth yourself to QuakeNet by typing the following command:
	132
	133	/AUTH %(user.username)s %(user.password)s
58fadfc0	134	""", },
f14f0b7b CP	135	},
	136	},
	137	}