chanserv/batcher/templates.py

   1 import md5, os, hmac, time
   2 from rc4 import RC4
   3
   4 try:
   5   import hashlib
   6   sha256 = hashlib.sha256
   7   sha256m = hashlib.sha256
   8 except ImportError:
   9   import sha256 as __sha256
  10   sha256 = __sha256.sha256
  11   sha256m = __sha256
  12
  13 def generate_url(config, obj):
  14   s = os.urandom(4)
  15   r = RC4(md5.md5("%s %s" % (s, config["urlkey"])).hexdigest())
  16   a = r.crypt(obj["user.password"])
  17   b = md5.md5(md5.md5("%s %s %s %s" % (config["urlsecret"], obj["user.username"], a, s)).hexdigest()).hexdigest()
  18   obj["url"] = "%s?m=%s&h=%s&u=%s&r=%s" % (config["url"], a.encode("hex"), b, obj["user.username"].encode("hex"), s.encode("hex"))
  19
  20 def generate_resetcode(config, obj):
  21   if obj["user.lockuntil"] == 0:
  22     obj["resetline"] = "LOCK UNTIL NOT SET. STAFF ACCOUNT'S CAN'T USE RESET"
  23     obj["lockuntil"] = "never"
  24     return
  25
  26   if not config.has_key("__codegensecret"):
  27     config["__codegenhmac"] = hmac.HMAC(key=sha256(sha256("%s:codegenerator" % config["q9secret"]).digest()).hexdigest(), digestmod=sha256m)
  28
  29   h = config["__codegenhmac"].copy()
  30   h.update(sha256("%s:%d" % (obj["user.username"], obj["user.lockuntil"])).hexdigest())
  31
  32   obj["resetcode"] = h.hexdigest()
  33   obj["lockuntil"] = time.ctime(obj["user.lockuntil"])
  34   obj["resetline"] = "/MSG %(config.bot)s RESET #%(user.username)s %(resetcode)s" % obj
  35
  36 MAILTEMPLATES = {
  37   "mutators": {
  38     1: generate_url,
  39     3: generate_resetcode,
  40     5: generate_resetcode,
  41   },
  42   "sendto": {
  43     5: "prevemail",
  44   },
  45   "languages": {
  46     "en": {
  47       1: {
  48         "subject": "%(config.bot)s account registration",
  49         "body": """
  50 Thank you for registering.
  51 To get your password please visit:
  52 %(url)s
  53
  54 Note that this URL will not work forever, you should make a note of your password
  55 or change it (as on the site).
  56
  57 In case you forget your login/password use:
  58 /msg %(config.bot)s REQUESTPASSWORD %(user.email)s
  59
  60 Make sure you've read the %(config.bot)s FAQ at %(config.siteurl)s for a complete
  61 reference on Q's commands and usage.
  62
  63  ** PLEASE READ %(config.securityurl)s --
  64     it contains important information about keeping your account secure.
  65     Note that QuakeNet Operators will not intervene if you fail to read
  66     the above URL and your account is compromised as a result.
  67
  68 PLEASE REMEMBER THAT UNUSED ACCOUNTS ARE AUTOMATICALLY REMOVED
  69 AFTER %(config.cleanup)d DAYS, AND ALL CHANLEVS ARE LOST!
  70
  71 NB: Save this email for future reference.
  72 """,
  73       },
  74       2: { "subject": "%(config.bot)s password request", "body": """
  75 Your username/password is:
  76
  77 Username: %(user.username)s
  78 Password: %(user.password)s
  79
  80 To auth yourself to %(config.bot)s, type the following command
  81
  82    /MSG %(config.bot)s@%(config.server)s AUTH %(user.username)s %(user.password)s
  83 """, },
  84       3: { "subject": "%(config.bot)s password change", "body": """
  85 Your password has recently changed. If this was not requested by you,
  86 please use:
  87 %(resetline)s
  88
  89 You have until %(lockuntil)s to perform this command.
  90 """, },
  91       4: { "subject": "%(config.bot)s account reset", "body": """
  92 Your %(config.bot)s account settings have been restored:
  93   E-mail address: %(user.email)s
  94   Password:       %(user.password)s
  95
  96 Make sure you read the %(config.bot)s security FAQ at %(config.securityurl)s.
  97 """, },
  98       5: { "subject": "%(config.bot)s email change", "body": """
  99 Your email address has been changed on %(config.bot)s from %(prevemail)s to %(user.email)s.
 100
 101 If you did not request this please use:
 102 %(resetline)s
 103
 104 You have until %(lockuntil)s to perform this command.
 105 """, },
 106     },
 107   },
 108 }