Beispiel #1
0
def reset_password(token):
    email_address_encoded = request.args.get('e') or ''
    if not email_address_encoded:
        return jsonify(message='You must provide an email address when resetting a password'), 400
    email_address = unquote_plus(email_address_encoded)

    json_payload = get_json_from_request()

    required_keys = ['password', 'confirmPassword']

    if not set(required_keys).issubset(json_payload):
        return jsonify(message='One or more required args were missing from the request'), 400

    if json_payload['password'] != json_payload['confirmPassword']:
        return jsonify(message="Passwords do not match"), 400

    try:
        token_age_limit = key_values_service.get_by_key('password_reset_token_age_limit')
        claim = user_claims_service.validate_and_update_claim(
            type='password_reset',
            token=token,
            email_address=email_address,
            age=token_age_limit['data']['age']
        )
        if not claim:
            return jsonify(message='Invalid token'), 400
    except Exception as error:
        return jsonify(message='Invalid token'), 400

    try:
        publish_tasks.user_claim.delay(
            publish_tasks.compress_user_claim(claim),
            'updated'
        )

        update_user_details(
            password=json_payload['password'],
            user_id=claim.data.get('user_id', None)
        )

        return jsonify(
            message="User with email {}, successfully updated their password".format(email_address),
            email_address=email_address
        ), 200

    except Exception as error:
        return jsonify(message=error.message), 400
Beispiel #2
0
def send_reset_password_email():
    json_payload = get_json_from_request()
    email_address = json_payload.get('email_address', None)
    framework_slug = json_payload.get('framework', None)
    if email_address is None:
        return jsonify(message='One or more required args were missing from the request'), 400
    user = User.query.filter(
        User.email_address == email_address.lower()).first()

    if user is None:
        return jsonify(email_address=email_address), 200

    app_root_url = get_root_url(framework_slug)

    try:
        user_data = {
            'user_id': user.id
        }
        claim = user_claims_service.make_claim(type='password_reset', email_address=email_address, data=user_data)
        if not claim:
            return jsonify(message="There was an issue completing the password reset process."), 500

        publish_tasks.user_claim.delay(
            publish_tasks.compress_user_claim(claim),
            'created'
        )

        send_reset_password_confirm_email(
            token=claim.token,
            email_address=email_address,
            locked=user.locked,
            framework=framework_slug
        )

    except Exception as error:
        return jsonify(message=error.message), 400

    return jsonify(
        email_address=email_address
    ), 200
Beispiel #3
0
def signup():
    """Signup user
    ---
    tags:
      - auth
    consumes:
      - application/json
    parameters:
      - name: body
        in: body
        required: true
        schema:
          id: SignupUser
          required:
            - name
            - email_address
            - user_type
          properties:
            name:
              type: string
            email_address:
              type: string
            user_type:
              type: string
            employment_status:
              type: string
            line_manager_name:
              type: string
            line_manager_email:
              type: string
            framework:
              type: string
    responses:
      200:
        description: User
        schema:
          $ref: '#/definitions/UserInfo'
    """
    json_payload = request.get_json()
    name = json_payload.get('name', None)
    email_address = json_payload.get('email_address', None)
    user_type = json_payload.get('user_type', None)
    employment_status = json_payload.get('employment_status', None)
    line_manager_name = json_payload.get('line_manager_name', None)
    line_manager_email = json_payload.get('line_manager_email', None)
    framework = json_payload.get('framework', 'digital-marketplace')

    user = User.query.filter(
        User.email_address == email_address.lower()).first()

    if user is not None:
        send_user_existing_password_reset_email(user.name, email_address)
        return jsonify(
            email_address=email_address,
            message="Email invite sent successfully"
        ), 200

    if user_type == 'seller' or user_type == 'applicant':
        if is_duplicate_user(email_address):
            return jsonify(
                email_address=email_address,
                message='An account with this email domain already exists'
            ), 409

    if user_type == 'buyer' and not has_whitelisted_email_domain(get_email_domain(email_address)):
        return jsonify(
            email_address=email_address,
            message="A buyer account must have a valid government entity email domain"
        ), 403

    user_data = {
        'name': name,
        'user_type': user_type,
        'framework': framework,
        'employment_status': employment_status
    }
    claim = user_claims_service.make_claim(type='signup', email_address=email_address, data=user_data)
    if not claim:
        return jsonify(message="There was an issue completing the signup process."), 500

    publish_tasks.user_claim.delay(
        publish_tasks.compress_user_claim(claim),
        'created'
    )

    if employment_status == 'contractor':
        try:
            send_account_activation_manager_email(
                token=claim.token,
                manager_name=line_manager_name,
                manager_email=line_manager_email,
                applicant_name=name,
                applicant_email=email_address,
                framework=framework
            )
            return jsonify(
                email_address=email_address,
                message="Email invite sent successfully"
            ), 200

        except EmailError:
            return jsonify(message='An error occured when trying to send an email'), 500

    if employment_status == 'employee' or user_type == 'seller':
        try:
            send_account_activation_email(
                token=claim.token,
                email_address=email_address,
                framework=framework
            )
            return jsonify(
                email_address=email_address,
                message="Email invite sent successfully"
            ), 200

        except EmailError:
            return jsonify(
                email_address=email_address,
                message='An error occured when trying to send an email'
            ), 500

    else:
        return jsonify(
            email_address=email_address,
            message='An error occured when trying to send an email'
        ), 400
Beispiel #4
0
def add(token):
    """Creates a new user based on the token claim and email address provided.
    ---
    tags:
      - users
    consumes:
      - application/json
    parameters:
      - name: e
        in: query
        type: string
        required: true
        description: URL encoded email address
      - name: token
        in: path
        type: string
        required: true
        description: the validation token
      - name: body
        in: body
        required: true
        schema:
          required:
            - password
          properties:
            password:
              type: string
    responses:
      200:
        description: User
        type: object
        properties:
          role:
            type: string
          email_address:
            type: string
          name:
            type: string
          supplier_code:
            type: string
          application_id:
            type: string
    """
    email_address_encoded = request.args.get('e') or ''
    if not email_address_encoded:
        return jsonify(message='You must provide an email address when validating a new account'), 400
    email_address = unquote_plus(email_address_encoded)
    json_payload = request.get_json()
    password = json_payload.get('password', None)
    if not password:
        return jsonify(message='You must provide a password for your new user account'), 400
    claim = user_claims_service.find(type='signup', token=token, email_address=email_address,
                                     claimed=False).one_or_none()
    if not claim:
        return jsonify(message='Invalid token'), 400
    user = create_user(
        user_type=claim.data['user_type'],
        name=claim.data['name'],
        email_address=email_address,
        password=password,
        framework=claim.data['framework'],
        supplier_code=claim.data.get('supplier_code', None)
    )
    try:
        claim = user_claims_service.validate_and_update_claim(type='signup', token=token, email_address=email_address)
        if not claim:
            return jsonify(message='Invalid token'), 400
    except Exception as error:
        return jsonify(message='Invalid token'), 400

    publish_tasks.user_claim.delay(
        publish_tasks.compress_user_claim(claim),
        'updated'
    )

    return user
Beispiel #5
0
def add(token):
    """Creates a new user based on the token claim and email address provided.
    ---
    tags:
      - users
    consumes:
      - application/json
    parameters:
      - name: e
        in: query
        type: string
        required: true
        description: URL encoded email address
      - name: token
        in: path
        type: string
        required: true
        description: the validation token
      - name: body
        in: body
        required: true
        schema:
          required:
            - password
          properties:
            password:
              type: string
    responses:
      200:
        description: User
        type: object
        properties:
          role:
            type: string
          email_address:
            type: string
          name:
            type: string
          supplier_code:
            type: string
          application_id:
            type: string
    """
    email_address_encoded = request.args.get('e') or ''
    if not email_address_encoded:
        return jsonify(
            message=
            'You must provide an email address when validating a new account'
        ), 400
    email_address = unquote_plus(email_address_encoded)
    json_payload = request.get_json()
    password = json_payload.get('password', None)
    if not password:
        return jsonify(
            message='You must provide a password for your new user account'
        ), 400
    claim = user_claims_service.get_claim(type='signup',
                                          token=token,
                                          email_address=email_address,
                                          claimed=False)
    headers = {}
    for x in request.headers:
        headers[x[0]] = x[1]
    if not claim:
        current_app.logger.info('login.signup.fail: 1 {email_address}',
                                extra={'email_address': email_address})
        current_app.logger.info('login.signup.headers: {headers}',
                                extra={'headers': headers})
        return jsonify(message='Invalid token'), 400
    user = create_user(user_type=claim.data['user_type'],
                       name=claim.data['name'],
                       email_address=email_address,
                       password=password,
                       framework=claim.data['framework'],
                       supplier_code=claim.data.get('supplier_code', None),
                       abn=claim.data.get('abn', None))
    try:
        claim = user_claims_service.validate_and_update_claim(
            type='signup', token=token, email_address=email_address)
        if not claim:
            current_app.logger.info('login.signup.fail: 2 {email_address}',
                                    extra={'email_address': email_address})
            current_app.logger.info('login.signup.headers: {headers}',
                                    extra={'headers': headers})
            return jsonify(message='Invalid token'), 400
    except Exception as error:
        current_app.logger.info(
            'login.signup.fail: 3 {email_address} {exception}',
            extra={
                'email_address': email_address,
                'exception': str(error)
            })
        current_app.logger.info('login.signup.headers: {headers}',
                                extra={'headers': headers})
        return jsonify(message='Invalid token'), 400

    publish_tasks.user_claim.delay(publish_tasks.compress_user_claim(claim),
                                   'updated')

    return user