def post(self):
""" Creates a new user. """
# Ensure that we are using database auth.
if app.config["AUTHENTICATION_TYPE"] != "Database":
raise InvalidRequest("Cannot create a user in a non-database auth system")
user_information = request.get_json()
if SuperUserPermission().can():
# Generate a temporary password for the user.
random = SystemRandom()
password = "".join(
[random.choice(string.ascii_uppercase + string.digits) for _ in range(32)]
)
# Create the user.
username = user_information["username"]
email = user_information.get("email")
install_user, confirmation_code = pre_oci_model.create_install_user(
username, password, email
)
if features.MAILING:
send_confirmation_email(
install_user.username, install_user.email, confirmation_code
)
return {
"username": username,
"email": email,
"password": password,
"encrypted_password": authentication.encrypt_user_password(password),
}
raise Unauthorized()
def sendConfirmation(username):
user = model.user.get_nonrobot_user(username)
if not user:
print "No user found"
return
with app.app_context():
confirmation_code = model.user.create_confirm_email_code(user)
send_confirmation_email(user.username, user.email, confirmation_code)
print "Email sent to %s" % (user.email)
def post(self):
"""
Create a new user.
"""
if app.config["AUTHENTICATION_TYPE"] != "Database":
abort(404)
user_data = request.get_json()
invite_code = user_data.get("invite_code", "")
existing_user = model.user.get_nonrobot_user(user_data["username"])
if existing_user:
raise request_error(message="The username already exists")
# Ensure an e-mail address was specified if required.
if features.MAILING and not user_data.get("email"):
raise request_error(message="Email address is required")
# If invite-only user creation is turned on and no invite code was sent, return an error.
# Technically, this is handled by the can_create_user call below as well, but it makes
# a nicer error.
if features.INVITE_ONLY_USER_CREATION and not invite_code:
raise request_error(message="Cannot create non-invited user")
# Ensure that this user can be created.
blacklisted_domains = app.config.get("BLACKLISTED_EMAIL_DOMAINS", [])
if not can_create_user(user_data.get("email"), blacklisted_domains=blacklisted_domains):
raise request_error(
message="Creation of a user account for this e-mail is disabled; please contact an administrator"
)
# If recaptcha is enabled, then verify the user is a human.
if features.RECAPTCHA:
recaptcha_response = user_data.get("recaptcha_response", "")
result = recaptcha2.verify(
app.config["RECAPTCHA_SECRET_KEY"], recaptcha_response, get_request_ip()
)
if not result["success"]:
return {"message": "Are you a bot? If not, please revalidate the captcha."}, 400
is_possible_abuser = ip_resolver.is_ip_possible_threat(get_request_ip())
try:
prompts = model.user.get_default_user_prompts(features)
new_user = model.user.create_user(
user_data["username"],
user_data["password"],
user_data.get("email"),
auto_verify=not features.MAILING,
email_required=features.MAILING,
is_possible_abuser=is_possible_abuser,
prompts=prompts,
)
email_address_confirmed = handle_invite_code(invite_code, new_user)
if features.MAILING and not email_address_confirmed:
confirmation_code = model.user.create_confirm_email_code(new_user)
send_confirmation_email(new_user.username, new_user.email, confirmation_code)
return {"awaiting_verification": True}
else:
success, headers = common_login(new_user.uuid)
if not success:
return {"message": "Could not login. Is your account inactive?"}, 403
return user_view(new_user), 200, headers
except model.user.DataModelException as ex:
raise request_error(exception=ex)
