def invite_new_opendata_admin(cls, email):
"""
Creates a new ODTF member.
Sends invitation to join CKAN Manager via Email.
"""
user = cls()
user.original_email = email
user.current_email = email
user.email_list = [email]
user.confirmation_token = generate_token()
user.role = "OPENDATAADMIN"
user.status = "INVITE"
user.put()
content = {"token": user.confirmation_token, "uid": str(user.key.id())}
send_email(
receiver_name="OPEN DATA ADMIN",
receiver_email=user.current_email,
subject="Open Data Admin Invitation",
content=content,
email_type="invite_opendata_admin",
)
return user
def post(self):
"""
Handles the /login endpoint.
Logs in users.
"""
if self.POST("email") and self.POST("password"):
url = "/login"
redirect = None
email = self.POST("email").strip().lower()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if self.POST("redirect"):
redirect = urllib.quote(self.POST("redirect"))
url += "?redirect=" + str(redirect)
if not user:
error = "Invalid email or password."
error_message(self, error)
self.redirect(url)
return
if user.hashed_password:
if not user.verify_password(self.POST("password")):
error = "Invalid email or password."
error_message(self, error)
self.redirect(url)
return
else:
password = hp(email=email, password=self.POST("password"))
if user.password != password:
error = "Invalid email or password."
error_message(self, error)
self.redirect(url)
return
else:
user.hashed_password = user.hash_password(
self.POST("password"))
user.put()
if user.status == "PENDING":
error = "Your account has not been verified. "
error += "Please verify your account by opening the "
error += "verification email we sent you. "
error_message(self, error)
self.redirect(url)
return
if user.status == "DISABLED":
error = "Your account has been disabled. "
error += "Please contact the Geostore Admin."
error_message(self, error)
self.redirect(url)
return
if user.role in ["AGENCYADMIN", "USER"]:
if user.status == "VERIFIED":
error = "Your account is still pending approval. "
error += "Once your account is approved, you will be able "
error += "to login. You will receive an email once your "
error += "account is approved."
error_message(self, error)
self.redirect(url)
return
if user.status == "DISAPPROVED":
error = "Your account has been disapproved. "
error += "Please contact the Geostore Admin."
error_message(self, error)
self.redirect(url)
return
user.csrf_token = generate_token()
session = SessionHandler(user)
session.login()
code = session.generate_login_code()
if self.POST("redirect"):
self.redirect(urllib.unquote(str(self.POST("redirect"))))
else:
self.redirect("/dashboard")
return
error = "Please enter your email and password."
error_message(self, error)
self.redirect("/login")
def post(self):
"""
Handles the /password/reset endpoint.
Resets password of the user.
"""
if self.POST("email"):
email = self.POST("email").lower().strip()
query = User.query()
query = query.filter(User.current_email == email)
user = query.get()
if user:
user.password_token = generate_token()
user.put()
content = {
"token": user.password_token,
"uid": str(user.key.id()),
"receiver_name": user.first_name,
"receiver_email": user.current_email,
"subject": "Reset Password",
"email_type": "password_reset"
}
taskqueue.add(url="/tasks/email/send",
params=content,
method="POST")
success = "We sent an email to "
success += self.POST("email") + ". Please open the "
success += "email and click on the password reset link "
success += "to reset your password."
success_message(self, success)
self.redirect("/password/reset")
else:
error = "Sorry, " + self.POST("email")
error += " does not belong to an existing account."
error_message(self, error)
self.redirect("/password/reset")
elif self.POST("new_password") and self.POST("confirm_password") \
and self.GET("uid") and self.GET("password_token"):
if self.POST("new_password") == self.POST("confirm_password"):
user = User.get_by_id(int(self.GET("uid")))
if user:
if user.password_token == self.GET("password_token"):
password = user.hash_password(
self.POST("new_password"))
user.password_token = generate_token()
user.previous_passwords.append(password)
user.password_update = datetime.datetime.now()
user.hashed_password = password
user.put()
session = SessionHandler(user)
session.login()
code = session.generate_login_code()
if self.POST("redirect"):
self.redirect(
urllib.unquote(str(self.POST("redirect"))))
else:
self.redirect("/dashboard")
return
else:
error = "Sorry, your password reset request has expired."
error += " Please create a new request."
error_message(self, error)
self.redirect("/password/reset")
else:
error = "Sorry, we couldn't process your request. "
error += "Please try again."
error_message(self, error)
self.redirect("/password/reset")
else:
error = "Passwords do not match."
error_message(self, error)
url = "/password/reset?password_token=" + self.POST(
"password_token")
url += "&uid=" + self.POST("uid")
self.redirect(url)
else:
error = "Please fill all required fields."
error_message(self, error)
self.redirect("/password/reset")
def create_new_user(
cls,
first_name,
last_name,
password,
email,
role="USER",
department="",
agency="",
region="",
operating_unit="",
uacs="",
middle_name="",
mobile="",
designation="",
salutation="",
send=True,
):
"""
Creates a new user.
"""
user = cls()
user.salutation = salutation
user.first_name = first_name
user.last_name = last_name
user.middle_name = middle_name or ""
user.name = " ".join([first_name, middle_name or "", last_name])
user.mobile_number = mobile
user.original_email = email
user.current_email = email
user.email_list = [email]
user.password = hp(email, password)
user.previous_passwords = [hp(email, password)]
# user.department = department
# user.position = position
user.confirmation_token = generate_token()
if uacs:
user.permissions = ["->".join(["UACS_ID", uacs])]
if role:
user.role = role.upper()
if designation:
user.designation = designation.upper()
user.department = department
user.agency = agency
user.region = region
user.operating_unit = operating_unit
user.uacs = uacs
user.put()
if send:
content = {"token": user.confirmation_token, "uid": str(user.key.id())}
send_email(
receiver_name=user.first_name,
receiver_email=user.current_email,
subject="Email Verfication",
content=content,
email_type="verify",
)
return user
