def _invalid_questionnaire(self, req):
req.method = 'GET' # very dirty hacking
res = account_signup(req)
form = AccountSignupForm(req.POST)
form.is_valid()
res.context_data['form'] = form
res.context_data['questionnaire_form'] = self.questionnaire_form
return redirect(reverse('dateprofile:account_signup'))
def test_signup_form(self):
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password'
})
self.assertTrue(form.is_valid())
def iap_signup(request):
if request.method == 'POST':
data = JSONParser().parse(request)
receipt = data['receipt']
if ZappyUser.objects.filter(apple_receipt=receipt).exists():
return JsonResponse({'error': 'This In App Purchase has already been used. Please contact [email protected]', 'kick_out': True},
status=400)
verify_url = 'https://buy.itunes.apple.com/verifyReceipt'
if 'debug' in data:
if data['debug']:
verify_url = 'https://sandbox.itunes.apple.com/verifyReceipt'
receipt_json = json.dumps(
{"receipt-data": receipt, 'password': env.str('APP_SHARED_SECRET', default='')})
response = requests.request(
method='POST',
url=verify_url,
headers={'Content-Type': 'application/x-www-form-urlencoded'},
data=receipt_json
)
res_json = response.json()
try:
request.POST._mutable = True
request.POST['email'] = data['email']
request.POST['password1'] = data['password']
form = SignupForm(request.POST)
form.is_valid()
user = form.save(request)
user.apple_product_id = res_json['latest_receipt_info'][-1]['product_id']
user.apple_expires_date = datetime.datetime.fromtimestamp(
int(res_json['latest_receipt_info'][-1]['expires_date_ms']) / 1000)
user.active_membership = True
user.apple_receipt = receipt
user.save()
token = Token.objects.create(user=user)
return JsonResponse({'token': str(token)}, status=201)
except IntegrityError:
return JsonResponse({'error': 'That email has already been taken'},
status=400)
except KeyError:
return JsonResponse({'error': 'We had problems verifying the receipt. Please contact [email protected]', 'kick_out': True},
status=400)
except Exception as e:
print(e)
return JsonResponse({'error': 'Something went wrong. Please contact [email protected]', 'kick_out': True},
status=400)
def test_duplicate_email(self):
User.objects.create_user("test1", "*****@*****.**", "testpass")
form = SignupForm(
{"username": "******", "email": "*****@*****.**", "password1": "password", "password2": "password"}
)
self.assertFalse(form.is_valid())
self.assertIn("email", form.errors)
def test_signup_form(self):
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password'
})
self.assertTrue(form.is_valid())
def test_password_mismatch(self):
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'passwordmismatch'
})
self.assertFalse(form.is_valid())
self.assertIn('__all__', form.errors)
self.assertIn('You must type the same password each time.',
form.errors['__all__'])
def test_duplicate_email(self):
User.objects.create_user('test1', '*****@*****.**', 'testpass')
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password'
})
self.assertFalse(form.is_valid())
self.assertIn('email', form.errors)
def test_duplicate_email(self):
User.objects.create_user('test1', '*****@*****.**', 'testpass')
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password'
})
self.assertFalse(form.is_valid())
self.assertIn('email', form.errors)
def test_password_mismatch(self):
form = SignupForm(
{
"username": "******",
"email": "*****@*****.**",
"password1": "password",
"password2": "passwordmismatch",
}
)
self.assertFalse(form.is_valid())
self.assertIn("__all__", form.errors)
self.assertIn("You must type the same password each time.", form.errors["__all__"])
def test_non_ascii_username(self):
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password',
})
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['username'], [
'Enter a valid username. This value may contain only '
'English letters, numbers, and @/./+/-/_ characters.'
])
def modal_signup(request, **kwargs):
if request.method == "POST":
signup_form = SignupForm(request.POST)
if signup_form.is_valid():
user = signup_form.save(request)
next = request.POST.get("next","/food/")
complete_signup(request, user, "/food/")
return HttpResponse(next)
redirect_field_name, redirect_field_value = "next", request.referer
response = render(request, "signup_error.html", locals())
response.status_code = 400
return response
def test_password_mismatch(self):
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'passwordmismatch'
})
self.assertFalse(form.is_valid())
self.assertIn('__all__', form.errors)
self.assertIn(
'You must type the same password each time.',
form.errors['__all__']
)
def signup(self, request, **kwargs):
self.method_check(request, allowed=['post'])
data = self.deserialize(
request, request.body,
format=request.META.get('CONTENT_TYPE', 'application/json'))
try:
form = SignupForm(data)
if not form.is_valid():
return self.create_response(request, {
'success': False,
'reason': 'form',
'error_type': 'dict',
'error': form.errors,
}, HttpBadRequest)
user = form.save(request)
response = complete_signup(request, user,
app_settings.EMAIL_VERIFICATION,
success_url='/')
if response.status_code not in [200, 201, 301, 302]:
return self.create_response(request, {
'success': False,
'reason': 'status',
'error_type': 'str',
'error': 'Got bad status code {}'.format(response.status_code),
})
# Set session expiry
request.session.set_expiry(settings.SESSION_COOKIE_AGE)
return self.create_response(request, {
'success': True,
'id': user.id,
'resource_uri': self.get_resource_uri(user),
}, HttpCreated)
except ValidationError as e:
return self.create_response(request, {
'success': False,
'reason': 'invalid',
'error_type': 'list',
'error': e.messages,
}, HttpBadRequest)
except Exception as e:
return self.create_response(request, {
'success': False,
'reason': 'exception',
'error_type': 'str',
'error': '{}'.format(e),
}, HttpBadRequest)
def test_password_mismatch(self):
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'passwordmismatch'
})
self.assertFalse(form.is_valid())
# Since django-allauth 0.27.0, the "You must type the same password
# each time" form validation error that can be triggered during
# signup is added to the 'password2' field instead of being added to
# the non field errors.
self.assertIn('password2', form.errors)
self.assertEqual(form.errors['password2'],
['You must type the same password each time.'])
def signup_paciente(request):
# return render(request, 'med_app/signup-paciente.html')
if request.method == 'POST':
form = SignupForm(request.POST)
if form.is_valid():
form.save(request)
username = form.cleaned_data.get('email')
raw_password = form.cleaned_data.get('password1')
user = authenticate(username=username, password=raw_password)
##login(request, user)
# return redirect('home')
else:
form = SignupForm()
return render(request, 'med_app/signup-paciente.html', {'form': form})
def new_user(request):
if request.method == 'POST':
# profile = request.user.playerprofile
# userform = EditUserForm(request.POST)
userform = SignupForm(request.POST)
if userform.is_valid():
print('valid')
userform.save(request)
# user = User(email=userform.cleaned_data['email'],
# username=userform.cleaned_data['email'],
# first_name = userform.cleaned_data['first_name'],
# last_name = userform.cleaned_data['last_name'],
# password = make_password(userform.cleaned_data['password'])
# )
# user.save()
# email_context = {
# 'domain': '52dashboard.com',
# 'token': token_gen.make_token(newuser),
# 'uid': urlsafe_base64_encode(str(newuser.pk).encode('utf-8')),
# }
# msg_plain = render_to_string('accounts/verify_account_email.txt', email_context)
#
# send_mail(
# 'Verify Your Email',
# msg_plain,
# 'BSN Accounts <*****@*****.**>',
# [user.email],
# fail_silently=True,
# )
# new_user = authenticate(username=userform.cleaned_data['email'], password=userform.cleaned_data['password'])
# login(request, new_user)
# return redirect('email-verification')
# return redirect(reverse('home'))
# if a GET (or any other method) we'll create a blank form
else:
userform = EditUserForm()
context = {
# 'profile': request.user.playerprofile,
'userform': userform,
'formtitle': 'Sign Up',
}
return render(request, 'profiles/new_user.html', context)
def sign_me_up(request, email, pw1, pw2):
"""
Given data for the signup form from somewhere, sign up a user
and return that user.
Arguments:
- `request`: Request
- `email`: str
- `pw1`: str
- `pw2`: str
Return: RMUser or form with errors (Wonky behaviour, but this shouldn't happen...)
Exceptions: None
"""
form = SignupForm(data=dict(email=email, password1=pw1, password2=pw2))
if form.is_valid():
return form.save(request)
return form
def sign_me_up(request, email, pw1, pw2):
"""
Given data for the signup form from somewhere, sign up a user
and return that user.
Arguments:
- `request`: Request
- `email`: str
- `pw1`: str
- `pw2`: str
Return: RMUser or form with errors (Wonky behaviour, but this shouldn't happen...)
Exceptions: None
"""
form = SignupForm(data=dict(email=email, password1=pw1, password2=pw2))
if form.is_valid():
return form.save(request)
return form
def test_newline_in_username(self):
# django-allauth's default regex doesn't match '\n' at the
# end of a string so as a result of this, users can signup
# with a user name like 'username\n'.
#
# This is a problem when a user can fill the form via curl
# and Content-Type header set to
# 'application/x-www-form-urlencoded'.
#
# See #1045 and test_newline_in_username in
# users/tests/test_views.py for details.
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password',
})
self.assertFalse(form.is_valid())
self.assertEqual(
form.errors['username'],
['Please don\'t use whitespace characters in username.'])
def test_newline_in_username(self):
# django-allauth's default regex doesn't match '\n' at the
# end of a string so as a result of this, users can signup
# with a user name like 'username\n'.
#
# This is a problem when a user can fill the form via curl
# and Content-Type header set to
# 'application/x-www-form-urlencoded'.
#
# See #1045 and test_newline_in_username in
# users/tests/test_views.py for details.
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password',
})
self.assertFalse(form.is_valid())
self.assertEqual(
form.errors['username'],
['Please don\'t use whitespace characters in username.']
)
def test_newline_in_username(self):
# Note that since Django 1.9, forms.CharField().strip is True
# and it strips all whitespace characters by default so there
# is no need to do anything on our side.
#
# django-allauth's default regex doesn't match '\n' at the
# end of a string so as a result of this, users can signup
# with a user name like 'username\n'.
#
# This is a problem when a user can fill the form via curl
# and Content-Type header set to
# 'application/x-www-form-urlencoded'.
#
# See #1045 and test_newline_in_username in
# users/tests/test_views.py for details.
form = SignupForm({
'username': '******',
'email': '*****@*****.**',
'password1': 'password',
'password2': 'password',
})
self.assertTrue(form.is_valid())
def user_signup(request):
"""
Функция авторизации по ajax
"""
if request.is_ajax:
signup_form = SignupForm(request.POST)
if signup_form.is_valid():
signup_form.save(request)
data = {'reload': True}
return JsonResponse(data)
context = {
'reload': False,
'login_form': LoginForm,
'signup_form': signup_form
}
context.update(csrf(request))
html_content = loader.render_to_string(
template_name='include/user/user.html', context=context)
data = {'html_content': html_content}
return JsonResponse(data)
else:
return Http404
class SignupSerializer(serializers.Serializer):
username = serializers.CharField()
email = serializers.EmailField()
password1 = serializers.CharField(write_only=True)
password2 = serializers.CharField(write_only=True)
def __init__(self, instance=None, data=empty, **kwargs):
serializers.Serializer.__init__(self,
instance=instance,
data=data,
**kwargs)
self.new_user = None
self.signup_form = None
def validate(self, attrs):
self.signup_form = SignupForm(attrs)
if False == self.signup_form.is_valid():
errors = OrderedDict()
form_errors = dict(self.signup_form.errors)
for error_field in form_errors.keys():
errors[error_field] = form_errors[error_field]
raise serializers.ValidationError(errors)
return serializers.Serializer.validate(self, attrs)
def save(self, **_kwargs):
request = self.context.get('request')
if self.signup_form is not None:
self.new_user = self.signup_form.save(request)
return self.new_user
def to_representation(self, _instance):
new_user = self.new_user
if new_user is None:
return dict()
return UserSerializer(instance=new_user).data
def video_signup(request, slug):
if not request.method == 'POST':
raise Exception('This view is meant to be called via a POST request.')
video, created = get_or_create_video(slug)
login_success = False
outbound_message = dict()
outbound_message[DATA_KEY] = {}
form = SignupForm(data=json.loads(request.raw_post_data))
if form.is_valid():
user = form.save(request)
perform_login(request, user)
login_success = True
action.send(user, verb='registered account', action_object=video)
action.send(user, verb='viewed video', action_object=video)
userSerializer = UserSerializer(user)
userSerialized = JSONRenderer().render(userSerializer.data)
outbound_message[DATA_KEY]['user'] = json.loads(userSerialized)
outbound_message[DATA_KEY]['share_url'] = reverse('profiles-share',
args=[
user.username,
slug,
])
else:
outbound_message[DATA_KEY]['errors'] = \
json.loads(errors_to_json(form.errors))
outbound_message[EVENT_TYPE_KEY] = 'FB_SIGNUP'
outbound_message[CHANNEL_KEY] = \
'/framebuzz/session/%s' % request.session.session_key
outbound_message[DATA_KEY]['login_success'] = login_success
return HttpResponse(json.dumps(outbound_message),
content_type="application/json")
def test_signup_form(self):
form = SignupForm(
{"username": "******", "email": "*****@*****.**", "password1": "password", "password2": "password"}
)
self.assertTrue(form.is_valid())
def reservation(request, id):
service = get_object_or_404(Service, id=id)
chosen_employee = None
emp_size = 0
if not service.is_active():
raise Http404
minTime, maxTime = getMinMaxTime(service.service_provider)
#step2 = request.session['_step'] if '_step' in request.session
step2 = request.GET.get('step', None)
# POST
step = request.POST.get('step', None)
data = None
if step:
try:
data = pickle.loads(base64.b64decode(request.POST.get('data'))) # Serializes an object from request
except:
raise Http404
elif step2:
step = step2
if 'reservation_data' in request.session:
data = request.session['reservation_data']
else:
step = None
if (request.method != 'POST' and data is None) or step is None:
#form = ReservationForm(request, workingHours=None, service=None)
form = ReservationForm(request, workingHours=None, service=service)
data = {'service_provider_id': service.service_provider_id, 'service_id': service.id}
return render_to_response('reservations/reservation.html', locals(), context_instance=RequestContext(request))
workingHours = WorkingHours.objects.filter(service_provider_id=service.service_provider_id)
#formNonRegisteredUser = NonRegisteredUserForm(prefix='nonRegBtn')
formNonRegisteredUser = NonRegisteredUserForm(provider=service.service_provider)
loginForm = LoginForm(prefix='loginBtn')
signupForm = SignupForm(prefix='signupBtn')
if step == '1':
# Service, date, time
# form = ReservationForm(request.POST, workingHours='gergerre')
form = ReservationForm(request, request.POST, workingHours=workingHours, service=service)
if form.is_valid():
chosen_employee = form.cleaned_data['employees']
data['date'] = form.cleaned_data['date']
data['time'] = form.cleaned_data['time']
data['number'] = form.cleaned_data['number']
data['employees'] = form.cleaned_data['employees']
if request.user.is_authenticated():
data['user_id'] = request.user.id
data['name'] = request.user.get_full_name()
data['phone'] = request.user.phone
data['email'] = request.user.email
return render_to_response('reservations/confirmation.html', locals(),
context_instance=RequestContext(request))
return render_to_response('reservations/userinfo.html', locals(), context_instance=RequestContext(request))
return render_to_response('reservations/reservation.html', locals(), context_instance=RequestContext(request))
if step == '2':
if data.get('date') is None or data.get('time') is None:
raise Http404
if 'signupBtn' in request.POST:
signupForm = SignupForm(request.POST, prefix='signupBtn')
if signupForm.is_valid():
userr = signupForm.save(request)
data['user_id'] = userr.id
data['name'] = userr.get_full_name()
data['phone'] = userr.phone
data['email'] = userr.email
return render_to_response('reservations/confirmation.html', locals(),
context_instance=RequestContext(request))
if 'loginBtn' in request.POST:
loginForm = LoginForm(request.POST, prefix='loginBtn')
if loginForm.is_valid():
data['user_id'] = loginForm.user.id
data['name'] = loginForm.user.get_full_name()
data['phone'] = loginForm.user.phone
data['email'] = loginForm.user.email
request.session['reservation_data'] = data
return loginForm.login(request, redirect_url=reverse('reservation', args=[service.id]) + "?step=2a")
if 'nonRegBtn' in request.POST:
formNonRegisteredUser = NonRegisteredUserForm(request.POST, provider=service.service_provider)
if formNonRegisteredUser.is_valid():
data['name'] = formNonRegisteredUser.cleaned_data['name']
data['phone'] = formNonRegisteredUser.cleaned_data['phone']
data['email'] = formNonRegisteredUser.cleaned_data['email']
return render_to_response('reservations/confirmation.html', locals(),
context_instance=RequestContext(request))
return render_to_response('reservations/userinfo.html', locals(), context_instance=RequestContext(request))
if step == '2a':
if request.user.is_authenticated():
return render_to_response('reservations/confirmation.html', locals(),
context_instance=RequestContext(request))
if step == '3':
# Confirmation
if data.get('date') is None or data.get('time') is None: # or data.get('user_id') is None:
raise Http404
if data.get('user_id') is not None:
ruser = get_object_or_404(User, id=data.get('user_id'))
else:
ruser = None
sync(service.service_provider)
# Checking again if form for reservation is valid
chosen_employee = data.get('employees')
emp_id = None
if chosen_employee is not None and chosen_employee != '':
emp_id = chosen_employee.id
form = ReservationForm(request,
{'date': data.get('date'), 'time': data.get('time'), 'employees': emp_id},
workingHours=workingHours, service=service)
if form.is_valid():
form_emp = None
if chosen_employee != '':
form_emp = chosen_employee
reserve = Reservation(user=ruser, service=service, date=data['date'], time=data['time'],
employee=form_emp)
# Add backup fields
reserve.user_fullname = data.get('name')
reserve.user_phone = data.get('phone')
reserve.user_email = data.get('email')
reserve.service_provider = service.service_provider
reserve.service_name = service.name
reserve.service_duration = service.duration
reserve.service_price = service.discounted_price()
reserve.show_up = False
if chosen_employee is not None and chosen_employee != '':
reserve.employee = chosen_employee
else:
# if employees assigned to service, randomly choose one who is free
if service.employees.all().__len__() > 0:
today_r = Reservation.objects.filter(employee__in=service.employees.all(), date=reserve.date)
# find free employees
reserveDt = datetime.datetime.combine(reserve.date, reserve.time)
free_emp = list(service.employees.all())
free_emp_editable = list(service.employees.all())
for emp in free_emp:
emp_time = EmployeeWorkingHours.objects.filter(employee=emp.id)[0].get_for_day(emp,
reserve.date.weekday())
if not EmployeeWorkingHours.objects.filter(employee=emp.id)[0].get_for_day(emp,
reserve.date.weekday()):
free_emp_editable.remove(emp)
if reserve.time < emp_time.time_from or reserveDt + datetime.timedelta(
minutes=reserve.service_duration) > datetime.datetime.combine(reserve.date,
emp_time.time_to):
free_emp_editable.remove(emp)
for r in today_r:
rDt = datetime.datetime.combine(r.date, r.time)
if r.active_during(reserveDt):
if r.employee in free_emp:
free_emp_editable.remove(r.employee)
# choose random employee
if free_emp_editable:
random_employee = free_emp_editable[random.randint(0, len(free_emp_editable) - 1)]
reserve.employee = random_employee
# Save
reserve.user.notification_type = 'email'
reserve.save()
# saving coupon is_valid
coupons = Coupon.objects.filter(service=service.id)
coupon_is_used = False
for coup in coupons:
if data['number'] == coup.number:
coup.is_used = True
coup.save()
coupon_is_used = True
# Validation checking in form
user_page_link = '%s/u/%s' % (settings.BASE_URL, reserve.service_provider.userpage_link)
email_to1 = data.get('email')
email_to2 = service.service_provider.user.email
if service.service_provider.reservation_confirmation_needed:
subject = _('Confirmation of service reservation')
renderedToCustomer = render_to_string('emails/reservation_customer.html',
{'reservation': reserve, 'link': user_page_link})
renderedToProvider = render_to_string('emails/reservation_provider.html',
{'reservation': reserve, 'link': user_page_link})
message1 = (subject, renderedToCustomer, None, [email_to1])
message2 = (subject, renderedToProvider, None, [email_to2])
send_mass_mail((message1, message2), fail_silently=True)
else:
subject = _('Confirmation of service reservation')
renderedToCustomer = render_to_string('emails/reservation_customer.html',
{'reservation': reserve, 'link': user_page_link})
send_mail(subject, renderedToCustomer, email_to2, [email_to1],
fail_silently=False)
start = datetime.datetime.combine(reserve.date, reserve.time)
gcal_params = urllib.urlencode({
'action': 'TEMPLATE',
'text': reserve.service_name.encode('utf8'),
'dates': '%s/%s' % (datetime_to_url_format(start),
datetime_to_url_format(
start + datetime.timedelta(minutes=reserve.service_duration))),
'details': reserve.service.description.encode('utf8'),
'location': reserve.service_provider.full_address().encode('utf8'),
'trp': 'true',
'sprop': 'E-Narocanje',
'sprop': 'name:%s' % settings.BASE_URL,
})
url_service = settings.BASE_URL + reverse('service', args=(service.id,))
sync(service.service_provider)
return render_to_response('reservations/done.html', locals(), context_instance=RequestContext(request))
# Someone else has made a reservation in the meantime
return render_to_response('reservations/alreadyreserved.html', locals(),
context_instance=RequestContext(request))
raise Http404
def iap_signup(request):
if request.method == 'POST':
data = JSONParser().parse(request)
receipt = data['receipt']
if ZappyUser.objects.filter(apple_receipt=receipt).exists():
# return JsonResponse({'error': 'This In App Purchase has already been used. Please contact [email protected]', 'kick_out': True}, status=400)
send_mail(
'Check your api/views.py',
'I think someone is double dipping on an already used IAP',
'*****@*****.**',
['*****@*****.**'],
fail_silently=False,
)
verify_url = 'https://buy.itunes.apple.com/verifyReceipt'
receipt_json = json.dumps({
"receipt-data":
receipt,
'password':
env.str('APP_SHARED_SECRET', default='')
})
response = requests.request(
method='POST',
url=verify_url,
headers={'Content-Type': 'application/x-www-form-urlencoded'},
data=receipt_json)
res_json = response.json()
if res_json['status'] == 21007:
# Apple docs say try prod and if no dice, then do sandbox https://developer.apple.com/library/archive/technotes/tn2413/_index.html#//apple_ref/doc/uid/DTS40016228-CH1-RECEIPTURL
response = requests.request(
method='POST',
url='https://sandbox.itunes.apple.com/verifyReceipt',
headers={'Content-Type': 'application/x-www-form-urlencoded'},
data=receipt_json)
res_json = response.json()
try:
request.POST._mutable = True
request.POST['email'] = data['email']
request.POST['password1'] = data['password']
form = SignupForm(request.POST)
form.is_valid()
user = form.save(request)
# Delete this soon
send_mail(
'Apple reciept',
receipt,
'*****@*****.**',
['*****@*****.**'],
fail_silently=False,
)
send_mail(
'Response',
str(res_json),
'*****@*****.**',
['*****@*****.**'],
fail_silently=False,
)
# TODO I need to put this back to normal
# user.apple_product_id = res_json['latest_receipt_info'][-1]['product_id']
# user.apple_expires_date = datetime.datetime.fromtimestamp(int(res_json['latest_receipt_info'][-1]['expires_date_ms']) / 1000)
user.active_membership = True
user.apple_receipt = receipt
user.save()
token = Token.objects.create(user=user)
return JsonResponse({'token': str(token)}, status=201)
except IntegrityError:
sentry_sdk.capture_message("PSomething is wrong fam1",
level="error")
return JsonResponse({'error': 'That email has already been taken'},
status=400)
except KeyError:
sentry_sdk.capture_message("PSomething is wrong fam2",
level="error")
return JsonResponse(
{
'error':
'We had problems verifying the receipt. Please contact [email protected]',
'kick_out': True
},
status=400)
except Exception as e:
print(e)
sentry_sdk.capture_message("PSomething is wrong fam3",
level="error")
return JsonResponse(
{
'error':
'Something went wrong. Please contact [email protected]',
'kick_out': True
},
status=400)
def signup(self, request, **kwargs):
self.method_check(request, allowed=['post'])
data = self.deserialize(request,
request.body,
format=request.META.get(
'CONTENT_TYPE', 'application/json'))
try:
form = SignupForm(data)
if not form.is_valid():
return self.create_response(
request, {
'success': False,
'reason': 'form',
'error_type': 'dict',
'error': form.errors,
}, HttpBadRequest)
user = form.save(request)
response = complete_signup(request,
user,
app_settings.EMAIL_VERIFICATION,
success_url='/')
if response.status_code not in [200, 201, 301, 302]:
return self.create_response(
request, {
'success':
False,
'reason':
'status',
'error_type':
'str',
'error':
'Got bad status code {}'.format(response.status_code),
})
# Set session expiry
request.session.set_expiry(settings.SESSION_COOKIE_AGE)
return self.create_response(
request, {
'success': True,
'id': user.id,
'resource_uri': self.get_resource_uri(user),
}, HttpCreated)
except ValidationError as e:
return self.create_response(
request, {
'success': False,
'reason': 'invalid',
'error_type': 'list',
'error': e.messages,
}, HttpBadRequest)
except Exception as e:
return self.create_response(
request, {
'success': False,
'reason': 'exception',
'error_type': 'str',
'error': '{}'.format(e),
}, HttpBadRequest)
def homepage(request):
# Main landing page.
from allauth.account.forms import SignupForm, LoginForm
portfolio_form = PortfolioSignupForm()
signup_form = SignupForm()
login_form = LoginForm()
# The allauth forms have 'autofocus' set on their widgets that draw the
# focus in a way that doesn't make sense here.
signup_form.fields['username'].widget.attrs.pop("autofocus", None)
login_form.fields['login'].widget.attrs.pop("autofocus", None)
if request.POST.get("action") == "signup":
signup_form = SignupForm(request.POST)
portfolio_form = PortfolioSignupForm(request.POST)
if (request.user.is_authenticated or signup_form.is_valid()) and portfolio_form.is_valid():
# Perform signup and new org creation, then redirect to main page
with transaction.atomic():
if not request.user.is_authenticated:
# Create account.
new_user = signup_form.save(request)
# Log them in.
from django.contrib.auth import authenticate, login
user = authenticate(request, username=signup_form.cleaned_data['username'], password=signup_form.cleaned_data['password1'])
if user is not None:
login(request, user, 'django.contrib.auth.backends.ModelBackend')
else:
print("[ERROR] new_user '{}' did not authenticate after during account creation.".format(new_user.username))
messages.error(request, "[ERROR] new_user '{}' did not authenticate during account creation. Account not created. Report error to System Administrator. {}".format(new_user.username, vars(new_user)))
return HttpResponseRedirect("/")
else:
user = request.user
if portfolio_form.is_valid():
portfolio = portfolio_form.save()
portfolio.assign_owner_permissions(request.user)
# Send a message to site administrators.
from django.core.mail import mail_admins
def subvars(s):
return s.format(
portfolio=portfolio.title,
username=user.username,
email=user.email,
)
mail_admins(
subvars("New portfolio: {portfolio} (created by {email})"),
subvars("A new portfolio has been registered!\n\nPortfolio\n------------\nName: {portfolio}\nRegistering User\n----------------\nUsername: {username}\nEmail: {email}"))
return HttpResponseRedirect("/projects")
elif request.POST.get("action") == "login":
login_form = LoginForm(request.POST, request=request)
if login_form.is_valid():
login_form.login(request)
return HttpResponseRedirect('/') # reload
elif request.POST.get("action") == "logout" and request.user.is_authenticated:
from django.contrib.auth import logout
logout(request)
return HttpResponseRedirect('/') # reload
return render(request, "index.html", {
"hide_registration": SystemSettings.hide_registration,
"signup_form": signup_form,
"portfolio_form": portfolio_form,
"login_form": login_form,
"member_of_orgs": Organization.get_all_readable_by(request.user) if request.user.is_authenticated else None,
})
def iap_signup(request):
if request.method == 'POST':
data = JSONParser().parse(request)
receipt = data['receipt']
if ZappyUser.objects.filter(apple_receipt=receipt).exists():
existing_user = ZappyUser.objects.filter(
apple_receipt=receipt).first()
send_mail(
'This Receipt has already been used',
'Existing user email that used this receipt: ' +
existing_user.email +
'\nThe email that tried to reuse this receipt: ' +
data['email'] + '\nReceipt: ' + receipt,
'*****@*****.**',
['*****@*****.**'],
fail_silently=False,
)
return JsonResponse(
{
'error':
'This In App Purchase has already been used. Please contact [email protected]',
'kick_out': True
},
status=400)
verify_url = 'https://buy.itunes.apple.com/verifyReceipt'
receipt_json = json.dumps({
"receipt-data":
receipt,
'password':
env.str('APP_SHARED_SECRET', default='')
})
response = requests.request(
method='POST',
url=verify_url,
headers={'Content-Type': 'application/x-www-form-urlencoded'},
data=receipt_json)
res_json = response.json()
if res_json['status'] == 21007:
# Apple docs say try prod and if no dice, then do sandbox https://developer.apple.com/library/archive/technotes/tn2413/_index.html#//apple_ref/doc/uid/DTS40016228-CH1-RECEIPTURL
response = requests.request(
method='POST',
url='https://sandbox.itunes.apple.com/verifyReceipt',
headers={'Content-Type': 'application/x-www-form-urlencoded'},
data=receipt_json)
res_json = response.json()
try:
request.POST._mutable = True
request.POST['email'] = data['email']
request.POST['password1'] = data['password']
form = SignupForm(request.POST)
form.is_valid()
user = form.save(request)
dream_and_skill = '[No Dream or Skill]'
if 'dream' in data:
if 'skill' in data:
dream_and_skill = data['dream'] + ' ' + data['skill']
send_mail(
'New Member from the App!',
str(data['email']) + ' ' + dream_and_skill + ' ' +
str(res_json),
'*****@*****.**',
['*****@*****.**'],
fail_silently=False,
)
user.apple_product_id = res_json['latest_receipt_info'][-1][
'product_id']
user.apple_expires_date = datetime.datetime.fromtimestamp(
int(res_json['latest_receipt_info'][-1]['expires_date_ms']) /
1000)
user.active_membership = True
user.apple_receipt = receipt
user.save()
token = Token.objects.create(user=user)
allauth.account.utils.send_email_confirmation(request,
user,
signup=True)
return JsonResponse({'token': str(token)}, status=201)
except IntegrityError:
sentry_sdk.capture_message("PSomething is wrong fam1",
level="error")
return JsonResponse({'error': 'That email has already been taken'},
status=400)
except KeyError:
sentry_sdk.capture_message("PSomething is wrong fam2",
level="error")
return JsonResponse(
{
'error':
'We had problems verifying the receipt. Please contact [email protected]',
'kick_out': True
},
status=400)
except Exception as e:
print(e)
sentry_sdk.capture_message("PSomething is wrong fam3",
level="error")
return JsonResponse(
{
'error':
'Something went wrong. Please contact [email protected]',
'kick_out': True
},
status=400)
def homepage(request):
# Main landing page.
from allauth.account.forms import SignupForm, LoginForm
class NewOrgForm(forms.ModelForm):
class Meta:
model = Organization
fields = ['name', 'subdomain']
labels = {
"name": "Organization Name",
"subdomain": "Pick a web address",
}
help_texts = {
"name":
"",
"subdomain":
"Must be all lowercase and can contain letters, digits, and dashes.",
}
widgets = {
"subdomain":
forms.TextInput(
attrs={
"placeholder": "orgname",
"addon_after": "." +
settings.ORGANIZATION_PARENT_DOMAIN
})
}
def clean_subdomain(self):
# Not sure why the field validator isn't being run by the ModelForm.
import re
from .models import subdomain_regex
from django.forms import ValidationError
if not re.match(subdomain_regex, self.cleaned_data['subdomain']):
raise ValidationError(
"The organization address must contain only lowercase letters, digits, and dashes and cannot start or end with a dash."
)
return self.cleaned_data['subdomain']
signup_form = SignupForm()
neworg_form = NewOrgForm()
login_form = LoginForm()
# The allauth forms have 'autofocus' set on their widgets that draw the
# focus in a way that doesn't make sense here.
signup_form.fields['username'].widget.attrs.pop("autofocus", None)
login_form.fields['login'].widget.attrs.pop("autofocus", None)
if request.POST.get("action") == "neworg":
signup_form = SignupForm(request.POST)
neworg_form = NewOrgForm(request.POST)
if (request.user.is_authenticated
or signup_form.is_valid()) and neworg_form.is_valid():
# Perform signup and new org creation, then redirect
# to that org.
with transaction.atomic():
if not request.user.is_authenticated:
# Create account.
user = signup_form.save(request)
# Log them in.
from django.contrib.auth import authenticate, login
user = authenticate(user_object=user)
login(request, user)
else:
user = request.user
org = Organization.create(admin_user=user,
**neworg_form.cleaned_data)
# Send a message to site administrators.
from django.core.mail import mail_admins
def subvars(s):
return s.format(
org_subdomain=org.subdomain,
org_name=org.name,
org_link=settings.SITE_ROOT_URL +
"/admin/siteapp/organization/{}/change".format(org.id),
username=user.username,
email=user.email,
user_link=settings.SITE_ROOT_URL +
"/admin/siteapp/user/{}/change".format(user.id),
)
mail_admins(
subvars(
"New organization: {org_name} (created by {email})"),
subvars(
"A new organization has been registered!\n\nOrganization\n------------\nName: {org_name}\nSubdomain: {org_subdomain}\nAdmin: {org_link}\n\nRegistering User\n----------------\nUsername: {username}\nEmail: {email}\nOrganization: {org_name}\nAdmin: {user_link}"
))
return HttpResponseRedirect("/welcome/" + org.subdomain)
elif request.POST.get("action") == "login":
login_form = LoginForm(request.POST, request=request)
if login_form.is_valid():
login_form.login(request)
return HttpResponseRedirect('/') # reload
elif request.POST.get(
"action") == "logout" and request.user.is_authenticated:
from django.contrib.auth import logout
logout(request)
return HttpResponseRedirect('/') # reload
return render(
request, "landing.html", {
"domain":
settings.ORGANIZATION_PARENT_DOMAIN,
"signup_form":
signup_form,
"neworg_form":
neworg_form,
"login_form":
login_form,
"member_of_orgs":
Organization.get_all_readable_by(request.user)
if request.user.is_authenticated else None,
})
