def reset(token): try: email = confirm_token(token, 60*60) except: flash(u'您的重置链接已实效。', 'danger') form = RestPasswordForm(request.form) if request.method == 'POST': if form.validate_on_submit(): user = User.query.filter_by(email=email).first() if user: user.password = bcrypt.generate_password_hash(form.new.data) db.session.commit() # flash(u'密码修改成功,请重新登录。', 'success') return redirect(url_for('user.login')) else: flash(u'密码修改失败,用户不存在。', 'danger') return redirect(url_for('user.reset', token=token)) else: User.query.filter_by(email=email).first_or_404() return render_template('user/reset_password.html', email=email, form=form)
def verify_password(username_or_token, password): # first try to authenticate by token try: email = confirm_token(username_or_token, expiration=timeout) if email: user = User.query.filter_by(email=email).first() else: user = User.query.filter_by(email=username_or_token).first() # try to authenticate with username/password if not user or not user.verify_password(password): return False g.user = user except: return False return True
def confirm_email(token): try: email = confirm_token(token) user = User.query.filter_by(email=email).first_or_404() if user.confirmed: flash(u'您的账号已激活,请登录。', 'success') else: user.confirmed = True user.confirmed_on = datetime.datetime.now() db.session.add(user) db.session.commit() flash(u'邮箱验证成功!感谢加入蛙测!', 'success') except: flash(u'您的激活链接已失效。', 'danger') return render_template('user/unconfirmed.html') return redirect(url_for('cloud.index'))
def confirm_email_admin(token): """confirma el token del correu i canvia el password per admins""" if request.method == 'POST': email = request.form['email'] user = User.query.filter_by(email=email).first() user.pwdhash = hashlib.sha256('[B@3f13a310' + request.form['password']).hexdigest() db.session.commit() return redirect(url_for('index')) else: try: email = confirm_token(token) except: return redirect(url_for('error')) if email: user = User.query.filter_by(email=email).first() return render_template('reset.html', user=user, email=email) else: return redirect(url_for('error'))
def confirm_email(token): try: email = confirm_token(token) except: flash(gettext(u'The confirmation link is invalid or has expired'), 'warning') # check if user with decoded email exists user = User.query.filter_by(email=email).first_or_404() if user.confirmed: flash(gettext(u'Account already confirmed'), 'info') return redirect(url_for('simple_page.index')) # update user informations and add to database user.confirmed = True user.confirmed_on = datetime.now() db.session.add(user) db.session.commit() flash(gettext(u'You have confirmed your account. Enjoy'), 'success') return redirect(url_for('simple_page.index'))
def confirm_email(token): try: email = confirm_token(token) except: flash('The confirmation link is invalid or has expired.', 'danger') user = User.query.filter_by(email=email).first_or_404() print('confirm') print(user.serialize()) if user.confirmed: flash('Account already confirmed. Please login.', 'success') else: user.confirmed = True user.confirmed_on = datetime.datetime.now() #db.session.add(user) db.session.merge(user) db.session.commit() # user = User.query.filter_by(email=email).first_or_404() print('check') print(current_user.uname) print(current_user.confirmed) print(current_user.confirmed_on) flash('You have confirmed your account. Thanks!', 'success') return redirect(url_for('main.home'))
def recovery_password_last(token): email = confirm_token(token) if not email and request.method == 'GET': return redirect(url_for('main.index')) user = User.get_query().filter(User.email == email).first() recovery_form = RecoveryPasswordLast() if recovery_form.validate_on_submit(): response = requests.put(api.url_for(UserResource, user_id=user.id, _external=True), json=request.form.to_dict()) if response: flash('Ваш пароль успешно изменен', 'success') return make_response(jsonify({ 'redirect': True, 'redirect_url': url_for('main.index') }), 200) else: return make_response(jsonify(response.json()), 400) if request.method == 'GET': return render_template('recovery_password_last.html', recovery_form=recovery_form, title='Новый пароль', token=token) return make_response(jsonify({ 'message': recovery_form.errors }), 400)
def change_password(token): try: email = confirm_token(token) except: flash(gettext(u'The confirmation link is invalid or has expired'), 'warning') # check if user with decoded email exists user = User.query.filter_by(email=email).first_or_404() form = ChangePasswordForm(request.form, obj=user) if form.validate_on_submit(): # update user form.password.data = generate_password_hash(form.password.data) form.populate_obj(user) # update user in database db.session.commit() # everything is okay flash(gettext(u'Your password has been successfully changed'), 'success') return redirect(url_for('users.login')) return render_template('users/change_password.html', form=form)
def confirm_email(token): email = None try: email = confirm_token(token) finally: if email is None: flash('The confirmation link is invalid or has expired.', 'danger') return redirect('/') form = UserCreateForm() form.email.data = email if request.method == 'POST' and form.validate_on_submit(): email = User.query.filter_by(email=form.email.data).first() nickname = User.query.filter_by(email=form.nickname.data).first() if not email and not nickname: user = User( email=form.email.data, password=generate_password_hash(form.password1.data), student_name=form.student_name.data, student_number=form.student_number.data, nickname=form.nickname.data, authority=True, authority_type=0, # User registered_on=datetime.datetime.now()) db.session.add(user) db.session.commit() flash('Registration finished. Please login.', category='info') return redirect('/') else: if email: flash('The email already exists.', category='danger') if nickname: flash('The nickname already exists.', category='danger') return redirect('/') return render_template('/main/auth/register_user.html', form=form)
def test_confirm(token): title = "Applicant Interview" id = confirm_token(token) if not id: flash('Confirmation code is invalid or has expired') return redirect(url_for('index')) schedule_interview = ScheduleInterview.objects(id=id).first() app.logger.debug(schedule_interview) try: if schedule_interview["status"] == "done": return redirect(url_for('index')) except Exception: return redirect(url_for('index')) #validate date now = datetime.now().strftime("%s") scheduled_date = "{}-{}".format(schedule_interview["date"], schedule_interview["time"]) scheduled_date0 = datetime.strptime(scheduled_date, "%m/%d/%Y-%I:%M %p") scheduled_date1 = scheduled_date0 + timedelta(hours=1) app.logger.debug(now) app.logger.debug("{} {}".format(scheduled_date0.strftime("%s"),\ scheduled_date1.strftime("%s"))) if int(now) >= int(scheduled_date0.strftime("%s")) or \ int(now) <= int(scheduled_date1.strftime("%s")) : #or True: try: cache = Interview.objects(id_from=id).first() except Exception as ex: pass if cache: #move effect obj = {} obj["uri"] = cache.uri obj["template"] = cache.template obj["readme"] = cache.readme obj["current"] = cache.current_page obj["endpoint"] = cache.endpoint app.logger.debug(obj) #app.logger.debug(list(cache)) #___________________________________________[ buttons ] if request.method == 'POST': #___________________________[ next ] if request.form.get( "plus") == "+" and cache.current_page < len( obj["uri"]) - 1: cache.current_page = cache.current_page + 1 #___________________________[ prev ] if request.form.get("minus") == "-" and cache.current_page > 0: cache.current_page = cache.current_page - 1 #___________________________[ test ] if request.form.get("test") == "test": #run test #app.logger.debug("obj_endpoint {}".format( obj["endpoint"][obj["current"]]) ) #obj["score"] = score_interview_container(obj["endpoint"][obj["current"]]) #app.logger.debug("post {}".format("test")) #app.logger.debug("post {}".format(obj["score"] )) return render_template("interview.html", title=title, obj=obj) #___________________________[ save ] if request.form.get("save") == "save": app.logger.debug("post {}".format("save")) #get score score_interview_container(obj["endpoint"], id) #destroy containers destroy_interview_containers(obj["endpoint"], id) # add scores to scheduleinterview add_schedule_interview_score(id) schedule_interview.status = "done" schedule_interview.save() #redirect return redirect(url_for("index")) #saving against button change cache.save() cache = Interview.objects(id_from=id).first() obj["current"] = cache.current_page return render_template("interview.html", title=title, obj=obj) #app.logger.debug("cache uri: {}".format( cache.uri ) ) #app.logger.debug("cache readme: {}".format( cache.readme ) ) #return render_template("interview.html", title=title, uri=cache.uri[0], readme=cache.readme[0]) if schedule_interview and schedule_interview.confirmed: flash('"{0}" is currently doing the assigned exam'.format( schedule_interview.email)) else: #updating db schedule_interview.confirmed = True schedule_interview.confirmed_on = datetime.now() schedule_interview.status = "pending" #move to "in-progress" schedule_interview.save() flash('"{0}" is currently doing the assigned exam'.format( schedule_interview.email)) #return redirect(url_for('interview')) field = schedule_interview.field field = field.lower() app.logger.debug("field: {}".format(field)) tasks = requests.get( 'https://api.' + app.config['APP_DOMAIN'] + '/v0.1/tty/env/' + field, verify=False, auth=('key', app.config['API_KEY']), ) app.logger.debug("tasks: {}".format(tasks.json())) #initialize envs data_env = {"readme" : [], "uri" : [], \ "endpoint" : [], "template" : [] } for env in tasks.json()["env"]: res = requests.post('https://api.' + app.config['APP_DOMAIN'] + '/v0.1/tty', verify=False, auth=('key', app.config['API_KEY']), json={ "username": schedule_interview.email, "template": field + "/" + env }) if res.ok: app.logger.debug("res: {}".format(res.json())) data = res.json() uri = data['tty']['uri'] template = data['tty']['template'] endpoint = data['tty']['endpoint'] readme = data['tty']['readme'] readme = b64decode(readme) readme = markdown(readme.decode("utf-8")) app.logger.debug("endpoint {}".format(endpoint)) data_env["uri"].append(uri) data_env["readme"].append(readme) data_env["endpoint"].append(endpoint) data_env["template"].append(template) app.logger.debug('uri: {}'.format(uri)) app.logger.debug('readme: {}'.format(readme)) app.logger.debug('data_env: {}'.format(data_env["uri"])) response = requests.get('http://' + uri["tty"]) counter = 0 while not response.status_code == requests.codes.ok: time.sleep(1) counter += 1 app.logger.debug("Waiting %ss for %s ...", counter, uri["tty"]) response = requests.get('http://' + uri["tty"]) #endfor schedule_interview = ScheduleInterview.objects(id=id).first() app.logger.debug("data_env: {}".format(data_env)) app.logger.debug("schedule_interview: {}".format( list(schedule_interview))) session_cache = Interview( email=schedule_interview.email, confirmed=schedule_interview.confirmed, confirmed_on=schedule_interview.confirmed_on, id_from=id, uri=data_env["uri"], template=data_env["template"], endpoint=data_env["endpoint"], readme=data_env["readme"], current_page=0, ).save() obj = {} obj["uri"] = data_env["uri"] obj["readme"] = data_env["readme"] obj["endpoint"] = data_env["endpoint"] obj["current"] = int(0) app.logger.debug("obj: {}".format(obj)) return render_template( "interview.html", title=title, obj=obj, )
def test_bad_token(client): from app import token token.confirm_token(True)
def test_tokens(client): from app import token tok = token.generate_confirmation_token("*****@*****.**") token.confirm_token(tok)