def post(self, token=None): password_form = PasswordForm().get_form(self.request.POST) user = self.validate_token(token) if user and password_form.validate(): # get password from request password = self.request.get('password') # hash password (same as passing password_raw to user_create) password_hash = security.generate_password_hash(password, length=12) user.password = password_hash user.put() # login with new password self.login_user(user.get_email(), password) # clear the tokens to prevent further shenanigans provider = db.get_provider_from_user(user) redirect_url = None if user.resetpassword_token: self.delete_token(token, 'reset') redirect_url = '/provider/message/reset/' + provider.vanity_url elif user.claim_url: self.delete_token(token) redirect_url = '/provider/welcome/' + provider.vanity_url # redirect patient or provider if auth.PROVIDER_ROLE in user.roles: self.redirect(redirect_url) self.log_event(user, "User claimed their profile") elif auth.PATIENT_ROLE in user.roles: patient = db.get_patient_from_user(user) self.redirect('/patient/bookings/' + patient.key.urlsafe()) # password form was not validate, re-render and try again! else: self.render_template('user/password.html', form=password_form, token=token)
def get(self, next_action=None, key=None): ''' Show login page ''' user = self.get_current_user() if user and next_action and key: # if already logged in provider_from_user = db.get_provider_from_user(user) patient_from_user = db.get_patient_from_user(user) # check if logged in provider is the provider from # already logged in, don't login again if next_action == 'accept': provider_network_connection = ndb.Key(urlsafe=key).get() target_provider_key = provider_network_connection.target_provider if provider_from_user.key == target_provider_key: # the target provider is logged in, accept the connection bypassing login target_url = '/provider/network/' + provider_from_user.vanity_url + '/accept/' + key self.redirect(target_url) else: self.render_login(next_action=next_action, key=key) elif next_action == 'booking': booking = ndb.Key(urlsafe=key).get() if patient_from_user.key == booking.patient: self.email_and_confirm_booking(booking) self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe()) else: self.render_login(next_action=next_action, key=key) else: # check if an admin is logged in, if so don't proceed google_user = users.get_current_user() if google_user and users.is_current_user_admin(): self.render_login(error_message='Logged in as admin already.') else: # no admin, not next_action, show the plain ol' login screen self.render_login(next_action=next_action, key=key)
def post(self, vanity_url=None): ''' Booking process from public profile ''' appointment_details_form = None provider = db.get_provider_from_vanity_url(vanity_url) user = self.get_current_user() if user: appointment_details_form = AppointmentDetailsForLoggedInUser( ).get_form(self.request.POST, provider=provider) else: appointment_details_form = AppointmentDetails().get_form( self.request.POST, provider=provider) provider = db.get_provider_from_vanity_url(vanity_url) if appointment_details_form.validate(): # create the booking object booking = Booking() booking.provider = provider.key booking.booking_source = 'profile' booking_date = appointment_details_form['booking_date'].data booking_time = appointment_details_form['booking_time'].data booking.datetime = to_utc( datetime.strptime(booking_date + " " + booking_time, '%Y-%m-%d %H:%M')) booking.comments = appointment_details_form['comments'].data schedule = db.get_schedule_for_date_time(provider, booking_date, booking_time) booking.schedule = schedule.key if appointment_details_form.__contains__('service'): service_key_from_form = appointment_details_form[ 'service'].data if service_key_from_form: service_key = ndb.Key(urlsafe=service_key_from_form) provider_service = service_key.get() if provider_service: booking.service = service_key if user: # user is logged in, is this a patient? existing_patient = db.get_patient_from_user(user) if existing_patient: booking.patient = existing_patient.key else: self.link_user_to_new_patient(appointment_details_form, user, booking) # confirm the booking since it is a "known" user booking.confirmed = True booking.email_sent_to_patient = False booking.email_sent_to_provider = False # save booking booking.put() # already logged in so go directly to bookings list self.redirect('/patient/bookings/' + booking.patient.urlsafe()) # mail it to the patient mail.email_booking_to_patient(self, booking) # mail it to the provider mail.email_booking_to_provider(self, booking) else: # no user is logged in, check if the email address exists, this means they just didn't log in email = appointment_details_form['email'].data existing_user = db.get_user_from_email(email) if existing_user: existing_patient = db.get_patient_from_user(existing_user) if existing_patient: # email is in datastore, but not logged in # link booking to existing patient booking.patient = existing_patient.key booking.put() else: self.link_user_to_new_patient(appointment_details_form, user, booking) # confirm the booking since it is a "known" user booking.confirmed = True booking.email_sent_to_patient = False booking.email_sent_to_provider = False # save booking booking.put() # get the user to login key = booking.key.urlsafe() self.redirect('/login/booking/' + key) else: # no patient, no user. get them to fill a profile in the form booking.put() patient_form = RegistrationDetailsForNewPatient().get_form( ) patient_form['terms_agreement'].data = True patient_form['booking_date'].data = booking_date patient_form['booking_time'].data = booking_time patient_form['booking_key'].data = booking.key.urlsafe() patient_form['email'].data = email self.render_template( 'provider/public/booking_new_patient.html', provider=provider, patient_form=patient_form) logging.info('Created booking from public profile: %s' % booking) else: self.render_template('provider/public/booking_details.html', provider=provider, booking_form=appointment_details_form)
def post(self, next_action=None, key=None): ''' checks username, password, logs in user and redirect to start page ''' login_form = LoginForm().get_form(self.request.POST) if login_form.validate(): email = login_form['email'].data password = login_form['password'].data remember_me = login_form['remember_me'].data logging.info('(LoginHandler.post) Trying to login email: %s' % email) # Username and password check try: user = self.login_user(email, password, remember_me) user.last_login = datetime.datetime.now() user.put() # set the language from user profile self.set_language(user.language) # login was succesful, User is in the session if next_action == 'booking': # moved booking up here since it can come from any role (provider or patient) booking = ndb.Key(urlsafe=key).get() patient_from_user = db.get_patient_from_user(user) if patient_from_user.key == booking.patient: self.email_and_confirm_booking(booking) self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe()) else: # check role of user, redirect to appropriate page after login if auth.PROVIDER_ROLE in user.roles: provider = db.get_provider_from_user(user) logging.info( '(LoginHandler.post) User %s logged in as provider, redirecting to profile page', user.get_email()) # check the action, if it's from a connection do that first # and then redirect back to profile page with a message if next_action == 'connect': connected_provider_key = ndb.Key(urlsafe=key) connected_provider = connected_provider_key.get() target_url = '/' + connected_provider.vanity_url + '/connect' self.redirect(target_url) elif next_action == 'accept': target_url = '/provider/network/' + provider.vanity_url + '/accept/' + key self.redirect(target_url) elif provider.display_welcome_page: self.redirect('/provider/welcome/' + provider.vanity_url) else: self.redirect('/provider/profile/%s' % provider.vanity_url) # log the event self.log_event(user, "Provider Logged In") elif auth.PATIENT_ROLE in user.roles: patient = db.get_patient_from_user(user) logging.info( '(LoginHandler.post) User %s logged in as patient, redirecting to / page', user.get_email()) self.redirect('/patient/bookings/' + patient.key.urlsafe()) else: logging.error( '(LoginHandler.post) User %s logged in without roles', user.get_email()) error_message = 'Your account is not activated. Please check your email for an activation message or <a href="/contact">contact us</a> if you require assistance.' self.render_template('user/login.html', login_form=login_form, error_message=error_message) except (InvalidAuthIdError, InvalidPasswordError), e: # throws InvalidAuthIdError if user is not found, throws InvalidPasswordError if provided password doesn't match with specified user error_message = _(u'Login failed. Try again.') self.render_template('user/login.html', login_form=login_form, error_message=error_message) except AttributeError, ae: logging.warn('User has not password, authentication fails %s' % ae)
def post(self, next_action=None, key=None): ''' checks username, password, logs in user and redirect to start page ''' login_form = LoginForm().get_form(self.request.POST) if login_form.validate(): email = login_form['email'].data password = login_form['password'].data remember_me = login_form['remember_me'].data logging.info('(LoginHandler.post) Trying to login email: %s' % email) # Username and password check try: user = self.login_user(email, password, remember_me) user.last_login = datetime.datetime.now() user.put() # set the language from user profile self.set_language(user.language) # login was succesful, User is in the session if next_action == 'booking': # moved booking up here since it can come from any role (provider or patient) booking = ndb.Key(urlsafe=key).get() patient_from_user = db.get_patient_from_user(user) if patient_from_user.key == booking.patient: self.email_and_confirm_booking(booking) self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe()) else: # check role of user, redirect to appropriate page after login if auth.PROVIDER_ROLE in user.roles: provider = db.get_provider_from_user(user) logging.info('(LoginHandler.post) User %s logged in as provider, redirecting to profile page', user.get_email()) # check the action, if it's from a connection do that first # and then redirect back to profile page with a message if next_action == 'connect': connected_provider_key = ndb.Key(urlsafe=key) connected_provider = connected_provider_key.get() target_url = '/' + connected_provider.vanity_url + '/connect' self.redirect(target_url) elif next_action == 'accept': target_url = '/provider/network/' + provider.vanity_url + '/accept/' + key self.redirect(target_url) elif provider.display_welcome_page: self.redirect('/provider/welcome/' + provider.vanity_url) else: self.redirect('/provider/profile/%s' % provider.vanity_url) # log the event self.log_event(user, "Provider Logged In") elif auth.PATIENT_ROLE in user.roles: patient = db.get_patient_from_user(user) logging.info('(LoginHandler.post) User %s logged in as patient, redirecting to / page', user.get_email()) self.redirect('/patient/bookings/' + patient.key.urlsafe()) else: logging.error('(LoginHandler.post) User %s logged in without roles', user.get_email()) error_message = 'Your account is not activated. Please check your email for an activation message or <a href="/contact">contact us</a> if you require assistance.' self.render_template('user/login.html', login_form=login_form, error_message=error_message) except (InvalidAuthIdError, InvalidPasswordError), e: # throws InvalidAuthIdError if user is not found, throws InvalidPasswordError if provided password doesn't match with specified user error_message = _(u'Login failed. Try again.') self.render_template('user/login.html', login_form=login_form, error_message=error_message) except AttributeError, ae: logging.warn('User has not password, authentication fails %s' % ae)
def patient_confirms_latest_booking(self, date_string, time_string, new_user=True, logged_in=False): # check email to patient booking_datetime = datetime.strptime(testutil.next_monday_date_string() + " " + str(time_string), '%Y-%m-%d %H') french_datetime_string = format_datetime(booking_datetime, "EEEE 'le' d MMMM yyyy", locale='fr_CA') + " à " + format_datetime(booking_datetime, "H:mm", locale='fr_CA') english_datetime_string = format_datetime(booking_datetime, "EEEE d MMMM yyyy", locale='en') + " at " + format_datetime(booking_datetime, "H:mm", locale='en') booking_datetime = datetime.strptime(testutil.next_monday_date_string(), '%Y-%m-%d') booking_datetime_string = format_date(booking_datetime, format="d MMM yyyy", locale='fr_CA') booking_time = datetime.strptime(str(time_string), '%H') booking_time_string = format_time(booking_time, format="short", locale='fr') logging.info('French date time of booking: %s' % french_datetime_string) # check that confirmation emails was sent to patient messages = self.mail_stub.get_sent_messages(to=self._TEST_PATIENT_EMAIL) patient_email_count = len(messages) # get last email sent m = messages[patient_email_count - 1] self.assertEqual(self._TEST_PATIENT_EMAIL, m.to) # activate account messages = self.mail_stub.get_sent_messages(to=self._TEST_PATIENT_EMAIL) self.assertEquals(m.subject, 'Veosan Appointment - Osteopath') user = db.get_user_from_email(self._TEST_PATIENT_EMAIL) # check email content self.assertIn('Hi', m.body.payload) self.assertIn('Thank you', m.body.payload) self.assertIn(english_datetime_string, m.body.payload) self.assertNotIn('None', m.body.payload) patient = db.get_patient_from_user(user) bookings = db.get_bookings_for_patient(patient) booking = bookings[0] if new_user: self.assertTrue('/login/booking/%s' % booking.key.urlsafe() in m.body.payload) response = self.testapp.get('/') is_french = 'Déconnexion' in response is_english = 'Logout' in response user_logged_in = False if is_english: user_logged_in = 'Logout' in response elif is_french: user_logged_in = 'Déconnexion' in response # click the link response = self.testapp.get('/login/booking/%s' % booking.key.urlsafe()) # is user logged in? if not user_logged_in: if is_english: response.mustcontain("Login to Veosan") elif is_french: response.mustcontain("Connexion à Veosan") login_form = response.forms['login_form'] login_form['password'] = self._TEST_PATIENT_PASSWORD response = login_form.submit().follow() else: response = response.follow() response.mustcontain("Upcoming Appointments") response.mustcontain('Fantastic Fox') #response.mustcontain(booking_time_string) response.mustcontain(english_datetime_string) # patient email in navbar response.mustcontain(self._TEST_PATIENT_EMAIL) response.mustcontain('Logout')
def post(self, vanity_url=None): ''' Booking process from public profile ''' appointment_details_form = None provider = db.get_provider_from_vanity_url(vanity_url) user = self.get_current_user() if user: appointment_details_form = AppointmentDetailsForLoggedInUser().get_form(self.request.POST, provider=provider) else: appointment_details_form = AppointmentDetails().get_form(self.request.POST, provider=provider) provider = db.get_provider_from_vanity_url(vanity_url) if appointment_details_form.validate(): # create the booking object booking = Booking() booking.provider = provider.key booking.booking_source = 'profile' booking_date = appointment_details_form['booking_date'].data booking_time = appointment_details_form['booking_time'].data booking.datetime = to_utc(datetime.strptime(booking_date + " " + booking_time, '%Y-%m-%d %H:%M')) booking.comments = appointment_details_form['comments'].data schedule = db.get_schedule_for_date_time(provider, booking_date, booking_time) booking.schedule = schedule.key if appointment_details_form.__contains__('service'): service_key_from_form = appointment_details_form['service'].data if service_key_from_form: service_key = ndb.Key(urlsafe=service_key_from_form) provider_service = service_key.get() if provider_service: booking.service = service_key if user: # user is logged in, is this a patient? existing_patient = db.get_patient_from_user(user) if existing_patient: booking.patient = existing_patient.key else: self.link_user_to_new_patient(appointment_details_form, user, booking) # confirm the booking since it is a "known" user booking.confirmed = True booking.email_sent_to_patient = False booking.email_sent_to_provider = False # save booking booking.put() # already logged in so go directly to bookings list self.redirect('/patient/bookings/' + booking.patient.urlsafe()) # mail it to the patient mail.email_booking_to_patient(self, booking) # mail it to the provider mail.email_booking_to_provider(self, booking) else: # no user is logged in, check if the email address exists, this means they just didn't log in email = appointment_details_form['email'].data existing_user = db.get_user_from_email(email) if existing_user: existing_patient = db.get_patient_from_user(existing_user) if existing_patient: # email is in datastore, but not logged in # link booking to existing patient booking.patient = existing_patient.key booking.put() else: self.link_user_to_new_patient(appointment_details_form, user, booking) # confirm the booking since it is a "known" user booking.confirmed = True booking.email_sent_to_patient = False booking.email_sent_to_provider = False # save booking booking.put() # get the user to login key = booking.key.urlsafe() self.redirect('/login/booking/' + key) else: # no patient, no user. get them to fill a profile in the form booking.put() patient_form = RegistrationDetailsForNewPatient().get_form() patient_form['terms_agreement'].data = True patient_form['booking_date'].data = booking_date patient_form['booking_time'].data = booking_time patient_form['booking_key'].data = booking.key.urlsafe() patient_form['email'].data = email self.render_template('provider/public/booking_new_patient.html', provider=provider, patient_form=patient_form) logging.info('Created booking from public profile: %s' % booking) else: self.render_template('provider/public/booking_details.html', provider=provider, booking_form=appointment_details_form)