def create_user(encoded_token):
form = CreateUserForm()
token = decode_invitation_token(encoded_token, role='supplier')
if token is None:
current_app.logger.warning(
"createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create_user_error.html",
token=None), 400
user_json = data_api_client.get_user(email_address=token.get("email_address"))
if not user_json:
return render_template(
"auth/create_user.html",
form=form,
email_address=token['email_address'],
supplier_name=token['supplier_name'],
token=encoded_token), 200
user = User.from_json(user_json)
return render_template(
"auth/create_user_error.html",
token=token,
user=user), 400
def test_decode_invitation_token_does_not_work_if_token_expired(email_app):
with freeze_time('2015-01-02 03:04:05'):
data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
token = generate_token(data, email_app.config['SHARED_EMAIL_KEY'], email_app.config['INVITE_EMAIL_SALT'])
with email_app.app_context():
assert decode_invitation_token(token, role='supplier') is None
def create_user(encoded_token):
form = CreateUserForm()
token = decode_invitation_token(encoded_token, role='supplier')
if token is None:
current_app.logger.warning(
"createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create_user_error.html",
token=None), 400
user_json = data_api_client.get_user(email_address=token.get("email_address"))
if not user_json:
return render_template(
"auth/create_user.html",
form=form,
email_address=token['email_address'],
supplier_name=token['supplier_name'],
token=encoded_token), 200
user = User.from_json(user_json)
return render_template(
"auth/create_user_error.html",
token=token,
user=user), 400
def test_decode_invitation_token_does_not_work_if_token_expired(email_app):
with freeze_time('2015-01-02 03:04:05'):
data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
token = generate_token(data, TEST_SECRET_KEY, email_app.config['INVITE_EMAIL_SALT'])
with email_app.app_context():
assert decode_invitation_token(token, role='supplier') is None
def test_decode_invitation_token_decodes_ok_for_supplier(email_app):
with email_app.app_context():
data = {
'email_address': '*****@*****.**',
'supplier_code': 1234,
'supplier_name': 'A. Supplier'
}
token = generate_token(data, TEST_SECRET_KEY, 'Salt')
assert decode_invitation_token(token, role='supplier') == data
def test_decode_invitation_token_does_not_work_if_bad_token(email_app):
with email_app.app_context():
data = {
'email_address': '*****@*****.**',
'supplier_name': 'A. Supplier'
}
token = generate_token(data, TEST_SECRET_KEY,
email_app.config['INVITE_EMAIL_SALT'])[1:]
assert decode_invitation_token(token, role='supplier') is None
def create_user(encoded_token):
token = decode_invitation_token(encoded_token)
if token.get('error') == 'token_invalid':
current_app.logger.warning("createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
# Replace this with a proper dedicated template.
return render_error_page(
status_code=400,
error_message=INVALID_TOKEN_MESSAGE.format(
support_email=current_app.config['SUPPORT_EMAIL_ADDRESS']),
)
role = token["role"]
if token.get('error') == 'token_expired':
current_app.logger.warning("createuser.token_expired: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create-user-error.html",
error=None,
support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=None,
user=None), 400
form = CreateUserForm()
user_json = data_api_client.get_user(email_address=token["email_address"])
if not user_json:
return render_template("auth/create-user.html",
email_address=token['email_address'],
form=form,
errors=get_errors_from_wtform(form),
role=role,
supplier_name=token.get('supplier_name'),
token=encoded_token), 200
user = User.from_json(user_json)
return render_template(
"auth/create-user-error.html",
error=None,
support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=token,
user=user), 400
def submit_create_user(encoded_token):
form = CreateUserForm()
token = decode_invitation_token(encoded_token)
if token is None:
current_app.logger.warning("createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template("auth/create_user_error.html", token=None), 400
else:
if not form.validate_on_submit():
current_app.logger.warning(
"createuser.invalid: {form_errors}",
extra={'form_errors': ", ".join(form.errors)})
return render_template("auth/create_user.html",
form=form,
token=encoded_token,
email_address=token['email_address'],
supplier_name=token['supplier_name']), 400
try:
user = data_api_client.create_user({
'name':
form.name.data,
'password':
form.password.data,
'emailAddress':
token['email_address'],
'role':
'supplier',
'supplierId':
token['supplier_id']
})
user = User.from_json(user)
login_user(user)
except HTTPError as e:
if e.status_code != 409:
raise
return render_template("auth/create_user_error.html",
token=None), 400
flash('account-created', 'flag')
return redirect(url_for('.dashboard'))
def submit_create_user(encoded_token):
form = CreateUserForm()
token = decode_invitation_token(encoded_token, role='supplier')
if token is None:
current_app.logger.warning("createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create_user_error.html",
token=None), 400
else:
if not form.validate_on_submit():
current_app.logger.warning(
"createuser.invalid: {form_errors}",
extra={'form_errors': ", ".join(form.errors)})
return render_template(
"auth/create_user.html",
form=form,
token=encoded_token,
email_address=token.get('email_address'),
supplier_name=token.get('supplier_name')), 400
try:
user = data_api_client.create_user({
'name': form.name.data,
'password': form.password.data,
'emailAddress': token.get('email_address'),
'role': 'supplier',
'supplierId': token.get('supplier_id')
})
user = User.from_json(user)
login_user(user)
except HTTPError as e:
if e.status_code != 409:
raise
return render_template(
"auth/create_user_error.html",
token=None), 400
return redirect(url_for('.dashboard'))
def test_decode_invitation_token_does_not_work_if_bad_token(email_app):
with email_app.app_context():
data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
token = generate_token(data, email_app.config['SHARED_EMAIL_KEY'], email_app.config['INVITE_EMAIL_SALT'])[1:]
assert decode_invitation_token(token, role='supplier') is None
def test_decode_invitation_token_decodes_ok_for_supplier(email_app):
with email_app.app_context():
data = {'email_address': '*****@*****.**', 'supplier_id': 1234, 'supplier_name': 'A. Supplier'}
token = generate_token(data, 'Key', 'Salt')
assert decode_invitation_token(token, role='supplier') == data
def test_decode_invitation_token_decodes_ok_for_buyer(email_app):
with email_app.app_context():
data = {'email_address': '*****@*****.**'}
token = generate_token(data, 'Key', 'Salt')
assert decode_invitation_token(token, role='buyer') == data
def test_decode_invitation_token_decodes_ok_for_buyer(email_app):
with email_app.app_context():
data = {'email_address': '*****@*****.**'}
token = generate_token(data, TEST_SECRET_KEY, 'Salt')
assert decode_invitation_token(token, role='buyer') == data
def submit_create_user(encoded_token):
token = decode_invitation_token(encoded_token)
if token.get('error') == 'token_invalid':
current_app.logger.warning("createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_error_page(
status_code=400,
error_message=INVALID_TOKEN_MESSAGE.format(
support_email=current_app.config['SUPPORT_EMAIL_ADDRESS']),
)
role = token["role"]
if token.get('error') == 'token_expired':
current_app.logger.warning("createuser.token_expired: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create-user-error.html",
error=None,
support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=None,
user=None), 400
form = CreateUserForm()
if not form.validate_on_submit():
current_app.logger.warning(
"createuser.invalid: {form_errors}",
extra={'form_errors': ", ".join(form.errors)})
return render_template("auth/create-user.html",
email_address=token['email_address'],
form=form,
errors=get_errors_from_wtform(form),
role=role,
supplier_name=token.get('supplier_name'),
token=encoded_token), 400
try:
user_data = {
'name': form.name.data,
'password': form.password.data,
'emailAddress': token['email_address'],
'role': role
}
if role == 'buyer':
user_data.update({'phoneNumber': form.phone_number.data})
elif role == 'supplier':
user_data.update({'supplierId': token['supplier_id']})
user_create_response = data_api_client.create_user(user_data)
user = User.from_json(user_create_response)
login_user(user)
except HTTPError as e:
if e.status_code == 409 or e.message == 'invalid_buyer_domain':
return render_template("auth/create-user-error.html",
error=e.message,
support_email_address=current_app.
config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=None), 400
else:
abort(503)
return redirect_logged_in_user(account_created=True)
def test_decode_invitation_token_does_not_work_if_there_are_missing_keys(email_app):
with email_app.app_context():
data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
token = generate_token(data, TEST_SECRET_KEY, email_app.config['INVITE_EMAIL_SALT'])
assert decode_invitation_token(token, role='supplier') is None