def resend_confirmation_post():
"""
View for user to submit resend confirmation form.
HTTP Method: POST
"""
form = ResendConfirmationForm(request.form)
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
status_message = ('If there is an OSF account associated with this unconfirmed email {0}, '
'a confirmation email has been resent to it. If you do not receive an email and believe '
'you should have, please contact OSF Support.').format(clean_email)
kind = 'success'
if user:
try:
send_confirm_email(user, clean_email)
except KeyError:
# already confirmed, redirect to dashboard
status_message = 'This email {0} has already been confirmed.'.format(clean_email)
kind = 'warning'
status.push_status_message(status_message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {'form': form}
def resend_confirmation_post(auth):
"""
View for user to submit resend confirmation form.
HTTP Method: POST
"""
# If user is already logged in, log user out
if auth.logged_in:
return auth_logout(redirect_url=request.url)
form = ResendConfirmationForm(request.form)
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
status_message = (
'If there is an OSF account associated with this unconfirmed email address {0}, '
'a confirmation email has been resent to it. If you do not receive an email and believe '
'you should have, please contact OSF Support.').format(clean_email)
kind = 'success'
if user:
if throttle_period_expired(user.email_last_sent,
settings.SEND_EMAIL_THROTTLE):
try:
send_confirm_email(user, clean_email, renew=True)
except KeyError:
# already confirmed, redirect to dashboard
status_message = 'This email {0} has already been confirmed.'.format(
clean_email)
kind = 'warning'
user.email_last_sent = timezone.now()
user.save()
else:
status_message = (
'You have recently requested to resend your confirmation email. '
'Please wait a few minutes before trying again.')
kind = 'error'
status.push_status_message(status_message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {'form': form}
def resend_confirmation_post(auth):
"""
View for user to submit resend confirmation form.
HTTP Method: POST
"""
# If user is already logged in, log user out
if auth.logged_in:
return auth_logout(redirect_url=request.url)
form = ResendConfirmationForm(request.form)
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
status_message = ('If there is an OSF account associated with this unconfirmed email {0}, '
'a confirmation email has been resent to it. If you do not receive an email and believe '
'you should have, please contact OSF Support.').format(clean_email)
kind = 'success'
if user:
if throttle_period_expired(user.email_last_sent, settings.SEND_EMAIL_THROTTLE):
try:
send_confirm_email(user, clean_email, renew=True)
except KeyError:
# already confirmed, redirect to dashboard
status_message = 'This email {0} has already been confirmed.'.format(clean_email)
kind = 'warning'
user.email_last_sent = datetime.datetime.utcnow()
user.save()
else:
status_message = ('You have recently requested to resend your confirmation email. '
'Please wait a few minutes before trying again.')
kind = 'error'
status.push_status_message(status_message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {'form': form}
def external_login_email_get():
"""
Landing view for first-time oauth-login user to enter their email address.
HTTP Method: GET
"""
form = ResendConfirmationForm(request.form)
session = get_session()
if not session.is_external_first_login:
raise HTTPError(http.UNAUTHORIZED)
external_id_provider = session.data['auth_user_external_id_provider']
return {'form': form, 'external_id_provider': external_id_provider}
def resend_confirmation_get(auth):
"""
View for user to land on resend confirmation page.
HTTP Method: GET
"""
# If user is already logged in, log user out
if auth.logged_in:
return auth_logout(redirect_url=request.url)
form = ResendConfirmationForm(request.form)
return {
'form': form,
}
def resend_confirmation():
"""View for resending an email confirmation email.
"""
form = ResendConfirmationForm(request.form)
if request.method == 'POST':
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
if not user:
return {'form': form}
try:
send_confirm_email(user, clean_email)
except KeyError: # already confirmed, redirect to dashboard
status_message = 'Email has already been confirmed.'
type_ = 'warning'
else:
status_message = 'Resent email to <em>{0}</em>'.format(clean_email)
type_ = 'success'
status.push_status_message(status_message, type_)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {'form': form}
def resend_confirmation():
"""View for resending an email confirmation email.
"""
form = ResendConfirmationForm(request.form)
if request.method == 'POST':
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
if not user:
return {'form': form}
try:
send_confirm_email(user, clean_email)
except KeyError: # already confirmed, redirect to dashboard
status_message = 'Email has already been confirmed.'
kind = 'warning'
else:
status_message = 'Resent email to {0}'.format(clean_email)
kind = 'success'
status.push_status_message(status_message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {'form': form}
def external_login_email_post():
"""
View to handle email submission for first-time oauth-login user.
HTTP Method: POST
"""
form = ResendConfirmationForm(request.form)
session = get_session()
if not session.is_external_first_login:
raise HTTPError(http.UNAUTHORIZED)
external_id_provider = session.data['auth_user_external_id_provider']
external_id = session.data['auth_user_external_id']
fullname = session.data['auth_user_fullname']
service_url = session.data['service_url']
# TODO: @cslzchen use user tags instead of destination
destination = 'dashboard'
for campaign in campaigns.get_campaigns():
if campaign != 'institution':
# Handle different url encoding schemes between `furl` and `urlparse/urllib`.
# OSF use `furl` to parse service url during service validation with CAS. However, `web_url_for()` uses
# `urlparse/urllib` to generate service url. `furl` handles `urlparser/urllib` generated urls while ` but
# not vice versa.
campaign_url = furl.furl(campaigns.campaign_url_for(campaign)).url
external_campaign_url = furl.furl(
campaigns.external_campaign_url_for(campaign)).url
if campaigns.is_proxy_login(campaign):
# proxy campaigns: OSF Preprints and branded ones
if check_service_url_with_proxy_campaign(
str(service_url), campaign_url, external_campaign_url):
destination = campaign
# continue to check branded preprints even service url matches osf preprints
if campaign != 'osf-preprints':
break
elif service_url.startswith(campaign_url):
# osf campaigns: OSF Prereg and ERPC
destination = campaign
break
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
external_identity = {
external_id_provider: {
external_id: None,
},
}
try:
ensure_external_identity_uniqueness(external_id_provider,
external_id, user)
except ValidationError as e:
raise HTTPError(http.FORBIDDEN, e.message)
if user:
# 1. update user oauth, with pending status
external_identity[external_id_provider][external_id] = 'LINK'
if external_id_provider in user.external_identity:
user.external_identity[external_id_provider].update(
external_identity[external_id_provider])
else:
user.external_identity.update(external_identity)
# 2. add unconfirmed email and send confirmation email
user.add_unconfirmed_email(clean_email,
external_identity=external_identity)
user.save()
send_confirm_email(user,
clean_email,
external_id_provider=external_id_provider,
external_id=external_id,
destination=destination)
# 3. notify user
message = language.EXTERNAL_LOGIN_EMAIL_LINK_SUCCESS.format(
external_id_provider=external_id_provider, email=user.username)
kind = 'success'
# 4. remove session and osf cookie
remove_session(session)
else:
# 1. create unconfirmed user with pending status
external_identity[external_id_provider][external_id] = 'CREATE'
user = OSFUser.create_unconfirmed(
username=clean_email,
password=None,
fullname=fullname,
external_identity=external_identity,
campaign=None)
# TODO: [#OSF-6934] update social fields, verified social fields cannot be modified
user.save()
# 3. send confirmation email
send_confirm_email(user,
user.username,
external_id_provider=external_id_provider,
external_id=external_id,
destination=destination)
# 4. notify user
message = language.EXTERNAL_LOGIN_EMAIL_CREATE_SUCCESS.format(
external_id_provider=external_id_provider, email=user.username)
kind = 'success'
# 5. remove session
remove_session(session)
status.push_status_message(message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {'form': form, 'external_id_provider': external_id_provider}
def external_login_email_post():
"""
View to handle email submission for first-time oauth-login user.
HTTP Method: POST
"""
form = ResendConfirmationForm(request.form)
session = get_session()
if not session.is_external_first_login:
raise HTTPError(http.UNAUTHORIZED)
external_id_provider = session.data['auth_user_external_id_provider']
external_id = session.data['auth_user_external_id']
fullname = session.data['auth_user_fullname']
service_url = session.data['service_url']
destination = 'dashboard'
for campaign in campaigns.get_campaigns():
if campaign != 'institution':
# Handle different url encoding schemes between `furl` and `urlparse/urllib`.
# OSF use `furl` to parse service url during service validation with CAS. However, `web_url_for()` uses
# `urlparse/urllib` to generate service url. `furl` handles `urlparser/urllib` generated urls while ` but
# not vice versa.
campaign_url = furl.furl(campaigns.campaign_url_for(campaign)).url
if campaigns.is_proxy_login(campaign):
# proxy campaigns: OSF Preprints and branded ones
if check_service_url_with_proxy_campaign(service_url, campaign_url):
destination = campaign
# continue to check branded preprints even service url matches osf preprints
if campaign != 'osf-preprints':
break
elif service_url.startswith(campaign_url):
# osf campaigns: OSF Prereg and ERPC
destination = campaign
break
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
external_identity = {
external_id_provider: {
external_id: None,
},
}
try:
ensure_external_identity_uniqueness(external_id_provider, external_id, user)
except ValidationError as e:
raise HTTPError(http.FORBIDDEN, e.message)
if user:
# 1. update user oauth, with pending status
external_identity[external_id_provider][external_id] = 'LINK'
if external_id_provider in user.external_identity:
user.external_identity[external_id_provider].update(external_identity[external_id_provider])
else:
user.external_identity.update(external_identity)
# 2. add unconfirmed email and send confirmation email
user.add_unconfirmed_email(clean_email, external_identity=external_identity)
user.save()
send_confirm_email(
user,
clean_email,
external_id_provider=external_id_provider,
external_id=external_id,
destination=destination
)
# 3. notify user
message = language.EXTERNAL_LOGIN_EMAIL_LINK_SUCCESS.format(
external_id_provider=external_id_provider,
email=user.username
)
kind = 'success'
# 4. remove session and osf cookie
remove_session(session)
else:
# 1. create unconfirmed user with pending status
external_identity[external_id_provider][external_id] = 'CREATE'
user = User.create_unconfirmed(
username=clean_email,
password=str(uuid.uuid4()),
fullname=fullname,
external_identity=external_identity,
campaign=None
)
# TODO: [#OSF-6934] update social fields, verified social fields cannot be modified
user.save()
# 3. send confirmation email
send_confirm_email(
user,
user.username,
external_id_provider=external_id_provider,
external_id=external_id,
destination=destination
)
# 4. notify user
message = language.EXTERNAL_LOGIN_EMAIL_CREATE_SUCCESS.format(
external_id_provider=external_id_provider,
email=user.username
)
kind = 'success'
# 5. remove session
remove_session(session)
status.push_status_message(message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {
'form': form,
'external_id_provider': external_id_provider
}
def external_login_email_post():
"""
View to handle email submission for first-time oauth-login user.
HTTP Method: POST
"""
form = ResendConfirmationForm(request.form)
session = get_session()
if not session.is_external_first_login:
raise HTTPError(http.UNAUTHORIZED)
external_id_provider = session.data['auth_user_external_id_provider']
external_id = session.data['auth_user_external_id']
fullname = session.data['auth_user_fullname']
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
external_identity = {
external_id_provider: {
external_id: None,
},
}
try:
ensure_external_identity_uniqueness(external_id_provider, external_id, user)
except ValidationError as e:
raise HTTPError(http.FORBIDDEN, e.message)
if user:
# 1. update user oauth, with pending status
external_identity[external_id_provider][external_id] = 'LINK'
if external_id_provider in user.external_identity:
user.external_identity[external_id_provider].update(external_identity[external_id_provider])
else:
user.external_identity.update(external_identity)
# 2. add unconfirmed email and send confirmation email
user.add_unconfirmed_email(clean_email, external_identity=external_identity)
user.save()
send_confirm_email(user, clean_email, external_id_provider=external_id_provider, external_id=external_id)
# 3. notify user
message = language.EXTERNAL_LOGIN_EMAIL_LINK_SUCCESS.format(
external_id_provider=external_id_provider,
email=user.username
)
kind = 'success'
# 4. remove session and osf cookie
remove_session(session)
else:
# 1. create unconfirmed user with pending status
external_identity[external_id_provider][external_id] = 'CREATE'
user = User.create_unconfirmed(
username=clean_email,
password=str(uuid.uuid4()),
fullname=fullname,
external_identity=external_identity,
campaign=None
)
# TODO: [#OSF-6934] update social fields, verified social fields cannot be modified
user.save()
# 3. send confirmation email
send_confirm_email(user, user.username, external_id_provider=external_id_provider, external_id=external_id)
# 4. notify user
message = language.EXTERNAL_LOGIN_EMAIL_CREATE_SUCCESS.format(
external_id_provider=external_id_provider,
email=user.username
)
kind = 'success'
# 5. remove session
remove_session(session)
status.push_status_message(message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {
'form': form,
'external_id_provider': external_id_provider
}
def external_login_email_post():
"""
View to handle email submission for first-time oauth-login user.
HTTP Method: POST
"""
form = ResendConfirmationForm(request.form)
session = get_session()
if not session.is_external_first_login:
raise HTTPError(http.UNAUTHORIZED)
external_id_provider = session.data['auth_user_external_id_provider']
external_id = session.data['auth_user_external_id']
fullname = session.data['auth_user_fullname']
if form.validate():
clean_email = form.email.data
user = get_user(email=clean_email)
external_identity = {
external_id_provider: {
external_id: None,
},
}
try:
ensure_external_identity_uniqueness(external_id_provider, external_id, user)
except ValidationError as e:
raise HTTPError(http.FORBIDDEN, e.message)
if user:
# 1. update user oauth, with pending status
external_identity[external_id_provider][external_id] = 'LINK'
if external_id_provider in user.external_identity:
user.external_identity[external_id_provider].update(external_identity[external_id_provider])
else:
user.external_identity.update(external_identity)
# 2. add unconfirmed email and send confirmation email
user.add_unconfirmed_email(clean_email, external_identity=external_identity)
user.save()
send_confirm_email(user, clean_email, external_id_provider=external_id_provider, external_id=external_id)
# 3. notify user
message = language.EXTERNAL_LOGIN_EMAIL_LINK_SUCCESS.format(
external_id_provider=external_id_provider,
email=user.username
)
kind = 'success'
# 4. remove session and osf cookie
remove_session(session)
else:
# 1. create unconfirmed user with pending status
external_identity[external_id_provider][external_id] = 'CREATE'
user = User.create_unconfirmed(
username=clean_email,
password=str(uuid.uuid4()),
fullname=fullname,
external_identity=external_identity,
campaign=None
)
# TODO: [#OSF-6934] update social fields, verified social fields cannot be modified
user.save()
# 3. send confirmation email
send_confirm_email(user, user.username, external_id_provider=external_id_provider, external_id=external_id)
# 4. notify user
message = language.EXTERNAL_LOGIN_EMAIL_CREATE_SUCCESS.format(
external_id_provider=external_id_provider,
email=user.username
)
kind = 'success'
# 5. remove session
remove_session(session)
status.push_status_message(message, kind=kind, trust=False)
else:
forms.push_errors_to_status(form.errors)
# Don't go anywhere
return {
'form': form,
'external_id_provider': external_id_provider
}
