Example #1
0
File: email.py Project: mcptr/ki
    def get(self, **kwargs):
        action = actions_model.Action(
            session_id=flask.g.session.id
        )

        if not flask.g.user.email:
            action.add_error(
                gettext("You don't have any email address assigned")
            )
        elif flask.g.user.email_verified_on:
            action.add_error(
                gettext("Your email address is already verified")
            )
        else:
            with self.api.pgsql.transaction() as tx:
                v_id = _create_verification(
                    tx, flask.g.user.id, flask.g.user.email
                )
                link = _create_verification_link(v_id)
                send_email_verification_link(self.app, flask.g.user, link)
                action.add_message(gettext("Verification email sent"))
                tx.connection.commit()

        action.save(self.api)
        return self.redirect("profile.edit_email", action=action)
Example #2
0
File: email.py Project: mcptr/ki
    def get(self, v_id, **kwargs):
        message = None

        user = flask.g.user

        action = actions_model.Action(
            session_id=flask.g.session.id
        )

        if not v_id:
            action.add_error(gettext("Invalid verification"))
        elif not flask.g.user.email:
            action.add_error(gettext("No email address assigned"))
        elif flask.g.user.email_verified_on:
            action.add_error(gettext("Email address already verified"))
        else:
            with self.api.pgsql.transaction() as tx:
                v = verifications.use(tx, v_id, flask.g.user.id)
                tx.connection.commit()

                if v.verification_data != flask.g.user.email:
                    action.add_error(gettext("Invalid verification"))
                else:
                    users_model.set_email_verified(tx, flask.g.user)
                    action.add_message(gettext("Your email is now verified"))

                tx.connection.commit()

        action.save(self.api)
        return self.redirect("profile.edit_email", action=action)
Example #3
0
    def post(self, **kwargs):
        password = flask.request.form.get("password", None)
        repeated = flask.request.form.get("repeated", None)

        action = actions_model.Action(session_id=flask.g.session.id)

        if not (password and repeated) or (password != repeated):
            action.add_error(gettext("Passwords did not match"))
        else:
            with self.api.pgsql.transaction() as tx:
                try:
                    users_model.set_password(tx, flask.g.user, password)
                    action.add_message(
                        gettext("Password changed successfully"))

                    if flask.g.user.email and flask.g.user.email_verified_on:
                        content = self.app.flask_app.render_l10n_template(
                            flask.g.user.locale,
                            "emails/notification.jinja2",
                            content=gettext("Your password has been changed."),
                            user=flask.g.user,
                        )
                        send_notification_email(flask.g.user.email,
                                                gettext("Password changed"),
                                                content)
                except ki.errors.ValidationError as e:
                    action.add_error(str(e))

        action.save(self.api)

        return self.redirect("profile.edit_password", action=action)
Example #4
0
File: signup.py Project: mcptr/ki
    def post(self, **kwargs):
        name = flask.request.form.get("name", "").lower()
        password = flask.request.form.get("password", None)
        email = (flask.request.form.get("email", None) or None)

        new_user = users_model.User(name=name, email=email)
        new_user.password = password

        ok = False
        message = None
        action_id = None

        action = actions_model.Action(session_id=flask.g.session.id)
        with self.api.pgsql.transaction() as tx:
            try:
                if not name:
                    message = gettext("Missing username")
                    action.add_error(message)
                elif users_model.user_exists(tx, new_user):
                    message = gettext("User already exists")
                    action.add_error(message)
                elif email and users_model.email_exists(tx, email):
                    message = gettext("Email already exists")
                    action.add_error(message)
                else:
                    user = users_model.create(tx, new_user)
                    if not user.id:
                        message = gettext("Signing up failed")
                        action.add_error(message)
                    else:
                        new_user.id = user.id
                        user = users_model.get(tx, new_user)
                        ok = True
                        message = gettext("Profile created")
                        action.add_message(message)

                        if user.email:
                            send_email_verification_link(self.app, user)
            except ki.errors.ValidationError as e:
                message = str(e)
                ok = False
                action.add_error(message)

        action.save(self.api)

        if ok:
            return self.redirect("profile.login", action=action)

        return self.redirect("profile.signup", action=action)
Example #5
0
File: removal.py Project: mcptr/ki
    def post(self, **kwargs):
        log.info("Account removal: user: %s", flask.g.user.name)

        keep_username = flask.request.form.get("keep-username", False)
        keep_comments = flask.request.form.get("keep-comments", False)

        action = actions_model.Action()

        redirect = None

        try:
            email = (flask.g.user.email
                     if flask.g.user.email_verified_on else None)
            locale = flask.g.user.locale

            with self.api.pgsql.transaction() as tx:
                users_model.delete(
                    tx,
                    flask.g.user,
                    keep_username=keep_username,
                    keep_comments=keep_comments,
                )
                tx.connection.commit()

                action.add_message(gettext("Your profile was removed."))
                flask.g.session.destroy(tx)
                flask.session.clear()

                if email:
                    content = self.app.flask_app.render_l10n_template(
                        locale,
                        "emails/notification.jinja2",
                        content=gettext("Your profile was remoed."),
                    )
                    send_notification_email(email, gettext("Profile removed"),
                                            content)
        except ki.errors.Error as e:
            log.exception(e)
            action.add_error(gettext("Unable to remove your account."))

        action.save(self.api)
        return self.redirect("message.message", action=action)
Example #6
0
File: email.py Project: mcptr/ki
    def post(self, **kwargs):
        email = flask.request.form.get("email", None)

        action = actions_model.Action(
            session_id=flask.g.session.id
        )
        with self.api.pgsql.transaction() as tx:
            if not email:
                action.add_error(gettext("Missing email"))
            elif users_model.email_exists(tx, email):
                action.add_error(gettext("Email already exists"))
            else:
                users_model.set_email(tx, flask.g.user, email)
                v_id = _create_verification(tx, flask.g.user.id, email)
                link = _create_verification_link(v_id)
                send_email_verification_link(self.app, flask.g.user, link, email)
                action.add_message(gettext("Please verify your email"))

            tx.connection.commit()

        action.save(self.api)
        return self.redirect("profile.edit_email", action=action)
Example #7
0
File: email.py Project: mcptr/ki
    def post(self, **kwargs):
        email = flask.request.form.get("email", None)
        if not email:
            flask.abort(403)

        ok = False
        with self.api.pgsql.transaction() as tx:
            ok = users_model.remove_email(tx, flask.g.user)
            tx.connection.commit()

        message = ("Email removed" if ok else "Failed to remove email")

        action = actions_model.Action(
            session_id=flask.g.session.id
        )

        if not ok:
            action.add_error(message)
        else:
            action.add_message(message)

        return self.redirect("profile.edit_email", action=action)
Example #8
0
    def post(self, **kwargs):
        if flask.g.user and flask.g.user.id:
            return self.redirect("profile.main")

        action = actions_model.Action(session_id=flask.g.session.id)

        email = flask.request.form.get("email", None)
        if not email:
            action.add_error(gettext("No email provided"))
        else:
            with self.api.pgsql.transaction() as tx:
                u = users_model.get_by_email(tx, email)
                if not u:
                    action.add_error(gettext("Invalid email"))
                elif not u.email_verified_on:
                    action.add_error(gettext("Your email is not verified."))
                    action.add_error(gettext("Please contact our support."))
                else:
                    v_hash = _create_verification_hash(u.id, u.email,
                                                       str(uuid.uuid4()))

                    v_id = verifications.create(
                        tx,
                        u.id,
                        "profile-recovery",
                        1200,
                        verification_data=v_hash,
                    )

                    if v_id:
                        link = _create_recovery_link(v_id, v_hash)
                        send_recovery_link(self.app, u, link)
                        action.add_message(
                            gettext("Recovery link was sent to your email"))
                tx.connection.commit()

        action.save(self.api)
        return self.redirect("profile.recovery", action=action)
Example #9
0
    def get(self, v_id, v_hash, **kwargs):
        action = actions_model.Action(session_id=flask.g.session.id)

        ok = False

        with self.api.pgsql.transaction() as tx:
            v = verifications.use_no_user(tx, v_id)
            tx.connection.commit()

            ok = (v and v.user_id and v.verification_data == v_hash)
            if ok:
                u = users_model.User(id=v.user_id)
                flask.g.session.set_user(tx, u, 300, True)
                action.add_message(gettext("Remember to set a new password."))
            else:
                action.add_error(gettext("Invalid verification"))
            tx.connection.commit()

        action.save(self.api)

        if not ok:
            return self.redirect("profile.recovery", action=action)
        else:
            return self.redirect("profile.edit_password", action=action)