def details_postcode(session_id):
app.logger.info("starting controller",
{'controller': "yourdetails.details_postcode"})
form = PostcodeForm()
if POST_CODE in session:
form.postcode.data = session[POST_CODE]
if form.is_submitted():
form.postcode.data = request.form[POST_CODE]
session[POST_CODE] = form.postcode.data
session[NHS_NUMBER] = ""
if form.validate():
session.modified = True
app.logger.info("redirecting",
{'location': "yourdetails.your_details_review"})
return redirect(
utils.ensure_safe_redirect_url(
request.args.get(
'next',
routes.get_relative(
"yourdetails.your_details_review"))))
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
app.logger.info('rendering page', {'page': 'your_details_postcode'})
return render_template("details-postcode.html", form=form, routes=routes)
def your_details():
form = NameForm(data={
'first_name': session.get(FIRST_NAME),
'last_name': session.get(LAST_NAME),
})
if form.validate_on_submit():
session[FIRST_NAME] = form.first_name.data
session[LAST_NAME] = form.last_name.data
session.modified = True
app.logger.info("redirecting", {'location': routes.get_raw("yourdetails.details_dob")})
redirect_url = utils.ensure_safe_redirect_url(
request.args.get('next', routes.get_relative("yourdetails.details_dob")))
return redirect(redirect_url)
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
# if still not 'session' cookie at this point we assume cookies are
# disabled on user's web browser
if not request.cookies.get('session'):
return make_response(render_template('cookies-disabled.html'), 400)
response = make_response(render_template("your-details.html", form=form, routes=routes))
# get session id
if not request.cookies.get("session_id_nojs"):
session_id = get_session_id()
g.session_id_override = session_id
if session_id:
# set session_id cookie to expire after 59 minutes
response.set_cookie("session_id_nojs", value=session_id, max_age=60 * 59,
secure=app.config.get("SESSION_COOKIE_SECURE"), httponly=True)
return response
def details_dob(session_id):
form = DOBForm(data={
'day': session.get(DOB_DAY),
'month': session.get(DOB_MONTH),
'year': session.get(DOB_YEAR)
})
if form.validate_on_submit():
session[DOB_DAY] = str(form.day.data)
session[DOB_MONTH] = str(form.month.data)
session[DOB_YEAR] = str(form.year.data)
session[DOB] = (
str(request.form[DAY]) + "/" + str(request.form[MONTH]) + "/" + str(request.form[YEAR])
)
session.modified = True
app.logger.info("redirecting", {'location': "yourdetails.details_auth_option"})
return redirect(utils.ensure_safe_redirect_url(
request.args.get('next', routes.get_relative("yourdetails.details_auth_option"))))
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
return render_template(
"details-dob.html",
form=form,
routes=routes
)
def your_details():
app.logger.info("starting controller",
{'controller': "yourdetails.your_details"})
form = NameForm()
if FIRST_NAME in session and LAST_NAME in session:
form.first_name.data = session[FIRST_NAME]
form.last_name.data = session[LAST_NAME]
if form.is_submitted():
form.first_name.data = request.form[FIRST_NAME]
form.last_name.data = request.form[LAST_NAME]
session[FIRST_NAME] = form.first_name.data
session[LAST_NAME] = form.last_name.data
if form.validate():
session.modified = True
app.logger.info(
"redirecting",
{'location': routes.get_raw("yourdetails.details_dob")})
redirect_url = utils.ensure_safe_redirect_url(
request.args.get(
'next', routes.get_relative("yourdetails.details_dob")))
return redirect(redirect_url)
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
#if still not 'session' cookie at this point we assume cookies are
#disabled on user's web browser
if not request.cookies.get('session'):
app.logger.info('rendering page', {'page': 'cookies-disabled.html'})
return make_response(render_template('cookies-disabled.html'), 400)
response = make_response(
render_template("your-details.html", form=form, routes=routes))
# get session id
if not request.cookies.get("session_id_nojs"):
session_id = get_session_id()
g.session_id_override = session_id
if session_id:
# set session_id cookie to expire after 59 minutes
response.set_cookie("session_id_nojs",
value=session_id,
max_age=60 * 59,
secure=True,
httponly=True)
app.logger.info('rendering page', {'page': 'your_details_name'})
return response
def ensure_safe_redirect_url(target):
white_list_endpoints = (
routes.get_relative('yourdetails.your_details'),
routes.get_relative('yourdetails.details_dob'),
routes.get_relative('yourdetails.details_auth_option'),
routes.get_relative('yourdetails.details_nhs_number'),
routes.get_relative('yourdetails.details_postcode'),
routes.get_relative('yourdetails.your_details_review'))
if target not in white_list_endpoints:
return routes.get_absolute('main.landing_page')
return routes.make_absolute(target)
def details_postcode(session_id):
form = PostcodeForm(data={
'postcode': session.get(POST_CODE)
})
if form.validate_on_submit():
session[POST_CODE] = form.postcode.data
session[NHS_NUMBER] = ""
session.modified = True
app.logger.info("redirecting", {'location': "yourdetails.your_details_review"})
return redirect(utils.ensure_safe_redirect_url(
request.args.get('next', routes.get_relative("yourdetails.your_details_review"))))
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
return render_template(
"details-postcode.html",
form=form,
routes=routes
)
def details_dob(session_id):
app.logger.info("starting controller",
{'controller': "yourdetails.details_dob"})
form = DOBForm()
if DOB in session:
form.day.data = int(session[DOB_DAY])
form.month.data = int(session[DOB_MONTH])
form.year.data = int(session[DOB_YEAR])
if form.is_submitted():
form.day.data = int(request.form[DAY] if request.form[DAY] else '0')
form.month.data = int(
request.form[MONTH] if request.form[MONTH] else '0')
form.year.data = int(request.form[YEAR] if request.form[YEAR] else '0')
session[DOB_DAY] = str(form.day.data)
session[DOB_MONTH] = str(form.month.data)
session[DOB_YEAR] = str(form.year.data)
if form.validate():
session.modified = True
session[DOB] = (str(request.form[DAY]) + "/" +
str(request.form[MONTH]) + "/" +
str(request.form[YEAR]))
app.logger.info("redirecting",
{'location': "yourdetails.details_auth_option"})
return redirect(
utils.ensure_safe_redirect_url(
request.args.get(
'next',
routes.get_relative(
"yourdetails.details_auth_option"))))
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
app.logger.info('rendering page', {'page': 'your_details_dob'})
return render_template("details-dob.html", form=form, routes=routes)