def forgot_password(): form = ForgotPasswordForm(request.form) if form.validate_on_submit(): user = model.User.query.filter_by(email_addr=form.email_addr.data).first() if user and user.email_addr: msg = Message(subject="Account Recovery", recipients=[user.email_addr]) if user.twitter_user_id: msg.body = render_template( "/account/email/forgot_password_openid.md", user=user, account_name="Twitter" ) elif user.facebook_user_id: msg.body = render_template( "/account/email/forgot_password_openid.md", user=user, account_name="Facebook" ) elif user.google_user_id: msg.body = render_template("/account/email/forgot_password_openid.md", user=user, account_name="Google") else: userdict = {"user": user.name, "password": user.passwd_hash} key = signer.dumps(userdict, salt="password-reset") recovery_url = url_for(".reset_password", key=key, _external=True) msg.body = render_template("/account/email/forgot_password.md", user=user, recovery_url=recovery_url) msg.html = markdown(msg.body) mail.send(msg) flash("We've send you email with account recovery instructions!", "success") else: flash( "We don't have this email in our records. You may have" " signed up with a different email or used Twitter, " "Facebook, or Google to sign-in", "error", ) if request.method == "POST" and not form.validate(): flash("Something went wrong, please correct the errors on the " "form", "error") return render_template("/account/password_forgot.html", form=form)
def test_proxy_admin(self, http_get, hdfs_get): res = MagicMock() res.json.return_value = {'key': 'testkey'} http_get.return_value = res admin, owner = UserFactory.create_batch(2) project = ProjectFactory.create( owner=owner, info={'ext_config': { 'encryption': { 'key_id': 123 } }}) url = '/fileproxy/hdfs/test/%s/file.pdf' % project.id task = TaskFactory.create(project=project, info={'url': url}) signature = signer.dumps({'task_id': task.id}) req_url = '%s?api_key=%s&task-signature=%s' % (url, admin.api_key, signature) encryption_key = 'testkey' aes = AESWithGCM(encryption_key) hdfs_get.return_value = aes.encrypt('the content') with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(req_url, follow_redirects=True) assert res.status_code == 200, res.status_code assert res.data == 'the content', res.data
def test_proxy_key_err(self, http_get): res = MagicMock() res.json.return_value = {'error': 'an error occurred'} http_get.return_value = res admin, owner = UserFactory.create_batch(2) project = ProjectFactory.create( owner=owner, info={'ext_config': { 'encryption': { 'key_id': 123 } }}) encryption_key = 'testkey' aes = AESWithGCM(encryption_key) content = json.dumps(dict(a=1, b="2")) encrypted_content = aes.encrypt(content) task = TaskFactory.create( project=project, info={'private_json__encrypted_payload': encrypted_content}) signature = signer.dumps({'task_id': task.id}) url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \ % (project.id, task.id, admin.api_key, signature) with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 500, res.status_code bad_project_id = 9999 url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \ % (bad_project_id, task.id, admin.api_key, signature) with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 400, res.status_code
def test_proxy_owner(self, http_get): res = MagicMock() res.json.return_value = {'key': 'testkey'} http_get.return_value = res project = ProjectFactory.create( info={'ext_config': { 'encryption': { 'key_id': 123 } }}) encryption_key = 'testkey' aes = AESWithGCM(encryption_key) content = json.dumps(dict(a=1, b="2")) encrypted_content = aes.encrypt(content) task = TaskFactory.create( project=project, info={'private_json__encrypted_payload': encrypted_content}) owner = project.owner signature = signer.dumps({'task_id': task.id}) url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \ % (project.id, task.id, owner.api_key, signature) with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.status_code assert res.data == content, res.data
def test_empty_response(self, http_get): """Returns empty response with task payload not containing encrypted data.""" res = MagicMock() res.json.return_value = {'key': 'testkey'} http_get.return_value = res project = ProjectFactory.create( info={'ext_config': { 'encryption': { 'key_id': 123 } }}) encryption_key = 'testkey' task = TaskFactory.create( project=project, info={}) # missing private_json__encrypted_payload owner = project.owner signature = signer.dumps({'task_id': task.id}) url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \ % (project.id, task.id, owner.api_key, signature) with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.status_code assert res.data == '', res.data
def test_file_user_key_from_vault(self, get_secret, has_lock, create_connection): has_lock.return_value = True admin, owner, user = UserFactory.create_batch(3) project = ProjectFactory.create(info={'encryption': {'key': 'abc'}}) url = '/fileproxy/encrypted/s3/anothertest/%s/file.pdf' % project.id task = TaskFactory.create(project=project, info={'url': url}) signature = signer.dumps({'task_id': task.id}) req_url = '%s?api_key=%s&task-signature=%s' % (url, user.api_key, signature) encryption_key = 'testkey' aes = AESWithGCM(encryption_key) key = self.get_key(create_connection) key.get_contents_as_string.return_value = aes.encrypt('the content') get_secret.return_value = encryption_key with patch.dict( self.flask_app.config, { 'FILE_ENCRYPTION_KEY': 'another key', 'S3_REQUEST_BUCKET': 'test', 'ENCRYPTION_CONFIG_PATH': ['encryption'] }): res = self.app.get(req_url, follow_redirects=True) assert res.status_code == 200, res.status_code assert res.data == 'the content', res.data
def forgot_password(): """ Request a forgotten password for a user. Returns a Jinja2 template. """ form = ForgotPasswordForm(request.body) if form.validate_on_submit(): user = user_repo.get_by(email_addr=form.email_addr.data) if user and user.email_addr: msg = dict(subject='Account Recovery', recipients=[user.email_addr]) if user.twitter_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Twitter') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Twitter') elif user.facebook_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Facebook') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Facebook') elif user.google_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Google') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Google') else: userdict = {'user': user.name, 'password': user.passwd_hash} key = signer.dumps(userdict, salt='password-reset') recovery_url = url_for_app_type('.reset_password', key=key, _external=True) msg['body'] = render_template( '/account/email/forgot_password.md', user=user, recovery_url=recovery_url) msg['html'] = render_template( '/account/email/forgot_password.html', user=user, recovery_url=recovery_url) mail_queue.enqueue(send_mail, msg) flash(gettext("We've sent you an email with account " "recovery instructions!"), 'success') else: flash(gettext("We don't have this email in our records. " "You may have signed up with a different " "email or used Twitter, Facebook, or " "Google to sign-in"), 'error') if request.method == 'POST' and not form.validate(): flash(gettext('Something went wrong, please correct the errors on the ' 'form'), 'error') data = dict(template='/account/password_forgot.html', form=form) return handle_content_type(data)
def register(): """ Register method for creating a PyBossa account. Returns a Jinja2 template """ form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): account = dict(fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, password=form.password.data) key = signer.dumps(account, salt='account-validation') confirm_url = url_for('.confirm_account', key=key, _external=True) if current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED'): return redirect(confirm_url) msg = dict(subject='Welcome to %s!' % current_app.config.get('BRAND'), recipients=[account['email_addr']], body=render_template('/account/email/validate_account.md', user=account, confirm_url=confirm_url)) msg['html'] = markdown(msg['body']) send_mail_job = mail_queue.enqueue(send_mail, msg) return render_template('account/account_validation.html') if request.method == 'POST' and not form.validate(): flash(gettext('Please correct the errors'), 'error') return render_template('account/register.html', title=gettext("Register"), form=form)
def register(): """ Register method for creating a PyBossa account. Returns a Jinja2 template """ form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): account = dict(fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, password=form.password.data) key = signer.dumps(account, salt='account-validation') confirm_url = url_for('.confirm_account', key=key, _external=True) msg = Message(subject='Welcome to %s!' % current_app.config.get('BRAND'), recipients=[account['email_addr']]) msg.body = render_template('/account/email/validate_account.md', user=account, confirm_url=confirm_url) msg.html = markdown(msg.body) mail.send(msg) return render_template('account/account_validation.html') if request.method == 'POST' and not form.validate(): flash(gettext('Please correct the errors'), 'error') return render_template('account/register.html', title=gettext("Register"), form=form)
def test_44_password_reset_key_errors(self, Mock): """Test WEB password reset key errors are caught""" self.register() user = model.User.query.get(1) userdict = {"user": user.name, "password": user.passwd_hash} fakeuserdict = {"user": user.name, "password": "******"} key = signer.dumps(userdict, salt="password-reset") returns = [BadSignature("Fake Error"), BadSignature("Fake Error"), userdict, fakeuserdict, userdict] def side_effects(*args, **kwargs): result = returns.pop(0) if isinstance(result, BadSignature): raise result return result Mock.side_effect = side_effects # Request with no key res = self.app.get("/account/reset-password", follow_redirects=True) assert 403 == res.status_code # Request with invalid key res = self.app.get("/account/reset-password?key=foo", follow_redirects=True) assert 403 == res.status_code # Request with key exception res = self.app.get("/account/reset-password?key=%s" % (key), follow_redirects=True) assert 403 == res.status_code res = self.app.get("/account/reset-password?key=%s" % (key), follow_redirects=True) assert 200 == res.status_code res = self.app.get("/account/reset-password?key=%s" % (key), follow_redirects=True) assert 403 == res.status_code res = self.app.post( "/account/reset-password?key=%s" % (key), data={"new_password": "******", "confirm": "p4ssw0rD"}, follow_redirects=True, ) assert "You reset your password successfully!" in res.data
def test_proxy_no_task(self): project = ProjectFactory.create() owner = project.owner signature = signer.dumps({'task_id': 100}) url = '/fileproxy/encrypted/s3/test/%s/file.pdf?api_key=%s&task-signature=%s' \ % (project.id, owner.api_key, signature) res = self.app.get(url, follow_redirects=True) assert res.status_code == 400, res.status_code
def get_email_confirmation_url(account): """Return confirmation url for a given user email.""" key = signer.dumps(account, salt='account-validation') scheme = current_app.config.get('PREFERRED_URL_SCHEME') if (scheme): return url_for_app_type('.confirm_account', key=key, _scheme=scheme, _external=True) else: return url_for_app_type('.confirm_account', key=key, _external=True)
def test_proxy_no_task(self): project = ProjectFactory.create() owner = project.owner signature = signer.dumps({'task_id': 100}) url = '/fileproxy/hdfs/test/%s/file.pdf?api_key=%s&task-signature=%s' \ % (project.id, owner.api_key, signature) with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 400, res.status_code
def test_proxy_no_task(self): project = ProjectFactory.create() owner = project.owner task_id = 2020127 signature = signer.dumps({'task_id': task_id}) url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \ % (project.id, task_id, owner.api_key, signature) with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 400, res.status_code
def test_file_user(self, create_connection): admin, owner, user = UserFactory.create_batch(3) project = ProjectFactory.create() url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id task = TaskFactory.create(project=project, info={'url': url}) signature = signer.dumps({'task_id': task.id}) req_url = '%s?api_key=%s&task-signature=%s' % (url, user.api_key, signature) res = self.app.get(req_url, follow_redirects=True) assert res.status_code == 403, res.status_code
def test_file_not_in_task(self, create_connection): project = ProjectFactory.create() url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id task = TaskFactory.create(project=project, info={'url': 'not/the/same'}) owner = project.owner signature = signer.dumps({'task_id': task.id}) req_url = '%s?api_key=%s&task-signature=%s' % (url, owner.api_key, signature) res = self.app.get(req_url, follow_redirects=True) assert res.status_code == 403, res.status_code
def forgot_password(): form = ForgotPasswordForm(request.form) if form.validate_on_submit(): user = model.User.query\ .filter_by(email_addr=form.email_addr.data)\ .first() if user and user.email_addr: msg = Message(subject='Account Recovery', recipients=[user.email_addr]) if user.twitter_user_id: msg.body = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Twitter') elif user.facebook_user_id: msg.body = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Facebook') elif user.google_user_id: msg.body = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Google') else: userdict = {'user': user.name, 'password': user.passwd_hash} key = signer.dumps(userdict, salt='password-reset') recovery_url = url_for('.reset_password', key=key, _external=True) msg.body = render_template('/account/email/forgot_password.md', user=user, recovery_url=recovery_url) msg.html = markdown(msg.body) mail.send(msg) flash( lazy_gettext( "We've send you email with account recovery instructions!" ), 'success') else: flash( lazy_gettext( "We don't have this email in our records. You may have" " signed up with a different email or used Twitter, " "Facebook, or Google to sign-in"), 'error') if request.method == 'POST' and not form.validate(): flash( lazy_gettext( 'Something went wrong, please correct the errors on the ' 'form'), 'error') return render_template('/account/password_forgot.html', form=form)
def forgot_password(): """ Request a forgotten password for a user. Returns a Jinja2 template. """ form = ForgotPasswordForm(request.form) if form.validate_on_submit(): user = model.User.query\ .filter_by(email_addr=form.email_addr.data)\ .first() if user and user.email_addr: msg = Message(subject='Account Recovery', recipients=[user.email_addr]) if user.twitter_user_id: msg.body = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Twitter') #elif user.facebook_user_id: # msg.body = render_template( # '/account/email/forgot_password_openid.md', # user=user, account_name='Facebook') elif user.google_user_id: msg.body = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Google') else: userdict = {'user': user.name, 'password': user.passwd_hash} key = signer.dumps(userdict, salt='password-reset') recovery_url = url_for('.reset_password', key=key, _external=True) msg.body = render_template( '/account/email/forgot_password.md', user=user, recovery_url=recovery_url) msg.html = markdown(msg.body) mail.send(msg) flash(gettext("We've send you email with account " "recovery instructions!"), 'success') else: flash(gettext("We don't have this email in our records. " "You may have signed up with a different " "email or used Twitter, Facebook, or " "Google to sign-in"), 'error') if request.method == 'POST' and not form.validate(): flash(gettext('Something went wrong, please correct the errors on the ' 'form'), 'error') return render_template('/account/password_forgot.html', form=form)
def test_proxy_s3_error(self, create_connection): admin, owner = UserFactory.create_batch(2) project = ProjectFactory.create(owner=owner) url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id task = TaskFactory.create(project=project, info={'url': url}) signature = signer.dumps({'task_id': task.id}) req_url = '%s?api_key=%s&task-signature=%s' % (url, admin.api_key, signature) key = self.get_key(create_connection) key.get_contents_as_string.side_effect = S3ResponseError( 403, 'Forbidden') res = self.app.get(req_url, follow_redirects=True) assert res.status_code == 500, res.status_code
def test_proxy_regular_user_has_lock(self, http_get): res = MagicMock() res.json.return_value = {'key': 'testkey'} http_get.return_value = res admin, owner, user = UserFactory.create_batch(3) project = ProjectFactory.create( owner=owner, info={'ext_config': { 'encryption': { 'key_id': 123 } }}) encryption_key = 'testkey' aes = AESWithGCM(encryption_key) content = json.dumps(dict(a=1, b="2")) encrypted_content = aes.encrypt(content) task = TaskFactory.create( project=project, info={'private_json__encrypted_payload': encrypted_content}) signature = signer.dumps({'task_id': task.id}) url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \ % (project.id, task.id, user.api_key, signature) with patch('pybossa.view.fileproxy.has_lock') as has_lock: has_lock.return_value = True with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.status_code assert res.data == content, res.data with patch('pybossa.view.fileproxy.has_lock') as has_lock: has_lock.return_value = False with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 403, res.status_code # coowner can access the task project.owners_ids.append(user.id) with patch('pybossa.view.fileproxy.has_lock') as has_lock: has_lock.return_value = False with patch.dict(self.flask_app.config, self.app_config): res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.status_code
def test_proxy_admin(self, create_connection): admin, owner = UserFactory.create_batch(2) project = ProjectFactory.create(owner=owner) url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id task = TaskFactory.create(project=project, info={'url': url}) signature = signer.dumps({'task_id': task.id}) req_url = '%s?api_key=%s&task-signature=%s' % (url, admin.api_key, signature) encryption_key = 'testkey' aes = AESWithGCM(encryption_key) key = self.get_key(create_connection) key.get_contents_as_string.return_value = aes.encrypt('the content') with patch.dict(self.flask_app.config, {'FILE_ENCRYPTION_KEY': encryption_key}): res = self.app.get(req_url, follow_redirects=True) assert res.status_code == 200, res.status_code assert res.data == 'the content', res.data
def set_password(self, password): if len(password) > 1: self.info['passwd_hash'] = signer.dumps(password) return True self.info['passwd_hash'] = None return False
def get_email_confirmation_url(account): """Return confirmation url for a given user email.""" key = signer.dumps(account, salt='account-validation') return url_for_app_type('.confirm_account', key=key, _external=True)
def user_add(name, user=None): ''' Add Current User to a team ''' team = cached_teams.get_team(name) title = gettext('Add User to a Team') if not require.team.read(): abort(403) if request.method == 'GET': return render_template('/team/user_add.html', title=title, team=team, user=user) if user: user_search = User.query.filter_by(name=user).first() if not user_search: flash(gettext('This user don\t exists!!!'), 'error') return redirect(url_for('team.myteams', name=team.name)) else: ''' Check to see if the current_user is the owner or admin ''' if current_user.admin is True or team.owner_id == current_user.id: user_id = user_search.id else: flash(gettext('You do not have right to add to this team!!!'), 'error') return redirect(url_for('team.myteams', name=team.name)) else: user_search = current_user '''user_id = current_user.id''' ''' Search relationship ''' user2team = db.session.query(User2Team)\ .filter(User2Team.user_id == user_search.id )\ .filter(User2Team.team_id == team.id )\ .first() if user2team: flash(gettext('This user is already in this team'), 'error') return redirect(url_for('team.search_users', name=team.name)) else: if team.public == True: cached_teams.delete_team_members() user2team = User2Team(user_id=user_search.id, team_id=team.id) db.session.add(user2team) db.session.commit() flash(gettext('Association to the team created'), 'success') return redirect(url_for('team.myteams')) else: msg = Message(subject='Invitation to a Team', recipients=[user_search.email_addr]) userdict = {'user': user_search.name, 'team': team.name} key = signer.dumps(userdict, salt='join-private-team') join_url = url_for('.join_private_team', key=key, _external=True) msg.body = render_template('/team/email/send_invitation.md', user=user_search, team=team, join_url=join_url) msg.html = markdown(msg.body) mail.send(msg) return render_template('./team/message.html')
def get_email_confirmation_url(account): """Return confirmation url for a given user email.""" key = signer.dumps(account, salt='account-validation') confirm_url = url_for('.confirm_account', key=key, _external=True) return confirm_url
def sign_task(task): if current_app.config.get('ENABLE_ENCRYPTION'): from pybossa.core import signer signature = signer.dumps({'task_id': task['id']}) task['signature'] = signature
def forgot_password(): """ Request a forgotten password for a user. Returns a Jinja2 template. """ form = ForgotPasswordForm(request.body) data = dict(template='/account/password_forgot.html', form=form) if form.validate_on_submit(): email_addr = form.email_addr.data.lower() user = user_repo.get_by(email_addr=email_addr) if user and not user.enabled: brand = current_app.config['BRAND'] flash(gettext('Your account is disabled. ' 'Please contact your {} administrator.'.format(brand)), 'error') return handle_content_type(data) if user and user.email_addr: msg = dict(subject='Account Recovery', recipients=[user.email_addr]) if user.twitter_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Twitter') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Twitter') elif user.facebook_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Facebook') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Facebook') elif user.google_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Google') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Google') else: userdict = {'user': user.name, 'password': user.passwd_hash} key = signer.dumps(userdict, salt='password-reset') recovery_url = url_for_app_type('.reset_password', key=key, _external=True) msg['body'] = render_template( '/account/email/forgot_password.md', user=user, recovery_url=recovery_url, key=key) msg['html'] = render_template( '/account/email/forgot_password.html', user=user, recovery_url=recovery_url, key=key) mail_queue.enqueue(send_mail, msg) flash(gettext("We've sent you an email with account " "recovery instructions!"), 'success') else: flash(gettext("We don't have this email in our records. " "You may have signed up with a different " "email"), 'error') if request.method == 'POST': if not form.validate(): flash(gettext('Something went wrong, please correct the errors on the ' 'form'), 'error') else: return redirect_content_type(url_for('account.password_reset_key')) return handle_content_type(data)
def set_proj_passwd_cookie(self, project, user=None, username=None): from pybossa.core import user_repo if username: user = user_repo.get_by_name(username) cookie = signer.dumps([get_user_id_or_ip(user)]) self.app.set_cookie('/', '%spswd' % project.short_name, cookie)
def user_add(name,user=None): ''' Add Current User to a team ''' team = cached_teams.get_team(name) title = gettext('Add User to a Team') if not require.team.read(): abort(403) if request.method == 'GET': return render_template( '/team/user_add.html', title=title, team=team, user=user ) if user: user_search = User.query.filter_by(name=user).first() if not user_search: flash(gettext('This user don\t exists!!!'), 'error') return redirect(url_for('team.myteams', name=team.name )) else: ''' Check to see if the current_user is the owner or admin ''' if current_user.admin is True or team.owner_id == current_user.id: user_id = user_search.id else: flash(gettext('You do not have right to add to this team!!!'), 'error') return redirect(url_for('team.myteams', name=team.name )) else: user_search= current_user '''user_id = current_user.id''' ''' Search relationship ''' user2team = db.session.query(User2Team)\ .filter(User2Team.user_id == user_search.id )\ .filter(User2Team.team_id == team.id )\ .first() if user2team: flash(gettext('This user is already in this team'), 'error') return redirect(url_for('team.search_users', name=team.name )) else: if team.public == True: cached_teams.delete_team_members() user2team = User2Team( user_id = user_search.id, team_id = team.id ) db.session.add(user2team) db.session.commit() flash(gettext('Association to the team created'), 'success') return redirect(url_for('team.myteams' )) else: msg = Message(subject='Invitation to a Team', recipients=[user_search.email_addr]) userdict = {'user': user_search.name, 'team': team.name } key = signer.dumps(userdict, salt='join-private-team') join_url = url_for('.join_private_team', key=key, _external=True) msg.body = render_template( '/team/email/send_invitation.md', user=user_search, team=team, join_url=join_url) msg.html = markdown(msg.body) mail.send(msg) return render_template('./team/message.html')
def forgot_password(): """ Request a forgotten password for a user. Returns a Jinja2 template. """ form = ForgotPasswordForm(request.body) if form.validate_on_submit(): user = user_repo.get_by(email_addr=form.email_addr.data) if user and user.email_addr: msg = dict(subject=u'Recuperación de Cuenta', recipients=[user.email_addr]) if user.twitter_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Twitter') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Twitter') elif user.facebook_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Facebook') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Facebook') elif user.google_user_id: msg['body'] = render_template( '/account/email/forgot_password_openid.md', user=user, account_name='Google') msg['html'] = render_template( '/account/email/forgot_password_openid.html', user=user, account_name='Google') else: userdict = {'user': user.name, 'password': user.passwd_hash} key = signer.dumps(userdict, salt='password-reset') recovery_url = url_for('.reset_password', key=key, _external=True) msg['body'] = render_template( '/account/email/forgot_password.md', user=user, recovery_url=recovery_url) msg['html'] = render_template( '/account/email/forgot_password.html', user=user, recovery_url=recovery_url) mail_queue.enqueue(send_mail, msg) flash( gettext( u"Te enviamos un correo electrónico con las instrucciones de recuperación!" ), 'success') else: flash( gettext( u"No tenemos este correo electrónico en nuestros registros. Es posible que se haya registrado con un correo electrónico diferente o haya utilizado Twitter, Facebook o Google para iniciar sesión." ), 'error') if request.method == 'POST' and not form.validate(): flash( gettext('Something went wrong, please correct the errors on the ' 'form'), 'error') data = dict(template='/account/password_forgot.html', form=form) return handle_content_type(data)