def get_email_confirmation_redirect_url(self, request, badgr_app=None):
"""
The URL to return to after successful e-mail confirmation.
"""
if badgr_app is None:
badgr_app = BadgrApp.objects.get_current(request)
if not badgr_app:
logger = logging.getLogger(self.__class__.__name__)
logger.warning("Could not determine authorized badgr app")
return super(BadgrAccountAdapter, self).get_email_confirmation_redirect_url(request)
try:
resolverMatch = resolve(request.path)
confirmation = EmailConfirmationHMAC.from_key(resolverMatch.kwargs.get('confirm_id'))
# publish changes to cache
email_address = CachedEmailAddress.objects.get(pk=confirmation.email_address.pk)
email_address.save()
redirect_url = urlparse.urljoin(
badgr_app.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(email_address.user.first_name.encode('utf8'))
)
redirect_url = set_url_query_params(redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
except Resolver404, EmailConfirmation.DoesNotExist:
return badgr_app.email_confirmation_redirect
def get_email_confirmation_redirect_url(self, request, badgr_app=None):
"""
The URL to return to after successful e-mail confirmation.
"""
if badgr_app is None:
badgr_app = BadgrApp.objects.get_current(request)
if not badgr_app:
logger = logging.getLogger(self.__class__.__name__)
logger.warning("Could not determine authorized badgr app")
return super(BadgrAccountAdapter,
self).get_email_confirmation_redirect_url(request)
try:
resolverMatch = resolve(request.path)
confirmation = EmailConfirmationHMAC.from_key(
resolverMatch.kwargs.get('confirm_id'))
# publish changes to cache
email_address = CachedEmailAddress.objects.get(
pk=confirmation.email_address.pk)
email_address.save()
redirect_url = urlparse.urljoin(
badgr_app.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(email_address.user.first_name.encode('utf8')))
redirect_url = set_url_query_params(
redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
except Resolver404, EmailConfirmation.DoesNotExist:
return badgr_app.email_confirmation_redirect
def get_confirmkey_data(request):
"""
Get data for an email confirmation key
"""
response = {}
key = request.POST['key']
confirmation = EmailConfirmationHMAC.from_key(key)
if not confirmation:
qs = EmailConfirmation.objects.all_valid()
qs = qs.select_related("email_address__user")
confirmation = qs.filter(key=key.lower()).first()
if confirmation:
status = 200
response['username'] = confirmation.email_address.user.username
response['email'] = confirmation.email_address.email
if request.user:
if request.user != confirmation.email_address.user:
response['logout'] = True
logout(request)
# We check if the user has another verified email already. If yes,
# we don't need to display the terms and test server warning again.
if confirmation.email_address.user.emailaddress_set.filter(
verified=True
).first():
response['verified'] = True
else:
response['verified'] = False
else:
status = 404
return JsonResponse(
response,
status=status
)
def get(self, request, **kwargs):
"""
Confirm an email address
"""
badgrapp_id = request.query_params.get('a', None)
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
emailconfirmation = EmailConfirmationHMAC.from_key(
kwargs.get('confirm_id'))
if emailconfirmation is None:
return Response(status=HTTP_404_NOT_FOUND)
try:
email_address = CachedEmailAddress.cached.get(
pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
redirect_url = badgrapp.ui_login_redirect
return Response(status=HTTP_302_FOUND,
headers={'Location': redirect_url})
def _get_email_confirmation(self, key):
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
# noinspection PyTypeChecker
queryset = ConfirmEmailView.get_queryset(self=None)
email_confirmation = queryset.get(key=key.lower())
return email_confirmation
def get(self, request, **kwargs):
"""
Confirm an email address with a token provided in an email
---
parameters:
- name: token
type: string
paramType: form
description: The token received in the recovery email
required: true
"""
token = request.query_params.get('token')
badgrapp_id = request.query_params.get('a', None)
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id'))
if emailconfirmation is None:
return Response(status=HTTP_404_NOT_FOUND)
try:
email_address = CachedEmailAddress.cached.get(pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
matches = re.search(r'([0-9A-Za-z]+)-(.*)', token)
if not matches:
return Response(status=HTTP_404_NOT_FOUND)
uidb36 = matches.group(1)
key = matches.group(2)
if not (uidb36 and key):
return Response(status=HTTP_404_NOT_FOUND)
user = self._get_user(uidb36)
if user is None or not default_token_generator.check_token(user, key):
return Response(status=HTTP_404_NOT_FOUND)
if email_address.user != user:
return Response(status=HTTP_404_NOT_FOUND)
old_primary = CachedEmailAddress.objects.get_primary(user)
if old_primary is None:
email_address.primary = True
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
# get badgr_app url redirect
redirect_url = get_adapter().get_email_confirmation_redirect_url(request, badgr_app=badgrapp)
redirect_url = set_url_query_params(redirect_url, authToken=user.auth_token)
return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def get_confirmation_object(key, queryset=None):
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
if queryset is None:
queryset = EmailConfirmation.objects.all_valid()
queryset = queryset.select_related("email_address__user")
email_confirmation = get_object_or_404(queryset, key=key.lower())
return email_confirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
if allauth_settings.EMAIL_CONFIRMATION_HMAC:
emailconfirmation = EmailConfirmationHMAC.from_key(key)
else:
emailconfirmation = EmailConfirmation.objects.filter(key=key)[0]
return emailconfirmation
def get(self, request, key, format=None):
confirmation = EmailConfirmationHMAC.from_key(key)
if not confirmation:
return Response({"detail": "wrong confirm key or expired"}, status=status.HTTP_400_BAD_REQUEST)
email = confirmation.confirm(self.request)
if email is None:
return Response({"detail": "this email already confirmed."}, status=status.HTTP_400_BAD_REQUEST)
else:
return Response({"email": email.email})
def get_object(self, key):
confirmation = EmailConfirmationHMAC.from_key(key)
if confirmation is None:
try:
qs = EmailConfirmation.objects.all_valid()
confirmation = qs.select_related('email_address__user').get(
key=key.lower())
except ObjectDoesNotExist:
raise
return confirmation
def patch(self, request, key=None):
try:
confirmation = EmailConfirmationHMAC.from_key(key)
confirmation.confirm(self.request)
serializer = PressPassEmailAddressSerializer(
confirmation.email_address)
return Response(serializer.data)
except EmailConfirmation.DoesNotExist:
return Response("Please specify a valid key",
status=status.HTTP_400_BAD_REQUEST)
def ConfirmEmail(request, key):
emailconfirmation = EmailConfirmationHMAC.from_key(key)
if not emailconfirmation:
qs = EmailConfirmation.objects.all_valid()
queryset = qs.select_related("email_address__user")
try:
emailconfirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
return render(request, 'confirm_email.html', {'error': True})
emailconfirmation.confirm(request)
return render(request, 'confirm_email.html', {'error': False})
def get_object(self, queryset=None):
key = get_adapter().email_confirmation_key(self.request)
emailconfirmation = EmailConfirmationHMAC.from_key(key)
if not emailconfirmation:
if queryset is None:
queryset = self.get_queryset()
try:
emailconfirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
pass
return emailconfirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
if queryset is None:
queryset = self.get_queryset()
try:
email_confirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
return Response(status.HTTP_406_NOT_ACCEPTABLE)
return email_confirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
emailconfirmation = EmailConfirmationHMAC.from_key(key)
if not emailconfirmation:
if queryset is None:
queryset = self.get_queryset()
try:
emailconfirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
raise EmailConfirmation.DoesNotExist
return emailconfirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
if queryset is None:
queryset = self.get_queryset()
try:
email_confirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
# A React Router Route will handle the failure scenario
return HttpResponseRedirect('/login/failure')
return email_confirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
if queryset is None:
queryset = self.get_queryset()
try:
email_confirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
return Response({'detail': 'Failure'},
status=status.HTTP_404_NOT_FOUND)
return email_confirmation
def account_confirm_email(request, key):
emailconfirmation = EmailConfirmationHMAC.from_key(key)
if not emailconfirmation:
queryset = EmailConfirmation.objects.all_valid()
queryset = queryset.select_related("email_address__user")
try:
emailconfirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
raise Http404()
emailconfirmation.confirm(request)
return Response("Test")
def get_email_confirmation(self, verification_key=None):
"""
Retreive EmailConfirmation object for provided `key`
Throws 404 if does not exist
"""
email_confirmation = EmailConfirmationHMAC.from_key(verification_key)
if not email_confirmation:
try:
email_confirmation = EmailConfirmation.objects.all_valid(
).select_related("email_address__user").get(
key=verification_key.lower())
except EmailConfirmation.DoesNotExist:
raise Http404()
return email_confirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
if queryset is None:
queryset = self.get_queryset()
try:
email_confirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
# A React Router Route will handle the failure scenario
return Response({
"details":
"Failed to register E-mail ID. An error occured!"
})
return email_confirmation
def get_object(self, queryset=None):
key = self.kwargs['key']
email_confirmation = EmailConfirmationHMAC.from_key(key)
if not email_confirmation:
if queryset is None:
queryset = self.get_queryset()
try:
email_confirmation = queryset.get(key=key.lower())
except EmailConfirmation.DoesNotExist:
# A React Router Route will handle the failure scenario
return Response(
{
"detail":
"The verification email has expired, please request a new verification email"
},
status=status.HTTP_400_BAD_REQUEST)
return email_confirmation
def get_email_confirmation_redirect_url(self, request, badgr_app=None):
"""
The URL to return to after successful e-mail confirmation.
"""
if badgr_app is None:
badgr_app = BadgrApp.objects.get_current(request)
if not badgr_app:
logger = logging.getLogger(self.__class__.__name__)
logger.warning("Could not determine authorized badgr app")
return super(BadgrAccountAdapter,
self).get_email_confirmation_redirect_url(request)
try:
resolver_match = resolve(request.path)
confirmation = EmailConfirmationHMAC.from_key(
resolver_match.kwargs.get('confirm_id'))
# publish changes to cache
email_address = CachedEmailAddress.objects.get(
pk=confirmation.email_address.pk)
email_address.publish()
query_params = {'email': email_address.email.encode('utf8')}
# Pass source and signup along to UI
source = request.query_params.get('source', None)
if source:
query_params['source'] = source
signup = request.query_params.get('signup', None)
if signup:
query_params['signup'] = 'true'
return set_url_query_params(
badgr_app.get_path('/auth/welcome'), **query_params)
else:
return set_url_query_params(
urllib.parse.urljoin(
badgr_app.email_confirmation_redirect.rstrip('/') +
'/',
urllib.parse.quote(
email_address.user.first_name.encode('utf8'))),
**query_params)
except Resolver404 as xxx_todo_changeme:
EmailConfirmation.DoesNotExist = xxx_todo_changeme
return badgr_app.email_confirmation_redirect
def get_confirmkey_data(request):
"""
Get data for an email confirmation key
"""
response = {}
status = 405
if request.is_ajax() and request.method == 'POST':
key = request.POST['key']
confirmation = EmailConfirmationHMAC.from_key(key)
if not confirmation:
qs = EmailConfirmation.objects.all_valid()
qs = qs.select_related("email_address__user")
confirmation = qs.filter(key=key.lower()).first()
if confirmation:
status = 200
response['username'] = confirmation.email_address.user.username
response['email'] = confirmation.email_address.email
else:
status = 404
return JsonResponse(response, status=status)
def get(self, request, **kwargs):
"""
Confirm an email address
"""
badgrapp_id = request.query_params.get('a', None)
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
emailconfirmation = EmailConfirmationHMAC.from_key(
kwargs.get('confirm_id'))
if emailconfirmation is None:
return Response(status=HTTP_404_NOT_FOUND)
try:
email_address = CachedEmailAddress.cached.get(
pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
# We allow multiple users to add the same (unverified) email address.
# A user can claim the address by verifying it.
# If a user verifies an email address, all other users who had added that address will have that address deleted
CachedEmailAddress.objects \
.filter(email__iexact=emailconfirmation.email_address.email) \
.exclude(pk=emailconfirmation.email_address.pk) \
.delete()
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
redirect_url = badgrapp.ui_connect_success_redirect
return Response(status=HTTP_302_FOUND,
headers={'Location': redirect_url})
def post(self, request, *args, **kwargs):
key = request.data.get('key')
if not key:
raise exceptions.ValidationError({'key': ['The key is invalid.']})
# Get HMAC confirmation
emailconfirmation = EmailConfirmationHMAC.from_key(key)
# Alternatively, get normal confirmation
if not emailconfirmation:
try:
queryset = EmailConfirmation.objects.all_valid()
emailconfirmation = queryset.get(key=key.lower())
except AttributeError:
raise exceptions.ValidationError(
{'key': ['The key is invalid.']})
except EmailConfirmation.DoesNotExist:
raise exceptions.ValidationError(
{'key': ['The key is invalid or has expired.']})
emailconfirmation.confirm(self.request)
return Response({'status': 'success'})
def confirm_email(request, key):
email_confirmation = EmailConfirmationHMAC.from_key(key)
if email_confirmation:
email_confirmation.confirm(request)
return HttpResponseRedirect('http://truechat-client.herokuapp.com/auth')
def get(self, request, **kwargs):
"""
Confirm an email address with a token provided in an email
---
parameters:
- name: token
type: string
paramType: form
description: The token received in the recovery email
required: true
"""
token = request.query_params.get('token', '')
badgrapp_id = request.query_params.get('a')
# Get BadgrApp instance
badgrapp = BadgrApp.objects.get_by_id_or_default(badgrapp_id)
# Get EmailConfirmation instance
emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id'))
if emailconfirmation is None:
logger.event(badgrlog.NoEmailConfirmation())
return redirect_to_frontend_error_toast(request,
"Your email confirmation link is invalid. Please attempt to "
"create an account with this email address, again.") # 202
# Get EmailAddress instance
else:
try:
email_address = CachedEmailAddress.cached.get(
pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
logger.event(badgrlog.NoEmailConfirmationEmailAddress(
request, email_address=emailconfirmation.email_address))
return redirect_to_frontend_error_toast(request,
"Your email confirmation link is invalid. Please attempt "
"to create an account with this email address, again.") # 202
if email_address.verified:
logger.event(badgrlog.EmailConfirmationAlreadyVerified(
request, email_address=email_address, token=token))
return redirect_to_frontend_error_toast(request,
"Your email address is already verified. You may now log in.")
# Validate 'token' syntax from query param
matches = re.search(r'([0-9A-Za-z]+)-(.*)', token)
if not matches:
logger.event(badgrlog.InvalidEmailConfirmationToken(
request, token=token, email_address=email_address))
email_address.send_confirmation(request=request, signup=False)
return redirect_to_frontend_error_toast(request,
"Your email confirmation token is invalid. You have been sent "
"a new link. Please check your email and try again.") # 2
uidb36 = matches.group(1)
key = matches.group(2)
if not (uidb36 and key):
logger.event(badgrlog.InvalidEmailConfirmationToken(
request, token=token, email_address=email_address))
email_address.send_confirmation(request=request, signup=False)
return redirect_to_frontend_error_toast(request,
"Your email confirmation token is invalid. You have been sent "
"a new link. Please check your email and try again.") # 2
# Get User instance from literal 'token' value
user = self._get_user(uidb36)
if user is None or not default_token_generator.check_token(user, key):
logger.event(badgrlog.EmailConfirmationTokenExpired(
request, email_address=email_address))
email_address.send_confirmation(request=request, signup=False)
return redirect_to_frontend_error_toast(request,
"Your authorization link has expired. You have been sent a new "
"link. Please check your email and try again.")
if email_address.user != user:
logger.event(badgrlog.OtherUsersEmailConfirmationToken(
request, email_address=email_address, token=token, other_user=user))
return redirect_to_frontend_error_toast(request,
"Your email confirmation token is associated with an unexpected "
"user. You may try again")
# Perform main operation, set EmaiAddress .verified and .primary True
old_primary = CachedEmailAddress.objects.get_primary(user)
if old_primary is None:
email_address.primary = True
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
# Create an OAuth AccessTokenProxy instance for this user
accesstoken = AccessTokenProxy.objects.generate_new_token_for_user(
user,
application=badgrapp.oauth_application if badgrapp.oauth_application_id else None,
scope='rw:backpack rw:profile rw:issuer')
redirect_url = get_adapter().get_email_confirmation_redirect_url(
request, badgr_app=badgrapp)
if badgrapp.use_auth_code_exchange:
authcode = authcode_for_accesstoken(accesstoken)
redirect_url = set_url_query_params(redirect_url, authCode=authcode)
else:
redirect_url = set_url_query_params(redirect_url, authToken=accesstoken.token)
return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def get(self, request, **kwargs):
"""
Confirm an email address with a token provided in an email
---
parameters:
- name: token
type: string
paramType: form
description: The token received in the recovery email
required: true
"""
token = request.query_params.get('token')
badgrapp_id = request.query_params.get('a', None)
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id'))
if emailconfirmation is None:
return Response(status=HTTP_404_NOT_FOUND)
try:
email_address = CachedEmailAddress.cached.get(pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
matches = re.search(r'([0-9A-Za-z]+)-(.*)', token)
if not matches:
return Response(status=HTTP_404_NOT_FOUND)
uidb36 = matches.group(1)
key = matches.group(2)
if not (uidb36 and key):
return Response(status=HTTP_404_NOT_FOUND)
user = self._get_user(uidb36)
if user is None or not default_token_generator.check_token(user, key):
return Response(status=HTTP_404_NOT_FOUND)
if email_address.user != user:
return Response(status=HTTP_404_NOT_FOUND)
old_primary = CachedEmailAddress.objects.get_primary(user)
if old_primary is None:
email_address.primary = True
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
# get badgr_app url redirect
redirect_url = get_adapter().get_email_confirmation_redirect_url(request, badgr_app=badgrapp)
# generate an AccessToken for the user
accesstoken = BadgrAccessToken.objects.generate_new_token_for_user(
user,
application=badgrapp.oauth_application if badgrapp.oauth_application_id else None,
scope='rw:backpack rw:profile rw:issuer')
if badgrapp.use_auth_code_exchange:
authcode = authcode_for_accesstoken(accesstoken)
redirect_url = set_url_query_params(redirect_url, authCode=authcode)
else:
redirect_url = set_url_query_params(redirect_url, authToken=accesstoken.token)
return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def confirm_email(request, key):
email_confirmation = EmailConfirmationHMAC.from_key(key)
if email_confirmation:
email_confirmation.confirm(request)
return HttpResponseRedirect(reverse_lazy('api'))