Exemple #1
0
def login():
    """
    Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated
    it will be placed in the users session
    :return: a 302 redirect to the next location for the user
    """
    # logging in again clears any session state
    if cookie_session:
        cookie_session.clear()

    decrypted_token = decrypt_token(request.args.get("token"))

    validate_jti(decrypted_token)

    try:
        runner_claims = validate_runner_claims(decrypted_token)
    except ValidationError as e:
        raise InvalidTokenException("Invalid runner claims") from e

    g.schema = load_schema_from_metadata(runner_claims)
    schema_metadata = g.schema.json["metadata"]

    try:
        questionnaire_claims = validate_questionnaire_claims(
            decrypted_token, schema_metadata)
    except ValidationError as e:
        raise InvalidTokenException("Invalid questionnaire claims") from e

    claims = {**runner_claims, **questionnaire_claims}

    schema_name = claims["schema_name"]
    tx_id = claims["tx_id"]
    ru_ref = claims["ru_ref"]
    case_id = claims["case_id"]

    logger.bind(
        schema_name=schema_name,
        tx_id=tx_id,
        ru_ref=ru_ref,
        case_id=case_id,
    )
    logger.info("decrypted token and parsed metadata")

    store_session(claims)

    cookie_session["theme"] = g.schema.json["theme"]
    cookie_session["survey_title"] = g.schema.json["title"]
    cookie_session["expires_in"] = get_session_timeout_in_seconds(g.schema)

    if claims.get("account_service_url"):
        cookie_session["account_service_url"] = claims.get(
            "account_service_url")

    if claims.get("account_service_log_out_url"):
        cookie_session["account_service_log_out_url"] = claims.get(
            "account_service_log_out_url")

    return redirect(url_for("questionnaire.get_questionnaire"))
Exemple #2
0
def _render_page(template, context, previous_location_url, schema, page_title):
    session_timeout = get_session_timeout_in_seconds(schema)

    return render_template(
        template=template,
        content=context,
        previous_location_url=previous_location_url,
        session_timeout=session_timeout,
        legal_basis=schema.json.get("legal_basis"),
        page_title=page_title,
    )
Exemple #3
0
    def session_wrapper(*args, **kwargs):
        session_timeout_prompt = g.schema.json.get(
            'session_prompt_in_seconds'
        ) or current_app.config['EQ_SESSION_TIMEOUT_PROMPT_SECONDS']
        session_timeout = get_session_timeout_in_seconds(
            g.schema, with_grace_period=False)

        return func(*args,
                    session_timeout=session_timeout,
                    session_timeout_prompt=session_timeout_prompt,
                    **kwargs)
Exemple #4
0
def login():
    """
    Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated
    it will be placed in the users session
    :return: a 302 redirect to the next location for the user
    """
    # logging in again clears any session state
    if cookie_session:
        cookie_session.clear()

    decrypted_token = decrypt_token(request.args.get('token'))
    validate_jti(decrypted_token)

    claims = parse_runner_claims(decrypted_token)

    g.schema = load_schema_from_metadata(claims)
    schema_metadata = g.schema.json['metadata']
    validate_metadata(claims, schema_metadata)

    eq_id = claims['eq_id']
    form_type = claims['form_type']
    tx_id = claims['tx_id']
    ru_ref = claims['ru_ref']

    logger.bind(eq_id=eq_id, form_type=form_type, tx_id=tx_id, ru_ref=ru_ref)
    logger.info('decrypted token and parsed metadata')

    store_session(claims)

    cookie_session['theme'] = g.schema.json['theme']
    cookie_session['survey_title'] = g.schema.json['title']
    cookie_session['expires_in'] = get_session_timeout_in_seconds(g.schema)

    if claims.get('account_service_url'):
        cookie_session['account_service_url'] = claims.get(
            'account_service_url')

    if claims.get('account_service_log_out_url'):
        cookie_session['account_service_log_out_url'] = claims.get(
            'account_service_log_out_url')

    routing_path = path_finder.get_full_routing_path()
    completeness = get_completeness(current_user)
    router = Router(g.schema, routing_path, completeness)

    next_location = router.get_next_location()

    return redirect(next_location.url(claims))
Exemple #5
0
def _render_page(block_type, context, current_location, previous_location_url,
                 schema, page_title):
    if request_wants_json():
        return jsonify(context)

    session_timeout = get_session_timeout_in_seconds(schema)

    return render_template(
        template=block_type,
        content=context,
        current_location=current_location,
        previous_location_url=previous_location_url,
        session_timeout=session_timeout,
        legal_basis=schema.json.get("legal_basis"),
        page_title=page_title,
    )
Exemple #6
0
    def session_wrapper(*args, **kwargs):
        session_timeout = get_session_timeout_in_seconds(g.schema)

        return func(*args, session_timeout=session_timeout, **kwargs)