def confirm_mobile(action=None):
if not flask.session.get('_user_id'):
flask.flash('Invalid id', 'error')
return flask.redirect(flask.url_for('index'))
user = models.User.query.get(flask.session['_user_id'])
if action == 're-send':
utils.send_code(user)
form = forms.MobileVerifyForm()
if form.validate_on_submit():
if form.data['code'] == pyotp.HOTP(user.secret).at(user.phone_hotp):
url = flask.url_for('index')
if action == 'login_confirm':
user.confirmed_at = datetime.datetime.utcnow()
if user != flask.ext.security.current_user:
flask.ext.security.utils.logout_user()
flask.ext.security.utils.login_user(user)
get_url = flask.ext.security.utils.get_url
url = (get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
else:
user.phone_confirmed_at = datetime.datetime.utcnow()
models.db.session.add(user)
models.db.session.commit()
flask.flash('Mobile Number confirmed', 'success')
return flask.redirect(url)
else:
flask.flash('Verification code does not match.', 'error')
return flask.render_template('confirm_mobile.html', form=form)
def contact():
user = flask_security.current_user
if user.has_role("admin"):
return flask.redirect(flask.url_for("admin.index"))
form = forms.ContactForm()
if form.validate_on_submit():
redirect = ".contact"
email = form.email.data
if user.email != email:
user.email = email
if user.email:
confirmable = flask_security.confirmable
link = confirmable.generate_confirmation_link(user)[0]
flask.flash("Email confirmation instructions have been sent.")
subject = "Welcome to Love Touches!"
flask_security.utils.send_mail(
subject, user.email, "welcome", user=user, confirmation_link=link
)
phone = utils.format_phone(form.data)
if user.phone != phone:
user.phone = phone
if user.phone:
utils.send_code(user)
flask.session["_user_id"] = user.id
redirect = "verify_phone"
models.db.session.add(user)
models.db.session.commit()
flask.flash("Contact information updated", "success")
return flask.redirect(flask.url_for(redirect))
if user.phone:
country_code, phone = user.phone[1:].split(" ", 1)
form.country_code.data = country_code
form.phone.data = phone
form.email.data = user.email
return flask.render_template("contact.html", form=form)
def contact():
user = flask.ext.security.current_user
if user.has_role('admin'):
return flask.redirect(flask.url_for('admin.index'))
form = forms.ContactForm()
if form.validate_on_submit():
redirect = '.contact'
email = form.email.data
if user.email != email:
user.email = email
if user.email:
confirmable = flask.ext.security.confirmable
link = confirmable.generate_confirmation_link(user)[0]
flask.flash('Email confirmation instructions have been sent.')
subject = 'Welcome to Love Touches!'
flask.ext.security.utils.send_mail(subject, user.email,
'welcome', user=user,
confirmation_link=link)
phone = utils.format_phone(form.data)
if user.phone != phone:
user.phone = phone
if user.phone:
utils.send_code(user)
flask.session['_user_id'] = user.id
redirect = 'verify_phone'
models.db.session.add(user)
models.db.session.commit()
flask.flash('Contact information updated', 'success')
return flask.redirect(flask.url_for(redirect))
if user.phone:
country_code, phone = user.phone[1:].split(' ', 1)
form.country_code.data = country_code
form.phone.data = phone
form.email.data = user.email
return flask.render_template('contact.html', form=form)
def confirm_mobile(action=None):
if not flask.session.get("_user_id"):
flask.flash("Invalid id", "error")
return flask.redirect(flask.url_for("index"))
user = models.User.query.get(flask.session["_user_id"])
if action == "re-send":
utils.send_code(user)
form = forms.MobileVerifyForm()
if form.validate_on_submit():
if str(form.data["code"]) == pyotp.HOTP(user.secret).at(user.phone_hotp):
url = flask.url_for("index")
if action == "login_confirm":
user.confirmed_at = datetime.datetime.utcnow()
if user != flask_security.current_user:
flask_security.utils.logout_user()
flask_security.utils.login_user(user)
get_url = flask_security.utils.get_url
url = get_url(_security.post_confirm_view) or get_url(
_security.post_login_view
)
else:
user.phone_confirmed_at = datetime.datetime.utcnow()
models.db.session.add(user)
models.db.session.commit()
flask.flash("Mobile Number confirmed", "success")
return flask.redirect(url)
else:
flask.flash("Verification code does not match.", "error")
return flask.render_template("confirm_mobile.html", form=form)
def confirm(action=None):
if flask.ext.security.current_user.has_role('admin'):
return flask.redirect(flask.url_for('admin.index'))
if not flask.ext.security.current_user.is_anonymous():
return flask.redirect(flask.url_for('manage.actions'))
if not (flask.session.get('email') or flask.session.get('phone')):
return flask.redirect(flask.url_for('.step_one'))
if not flask.session.get('actions'):
return flask.redirect(flask.url_for('.step_two'))
phone = utils.format_phone(flask.session)
if action == 'submit':
user = None
query = models.User.query
email = flask.session.get('email', '')
if phone:
user = query.filter_by(phone=phone)
user = user.first()
if email and not user:
user = query.filter_by(email=email).first()
if not user:
user = models.User()
user.phone = phone
user.email = email
for action_id in flask.session['actions']:
action = models.Action.query.get(action_id)
user.actions.append(action)
name = flask.session.get('method_name')
if name:
method = models.Method.query.filter_by(name=name).first()
user.method = method
utils.add_schedule(user, flask.session)
user.secret = pyotp.random_base32()
models.db.session.add(user)
models.db.session.commit()
redirect = 'index'
if user.email and user.email_confirmed_at is None:
confirmable = flask.ext.security.confirmable
token = confirmable.generate_confirmation_token(user)
link = flask.url_for('.confirm_signup', token=token,
_external=True)
msg = flask.ext.security.utils.get_message('CONFIRM_REGISTRATION',
email=user.email)
flask.flash(*msg)
subject = 'Thank You for Signing Up for Love Touches!'
flask.ext.security.utils.send_mail(subject, user.email,
'signup', user=user,
confirmation_link=link)
redirect = 'index'
if user.phone and user.phone_confirmed_at is None:
utils.send_code(user)
flask.session['_user_id'] = user.id
redirect = 'confirm_mobile'
for key in (x for x in flask.session.keys() if not x.startswith('_')):
del flask.session[key]
return flask.redirect(flask.url_for(redirect))
actions = [models.Action.query.get(x) for x in flask.session['actions']]
return flask.render_template('confirm.html', actions=actions, phone=phone,
days_label=_days_label())
def confirm(action=None):
if flask_security.current_user.has_role("admin"):
return flask.redirect(flask.url_for("admin.index"))
if not flask_security.current_user.is_anonymous:
return flask.redirect(flask.url_for("manage.actions"))
if not (flask.session.get("email") or flask.session.get("phone")):
return flask.redirect(flask.url_for(".step_one"))
if not flask.session.get("actions"):
return flask.redirect(flask.url_for(".step_two"))
phone = utils.format_phone(flask.session)
if action == "submit":
user = None
query = models.User.query
email = flask.session.get("email", "")
if phone:
user = query.filter_by(phone=phone)
user = user.first()
if email and not user:
user = query.filter_by(email=email).first()
if not user:
user = models.User()
user.phone = phone
user.email = email
for action_id in flask.session["actions"]:
action = models.Action.query.get(action_id)
user.actions.append(action)
name = flask.session.get("method_name")
if name:
method = models.Method.query.filter_by(name=name).first()
user.method = method
utils.add_schedule(user, flask.session)
user.secret = pyotp.random_base32()
models.db.session.add(user)
models.db.session.commit()
redirect = "index"
if user.email and user.email_confirmed_at is None:
token = flask_security.confirmable.generate_confirmation_token(user)
link = flask.url_for(".confirm_signup", token=token, _external=True)
msg = flask_security.utils.get_message(
"CONFIRM_REGISTRATION", email=user.email
)
flask.flash(*msg)
subject = "Thank You for Signing Up for Love Touches!"
flask_security.utils.send_mail(
subject, user.email, "signup", user=user, confirmation_link=link
)
redirect = "index"
if user.phone and user.phone_confirmed_at is None:
utils.send_code(user)
flask.session["_user_id"] = user.id
redirect = "confirm_mobile"
for key in (x for x in list(flask.session.keys()) if not x.startswith("_")):
del flask.session[key]
return flask.redirect(flask.url_for(redirect))
actions = [models.Action.query.get(x) for x in flask.session["actions"]]
return flask.render_template(
"confirm.html", actions=actions, phone=phone, days_label=_days_label()
)
def register(code=None):
"""View function which handles a registration request."""
form = forms.ConfirmRegisterForm()
if form.validate_on_submit():
phone = utils.format_phone(form.data)
user = models.User.query.filter_by(email=form.email.data).first()
if not user and phone:
user = models.User.query.filter_by(phone=phone).first()
if not user:
user = models.User(email=form.email.data, phone=phone)
user.active = True
passwd = flask_security.utils.encrypt_password(form.password.data)
user.password = passwd
models.db.session.add(user)
models.db.session.commit()
if user.phone:
utils.send_code(user)
flask.session["_user_id"] = user.id
url = flask.url_for("confirm_mobile", action="login_confirm")
return flask.redirect(url)
elif user.email:
if user.secret and code:
if code == pyotp.HOTP(user.secret).at(user.email_hotp):
if user.confirmed_at is None:
user.confirmed_at = datetime.datetime.utcnow()
models.db.session.add(user)
models.db.session.commit()
flask_security.utils.login_user(user)
return flask.redirect(flask.url_for("post_login"))
url = flask_security.utils.get_post_register_redirect()
confirmable = flask_security.confirmable
link, token = confirmable.generate_confirmation_link(user)
msg = flask_security.utils.get_message(
"CONFIRM_REGISTRATION", email=user.email
)
flask.flash(*msg)
subject = "Thank You for Registering with Love Touches!"
flask_security.utils.send_mail(
subject, user.email, "welcome", user=user, confirmation_link=link
)
return flask.redirect(url)
if flask.request.args.get("email"):
form.email.data = flask.request.args.get("email")
template = flask_security.utils.config_value("REGISTER_USER_TEMPLATE")
return flask.render_template(template, register_user_form=form)
