def confirm_mobile(action=None): if not flask.session.get('_user_id'): flask.flash('Invalid id', 'error') return flask.redirect(flask.url_for('index')) user = models.User.query.get(flask.session['_user_id']) if action == 're-send': utils.send_code(user) form = forms.MobileVerifyForm() if form.validate_on_submit(): if form.data['code'] == pyotp.HOTP(user.secret).at(user.phone_hotp): url = flask.url_for('index') if action == 'login_confirm': user.confirmed_at = datetime.datetime.utcnow() if user != flask.ext.security.current_user: flask.ext.security.utils.logout_user() flask.ext.security.utils.login_user(user) get_url = flask.ext.security.utils.get_url url = (get_url(_security.post_confirm_view) or get_url(_security.post_login_view)) else: user.phone_confirmed_at = datetime.datetime.utcnow() models.db.session.add(user) models.db.session.commit() flask.flash('Mobile Number confirmed', 'success') return flask.redirect(url) else: flask.flash('Verification code does not match.', 'error') return flask.render_template('confirm_mobile.html', form=form)
def contact(): user = flask_security.current_user if user.has_role("admin"): return flask.redirect(flask.url_for("admin.index")) form = forms.ContactForm() if form.validate_on_submit(): redirect = ".contact" email = form.email.data if user.email != email: user.email = email if user.email: confirmable = flask_security.confirmable link = confirmable.generate_confirmation_link(user)[0] flask.flash("Email confirmation instructions have been sent.") subject = "Welcome to Love Touches!" flask_security.utils.send_mail( subject, user.email, "welcome", user=user, confirmation_link=link ) phone = utils.format_phone(form.data) if user.phone != phone: user.phone = phone if user.phone: utils.send_code(user) flask.session["_user_id"] = user.id redirect = "verify_phone" models.db.session.add(user) models.db.session.commit() flask.flash("Contact information updated", "success") return flask.redirect(flask.url_for(redirect)) if user.phone: country_code, phone = user.phone[1:].split(" ", 1) form.country_code.data = country_code form.phone.data = phone form.email.data = user.email return flask.render_template("contact.html", form=form)
def contact(): user = flask.ext.security.current_user if user.has_role('admin'): return flask.redirect(flask.url_for('admin.index')) form = forms.ContactForm() if form.validate_on_submit(): redirect = '.contact' email = form.email.data if user.email != email: user.email = email if user.email: confirmable = flask.ext.security.confirmable link = confirmable.generate_confirmation_link(user)[0] flask.flash('Email confirmation instructions have been sent.') subject = 'Welcome to Love Touches!' flask.ext.security.utils.send_mail(subject, user.email, 'welcome', user=user, confirmation_link=link) phone = utils.format_phone(form.data) if user.phone != phone: user.phone = phone if user.phone: utils.send_code(user) flask.session['_user_id'] = user.id redirect = 'verify_phone' models.db.session.add(user) models.db.session.commit() flask.flash('Contact information updated', 'success') return flask.redirect(flask.url_for(redirect)) if user.phone: country_code, phone = user.phone[1:].split(' ', 1) form.country_code.data = country_code form.phone.data = phone form.email.data = user.email return flask.render_template('contact.html', form=form)
def confirm_mobile(action=None): if not flask.session.get("_user_id"): flask.flash("Invalid id", "error") return flask.redirect(flask.url_for("index")) user = models.User.query.get(flask.session["_user_id"]) if action == "re-send": utils.send_code(user) form = forms.MobileVerifyForm() if form.validate_on_submit(): if str(form.data["code"]) == pyotp.HOTP(user.secret).at(user.phone_hotp): url = flask.url_for("index") if action == "login_confirm": user.confirmed_at = datetime.datetime.utcnow() if user != flask_security.current_user: flask_security.utils.logout_user() flask_security.utils.login_user(user) get_url = flask_security.utils.get_url url = get_url(_security.post_confirm_view) or get_url( _security.post_login_view ) else: user.phone_confirmed_at = datetime.datetime.utcnow() models.db.session.add(user) models.db.session.commit() flask.flash("Mobile Number confirmed", "success") return flask.redirect(url) else: flask.flash("Verification code does not match.", "error") return flask.render_template("confirm_mobile.html", form=form)
def confirm(action=None): if flask.ext.security.current_user.has_role('admin'): return flask.redirect(flask.url_for('admin.index')) if not flask.ext.security.current_user.is_anonymous(): return flask.redirect(flask.url_for('manage.actions')) if not (flask.session.get('email') or flask.session.get('phone')): return flask.redirect(flask.url_for('.step_one')) if not flask.session.get('actions'): return flask.redirect(flask.url_for('.step_two')) phone = utils.format_phone(flask.session) if action == 'submit': user = None query = models.User.query email = flask.session.get('email', '') if phone: user = query.filter_by(phone=phone) user = user.first() if email and not user: user = query.filter_by(email=email).first() if not user: user = models.User() user.phone = phone user.email = email for action_id in flask.session['actions']: action = models.Action.query.get(action_id) user.actions.append(action) name = flask.session.get('method_name') if name: method = models.Method.query.filter_by(name=name).first() user.method = method utils.add_schedule(user, flask.session) user.secret = pyotp.random_base32() models.db.session.add(user) models.db.session.commit() redirect = 'index' if user.email and user.email_confirmed_at is None: confirmable = flask.ext.security.confirmable token = confirmable.generate_confirmation_token(user) link = flask.url_for('.confirm_signup', token=token, _external=True) msg = flask.ext.security.utils.get_message('CONFIRM_REGISTRATION', email=user.email) flask.flash(*msg) subject = 'Thank You for Signing Up for Love Touches!' flask.ext.security.utils.send_mail(subject, user.email, 'signup', user=user, confirmation_link=link) redirect = 'index' if user.phone and user.phone_confirmed_at is None: utils.send_code(user) flask.session['_user_id'] = user.id redirect = 'confirm_mobile' for key in (x for x in flask.session.keys() if not x.startswith('_')): del flask.session[key] return flask.redirect(flask.url_for(redirect)) actions = [models.Action.query.get(x) for x in flask.session['actions']] return flask.render_template('confirm.html', actions=actions, phone=phone, days_label=_days_label())
def confirm(action=None): if flask_security.current_user.has_role("admin"): return flask.redirect(flask.url_for("admin.index")) if not flask_security.current_user.is_anonymous: return flask.redirect(flask.url_for("manage.actions")) if not (flask.session.get("email") or flask.session.get("phone")): return flask.redirect(flask.url_for(".step_one")) if not flask.session.get("actions"): return flask.redirect(flask.url_for(".step_two")) phone = utils.format_phone(flask.session) if action == "submit": user = None query = models.User.query email = flask.session.get("email", "") if phone: user = query.filter_by(phone=phone) user = user.first() if email and not user: user = query.filter_by(email=email).first() if not user: user = models.User() user.phone = phone user.email = email for action_id in flask.session["actions"]: action = models.Action.query.get(action_id) user.actions.append(action) name = flask.session.get("method_name") if name: method = models.Method.query.filter_by(name=name).first() user.method = method utils.add_schedule(user, flask.session) user.secret = pyotp.random_base32() models.db.session.add(user) models.db.session.commit() redirect = "index" if user.email and user.email_confirmed_at is None: token = flask_security.confirmable.generate_confirmation_token(user) link = flask.url_for(".confirm_signup", token=token, _external=True) msg = flask_security.utils.get_message( "CONFIRM_REGISTRATION", email=user.email ) flask.flash(*msg) subject = "Thank You for Signing Up for Love Touches!" flask_security.utils.send_mail( subject, user.email, "signup", user=user, confirmation_link=link ) redirect = "index" if user.phone and user.phone_confirmed_at is None: utils.send_code(user) flask.session["_user_id"] = user.id redirect = "confirm_mobile" for key in (x for x in list(flask.session.keys()) if not x.startswith("_")): del flask.session[key] return flask.redirect(flask.url_for(redirect)) actions = [models.Action.query.get(x) for x in flask.session["actions"]] return flask.render_template( "confirm.html", actions=actions, phone=phone, days_label=_days_label() )
def register(code=None): """View function which handles a registration request.""" form = forms.ConfirmRegisterForm() if form.validate_on_submit(): phone = utils.format_phone(form.data) user = models.User.query.filter_by(email=form.email.data).first() if not user and phone: user = models.User.query.filter_by(phone=phone).first() if not user: user = models.User(email=form.email.data, phone=phone) user.active = True passwd = flask_security.utils.encrypt_password(form.password.data) user.password = passwd models.db.session.add(user) models.db.session.commit() if user.phone: utils.send_code(user) flask.session["_user_id"] = user.id url = flask.url_for("confirm_mobile", action="login_confirm") return flask.redirect(url) elif user.email: if user.secret and code: if code == pyotp.HOTP(user.secret).at(user.email_hotp): if user.confirmed_at is None: user.confirmed_at = datetime.datetime.utcnow() models.db.session.add(user) models.db.session.commit() flask_security.utils.login_user(user) return flask.redirect(flask.url_for("post_login")) url = flask_security.utils.get_post_register_redirect() confirmable = flask_security.confirmable link, token = confirmable.generate_confirmation_link(user) msg = flask_security.utils.get_message( "CONFIRM_REGISTRATION", email=user.email ) flask.flash(*msg) subject = "Thank You for Registering with Love Touches!" flask_security.utils.send_mail( subject, user.email, "welcome", user=user, confirmation_link=link ) return flask.redirect(url) if flask.request.args.get("email"): form.email.data = flask.request.args.get("email") template = flask_security.utils.config_value("REGISTER_USER_TEMPLATE") return flask.render_template(template, register_user_form=form)