def signup():
if not constants.ALLOW_SIGNUPS:
return abort(404)
form = SignupForm(invite_secret=request.args.get('invite_secret'))
if form.validate_on_submit():
team_secret = form.invite_secret.data
invite = (TeamMember.query.filter_by(invite_secret=team_secret, activated=False)
.one_or_none())
if invite:
user = User(form.email.data, form.password.data,
email_confirmed=True, team=invite.team)
invite.user = user
db.session.add(invite)
else:
user = User(form.email.data, form.password.data)
db.session.add(user)
db.session.commit()
session['current_team_membership_id'] = user.primary_membership_id
login_user(user)
if constants.REQUIRE_EMAIL_CONFIRMATION:
# Send confirm email
ConfirmEmail(user).send()
flash("Welcome to appname.", "success")
return redirect(request.args.get("next") or url_for("dashboard_home.index"))
return render_template("auth/signup.html", form=form, invite_secret=request.args.get('invite_secret'))
def seed_data():
""" Create test users. """
default_user = User("*****@*****.**", "test", admin=False)
db.session.add(default_user)
click.echo("Added [email protected]")
admin = User("*****@*****.**", "admin", admin=True, email_confirmed=True)
db.session.add(admin)
click.echo("Added [email protected]")
def test_user_password(self, testapp):
""" Test password hashing and checking """
admin = User('*****@*****.**', 'supersafepassword', admin=True)
assert admin.email == '*****@*****.**'
assert admin.email == '*****@*****.**'
assert admin.check_password('supersafepassword')
assert admin.is_admin
def test_user_encryption(self, testapp):
""" Test that encryption works """
user = User('*****@*****.**', 'supersafepassword')
secret = "baasdasdas"
user.encrypted_totp_secret = secret
db.session.add(user)
db.session.commit()
assert len(user.memberships) == 1
assert User.query.all()[-1].encrypted_totp_secret == secret
def resetdb():
""" Drops the tables & loads seed data
"""
actually_drop_tables()
db.create_all()
if env == 'dev':
# If you get a bunch of models, it might make sense to specify these as
# fixtures or maintain a development DB sqllite file.
default_user = User("*****@*****.**", "test", admin=False)
db.session.add(default_user)
click.echo("Added [email protected]")
admin = User("*****@*****.**",
"admin",
admin=True,
email_confirmed=True)
db.session.add(admin)
click.echo("Added [email protected]")
def get_user(self, token):
response = self.client.get('user', token=token)
if response.status == 200:
user_data = response.data
email = user_data['data']['email']
return User.lookup_or_create(email, email_confirmed=True)
else:
logger.warning("Error {}".format(response.data))
def get_user(self, token):
response = self.client.get('user', token=token)
# You need special access to get a users email from Twitter...
if response.status == 200:
user_data = response.data
email = user_data['data']['email']
return User.lookup_or_create(email, email_confirmed=True)
else:
logger.warning("Error {}".format(response.data))
def get_user(self, token):
response = self.client.get('people/me')
if response.status == 200:
user_data = response.data
if 'error' not in user_data and user_data.get('emails'):
email = user_data['emails'][0]['value']
return User.lookup_or_create(email, email_confirmed=True)
else:
logger.warning("Error {}".format(response.data))
def test_user_save(self, testapp):
""" Test Saving the user model to the database """
user = User('*****@*****.**', 'supersafepassword')
db.session.add(user)
db.session.commit()
user_obj = User.query.filter_by(email="*****@*****.**").first()
assert user_obj is not None
assert not user_obj.is_admin
def test_user_creation_of_team(self, testapp):
""" Test that creating a user, creates a group & a membership """
user = User('*****@*****.**', 'supersafepassword')
db.session.add(user)
db.session.commit()
assert len(user.memberships) == 1
membership = user.memberships[0]
assert membership.activated
assert membership.role == 'administrator'
assert membership.team.creator == user
def testapp(request):
app = create_app('appname.settings.TestConfig')
client = app.test_client()
db.app = app
db.create_all()
if getattr(request.module, "create_user", True):
admin = User('*****@*****.**', 'supersafepassword', admin=True)
user = User('*****@*****.**', 'safepassword')
db.session.add_all([admin, user])
db.session.commit()
def teardown():
db.session.remove()
db.drop_all()
request.addfinalizer(teardown)
return client
def invite(cls, team, email, role, inviter):
invitee = User.lookup(email)
if (not invitee):
member = cls(team=team,
invite_email=email,
role=role,
inviter=inviter)
else:
member = cls(team=team, user=invitee, role=role, inviter=inviter)
db.session.add(member)
db.session.commit()
InviteEmail(member).send()
def load_user_from_request(request):
# Only functional for API Endpoints
if not request.endpoint or not request.endpoint.startswith("api."):
return None
# first, try to login using the api_key url arg
api_key = request.args.get('api_key')
if not api_key:
return None
user_id, _ = api_key.split('-')
user = User.get_by_hashid(user_id)
if user and user.check_api_key_hash(api_key):
return user
def validate(self):
check_validate = super(SignupForm, self).validate()
# if our field validators do not pass
if not check_validate:
return False
# Does the user exist already? Must return false,
# otherwise we'll allow anyone to sign in
user = User.lookup(self.email.data)
if user:
self.email.errors.append('That email already has an account')
return False
return True
def payment():
customer = stripe.Customer.create(email=request.form['stripeEmail'],
source=request.form['stripeToken'])
charge = stripe.Charge.create(customer=customer.id,
amount=4999,
currency='usd',
description='Ingite Flask App Code')
user = User.lookup_or_create(request.form['stripeEmail'])
PurchaseReceipt(user).send()
flash("Payment processed. You'll get an email shortly", 'success')
return render_template('store/product.html')
def signup():
form = SignupForm()
if form.validate_on_submit():
user = User(form.email.data, form.password.data)
db.session.add(user)
db.session.commit()
login_user(user)
if constants.REQUIRE_EMAIL_CONFIRMATION:
# Send confirm email
ConfirmEmail(user).send()
flash("Welcome to appname.", "success")
return redirect(request.args.get("next") or url_for("dashboard.home"))
return render_template("auth/signup.html", form=form)
def find_user_by_email(self, email, email_confirmed_by_provider=False):
if not email:
raise ExternalProviderException(
"We were unable to associate that login with an account")
# Allowing an unverified email to log on is a security risk since someone else may
# have setup an "unconfirmed" account on the external provider for one of our users
if not email_confirmed_by_provider:
raise ExternalProviderException(
"Please verify your email on {} first".format(
self.__class__.__name__))
user = User.lookup_or_create_by_email(email, email_confirmed=True)
if not user.email_confirmed:
user.email_confirmed = True
db.session.add(user)
db.session.commit()
return user
def google_logged_in(blueprint, token):
if not token:
flash("Failed to log in.", category="warning")
return False
resp = blueprint.session.get("/oauth2/v2/userinfo")
if not resp.ok:
msg = "Failed to fetch user info."
flash(msg, category="warning")
return False
google_info = resp.json()
google_user_id = google_info["id"]
# Find this OAuth token in the database, or create it
query = OAuth.query.filter_by(provider=blueprint.name,
provider_user_id=google_user_id)
try:
oauth = query.one()
except NoResultFound:
google_user_login = str(google_info["email"])
oauth = OAuth(
provider=blueprint.name,
provider_user_id=google_user_id,
provider_user_login=google_user_login,
token=token,
)
existing_user = User.lookup(google_info["email"])
# Since google verifies their primary emails, we can be more assured that we can directly login a user.
if oauth.user:
login_user(oauth.user)
flash("Welcome back.", 'success')
elif current_user.is_authenticated and current_user.email == google_info[
"email"]:
oauth.user = current_user
db.session.add(oauth)
db.session.commit()
flash("Successfully linked Google account.", 'success')
elif existing_user and existing_user.email == google_info['email']:
oauth.user = existing_user
db.session.add(oauth)
db.session.commit()
login_user(existing_user)
flash("Successfully signed in as {}".format(existing_user.email),
'success')
else:
# Create a new local user account for this user
user = User(email=google_info["email"],
name=google_info["name"],
email_confirmed=google_info["verified_email"])
# Associate the new local user account with the OAuth token
oauth.user = user
# Save and commit our database models
db.session.add_all([user, oauth])
db.session.commit()
# Log in the new local user account
login_user(user)
flash("Welcome to appname!", 'success')
# Disable Flask-Dance's default behavior for saving the OAuth token
return False
def test_user_group_creation(self, testapp):
""" Test that creating a user, creates a group & a membership """
user = User('*****@*****.**', 'supersafepassword')
db.session.add(user)
db.session.commit()
assert len(user.memberships) == 1