def confirm_email():
code = request.values["code"]
user = None
new_email = None
try:
user, new_email, old_email = model.user.confirm_user_email(code)
except model.DataModelException as ex:
return index("",
error_info=dict(reason="confirmerror",
error_message=ex.message))
if new_email:
send_email_changed(user.username, old_email, new_email)
change_email_future = user_analytics.change_email(old_email, new_email)
change_email_future.add_done_callback(
build_error_callback("Change email failed"))
success, _ = common_login(user.uuid)
if not success:
return index("",
error_info=dict(reason="confirmerror",
error_message="Could not perform login"))
if model.user.has_user_prompts(user):
return redirect(url_for("web.updateuser"))
elif new_email:
return redirect(
url_for("web.user_view", path=user.username, tab="settings"))
else:
return redirect(url_for("web.index"))
def common_login(user_uuid, permanent_session=True):
"""
Performs login of the given user, with optional non-permanence on the session.
Returns a tuple with (success, headers to set on success).
"""
user = model.get_user(user_uuid)
if user is None:
return (False, None)
if login_user(LoginWrappedDBUser(user_uuid)):
logger.debug("Successfully signed in as user %s with uuid %s",
user.username, user_uuid)
new_identity = QuayDeferredPermissionUser.for_id(user_uuid)
identity_changed.send(app, identity=new_identity)
session["login_time"] = datetime.datetime.now()
if permanent_session and features.PERMANENT_SESSIONS:
session_timeout_str = app.config.get("SESSION_TIMEOUT", "31d")
session.permanent = True
session.permanent_session_lifetime = convert_to_timedelta(
session_timeout_str)
# Inform our user analytics that we have a new "lead"
create_lead_future = user_analytics.create_lead(
user.email,
user.username,
user.given_name,
user.family_name,
user.company,
user.location,
)
create_lead_future.add_done_callback(
build_error_callback("Create lead failed"))
# Force a new CSRF token.
headers = {}
headers[QUAY_CSRF_UPDATED_HEADER_NAME] = generate_csrf_token(
force=True)
return (True, headers)
logger.debug("User could not be logged in, inactive?")
return (False, None)
def put(self):
""" Update a users details such as password or email. """
user = get_authenticated_user()
user_data = request.get_json()
previous_username = None
headers = None
try:
if 'password' in user_data:
logger.debug('Changing password for user: %s', user.username)
log_action('account_change_password', user.username)
# Change the user's password.
model.user.change_password(user, user_data['password'])
# Login again to reset their session cookie.
success, headers = common_login(user.uuid)
if not success:
raise request_error(
message='Could not perform login action')
if features.MAILING:
send_password_changed(user.username, user.email)
if 'invoice_email' in user_data:
logger.debug('Changing invoice_email for user: %s',
user.username)
model.user.change_send_invoice_email(
user, user_data['invoice_email'])
if features.CHANGE_TAG_EXPIRATION and 'tag_expiration_s' in user_data:
logger.debug('Changing user tag expiration to: %ss',
user_data['tag_expiration_s'])
model.user.change_user_tag_expiration(
user, user_data['tag_expiration_s'])
if ('invoice_email_address' in user_data
and user_data['invoice_email_address'] !=
user.invoice_email_address):
model.user.change_invoice_email_address(
user, user_data['invoice_email_address'])
if 'email' in user_data and user_data['email'] != user.email:
new_email = user_data['email']
if model.user.find_user_by_email(new_email):
# Email already used.
raise request_error(message='E-mail address already used')
if features.MAILING:
logger.debug(
'Sending email to change email address for user: %s',
user.username)
confirmation_code = model.user.create_confirm_email_code(
user, new_email=new_email)
send_change_email(user.username, user_data['email'],
confirmation_code)
else:
ua_future = user_analytics.change_email(
user.email, new_email)
ua_future.add_done_callback(
build_error_callback('Change email failed'))
model.user.update_email(user,
new_email,
auto_verify=not features.MAILING)
if features.USER_METADATA:
metadata = {}
for field in ('given_name', 'family_name', 'company',
'location'):
if field in user_data:
metadata[field] = user_data.get(field)
if len(metadata) > 0:
model.user.update_user_metadata(user, metadata)
ua_mdata_future = user_analytics.change_metadata(
user.email, **metadata)
ua_mdata_future.add_done_callback(
build_error_callback('Change metadata failed'))
# Check for username rename. A username can be renamed if the feature is enabled OR the user
# currently has a confirm_username prompt.
if 'username' in user_data:
confirm_username = model.user.has_user_prompt(
user, 'confirm_username')
new_username = user_data.get('username')
previous_username = user.username
rename_allowed = (features.USER_RENAME
or (confirm_username
and features.USERNAME_CONFIRMATION))
username_changing = new_username and new_username != previous_username
if rename_allowed and username_changing:
if model.user.get_user_or_org(new_username) is not None:
# Username already used.
raise request_error(
message='Username is already in use')
user = model.user.change_username(user.id, new_username)
username_future = user_analytics.change_username(
user.email, new_username)
username_future.add_done_callback(
build_error_callback('Change username failed'))
elif confirm_username:
model.user.remove_user_prompt(user, 'confirm_username')
except model.user.InvalidPasswordException, ex:
raise request_error(exception=ex)
