def create_user_noverify(
username, email, email_required=True, prompts=tuple(), is_possible_abuser=False
):
if email_required:
if not validate_email(email):
raise InvalidEmailAddressException("Invalid email address: %s" % email)
else:
# If email addresses are not required and none was specified, then we just use a unique
# ID to ensure that the database consistency check remains intact.
email = email or str(uuid.uuid4())
(username_valid, username_issue) = validate_username(username)
if not username_valid:
raise InvalidUsernameException("Invalid namespace %s: %s" % (username, username_issue))
try:
existing = User.get((User.username == username) | (User.email == email))
logger.info("Existing user with same username or email.")
# A user already exists with either the same username or email
if existing.username == username:
assert not existing.robot
msg = (
"Username has already been taken by an organization and cannot be reused: %s"
% username
)
if not existing.organization:
msg = "Username has already been taken by user cannot be reused: %s" % username
raise InvalidUsernameException(msg)
raise InvalidEmailAddressException("Email has already been used: %s" % email)
except User.DoesNotExist:
# This is actually the happy path
logger.debug("Email and username are unique!")
# Create the user.
try:
default_expr_s = _convert_to_s(config.app_config["DEFAULT_TAG_EXPIRATION"])
default_max_builds = config.app_config.get("DEFAULT_NAMESPACE_MAXIMUM_BUILD_COUNT")
threat_max_builds = config.app_config.get("THREAT_NAMESPACE_MAXIMUM_BUILD_COUNT")
if is_possible_abuser and threat_max_builds is not None:
default_max_builds = threat_max_builds
new_user = User.create(
username=username,
email=email,
removed_tag_expiration_s=default_expr_s,
maximum_queued_builds_count=default_max_builds,
)
for prompt in prompts:
create_user_prompt(new_user, prompt)
return new_user
except Exception as ex:
raise DataModelException(ex.message)
async def signup(body: SignUpForm):
"""If the user does not already exist, create a new user"""
if not validate_email(body.email):
return JSONResponse(
content={"error":"The email " + body.email + " must be a valid email address."},
status_code=status.HTTP_400_BAD_REQUEST
)
login = await Login.filter(email=body.email.lower()).first()
if login:
if login.email_confirmed:
return JSONResponse(
content={"error":"The provided email is already registered."},
status_code=status.HTTP_400_BAD_REQUEST
)
else:
confirm_email_token = create_access_token(data={'email': body.email})
await send_confirm_email_template(body.first_name, confirm_email_token, body.email)
return JSONResponse(
status_code = status.HTTP_400_BAD_REQUEST,
content={"error": "login exists but is unregistered - check email for registration"}
)
new_user = await User(first_name=body.first_name, last_name=body.last_name)
await new_user.save()
if body.password == "":
new_login = await new_user.create_login(email=body.email.lower(), password=body.password, email_confirmed=True)
else:
try:
new_login = await new_user.create_login(email=body.email.lower(), password=body.password)
confirm_email_token = create_access_token(data={'email': body.email}, override_expire=10)
await send_confirm_email_template(body.first_name, confirm_email_token, body.email)
except Exception:
await new_login.delete()
await new_user.delete()
return JSONResponse(
status_code=status.HTTP_400_BAD_REQUEST,
content={"error": "Error creating the confirmation email. Please retry."}
)
if not new_login or not new_user:
return JSONResponse(
status_code=status.HTTP_400_BAD_REQUEST,
content={"error":"Error creating login. Please retry."}
)
if body.forwarding_address is not None:
await new_user.set_forwarding_address(body.forwarding_address)
access_token = create_access_token(
{"email": body.email}
)
return JSONResponse(
status_code = status.HTTP_200_OK,
content={"user_id": str(new_user.id), "token": str(access_token)}
)
def create_confirm_email_code(user, new_email=None):
if new_email:
if not validate_email(new_email):
raise InvalidEmailAddressException("Invalid email address: %s" % new_email)
verification_code, unhashed = Credential.generate()
code = EmailConfirmation.create(
user=user, email_confirm=True, new_email=new_email, verification_code=verification_code
)
return encode_public_private_token(code.code, unhashed)
async def set_email(self, email: str):
"""Update the user's email"""
update_fields = []
if not validate_email(email):
return None
if self.email != email:
self.email = email
update_fields.append('email')
else:
return None
if len(update_fields) > 0:
await self.save(update_fields=update_fields)
return self
async def forgotpassword(body: ForgotPasswordForm = None):
"""Generate a forgot password token and email it to the provided email to trigger resetting password"""
if body is None:
return JSONResponse(
status_code=status.HTTP_401_UNAUTHORIZED,
content={"error":"Incorrect username or password"},
headers={"WWW-Authenticate": "Bearer"},
)
if not validate_email(body.email):
return JSONResponse(
status_code=status.HTTP_400_BAD_REQUEST,
content={"error":"Incorrectly formatted email."},
)
login = await get_current_login(body.email)
if type(login) == JSONResponse:
return login
user = await User.filter(id=login.user_id).first()
data = {"email": login.email}
email_token = create_access_token(data=data, override_expire=10)
await send_forgot_password_template(user.first_name, email_token, body.email)
return status.HTTP_200_OK
