def confirmEmailView(token): session.clear() req = authAPI('confirm', method='post', token=token) if 'error' in req: if req['error'] == 'Could not identify access token': errorMessage(req['error']) elif req['error'] == 'Could not identify Platform': errorMessage(req['error']) elif req['error'] == 'User must set password': errorMessage('Please set your password') return redirect(url_for('authBP.setPasswordView', tok=req['token'])) elif req['error'] == 'User already confirmed': errorMessage('Your profile has already been confirmed') return redirect(url_for('indexView')) else: errorMessage(req['error']) elif 'success' in req: if req['mustSetPass'] == 'True': successMessage( 'Your profile has been confirmed, please set your new password' ) return redirect(url_for('authBP.setPasswordView', tok=req['token'])) else: successMessage('Your profile has been confirmed, please login') return redirect(url_for('authBP.loginView')) return redirect(url_for('indexView'))
def confirmEmailView(token): session.clear() req = authAPI('confirm', method='post', token=token) if 'error' in req: if req['error'] == 'User already confirmed': if req['mustSetPass'] == 'True': successMessage( 'Account confirmed, please set new password (the password your enter here will be your new password to the system)' ) return redirect( url_for('authBP.setPasswordView', tok=req['token'])) else: errorMessage('Your profile has already been confirmed') else: errorMessage(req['error']) elif 'success' in req: if req['mustSetPass'] == 'True': return redirect(url_for('authBP.setPasswordView', tok=req['token'])) else: successMessage('Your profile has already been confirmed') return redirect(url_for('authBP.loginView')) return redirect(url_for('indexView'))
def loginView(): if not 'token' in session: kwargs = {'formWidth': 300, 'contentTitle': 'Login'} form = loginForm() if form.validate_on_submit(): regNo = form.regNo.data email = form.email.data password = form.password.data dataDict = {'regNo': regNo, 'email': email, 'password': password} req = authAPI('login', method='post', dataDict=dataDict) if 'success' in req: session['token'] = req['token'] session['email'] = req['email'] session['roles'] = req['roles'] successMessage('You are now logged in') return redirect(url_for('indexView')) else: errorMessage('User / password combination error') return render_template('auth/loginForm.html', form=form, **kwargs) else: errorMessage('You are already logged into the system') return redirect(url_for('indexView'))
def companyView(): kwargs = {'title': 'Company information', 'formWidth': '350'} compForm = companyForm() if g.sijax.is_sijax_request: g.sijax.register_object(SijaxHandler) return g.sijax.process_request() tenant = getCurrentTenant() kwargs['tenant'] = tenant contact = getContactPerson() if 'error' in contact: contact = { 'uuid': '', 'contactName': None, 'email': None, 'phone': None } errorMessage('Please assign contact person') else: contact = contact['success'] kwargs['contact'] = contact compForm = companyForm(regNo=tenant[u'regNo'], companyName=tenant[u'name'], addr=tenant[u'addr'], addr2=tenant[u'addr2'], postcode=tenant[u'postcode'], city=tenant[u'city']) contForm = contactForm(contactName=contact['uuid'], email=contact['email'], phone=contact['phone']) users = [(str(r['uuid']), str(r['name'] + ' - ' + r['email'])) for r in getUsers()['users']] users.insert(0, ('', '')) contForm.contactName.choices = users return render_template('settings/newCompanyView.html', contactForm=contForm, companyForm=compForm, **kwargs)
def setPasswordView(tok): session.clear() kwargs = {'formWidth': 300, 'title': 'Set new password'} form = setPasswordForm() if form.validate_on_submit(): dataDict = {'password': form.password.data} req = authAPI('setPassword', method='post', dataDict=dataDict, token=tok) print str(req) if 'error' in req: errorMessage(req['error']) elif 'success' in req: successMessage('Your password has now been set, please login') return redirect(url_for('authBP.loginView')) return render_template('auth/setPasswordForm.html', form=form, **kwargs)
def registerView(): if not 'token' in session: # universal variables form = registerForm() kwargs = {'formWidth': 400} if form.validate_on_submit(): dataDict = { 'regNo': form.regNo.data, 'companyName': form.companyName.data, 'userName': form.userName.data, 'email': form.email.data, 'password': form.password.data } req = authAPI('register', method='post', dataDict=dataDict) if r.status_code == 409: errorMessage('accountExists') elif r.status_code == 404: errorMessage('cvrCheckError') elif 'error' in req: if req['error'] == 'Not valid email-address': errorMessage('validateEmail') elif 'success' in req: # send email confirmation subject = u'Bekræft tilmelding' tok = req['token'] email = req['email'] confirm_url = url_for('authBP.confirmEmailView', token=tok, _external=True) html = render_template('email/verify.html', confirm_url=confirm_url) # sendMail(subject=subject, sender='Henrik Poulsen', recipients=[email], html_body=html, text_body=None) successMessage('loginSuccess') return redirect(url_for('indexView')) return render_template('auth/registerForm.html', form=form, **kwargs) else: errorMessage('alreadyRegistered') return redirect(url_for('indexView'))
def logoutView(): logout = authAPI(endpoint='logout', method='post', token=session['token']) if ['error'] in logout: if req['error'] == 'Could not identify access token': errorMessage(req['error']) elif req['error'] == 'Could not identify Platform': errorMessage(req['error']) elif req['error'] == 'Internal server error': errorMessage(req['error']) elif req['error'] == 'Invalid access token': errorMessage(req['error']) else: session.clear() successMessage('You are now logged out of the system') return redirect(url_for('indexView'))
def userView(uuid=None, function=None): # universal variables form = userForm() kwargs = {'contentTitle': 'Users', 'width': '', 'formWidth': '400'} # Get users if function == None: kwargs['tableColumns'] = ['User name', 'Email', 'Roles', 'Groups'] kwargs['tableData'] = usersTable() return render_template('listView.html', **kwargs) elif function == 'delete': delUsr = deleteUser(uuid) if 'error' in delUsr: errorMessage(delUsr['error']) print delUsr return redirect(url_for('userBP.userView')) else: if function == 'update': usr = getUser(uuid=uuid, includes=['includeRoles', 'includeGroups'])['user'] kwargs['contentTitle'] = 'Update user' role = 'User' for r in usr['roles']: if r['title'] == 'Administrator': role = 'Administrator' elif r['title'] == 'Superuser': role = 'Superuser' grpForm = groupForm() usrForm = userForm( userName=usr['name'], userEmail=usr['email'], userPhone=usr['phone'], userGroups=[str(r['uuid']) for r in usr['groups']], userRole=role) # Get all groups usrForm.userGroups.choices = [(str(r['uuid']), r['name']) for r in getGroups()['groups']] if g.sijax.is_sijax_request: g.sijax.register_object(SijaxHandler) return g.sijax.process_request() if usrForm.validate_on_submit(): dataDict = { 'name': usrForm.userName.data, 'email': usrForm.userEmail.data, 'phone': usrForm.userPhone.data, 'roles': [usrForm.userRole.data], 'groups': [usrForm.userGroups.data] } updateUser = putUser(dataDict=dataDict, uuid=uuid) if not 'error' in updateUser: apiMessage(updateUser) return redirect(url_for('userBP.userView')) else: return unicode(updateUser) return render_template('user/userForm.html', usrForm=usrForm, grpForm=grpForm, **kwargs) elif function == 'new': usrForm = userForm(userRole='User') grpForm = groupForm() grpForm.groupUsers.choices = [(str(r['uuid']), r['email']) for r in getUsers()['users']] kwargs['contentTitle'] = 'New user' groups = [(str(r['uuid']), r['name']) for r in getGroups()['groups']] usrForm.userGroups.choices = groups if g.sijax.is_sijax_request: g.sijax.register_object(SijaxHandler) return g.sijax.process_request() if usrForm.validate_on_submit(): dataDict = { 'name': usrForm.userName.data, 'email': usrForm.userEmail.data, 'phone': usrForm.userPhone.data } roles = ['User'] if usrForm.userRole.data == 'Superuser': roles.append('Superuser') elif usrForm.userRole.data == 'Administrator': roles.append('Superuser') roles.append('Administrator') dataDict['roles'] = roles dataDict['groups'] = usrForm.userGroups.data newUser = postUser(dataDict) if 'success' in newUser: successMessage('The user has been created') subject = u'Confirm signup' confirm_url = url_for('authBP.confirmEmailView', token=newUser['token'], _external=True) html = render_template('email/verify.html', confirm_url=confirm_url) sendMail(subject=subject, sender='Henrik Poulsen', recipients=[usrForm.userEmail.data], html_body=html, text_body=None) return redirect(url_for('userBP.userView')) else: apiMessage(newUser) return render_template('user/userForm.html', usrForm=usrForm, grpForm=grpForm, **kwargs)
def changePasswordView(): kwargs = {'formWidth': 300, 'contentTitle': 'Change password'} form = changePasswordForm() if form.validate_on_submit(): dataDict = {'password': form.password.data} req = authAPI(endpoint='changePassword', method='put', dataDict=dataDict, token=session['token']) if 'error' in req: if req['error'] == 'Could not identify access token': errorMessage(req['error']) elif req['error'] == 'Could not identify Platform': errorMessage(req['error']) elif req['error'] == 'Request data incomplete': errorMessage(req['error']) elif req['error'] == 'Illegal null values present in request data': errorMessage(req['error']) elif req['error'] == 'Invalid access token': errorMessage(req['error']) elif req['error'] == 'Invalid server error': errorMessage(req['error']) else: errorMessage(req['error']) else: successMessage('Your password has been changed') return render_template('user/changePasswordForm.html', form=form, **kwargs)
def loginView(): if not 'token' in session: kwargs = {'formWidth': 300, 'contentTitle': 'Login'} form = loginForm() if form.validate_on_submit(): regNo = form.regNo.data email = form.email.data password = form.password.data dataDict = {'regNo': regNo, 'email': email, 'password': password} req = authAPI('login', method='post', dataDict=dataDict) if 'success' in req: session['token'] = req['token'] session['email'] = req['email'] session['roles'] = req['roles'] successMessage('You are now logged in') return redirect(url_for('indexView')) elif 'error' in req: if req['error'] == 'Could not identify access token': errorMessage(req['error']) elif req['error'] == 'Could not identify Platform': errorMessage(req['error']) elif req['error'] == 'Request data incomplete': errorMessage(req['error']) elif req[ 'error'] == 'Illegal null values present in request data': errorMessage(req['error']) elif req['error'] == 'Invalid access token': errorMessage(req['error']) elif req['error'] == 'Internal server error': errorMessage(req['error']) elif req[ 'error'] == 'User is locked out of the system due to multiple bad logins': errorMessage(req['error']) elif req['error'] == 'Could not identify Tenant': errorMessage( 'We are not able to validate your credentials') elif req['error'] == 'Could not identify User': errorMessage( 'We are not able to validate your credentials') elif req['error'] == 'Wrong user/password combination': errorMessage(req['error'] + ' - Attempts left: ' + req['attempts left']) elif req['error'] == 'User must change password': session['token'] = req['token'] session['email'] = req['email'] session['roles'] = req['roles'] errorMessage('Please change your password') return redirect(url_for('userBP.changePasswordView')) return render_template('auth/loginForm.html', form=form, **kwargs) else: errorMessage('You are already logged into the system') return redirect(url_for('indexView'))
def registerView(): if not 'token' in session: # universal variables form = registerForm() kwargs = {'formWidth': 400} if form.validate_on_submit(): dataDict = { 'regNo': form.regNo.data, 'companyName': form.companyName.data, 'userName': form.userName.data, 'email': form.email.data, 'password': form.password.data } req = authAPI('register', method='post', dataDict=dataDict) if 'error' in req: if req['error'] == 'Could not identify Platform': errorMessage(req['error']) elif req['error'] == 'Request data incomplete': errorMessage(req['error']) elif req['error'] == 'Reg/VAT number already exist': errorMessage( 'An account using this Reg/VAT number already exist') elif req['error'] == 'Invalid email-address': errorMessage(req['error']) elif req[ 'error'] == 'Illegal null values present in request data': errorMessage(req['error']) elif req['error'] == 'Internal server error': errorMessage(req['error']) elif 'success' in req: # send email confirmation subject = u'Please confirm your account' tok = req['token'] email = req['email'] confirm_url = url_for('authBP.confirmEmailView', token=tok, _external=True) html = render_template('email/verify.html', confirm_url=confirm_url) sendMail(subject=subject, sender='Henrik Poulsen', recipients=[email], html_body=html, text_body=None) successMessage( 'You have successfully registered your account, please check your email for confirmation.' ) return redirect(url_for('indexView')) return render_template('auth/registerForm.html', form=form, **kwargs) else: errorMessage('alreadyRegistered') return redirect(url_for('indexView'))
def setPasswordView(tok): if session['token']: session['token'] = None kwargs = {'formWidth': 300, 'title': 'Set new password'} form = setPasswordForm() if form.validate_on_submit(): dataDict = {'password': form.password.data} print form.password.data req = authAPI('setPassword', method='post', dataDict=dataDict, token=tok) if 'error' in req: if req['error'] == 'Could not identify access token': errorMessage(req['error']) elif req['error'] == 'Could not identify Platform': errorMessage(req['error']) elif req['error'] == 'Request data incomplete': errorMessage(req['error']) elif req['error'] == 'Illegal null values present in request data': errorMessage(req['error']) elif req['error'] == 'Invalid access token': errorMessage(req['error']) else: errorMessage(req['error']) elif 'success' in req: successMessage('Your password has now been set, please login') return redirect(url_for('authBP.loginView')) return render_template('auth/setPasswordForm.html', form=form, **kwargs)