def contact(control_list_id): """ This routes allows user to send email to list administrators """ control_list, is_owner = ControlLists.get_linked_or_404( control_list_id=control_list_id, user=current_user) form = SendMailToAdmin(prefix="mail") if request.method == "POST" and form.validate_on_submit(): control_list_link = url_for('control_lists_bp.get', control_list_id=control_list_id, _external=True) email.send_email_async( app=current_app._get_current_object(), bcc=[u[3] for u in control_list.owners] + [current_user.email], recipient=[], subject='[Pyrrha Control List] ' + form.title.data, template='control_lists/email/contact', # current_user is a LocalProxy, we want the underlying user # object user=current_user._get_current_object(), message=form.message.data, control_list_title=control_list.name, url=control_list_link) flash('The email has been sent to the control list administrators.', 'success') return redirect( url_for('control_lists_bp.contact', control_list_id=control_list_id)) return render_template_with_nav_info('control_lists/contact.html', form=form, control_list=control_list)
def reset_password_request(): """Respond to existing user's request to reset their password.""" if not current_user.is_anonymous: return redirect(url_for('main.index')) form = RequestResetPasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: token = user.generate_password_reset_token() reset_link = url_for('account.reset_password', token=token, _external=True) send_email_async(app=current_app._get_current_object(), recipient=user.email, subject='Reset Your Password', template='account/email/reset_password', user=user, reset_link=reset_link, next=request.args.get('next')) flash( 'A password reset link has been sent to {}.'.format( form.email.data), 'warning') return redirect(url_for('account.login')) return render_template_with_nav_info('account/reset_password.html', form=form)
def invite_user(): """Invites a new user to create an account and set their own password.""" form = InviteUserForm() if form.validate_on_submit(): user = User(role=form.role.data, first_name=form.first_name.data, last_name=form.last_name.data, email=form.email.data) db.session.add(user) db.session.commit() token = user.generate_confirmation_token() invite_link = url_for('account.join_from_invite', user_id=user.id, token=token, _external=True) send_email_async( app=current_app._get_current_object(), recipient=user.email, subject='You Are Invited To Join', template='account/email/invite', user=user, invite_link=invite_link, ) flash('User {} successfully invited'.format(user.full_name()), 'form-success') return render_template_with_nav_info('admin/new_user.html', form=form)
def change_email_request(): """Respond to existing user's request to change their email.""" form = ChangeEmailForm() if form.validate_on_submit(): if current_user.verify_password(form.password.data): new_email = form.email.data token = current_user.generate_email_change_token(new_email) change_email_link = url_for('account.change_email', token=token, _external=True) send_email_async( app=current_app._get_current_object(), recipient=new_email, subject='Confirm Your New Email', template='account/email/change_email', # current_user is a LocalProxy, we want the underlying user # object user=current_user._get_current_object(), change_email_link=change_email_link) flash('A confirmation link has been sent to {}.'.format(new_email), 'warning') return redirect(url_for('main.index')) else: flash('Invalid email or password.', 'form-error') return render_template_with_nav_info('account/manage.html', form=form)
def propose_as_public(control_list_id): """ This routes allows user to send email to application administrators to propose a list as public for everyone to use """ control_list, is_owner = ControlLists.get_linked_or_404( control_list_id=control_list_id, user=current_user) if not is_owner: flash("You are not an owner of the list.", category="error") return redirect( url_for("control_lists_bp.get", control_list_id=control_list_id)) elif control_list.public != PublicationStatus.private: flash("This list is already public or submitted.", category="warning") return redirect( url_for("control_lists_bp.get", control_list_id=control_list_id)) form = SendMailToAdmin(prefix="mail") if form.validate_on_submit(): admins = User.get_admins() control_list_link = url_for('control_lists_bp.get', control_list_id=control_list_id, _external=True) control_list.public = PublicationStatus.submitted db.session.add(control_list) try: email.send_email_async( app=current_app._get_current_object(), bcc=[u.email for u in admins] + [current_user.email], recipient=[], subject='[Pyrrha Control List] ' + form.title.data, template='control_lists/email/contact', # current_user is a LocalProxy, we want the underlying user # object user=current_user._get_current_object(), message=form.message.data, control_list_title=control_list.name, url=control_list_link) flash('The email has been sent to the administrators.', 'success') db.session.commit() except Exception: db.session.rollback() flash("There was an error during the messaging step") return render_template_with_nav_info( 'control_lists/propose_as_public.html', form=form, control_list=control_list)
def confirm_request(): """Respond to new user's request to confirm their account.""" token = current_user.generate_confirmation_token() confirm_link = url_for('account.confirm', token=token, _external=True) send_email_async( app=current_app._get_current_object(), recipient=current_user.email, subject='Confirm Your Account', template='account/email/confirm', # current_user is a LocalProxy, we want the underlying user object user=current_user._get_current_object(), confirm_link=confirm_link) flash( 'A new confirmation link has been sent to {}.'.format( current_user.email), 'warning') return redirect(url_for('main.index'))
def test_send_mail(self): with self.app.app_context(): new_user = User(first_name="John", last_name="Doe", email="*****@*****.**", role_id=1) TestSendMail.db.session.add(new_user) TestSendMail.db.session.commit() send_email_async(self.app, recipient="*****@*****.**", subject="hello world", template="account/email/reset_password", user=User.query.first(), reset_link="test", config=self.app.config)
def join_from_invite(user_id, token): """ Confirm new user's account with provided token and prompt them to set a password. """ if current_user is not None and current_user.is_authenticated: flash('You are already logged in.', 'error') return redirect(url_for('main.index')) new_user = User.query.get(user_id) if new_user is None: return redirect(404) if new_user.password_hash is not None: flash('You have already joined.', 'error') return redirect(url_for('main.index')) if new_user.confirm_account(token): form = CreatePasswordForm() if form.validate_on_submit(): new_user.password = form.password.data db.session.add(new_user) db.session.commit() flash( 'Your password has been set. After you log in, you can ' 'go to the "Your Account" page to review your account ' 'information and settings.', 'success') return redirect(url_for('account.login')) return render_template('account/join_invite.html', form=form) else: flash( 'The confirmation link is invalid or has expired. Another ' 'invite email with a new link has been sent to you.', 'error') token = new_user.generate_confirmation_token() invite_link = url_for('account.join_from_invite', user_id=user_id, token=token, _external=True) send_email_async(app=current_app._get_current_object(), recipient=new_user.email, subject='You Are Invited To Join', template='account/email/invite', user=new_user, invite_link=invite_link) return redirect(url_for('main.index'))
def register(): """Register a new user, and send them a confirmation email.""" form = RegistrationForm() if form.validate_on_submit(): user = User(first_name=form.first_name.data, last_name=form.last_name.data, email=form.email.data, password=form.password.data) db.session.add(user) db.session.commit() token = user.generate_confirmation_token() confirm_link = url_for('account.confirm', token=token, _external=True) send_email_async(app=current_app._get_current_object(), recipient=user.email, subject='Confirm Your Account', template='account/email/confirm', user=user, confirm_link=confirm_link) flash('A confirmation link has been sent to {}.'.format(user.email), 'warning') return redirect(url_for('main.index')) return render_template_with_nav_info('account/register.html', form=form)