def two_factor():
user_id = session['user_details']['id']
def _check_code(code):
return user_api_client.check_verify_code(user_id, code, "sms")
form = TwoFactorForm(_check_code)
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
services = service_api_client.get_active_services({'user_id': str(user_id)}).get('data', [])
# Check if coming from new password page
if 'password' in session['user_details']:
user.set_password(session['user_details']['password'])
user.reset_failed_login_count()
user_api_client.update_user(user)
activated_user = user_api_client.activate_user(user)
login_user(activated_user, remember=True)
finally:
del session['user_details']
next_url = request.args.get('next')
if next_url and _is_safe_redirect_url(next_url):
return redirect(next_url)
if current_user.platform_admin:
return redirect(url_for('main.platform_admin'))
if len(services) == 1:
return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
return render_template('views/two-factor.html', form=form)
def choose_service():
return render_template(
'views/choose-service.html',
services=[ServicesBrowsableItem(x) for x in
service_api_client.get_active_services({'user_id': current_user.id})['data']],
can_add_service=is_gov_user(current_user.email_address)
)
def choose_service():
return render_template('views/choose-service.html',
services=[
ServicesBrowsableItem(x)
for x in service_api_client.get_active_services(
{'user_id': current_user.id})['data']
],
can_add_service=is_gov_user(
current_user.email_address))
def add_service():
default_organisation_type = current_user.default_organisation_type
if default_organisation_type == 'nhs':
form = CreateNhsServiceForm()
default_organisation_type = None
else:
form = CreateServiceForm(organisation_type=default_organisation_type)
heading = 'About your service'
if form.validate_on_submit():
email_from = email_safe(form.name.data)
service_name = form.name.data
service_description = form.service_description.data
service_id, error = _create_service(
service_name,
service_description,
default_organisation_type or form.organisation_type.data,
email_from,
form,
)
if error:
return render_template('views/add-service.html',
form=form,
heading=heading)
if len(
service_api_client.get_active_services({
'user_id':
session['user_id']
}).get('data', [])) > 1:
return redirect(
url_for('main.service_dashboard', service_id=service_id))
example_sms_template = _create_example_template(service_id)
return redirect(
url_for('main.begin_tour',
service_id=service_id,
template_id=example_sms_template['data']['id']))
else:
if default_organisation_type == 'local':
return render_template(
'views/add-service-local.html',
form=form,
heading=heading,
default_organisation_type=default_organisation_type,
)
return render_template(
'views/add-service.html',
form=form,
heading=heading,
default_organisation_type=default_organisation_type,
)
def show_all_services_or_dashboard():
if not current_user.is_authenticated:
return redirect(url_for('.index'))
services = service_api_client.get_active_services({'user_id': current_user.id})['data']
if 1 == len(services):
return redirect(url_for('.service_dashboard', service_id=services[0]['id']))
else:
service_id = session.get('service_id', None)
if any([service_id == x['id'] for x in services]):
return redirect(url_for('.service_dashboard', service_id=service_id))
return redirect(url_for('.choose_service'))
def sign_in():
if current_user and current_user.is_authenticated:
return redirect(url_for('main.choose_service'))
form = LoginForm()
if form.validate_on_submit():
user = user_api_client.get_user_by_email_or_none(form.email_address.data)
user = _get_and_verify_user(user, form.password.data)
if user and user.state == 'pending':
return redirect(url_for('main.resend_email_verification'))
if user and session.get('invited_user'):
invited_user = session.get('invited_user')
if user.email_address != invited_user['email_address']:
flash("You can't accept an invite for another person.")
session.pop('invited_user', None)
abort(403)
else:
invite_api_client.accept_invite(invited_user['service'], invited_user['id'])
if user:
# Remember me login
if not login_fresh() and \
not current_user.is_anonymous and \
current_user.id == user.id and \
user.is_active:
confirm_login()
services = service_api_client.get_active_services({'user_id': str(user.id)}).get('data', [])
if (len(services) == 1):
return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
session['user_details'] = {"email": user.email_address, "id": user.id}
if user.is_active:
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
if request.args.get('next'):
return redirect(url_for('.two_factor', next=request.args.get('next')))
else:
return redirect(url_for('.two_factor'))
# Vague error message for login in case of user not known, locked, inactive or password not verified
flash(Markup((
"The email address or password you entered is incorrect."
" <a href={password_reset}>Forgot your password</a>?"
).format(password_reset=url_for('.forgot_password'))
))
return render_template('views/signin.html', form=form)
def redirect_when_logged_in(user_id):
next_url = request.args.get('next')
if next_url and _is_safe_redirect_url(next_url):
return redirect(next_url)
if current_user.platform_admin:
return redirect(url_for('main.platform_admin'))
services = service_api_client.get_active_services({
'user_id': str(user_id)
}).get('data', [])
if len(services) == 1:
return redirect(
url_for('main.service_dashboard', service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
def show_all_services_or_dashboard():
if not current_user.is_authenticated:
return redirect(url_for('.index'))
services = service_api_client.get_active_services(
{'user_id': current_user.id})['data']
if 1 == len(services):
return redirect(
url_for('.service_dashboard', service_id=services[0]['id']))
else:
service_id = session.get('service_id', None)
if any([service_id == x['id'] for x in services]):
return redirect(
url_for('.service_dashboard', service_id=service_id))
return redirect(url_for('.choose_service'))
def add_service():
invited_user = session.get('invited_user')
if invited_user:
service_id = _add_invited_user_to_service(invited_user)
return redirect(
url_for('main.service_dashboard', service_id=service_id))
if not is_gov_user(current_user.email_address):
abort(403)
form = CreateServiceForm()
heading = 'About your service'
if form.validate_on_submit():
email_from = email_safe(form.name.data)
service_name = form.name.data
service_id, error = _create_service(service_name,
form.organisation_type.data,
email_from, form)
if error:
return render_template('views/add-service.html',
form=form,
heading=heading)
if len(
service_api_client.get_active_services({
'user_id':
session['user_id']
}).get('data', [])) > 1:
return redirect(
url_for('main.service_dashboard', service_id=service_id))
example_sms_template = _create_example_template(service_id)
return redirect(
url_for(
'main.start_tour',
service_id=service_id,
template_id=example_sms_template['data']['id'],
))
else:
return render_template('views/add-service.html',
form=form,
heading=heading)
def add_service():
default_organisation_type = "central"
form = CreateServiceForm(organisation_type=default_organisation_type)
heading = _('Name your service in both official languages')
if form.validate_on_submit():
email_from = email_safe(form.name.data)
service_name = form.name.data
service_id, error = _create_service(
service_name,
default_organisation_type,
email_from,
form,
)
if error:
return render_template('views/add-service.html',
form=form,
heading=heading)
if len(
service_api_client.get_active_services({
'user_id':
session['user_id']
}).get('data', [])) > 1:
return redirect(
url_for('main.service_dashboard', service_id=service_id))
example_email_template = _create_example_template(service_id)
return redirect(
url_for('main.start_tour',
service_id=service_id,
template_id=example_email_template['data']['id']))
else:
return render_template(
'views/add-service.html',
form=form,
heading=heading,
default_organisation_type=default_organisation_type,
)
def add_service():
invited_user = session.get('invited_user')
if invited_user:
service_id = _add_invited_user_to_service(invited_user)
return redirect(url_for('main.service_dashboard', service_id=service_id))
if not is_gov_user(current_user.email_address):
abort(403)
form = AddServiceForm(service_api_client.find_all_service_email_from)
heading = 'Which service do you want to set up notifications for?'
if form.validate_on_submit():
email_from = email_safe(form.name.data)
service_name = form.name.data
service_id = _create_service(service_name, email_from)
if (len(service_api_client.get_active_services({'user_id': session['user_id']}).get('data', [])) > 1):
return redirect(url_for('main.service_dashboard', service_id=service_id))
example_sms_template = service_api_client.create_service_template(
'Example text message template',
'sms',
'Hey ((name)), I’m trying out Notify. Today is ((day of week)) and my favourite colour is ((colour)).',
service_id
)
return redirect(url_for(
'main.send_test',
service_id=service_id,
template_id=example_sms_template['data']['id'],
help=1
))
else:
return render_template(
'views/add-service.html',
form=form,
heading=heading
)