def two_factor_email(token): redirect_url = request.args.get('next') if current_user.is_authenticated: return redirect_when_logged_in( platform_admin=current_user.platform_admin) # checks url is valid, and hasn't timed out try: token_data = json.loads( check_token(token, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'], current_app.config['EMAIL_2FA_EXPIRY_SECONDS'])) except SignatureExpired: return render_template('views/email-link-invalid.html', redirect_url=redirect_url) user_id = token_data['user_id'] # checks if code was already used logged_in, msg = user_api_client.check_verify_code( user_id, token_data['secret_code'], "email") if not logged_in: return render_template('views/email-link-invalid.html', redirect_url=redirect_url) return log_in_user(user_id)
def two_factor_email(token): if current_user.is_authenticated: return redirect_when_logged_in(current_user.id) # checks url is valid, and hasn't timed out try: token_data = json.loads( check_token(token, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'], current_app.config['EMAIL_2FA_EXPIRY_SECONDS'])) except SignatureExpired as exc: # lets decode again, without the expiry, to get the user id out orig_data = json.loads( check_token(token, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'], None)) session['user_details'] = {'id': orig_data['user_id']} flash( "The link in the email we sent you has expired. We’ve sent you a new one." ) return redirect(url_for('.resend_email_link')) user_id = token_data['user_id'] # checks if code was already used logged_in, msg = user_api_client.check_verify_code( user_id, token_data['secret_code'], "email") if not logged_in: flash("This link has already been used") session['user_details'] = {'id': user_id} return redirect(url_for('.resend_email_link')) return log_in_user(user_id)
def verify_email(token): try: token_data = check_token(token, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'], current_app.config['EMAIL_EXPIRY_SECONDS']) token_data = json.loads(token_data) verified = user_api_client.check_verify_code(token_data['user_id'], token_data['secret_code'], 'email') user = user_api_client.get_user(token_data['user_id']) if not user: abort(404) if user.is_active: flash("That verification link has expired.") return redirect(url_for('main.sign_in')) session['user_details'] = {"email": user.email_address, "id": user.id} if verified[0]: user_api_client.send_verify_code(user.id, 'sms', user.mobile_number) return redirect('verify') else: if verified[1] == 'Code has expired': flash("The link in the email we sent you has expired. We've sent you a new one.") return redirect(url_for('main.resend_email_verification')) else: message = "There was a problem verifying your account. Error message: '{}'".format(verified[1]) flash(message) return redirect(url_for('main.index')) except SignatureExpired: flash('The link in the email we sent you has expired') return redirect(url_for('main.resend_email_verification'))
def verify_email(token): try: token_data = check_token(token, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'], current_app.config['EMAIL_EXPIRY_SECONDS']) token_data = json.loads(token_data) verified = user_api_client.check_verify_code(token_data['user_id'], token_data['secret_code'], 'email') user = user_api_client.get_user(token_data['user_id']) if not user: abort(404) if user.is_active: flash("That verification link has expired.") return redirect(url_for('main.sign_in')) session['user_details'] = {"email": user.email_address, "id": user.id} if verified[0]: user_api_client.send_verify_code(user.id, 'sms', user.mobile_number) return redirect('verify') else: if verified[1] == 'Code has expired': flash( "The link in the email we sent you has expired. We've sent you a new one." ) return redirect(url_for('main.resend_email_verification')) else: message = "There was a problem verifying your account. Error message: '{}'".format( verified[1]) flash(message) return redirect(url_for('main.index')) except SignatureExpired: flash('The link in the email we sent you has expired') return redirect(url_for('main.resend_email_verification'))
def _check_code(code): return user_api_client.check_verify_code("1", code, "sms")
def _check_code(code): return user_api_client.check_verify_code(user_id, code, 'sms')
def _check_code(cde): return user_api_client.check_verify_code(current_user.id, cde, 'sms')
def _check_code(code): return user_api_client.check_verify_code(user_id, code, "sms")