def setUpToken(self, email): """Test e-mail token.""" userDb = self.userDb self.registerToken = sesEmail.createToken(email, userDb, "validate_email") postJson = {"token": self.registerToken} return self.app.post_json("/v1/confirm_email_token/", postJson)
def sendResetPasswordEmail(self, user, system_email, email=None, unlock_user=False): if email is None: email = user.email # User must be approved and active to reset password if user.user_status_id != self.interfaces.userDb.getUserStatusId( "approved"): raise ResponseException( "User must be approved before resetting password", StatusCode.CLIENT_ERROR) elif not unlock_user and not user.is_active: raise ResponseException("User is locked, cannot reset password", StatusCode.CLIENT_ERROR) # If unlocking a user, wipe out current password if unlock_user: UserHandler().clearPassword(user) self.interfaces.userDb.session.commit() # Send email with token emailToken = sesEmail.createToken(email, "password_reset") link = "".join( [AccountHandler.FRONT_END, '#/forgotpassword/', emailToken]) emailTemplate = {'[URL]': link} templateType = "unlock_account" if unlock_user else "reset_password" newEmail = sesEmail(user.email, system_email, templateType=templateType, parameters=emailTemplate, database=self.interfaces.userDb) newEmail.send()
def createEmailConfirmation(self,system_email,session): """ Creates user record and email arguments: system_email -- (string) email used to send messages session -- (Session) object from flask """ requestFields = RequestDictionary(self.request) if(not requestFields.exists("email")): exc = ResponseException("Request body must include email", StatusCode.CLIENT_ERROR) return JsonResponse.error(exc,exc.status) email = requestFields.getValue("email") if( not re.match("[^@]+@[^@]+\.[^@]+",email)) : return JsonResponse.error(ValueError("Invalid Email Format"),StatusCode.CLIENT_ERROR) try : user = self.interfaces.userDb.getUserByEmail(requestFields.getValue("email")) except ResponseException as e: self.interfaces.userDb.addUnconfirmedEmail(email) else: if(not (user.user_status_id == self.interfaces.userDb.getUserStatusId("awaiting_confirmation") or user.user_status_id == self.interfaces.userDb.getUserStatusId("email_confirmed"))): exc = ResponseException("User already registered", StatusCode.CLIENT_ERROR) return JsonResponse.error(exc,exc.status) emailToken = sesEmail.createToken(email,self.interfaces.userDb,"validate_email") link= "".join([AccountHandler.FRONT_END,'#/registration/',emailToken]) emailTemplate = {'[USER]': email, '[URL]':link} newEmail = sesEmail(email, system_email,templateType="validate_email",parameters=emailTemplate,database=self.interfaces.userDb) newEmail.send() return JsonResponse.create(StatusCode.OK,{"message":"Email Sent"})
def setUpToken(self, email): """Test e-mail token.""" self.registerToken = sesEmail.createToken(email, "validate_email") postJson = {"token": self.registerToken} return self.app.post_json("/v1/confirm_email_token/", postJson, headers={"x-session-id": self.session_id})
def resetPassword(self,system_email,session): """ Remove old password and email user a token to set a new password. Request should have key "email" arguments: system_email -- (string) email used to send messages session -- (Session) object from flask """ requestDict = RequestDictionary(self.request) if(not (requestDict.exists("email"))): # Don't have the keys we need in request exc = ResponseException("Reset password route requires key 'email'",StatusCode.CLIENT_ERROR) return JsonResponse.error(exc,exc.status) # Get user object try: user = self.interfaces.userDb.getUserByEmail(requestDict.getValue("email")) except Exception as e: exc = ResponseException("Unknown Error",StatusCode.CLIENT_ERROR,ValueError) return JsonResponse.error(exc,exc.status) LoginSession.logout(session) self.interfaces.userDb.session.commit() email = requestDict.getValue("email") # Send email with token emailToken = sesEmail.createToken(email,self.interfaces.userDb,"password_reset") link= "".join([ AccountHandler.FRONT_END,'#/forgotpassword/',emailToken]) emailTemplate = { '[URL]':link} newEmail = sesEmail(user.email, system_email,templateType="reset_password",parameters=emailTemplate,database=self.interfaces.userDb) newEmail.send() # Return success message return JsonResponse.create(StatusCode.OK,{"message":"Password reset"})
def test_check_email_token(self): """Test valid e-mail token.""" userDb = self.userDb #make a token based on a user token = sesEmail.createToken(self.test_users["password_reset_email"], userDb, "validate_email") postJson = {"token": token} response = self.app.post_json("/v1/confirm_email_token/", postJson) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID)
def test_check_password_token(self): """Test password reset with valid token.""" userDb = self.userDb #make a token based on a user token = sesEmail.createToken(self.test_users["admin_email"], userDb, "password_reset") postJson = {"token": token} response = self.app.post_json("/v1/confirm_password_token/", postJson) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID)
def test_check_password_token(self): """Test password reset with valid token.""" userDb = self.userDb #make a token based on a user token = sesEmail.createToken( self.test_users["admin_email"], userDb, "password_reset") postJson = {"token": token} response = self.app.post_json("/v1/confirm_password_token/", postJson, headers={"x-session-id":self.session_id}) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID)
def test_check_email_token(self): """Test valid e-mail token.""" #make a token based on a user token = sesEmail.createToken(self.test_users["password_reset_email"], "validate_email") postJson = {"token": token} response = self.app.post_json( "/v1/confirm_email_token/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID)
def create_email_confirmation(self,system_email): """ Creates user record and email arguments: system_email -- (string) email used to send messages """ sess = GlobalDB.db().session request_fields = RequestDictionary.derive(self.request) try: if 'email' not in request_fields: raise ResponseException( "Request body must include email", StatusCode.CLIENT_ERROR) email = request_fields['email'] if not re.match("[^@]+@[^@]+\.[^@]+",email): raise ValueError("Invalid Email Format") except (ResponseException, ValueError) as exc: return JsonResponse.error(exc, StatusCode.CLIENT_ERROR) try : user = sess.query(User).filter( func.lower(User.email) == func.lower(request_fields['email']) ).one() except NoResultFound: # Create user with specified email if none is found user = User(email=email) user.user_status_id = USER_STATUS_DICT["awaiting_confirmation"] user.permissions = 0 sess.add(user) sess.commit() else: try: good_statuses = (USER_STATUS_DICT["awaiting_confirmation"], USER_STATUS_DICT["email_confirmed"]) if user.user_status_id not in good_statuses: raise ResponseException( "User already registered", StatusCode.CLIENT_ERROR) except ResponseException as exc: return JsonResponse.error(exc, exc.status) email_token = sesEmail.createToken(email, "validate_email") link= "".join([AccountHandler.FRONT_END,'#/registration/',email_token]) email_template = {'[USER]': email, '[URL]':link} new_email = sesEmail(email, system_email,templateType="validate_email",parameters=email_template) new_email.send() return JsonResponse.create(StatusCode.OK,{"message":"Email Sent"})
def createEmailConfirmation(self, system_email, session): """ Creates user record and email arguments: system_email -- (string) email used to send messages session -- (Session) object from flask """ requestFields = RequestDictionary(self.request) if (not requestFields.exists("email")): exc = ResponseException("Request body must include email", StatusCode.CLIENT_ERROR) return JsonResponse.error(exc, exc.status) email = requestFields.getValue("email") if (not re.match("[^@]+@[^@]+\.[^@]+", email)): return JsonResponse.error(ValueError("Invalid Email Format"), StatusCode.CLIENT_ERROR) try: user = self.interfaces.userDb.getUserByEmail( requestFields.getValue("email")) except ResponseException as e: self.interfaces.userDb.addUnconfirmedEmail(email) else: if (not (user.user_status_id == self.interfaces.userDb. getUserStatusId("awaiting_confirmation") or user.user_status_id == self.interfaces.userDb. getUserStatusId("email_confirmed"))): exc = ResponseException("User already registered", StatusCode.CLIENT_ERROR) return JsonResponse.error(exc, exc.status) emailToken = sesEmail.createToken(email, self.interfaces.userDb, "validate_email") link = "".join( [AccountHandler.FRONT_END, '#/registration/', emailToken]) emailTemplate = {'[USER]': email, '[URL]': link} newEmail = sesEmail(email, system_email, templateType="validate_email", parameters=emailTemplate, database=self.interfaces.userDb) newEmail.send() return JsonResponse.create(StatusCode.OK, {"message": "Email Sent"})
def resetPassword(self, system_email, session): """ Remove old password and email user a token to set a new password. Request should have key "email" arguments: system_email -- (string) email used to send messages session -- (Session) object from flask """ requestDict = RequestDictionary(self.request) if (not (requestDict.exists("email"))): # Don't have the keys we need in request exc = ResponseException( "Reset password route requires key 'email'", StatusCode.CLIENT_ERROR) return JsonResponse.error(exc, exc.status) # Get user object try: user = self.interfaces.userDb.getUserByEmail( requestDict.getValue("email")) except Exception as e: exc = ResponseException("Unknown Error", StatusCode.CLIENT_ERROR, ValueError) return JsonResponse.error(exc, exc.status) LoginSession.logout(session) self.interfaces.userDb.session.commit() email = requestDict.getValue("email") # Send email with token emailToken = sesEmail.createToken(email, self.interfaces.userDb, "password_reset") link = "".join( [AccountHandler.FRONT_END, '#/forgotpassword/', emailToken]) emailTemplate = {'[URL]': link} newEmail = sesEmail(user.email, system_email, templateType="reset_password", parameters=emailTemplate, database=self.interfaces.userDb) newEmail.send() # Return success message return JsonResponse.create(StatusCode.OK, {"message": "Password reset"})
def test_password_reset_email(self): """Test password reset email.""" self.logout() email = self.test_users["password_reset_email"] postJson = {"email": email} response = self.app.post_json("/v1/reset_password/", postJson) self.check_response(response, StatusCode.OK) userDb = self.userDb token = sesEmail.createToken( self.test_users["password_reset_email"], userDb, "password_reset") postJson = {"token": token} response = self.app.post_json("/v1/confirm_password_token/", postJson) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID) postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json("/v1/set_password/", postJson) self.check_response(response, StatusCode.OK, "Password successfully changed") user = userDb.getUserByEmail(email) self.assertTrue(user.password_hash)
def test_password_reset_email(self): """Test password reset email.""" self.logout() email = self.test_users["password_reset_email"] postJson = {"email": email} response = self.app.post_json("/v1/reset_password/", postJson, headers={"x-session-id":self.session_id}) self.check_response(response, StatusCode.OK) # Test password reset for unapproved user and locked user userDb = self.userDb user = userDb.getUserByEmail(email) user.user_status_id = userDb.getUserStatusId("awaiting_approval") userDb.session.commit() response = self.app.post_json("/v1/reset_password/", postJson, headers={"x-session-id":self.session_id}, expect_errors = True) self.check_response(response, StatusCode.CLIENT_ERROR) user.user_status_id = userDb.getUserStatusId("approved") user.is_active = False userDb.session.commit() response = self.app.post_json("/v1/reset_password/", postJson, headers={"x-session-id":self.session_id}, expect_errors = True) self.check_response(response, StatusCode.CLIENT_ERROR) # Test route to confirm tokens token = sesEmail.createToken( self.test_users["password_reset_email"], userDb, "password_reset") postJson = {"token": token} response = self.app.post_json("/v1/confirm_password_token/", postJson, headers={"x-session-id":self.session_id}) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID) postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json("/v1/set_password/", postJson, headers={"x-session-id":self.session_id}) self.check_response(response, StatusCode.OK, "Password successfully changed") user = userDb.getUserByEmail(email) self.assertTrue(user.password_hash) # Call again, should error postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json("/v1/set_password/", postJson, headers={"x-session-id":self.session_id}, expect_errors = True) self.check_response(response, StatusCode.LOGIN_REQUIRED)
def test_password_reset_email(self): """Test password reset email.""" self.logout() email = self.test_users["password_reset_email"] postJson = {"email": email} response = self.app.post_json("/v1/reset_password/", postJson) self.check_response(response, StatusCode.OK) userDb = self.userDb token = sesEmail.createToken(self.test_users["password_reset_email"], userDb, "password_reset") postJson = {"token": token} response = self.app.post_json("/v1/confirm_password_token/", postJson) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID) postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json("/v1/set_password/", postJson) self.check_response(response, StatusCode.OK, "Password successfully changed") user = userDb.getUserByEmail(email) self.assertTrue(user.password_hash)
def sendResetPasswordEmail(self, user, system_email, email=None, unlock_user=False): if email is None: email = user.email # User must be approved and active to reset password if user.user_status_id != self.interfaces.userDb.getUserStatusId("approved"): raise ResponseException("User must be approved before resetting password", StatusCode.CLIENT_ERROR) elif not unlock_user and not user.is_active: raise ResponseException("User is locked, cannot reset password", StatusCode.CLIENT_ERROR) # If unlocking a user, wipe out current password if unlock_user: UserHandler().clearPassword(user) self.interfaces.userDb.session.commit() # Send email with token emailToken = sesEmail.createToken(email, self.interfaces.userDb, "password_reset") link = "".join([AccountHandler.FRONT_END, '#/forgotpassword/', emailToken]) emailTemplate = {'[URL]': link} templateType = "unlock_account" if unlock_user else "reset_password" newEmail = sesEmail(user.email, system_email, templateType=templateType, parameters=emailTemplate, database=self.interfaces.userDb) newEmail.send()
def send_reset_password_email(self, user, system_email, email=None, unlock_user=False): sess = GlobalDB.db().session if email is None: email = user.email # User must be approved and active to reset password if user.user_status_id != USER_STATUS_DICT["approved"]: raise ResponseException("User must be approved before resetting password", StatusCode.CLIENT_ERROR) elif not unlock_user and not user.is_active: raise ResponseException("User is locked, cannot reset password", StatusCode.CLIENT_ERROR) # If unlocking a user, wipe out current password if unlock_user: user.salt = None user.password_hash = None sess.commit() # Send email with token email_token = sesEmail.createToken(email, "password_reset") link = "".join([AccountHandler.FRONT_END, '#/forgotpassword/', email_token]) email_template = {'[URL]': link} template_type = "unlock_account" if unlock_user else "reset_password" new_email = sesEmail(user.email, system_email, templateType=template_type, parameters=email_template) new_email.send()
def test_password_reset_email(self): """Test password reset email.""" self.logout() email = self.test_users["password_reset_email"] postJson = {"email": email} response = self.app.post_json( "/v1/reset_password/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK) # Test password reset for unapproved user and locked user userDb = self.userDb user = userDb.getUserByEmail(email) user.user_status_id = userDb.getUserStatusId("awaiting_approval") userDb.session.commit() response = self.app.post_json( "/v1/reset_password/", postJson, headers={"x-session-id": self.session_id}, expect_errors=True) self.check_response(response, StatusCode.CLIENT_ERROR) user.user_status_id = userDb.getUserStatusId("approved") user.is_active = False userDb.session.commit() response = self.app.post_json( "/v1/reset_password/", postJson, headers={"x-session-id": self.session_id}, expect_errors=True) self.check_response(response, StatusCode.CLIENT_ERROR) # Test route to confirm tokens token = sesEmail.createToken(self.test_users["password_reset_email"], userDb, "password_reset") postJson = {"token": token} response = self.app.post_json( "/v1/confirm_password_token/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID) postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json( "/v1/set_password/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK, "Password successfully changed") user = userDb.getUserByEmail(email) self.assertTrue(user.password_hash) # Call again, should error postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json( "/v1/set_password/", postJson, headers={"x-session-id": self.session_id}, expect_errors=True) self.check_response(response, StatusCode.LOGIN_REQUIRED)
def setUpToken(self,email): """Test e-mail token.""" userDb = self.userDb self.registerToken = sesEmail.createToken(email, userDb, "validate_email") postJson = {"token": self.registerToken} return self.app.post_json("/v1/confirm_email_token/", postJson)
def test_password_reset_email(self): """Test password reset email.""" self.logout() email = self.test_users["password_reset_email"] postJson = {"email": email} response = self.app.post_json( "/v1/reset_password/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK) # Test password reset for unapproved user and locked user with createApp().app_context(): sess = GlobalDB.db().session user = sess.query(User).filter(User.email == email).one() user.user_status_id = self.userStatusDict['awaiting_approval'] sess.commit() response = self.app.post_json( "/v1/reset_password/", postJson, headers={"x-session-id": self.session_id}, expect_errors=True) self.check_response(response, StatusCode.CLIENT_ERROR) user.user_status_id = self.userStatusDict['approved'] user.is_active = False sess.commit() response = self.app.post_json( "/v1/reset_password/", postJson, headers={"x-session-id": self.session_id}, expect_errors=True) self.check_response(response, StatusCode.CLIENT_ERROR) # Test route to confirm tokens token = sesEmail.createToken( self.test_users["password_reset_email"], "password_reset") postJson = {"token": token} response = self.app.post_json( "/v1/confirm_password_token/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK, "success") self.assertEqual(response.json["errorCode"], sesEmail.LINK_VALID) postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json( "/v1/set_password/", postJson, headers={"x-session-id": self.session_id}) self.check_response(response, StatusCode.OK, "Password successfully changed") user = sess.query(User).filter(User.email == email).one() self.assertTrue(user.password_hash) # Call again, should error postJson = {"user_email": email, "password": self.user_password} response = self.app.post_json( "/v1/set_password/", postJson, headers={"x-session-id": self.session_id}, expect_errors=True) self.check_response(response, StatusCode.LOGIN_REQUIRED)