def confirm(token):
expired, invalid, user= utils.get_token_status(token, "confirm", max_age="CONFIRM_EMAIL", return_data=False)
if expired or invalid:
response = {
"status": False,
"message": "Not Confirmed",
"route":"register"
}
else:
if user:
user_datastore.activate_user(user)
confirmable.confirm_user(user)
db.session.commit()
response = {
"status": True,
"message": "Confirmed",
"route":"login",
"confirmed_at":user.confirmed_at
}
else:
response = {
"status": False,
"message": "Not Comfirmed",
"route":"comfirm"
}
return jsonify(response )
def create_user(username, password, email, role='user', confirmed=False, test=False):
"""
Create a new user for OGRE
test (bool)
Only check if user has been created; don't actually do anything
"""
try:
# load a user
setup_db_session(app)
from ogreserver.models.user import User
user = User.query.filter_by(username=username).first()
except ProgrammingError as e:
if "doesn't exist" in str(e):
print 'You must run init_ogre command first!'
sys.exit(1)
else:
raise e
if test is True:
# only report state in test mode
if user is None:
print "User doesn't exist"
sys.exit(1)
else:
print 'User {} exists'.format(username)
sys.exit(0)
else:
if user is None:
try:
# celery is required for flask_security as it imports tasks.py
app.celery = make_celery(app)
register_tasks(app)
from ogreserver.extensions.flask_security import init_security
app.security = init_security(app)
user = app.security.datastore.create_user(
username=username, email=email, password=password
)
if confirmed:
from flask.ext.security.confirmable import confirm_user
confirm_user(user)
app.security.datastore.commit()
print "Created user {} with role '{}'".format(username, role)
except IntegrityError:
print 'A user with this email address already exists'
sys.exit(1)
else:
print 'User {} already exists'.format(username)
sys.exit(1)
def create_users():
for u in (
("testadmin", "*****@*****.**", "password", ["admin"], True),
("testboardmember", "*****@*****.**", "password", ["board"], True),
("testmember", "*****@*****.**", "password", [], True),
):
user = current_app.user_datastore.create_user(
username=u[0], email=u[1], password=u[2], roles=u[3], active=u[4]
)
confirm_user(user)
current_app.user_datastore.commit()
print("PopulateDB: add user " + str(u))
def create_users():
for u in (('*****@*****.**', 'password', ['admin'], True),
('*****@*****.**', 'password', ['editor'], True),
('*****@*****.**', 'password', ['author'], True),
('*****@*****.**', 'password', [], False)):
user = current_app.user_datastore.create_user(
email=u[0],
password=u[1],
roles=u[2],
active=u[3]
)
confirm_user(user)
current_app.user_datastore.commit()
def create_users():
for u in (('testadmin', '*****@*****.**', 'password', ['admin'],
True), ('testboardmember', '*****@*****.**',
'password', ['board'], True),
('testmember', '*****@*****.**', 'password', [],
True)):
user = current_app.user_datastore.create_user(username=u[0],
email=u[1],
password=u[2],
roles=u[3],
active=u[4])
confirm_user(user)
current_app.user_datastore.commit()
print("PopulateDB: add user " + str(u))
def create_users():
for u in (('matt', '*****@*****.**', 'password', ['admin'], True),
('joe', '*****@*****.**', 'password', ['editor'], True),
('jill', '*****@*****.**', 'password', ['author'], True),
('tiya', '*****@*****.**', 'password', [], False)):
user = current_app.user_datastore.create_user(
username=u[0],
email=u[1],
password=u[2],
roles=u[3],
active=u[4]
)
confirm_user(user)
current_app.user_datastore.commit()
def create_users():
for u in (('matt', '*****@*****.**', 'password', [], True),
('joe', '*****@*****.**', 'password', [], True),
('jill', '*****@*****.**', 'password', [], True),
('tiya', '*****@*****.**', 'password', [], False)):
user = current_app.user_datastore.create_user(
username=u[0],
email=u[1],
password=u[2],
roles=u[3],
active=u[4]
)
confirm_user(user)
current_app.user_datastore.commit()
def get_object(self, id):
""" overriding base get_object flow
"""
if request.json and 'token' in request.json:
token = request.json['token']
expired, invalid, instance = confirm_email_token_status(token)
confirm_user(instance)
instance.save()
login_user(instance, True)
elif current_user.is_superuser():
instance = User.query.get_or_404(id)
else:
instance = current_user
instance is None and abort(http.NOT_FOUND)
return instance
def get_object(self, id):
""" overriding base get_object flow
"""
if request.json and 'token' in request.json:
token = request.json['token']
expired, invalid, instance = confirm_email_token_status(token)
confirm_user(instance)
instance.save()
login_user(instance, True)
elif current_user.is_superuser():
instance = User.query.get_or_404(id)
else:
instance = current_user
instance is None and abort(http.NOT_FOUND)
return instance
def confirm_email(token):
"""View function which handles a email confirmation request."""
expired, invalid, user = confirm_email_token_status(token)
if not user or invalid:
invalid = True
do_flash(*get_message('INVALID_CONFIRMATION_TOKEN'))
if expired:
send_confirmation_instructions(user)
do_flash(*get_message('CONFIRMATION_EXPIRED', email=user.email,
within=_security.confirm_email_within))
if invalid or expired:
return redirect(get_url(_security.confirm_error_view) or
url_for_security('send_confirmation'))
if user.confirmed_at is not None:
do_flash(*get_message('ALREADY_CONFIRMED'))
return redirect(get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
if request.json:
form_data = MultiDict(request.json)
else:
form_data = request.form
form = forms.ConfirmEmailForm(form_data)
if form.validate_on_submit():
user.password = form.password.data
confirm_user(user) # this saves 'user'
if user != current_user:
logout_user()
login_user(user)
do_flash(*get_message('EMAIL_CONFIRMED'))
return redirect(get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
return render_template('security/confirm.html',
token=token,
confirm_form=form,
**_ctx('change_password')
)
def create_users():
for u in (('Ian', '*****@*****.**', 'password', ['admin'], True,
[Profile(name='Ian',
description='wickedly smart beneficent mastermind',
images=['img/profiles-samples/ian-fire.jpg',
'img/profiles-samples/ian-frog.jpg',
'img/profiles-samples/ian-color.jpg',
'img/profiles-samples/ian-suckers.jpg'])]),
('Christina', '*****@*****.**', 'password', ['editor'], True,
[Profile(name='Christina',
description='sexy funny kitty wrangler',
images=['img/profiles-samples/christina.jpg',
'img/profiles-samples/gilmores.jpg',
'img/profiles-samples/kitties.jpg'])]),
('Jason', '*****@*****.**', 'password', ['admin'], True,
[Profile(name='Jason',
description='robust healthy male',
images=['img/profiles-samples/jason-potion.jpg',
'img/profiles-samples/jason-warlord.jpg',
'img/profiles-samples/jason-butt.jpg'])]),
('Amy', '*****@*****.**', 'password', ['author'], True,
[Profile(name='Amy',
description='amazon warrior princess',
images=['img/profiles-samples/amy-kiss.jpg',
'img/profiles-samples/amy-wifi.jpg',
'img/profiles-samples/amy-savanah.jpg'])]),
('Regular User', '*****@*****.**', 'password', [], True, []),
('Disabled User', '*****@*****.**', 'password', [], False, [])):
user = current_app.user_datastore.create_user(
username=u[0],
email=u[1],
password=u[2],
roles=u[3],
active=u[4],
profiles=u[5]
)
confirm_user(user)
current_app.user_datastore.commit()
def create_builtins(the_db, user_datastore):
"""
Creates the built-in resources (users, etc.) that are defined in the
config file.
"""
# Some flask utils like encrypt_password require an application context
with app.app_context():
# Roles
for builtin in app.config['DISMEMBER_BUILTINS']['roles']:
user_datastore.find_or_create_role(**builtin)
# Users
for builtin in app.config['DISMEMBER_BUILTINS']['users']:
user = user_datastore.find_user(email=builtin['email'])
if not user:
# Hash the password
builtin['password'] = encrypt_password(builtin.pop('password', ''))
user = user_datastore.create_user(**builtin)
confirm_user(user)
for role_name in builtin['roles']:
user_datastore.add_role_to_user(user, role_name)
the_db.session.commit()