def confirm_email(token): """View function which handles a email confirmation request.""" expired, invalid, user = confirm_email_token_status(token) if not user or invalid: invalid = True already_confirmed = user is not None and user.confirmed_at is not None expired_and_not_confirmed = expired and not already_confirmed if expired_and_not_confirmed: send_confirmation_instructions(user) if invalid or expired_and_not_confirmed: return redirect(get_url(_security.confirm_error_view)) if confirm_user(user): after_this_request(_commit) if user != current_user: logout_user() login_user(user) return redirect(get_url(_security.post_confirm_view))
def register(): form = UserCustomForm() #Create a new user if request.method == 'POST' and form.validate(): data = { 'first_name': str(request.values.get('first_name').encode('utf-8')).title(), 'last_name': str(request.values.get('last_name').encode('utf-8')).title(), 'email': str(request.values.get('email').encode('utf-8')), } if (request.values.get('user_nic')): data['extras'] = {'auth_nic': str(request.values.get('user_nic'))} userUdata = datastore.create_user(**data) datastore.commit() send_confirmation_instructions(userUdata) do_flash(*get_message('CONFIRM_REGISTRATION', email=data['email'])) return redirect(url_for('security.login')) else: form.email.data = session.get('user_email') if form.email.data: form.email.render_kw = {'readonly': True} form.first_name.data = session.get('first_name') form.last_name.data = session.get('last_name') form.user_nic.data = session.get('user_nic') return theme.render('security/register_saml.html', form=form)
def handle_profile_form(form): """Handle profile update form.""" form.process(formdata=request.form) if form.validate_on_submit(): email_changed = False with db.session.begin_nested(): # Update profile. current_userprofile.username = form.username.data current_userprofile.full_name = form.full_name.data db.session.add(current_userprofile) # Update email if current_app.config['USERPROFILES_EMAIL_ENABLED'] and \ form.email.data != current_user.email: current_user.email = form.email.data current_user.confirmed_at = None db.session.add(current_user) email_changed = True db.session.commit() if email_changed: send_confirmation_instructions(current_user) # NOTE: Flash message after successful update of profile. flash(_('Profile was updated. We have sent a verification ' 'email to %(email)s. Please check it.', email=current_user.email), category='success') else: # NOTE: Flash message after successful update of profile. flash(_('Profile was updated.'), category='success')
def createuser(): """Create an user""" username = click.prompt("Username", type=str) email = click.prompt("Email", type=str) password = click.prompt("Password", type=str, hide_input=True, confirmation_prompt=True) while True: role = click.prompt("Role [admin/user]", type=str) if role == "admin" or role == "user": break if click.confirm("Do you want to continue ?"): role = Role.query.filter(Role.name == role).first() if not role: raise click.UsageError("Roles not present in database") u = user_datastore.create_user(name=username, email=email, password=encrypt_password(password), roles=[role]) db.session.commit() if FSConfirmable.requires_confirmation(u): FSConfirmable.send_confirmation_instructions(u) print("Look at your emails for validation instructions.")
def register_step_1_point_5(): ''' Tell the user to confirm their email address, with a button to send/re-send confirmation instructions. Note that users may have arrived here in one of two ways: 1. They're a brand-new user, in which case flask-security has already sent them confirmation instructions. 2. They're a legacy user, in which case they've already completed the subsequent registration steps, and need to be informed that the site now requires e-mail confirmation. If they user has already confirmed their address, move on. ''' if not current_user.requires_confirmation: return redirect(url_for('views.activity')) if request.method == 'POST': confirmable.send_confirmation_instructions(current_user) flash(gettext(u'Confirmation instructions sent.')) return render_template('register-step-1.5.html', is_legacy_user=has_user_done_register_step_2(current_user), form=Form() )
def handle_verification_form(form): """Handle email sending verification form.""" form.process(formdata=request.form) if form.validate_on_submit(): send_confirmation_instructions(current_user) # NOTE: Flash message. flash(_("Verification email sent."), category="success")
def handle_profile_form(form): """Handle profile update form.""" form.process(formdata=request.form) if form.validate_on_submit(): email_changed = False with db.session.begin_nested(): # Update profile. current_userprofile.username = form.username.data current_userprofile.full_name = form.full_name.data data = dict() data["biography"] = form.biography.data data["institution_id"] = form.institution.data.id data["institution_rol"] = form.institution_rol.data data["avatar"] = "" # print("fichero= ", form.avatar.data) # print("aquiiiiii", request) # if f: # filename = secure_filename(f.filename) # # print("otro= ", filename) if form.avatar.data: filename = secure_filename(form.avatar.data.filename) path_avatar = os.path.join( current_app.config.get('UPLOADED_PHOTOS_DEST'), filename) # print("path= ", path_avatar) form.avatar.data.save(path_avatar) with open(path_avatar, "r") as file_avatar: encoded_avatar = base64.b64encode(file_avatar) data["avatar"] = encoded_avatar current_userprofile.json_metadata = data ## print(current_userprofile.json_metadata) db.session.add(current_userprofile) # Update email if current_app.config['USERPROFILES_EMAIL_ENABLED'] and \ form.email.data != current_user.email: current_user.email = form.email.data current_user.confirmed_at = None db.session.add(current_user) email_changed = True db.session.commit() if email_changed: send_confirmation_instructions(current_user) # NOTE: Flash message after successful update of profile. flash(_( 'Profile was updated. We have sent a verification ' 'email to %(email)s. Please check it.', email=current_user.email), category='success') else: # NOTE: Flash message after successful update of profile. flash(_('Profile was updated.'), category='success')
def resend_confirmation_email(): """View function which sends confirmation instructions.""" form = _security.send_confirmation_form(MultiDict(request.get_json())) if form.validate_on_submit(): send_confirmation_instructions(form.user) else: return jsonify({'errors': form.errors}), HTTPStatus.BAD_REQUEST return '', HTTPStatus.NO_CONTENT
def confirm_email(token): """View function which handles a email confirmation request.""" after_this_request(_commit) try: user = confirm_by_token(token) except ConfirmationError, e: _logger.debug('Confirmation error: %s' % e) if e.user: send_confirmation_instructions(e.user) do_flash(str(e), 'error') confirm_error_url = get_url(_security.confirm_error_view) return redirect(confirm_error_url or url_for('send_confirmation'))
def handle_profile_form(form): """Handle profile update form.""" form.process(formdata=request.form) if form.validate_on_submit(): email_changed = False with db.session.begin_nested(): # Update profile. for key in form.__dict__: if getattr(form, key) and hasattr(current_userprofile, key): form_data = getattr(form, key).data setattr(current_userprofile, key, form_data) # Mapping role current_config = current_app.config if (current_config['WEKO_USERPROFILES_ROLE_MAPPING_ENABLED'] and current_userprofile.position): role_name = get_role_by_position(current_userprofile.position) roles1 = db.session.query(Role).filter_by(name=role_name).all() admin_role = current_config.get( "WEKO_USERPROFILES_ADMINISTRATOR_ROLE") userprofile_roles = current_config.get( "WEKO_USERPROFILES_ROLES") roles2 = [ role for role in current_user.roles if role not in userprofile_roles or role == admin_role ] roles = roles1 + roles2 if roles: current_user.roles = roles db.session.add(current_userprofile) # Update email if current_app.config['USERPROFILES_EMAIL_ENABLED'] and \ form.email.data != current_user.email: current_user.email = form.email.data current_user.confirmed_at = None db.session.add(current_user) email_changed = True db.session.commit() if email_changed: send_confirmation_instructions(current_user) # NOTE: Flash message after successful update of profile. flash(_( 'Profile was updated. We have sent a verification ' 'email to %(email)s. Please check it.', email=current_user.email), category='success') else: # NOTE: Flash message after successful update of profile. flash(_('Profile was updated.'), category='success')
def send_confirmation(): """View function which sends confirmation instructions.""" form = SendConfirmationForm(csrf_enabled=not app.testing) if form.validate_on_submit(): user = _datastore.find_user(**form.to_dict()) if user.confirmed_at is None: send_confirmation_instructions(user) msg = get_message('CONFIRMATION_REQUEST', email=user.email) _logger.debug('%s request confirmation instructions' % user) else: msg = get_message('ALREADY_CONFIRMED') do_flash(*msg) return render_template('security/send_confirmation.html', reset_confirmation_form=form, **_ctx('send_confirmation'))
def create(): """ Create a user. """ current_app.config["SERVER_NAME"] = current_app.config[ "REEL2BITS_HOSTNAME"] username = click.prompt("Username", type=str) email = click.prompt("Email", type=str) password = click.prompt("Password", type=str, hide_input=True, confirmation_prompt=True) while True: role = click.prompt("Role [admin/user]", type=str) if role == "admin" or role == "user": break if click.confirm("Do you want to continue ?"): role = Role.query.filter(Role.name == role).first() if not role: raise click.UsageError("Roles not present in database") u = user_datastore.create_user(name=username, email=email, password=hash_password(password), roles=[role]) actor = create_actor(u) actor.user = u actor.user_id = u.id db.session.add(actor) db.session.commit() if FSConfirmable.requires_confirmation(u): with current_app.app_context(): FSConfirmable.send_confirmation_instructions(u) print("Look at your emails for validation instructions.")
def accounts(): """ Register an account The method is available to apps with a token obtained via the client credentials grant. It creates a user and account records, as well as an access token for the app that initiated the request. The method returns the access token, which the app should save for later. --- tags: - Accounts definitions: Token: type: object properties: access_token: type: string token_type: type: string scope: type: string created_at: type: integer responses: 200: description: Returns Token schema: $ref: '#/definitions/Token' """ if not current_app.config["REGISTRATION_ENABLED"]: abort(403) errors = {} # Get the bearer token bearer = None if "Authorization" in request.headers: b = request.headers.get("Authorization") b = b.strip().split(" ") if len(b) == 2: bearer = b[1] else: errors["bearer"] = ["API Bearer Authorization format issue"] else: current_app.logger.info( "/api/v1/accounts: no Authorization bearer given") if not request.json: abort(400) if "nickname" not in request.json: errors["nickname"] = ["nickname is missing"] if "email" not in request.json: errors["email"] = ["email is missing"] if "fullname" not in request.json: errors["fullname"] = ["fullname is missing"] if "password" not in request.json: errors["password"] = ["password is missing"] if "confirm" not in request.json: errors["confirm"] = ["password confirm is missing"] if "agreement" not in request.json: errors["agreement"] = ["agreement is missing"] if len(errors) > 0: return jsonify({"error": str(errors)}), 400 if forbidden_username(request.json["nickname"]): return jsonify( {"error": str({"nickname": ["this username cannot be used"]})}), 400 if request.json["password"] != request.json["confirm"]: return jsonify( {"error": str({"confirm": ["passwords doesn't match"]})}), 400 if "agreement" not in request.json: return jsonify({ "error": str({"agreement": ["you need to accept the terms and conditions"]}) }), 400 # Check if user already exists by local user username user = User.query.filter(User.name == request.json["username"]).first() if user: return jsonify({"error": str({"ap_id": ["has already been taken"]})}), 400 # Check if user already exists by old local user (Actors) user = Actor.query.filter( Actor.preferred_username == request.json["username"]).first() if user: return jsonify({"error": str({"ap_id": ["has already been taken"]})}), 400 # Check if user already exists by email user = User.query.filter(User.email == request.json["email"]).first() if user: return jsonify({"error": str({"email": ["has already been taken"]})}), 400 # Check username is valid # /^[a-zA-Z\d]+$/ if not username_is_legal.match(request.json["username"]): return jsonify({ "error": str({"ap_id": ["should contains only letters and numbers"]}) }), 400 # Proceed to register the user role = Role.query.filter(Role.name == "user").first() if not role: return jsonify({"error": "server error"}), 500 u = user_datastore.create_user( name=request.json["username"], email=request.json["email"], display_name=request.json["fullname"], password=hash_password(request.json["password"]), roles=[role], ) actor = create_actor(u) actor.user = u actor.user_id = u.id if "bio" in request.json: actor.summary = request.json["bio"] db.session.add(actor) db.session.commit() if FSConfirmable.requires_confirmation(u): FSConfirmable.send_confirmation_instructions(u) # get the matching item from the given bearer bearer_item = OAuth2Token.query.filter( OAuth2Token.access_token == bearer).first() if not bearer_item: abort(400) client_item = OAuth2Client.query.filter( OAuth2Client.client_id == bearer_item.client_id).first() if not client_item: abort(400) # https://github.com/lepture/authlib/blob/master/authlib/oauth2/rfc6749/grants/base.py#L51 token = authorization.generate_token(client_item.client_id, "client_credentials", user=u, scope=client_item.scope, expires_in=None) tok = OAuth2Token() tok.user_id = u.id tok.client_id = client_item.client_id # the frontend should request an app every time it doesn't have one in local storage # and this app should allow delivering a somewhat non usuable Token # token which gets sent to this endpoint and gets used to get back the right client_id # to associate in the database... tok.token_type = token["token_type"] tok.access_token = token["access_token"] tok.refresh_token = None tok.scope = token["scope"] tok.revoked = False tok.expires_in = token["expires_in"] db.session.add(tok) db.session.commit() return jsonify({**token, "created_at": tok.issued_at}), 200
except: # Create user u = _datastore.create_user(**form.to_dict()) ======= if not form.validate_on_submit(): return render_template('security/register.html', register_user_form=form, **_ctx('register')) >>>>>>> 8919129c95bb1e27e30a925240811cf63e13ece9 token = None user = _datastore.create_user(**form.to_dict()) _commit() if _security.confirmable: token = send_confirmation_instructions(user) do_flash(*get_message('CONFIRM_REGISTRATION', email=user.email)) user_registered.send(dict(user=user, confirm_token=token), app=app._get_current_object()) _logger.debug('User %s registered' % user) <<<<<<< HEAD return redirect(_security.post_register_view or _security.post_login_view) do_flash(form.errors, 'error') ======= if not _security.confirmable or _security.login_without_confirmation: after_this_request(_commit)