def test_unreg_user_can_register(self):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie',
)
assert_true(user.get_confirmation_token(user.username))
def test_unreg_user_can_register(self):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie',
)
assert_true(user.get_confirmation_token(user.username))
def auth_register_post():
if not website.settings.ALLOW_REGISTRATION:
status.push_status_message(language.REGISTRATION_UNAVAILABLE)
return redirect('/')
form = RegistrationForm(request.form, prefix='register')
set_previous_url()
# Process form
if form.validate():
try:
user = auth.register_unconfirmed(
form.username.data,
form.password.data,
form.fullname.data)
auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
status.push_status_message(
language.ALREADY_REGISTERED.format(email=form.username.data))
return auth_login(registration_form=form)
if user:
if website.settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(email=user.username)
status.push_status_message(message, 'success')
return auth_login(registration_form=form)
else:
return redirect('/login/first/')
else:
forms.push_errors_to_status(form.errors)
return auth_login(registration_form=form)
def auth_register_post():
if not website.settings.ALLOW_REGISTRATION:
status.push_status_message(language.REGISTRATION_UNAVAILABLE)
return redirect('/')
form = RegistrationForm(request.form, prefix='register')
set_previous_url()
# Process form
if form.validate():
try:
user = auth.register_unconfirmed(form.username.data,
form.password.data,
form.fullname.data)
auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
status.push_status_message(
language.ALREADY_REGISTERED.format(email=form.username.data))
return auth_login(registration_form=form)
if user:
if website.settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(
email=user.username)
status.push_status_message(message, 'success')
return auth_login(registration_form=form)
else:
return redirect('/login/first/')
else:
forms.push_errors_to_status(form.errors)
return auth_login(registration_form=form)
def register_user(**kwargs):
"""Register new user account.
:param-json str email1:
:param-json str email2:
:param-json str password:
:param-json str fullName:
:raises: HTTPError(http.BAD_REQUEST) if validation fails or user already
exists
"""
# Verify email address match
if request.json['email1'] != request.json['email2']:
raise HTTPError(http.BAD_REQUEST,
data=dict(message_long='Email addresses must match.'))
# TODO: Sanitize fields
try:
user = auth.register_unconfirmed(
request.json['email1'],
request.json['password'],
request.json['fullName'],
)
auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long=language.ALREADY_REGISTERED.format(
email=request.json['email1'])))
if website.settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(email=user.username)
return {'message': message}
else:
return {'message': 'You may now log in.'}
def register_user(**kwargs):
"""
Register new user account.
HTTP Method: POST
:param-json str email1:
:param-json str email2:
:param-json str password:
:param-json str fullName:
:param-json str campaign:
:raises: HTTPError(http.BAD_REQUEST) if validation fails or user already exists
"""
# Verify that email address match.
# Note: Both `landing.mako` and `register.mako` already have this check on the form. Users can not submit the form
# if emails do not match. However, this check should not be removed given we may use the raw api call directly.
json_data = request.get_json()
if str(json_data['email1']).lower() != str(json_data['email2']).lower():
raise HTTPError(http.BAD_REQUEST,
data=dict(message_long='Email addresses must match.'))
# Verify that captcha is valid
if settings.RECAPTCHA_SITE_KEY and not validate_recaptcha(
json_data.get('g-recaptcha-response'),
remote_ip=request.remote_addr):
raise HTTPError(http.BAD_REQUEST,
data=dict(message_long='Invalid Captcha'))
try:
full_name = request.json['fullName']
full_name = strip_html(full_name)
campaign = json_data.get('campaign')
if campaign and campaign not in campaigns.get_campaigns():
campaign = None
user = framework_auth.register_unconfirmed(
request.json['email1'],
request.json['password'],
full_name,
campaign=campaign,
)
framework_auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long=language.ALREADY_REGISTERED.format(
email=markupsafe.escape(request.json['email1']))))
except ValidationError as e:
raise HTTPError(http.BAD_REQUEST, data=dict(message_long=e.message))
if settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(email=user.username)
return {'message': message}
else:
return {'message': 'You may now log in.'}
def test_confirm_email(self, mock_mail):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie',
)
user.reload()
token = user.get_confirmation_token(user.username)
res = self.app.get('/confirm/{}/{}'.format(user._id, token),
allow_redirects=False)
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('login?service=', res.location)
user.reload()
mock_mail.assert_called()
assert_equal(len(mock_mail.call_args_list), 1)
empty, kwargs = mock_mail.call_args
kwargs['user'].reload()
assert_equal(empty, ())
assert_equal(
kwargs, {
'user': user,
'mimetype': 'html',
'mail': mails.WELCOME,
'to_addr': user.username,
})
self.app.set_cookie(settings.COOKIE_NAME, user.get_or_create_cookie())
res = self.app.get('/confirm/{}/{}'.format(user._id, token))
res = res.follow()
assert_equal(res.status_code, 302)
assert_equal('/', urlparse.urlparse(res.location).path)
assert_equal(len(mock_mail.call_args_list), 1)
session = Session.objects.filter(
data__auth_user_id=user._id).order_by('-modified').first()
assert_equal(len(session.data['status']), 1)
def test_confirm_email(self, mock_mail):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie',
)
token = user.get_confirmation_token(user.username)
res = self.app.get('/confirm/{}/{}'.format(user._id, token), allow_redirects=False)
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('login?service=', res.location)
user.reload()
assert_equal(len(mock_mail.call_args_list), 1)
empty, kwargs = mock_mail.call_args
kwargs['user'].reload()
assert_equal(empty, ())
assert_equal(kwargs, {
'user': user,
'mimetype': 'html',
'mail': mails.WELCOME,
'to_addr': user.username,
})
self.app.set_cookie(settings.COOKIE_NAME, user.get_or_create_cookie())
res = self.app.get('/confirm/{}/{}'.format(user._id, token))
res = res.follow()
assert_equal(res.status_code, 302)
assert_equal('/', urlparse.urlparse(res.location).path)
assert_equal(len(mock_mail.call_args_list), 1)
session = Session.find(
Q('data.auth_user_id', 'eq', user._id)
).sort(
'-date_modified'
).limit(1)[0]
assert_equal(len(session.data['status']), 1)
def test_confirm_email(self, mock_mail):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie'
)
user.reload()
token = user.get_confirmation_token(user.username)
res = self.app.get('/confirm/{}/{}'.format(user._id, token), allow_redirects=False)
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('login?service=', res.location)
user.reload()
mock_mail.assert_called()
assert_equal(len(mock_mail.call_args_list), 1)
empty, kwargs = mock_mail.call_args
kwargs['user'].reload()
assert_equal(empty, ())
assert_equal(kwargs, {
'user': user,
'mimetype': 'html',
'mail': mails.WELCOME,
'domain': settings.DOMAIN,
'to_addr': user.username,
'osf_support_email': settings.OSF_SUPPORT_EMAIL
})
self.app.set_cookie(settings.COOKIE_NAME, user.get_or_create_cookie())
res = self.app.get('/confirm/{}/{}'.format(user._id, token))
res = res.follow()
assert_equal(res.status_code, 302)
assert_equal('/', urlparse.urlparse(res.location).path)
assert_equal(len(mock_mail.call_args_list), 1)
session = Session.objects.filter(data__auth_user_id=user._id).order_by('-modified').first()
assert_equal(len(session.data['status']), 1)
def test_confirm_email(self, mock_mail):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie',
)
token = user.get_confirmation_token(user.username)
res = self.app.get('/confirm/{}/{}'.format(user._id, token), allow_redirects=False)
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('login?service=', res.location)
user.reload()
assert_equal(len(mock_mail.call_args_list), 1)
empty, kwargs = mock_mail.call_args
kwargs['user'].reload()
assert_equal(empty, ())
assert_equal(kwargs, {
'user': user,
'mimetype': 'html',
'mail': mails.WELCOME,
'to_addr': user.username,
})
self.app.set_cookie(settings.COOKIE_NAME, user.get_or_create_cookie())
res = self.app.get('/confirm/{}/{}'.format(user._id, token))
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('dashboard', res.location)
assert_equal(len(mock_mail.call_args_list), 1)
session = Session.find(
Q('data.auth_user_id', 'eq', user._id)
).sort(
'-date_modified'
).limit(1)[0]
assert_equal(len(session.data['status']), 1)
def register_user(**kwargs):
"""
Register new user account.
HTTP Method: POST
:param-json str email1:
:param-json str email2:
:param-json str password:
:param-json str fullName:
:param-json str campaign:
:raises: HTTPError(http.BAD_REQUEST) if validation fails or user already exists
"""
# Verify email address match
json_data = request.get_json()
if str(json_data['email1']).lower() != str(json_data['email2']).lower():
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long='Email addresses must match.')
)
try:
full_name = request.json['fullName']
full_name = strip_html(full_name)
campaign = json_data.get('campaign')
if campaign and campaign not in campaigns.CAMPAIGNS:
campaign = None
user = framework_auth.register_unconfirmed(
request.json['email1'],
request.json['password'],
full_name,
campaign=campaign,
)
framework_auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
raise HTTPError(
http.BAD_REQUEST,
data=dict(
message_long=language.ALREADY_REGISTERED.format(
email=markupsafe.escape(request.json['email1'])
)
)
)
if settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(email=user.username)
return {'message': message}
else:
return {'message': 'You may now log in.'}
def test_confirm_email(self, mock_mail):
user = UnregUserFactory()
auth.register_unconfirmed(username=user.username,
password='******',
fullname='Rosie')
user.reload()
token = user.get_confirmation_token(user.username)
res = self.app.get('/confirm/{}/{}'.format(user._id, token),
allow_redirects=False)
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('login?service=', res.location)
user.reload()
mock_mail.assert_called_with(
osf_support_email=settings.OSF_SUPPORT_EMAIL,
mimetype='html',
storage_flag_is_active=False,
to_addr=user.username,
domain=settings.DOMAIN,
user=user,
mail=mails.WELCOME)
self.app.set_cookie(settings.COOKIE_NAME, user.get_or_create_cookie())
res = self.app.get('/confirm/{}/{}'.format(user._id, token))
res = res.follow()
assert_equal(res.status_code, 302)
assert_equal('/', urlparse.urlparse(res.location).path)
assert_equal(len(mock_mail.call_args_list), 1)
session = Session.objects.filter(
data__auth_user_id=user._id).order_by('-modified').first()
assert_equal(len(session.data['status']), 1)
def register_user(**kwargs):
"""Register new user account.
:param-json str email1:
:param-json str email2:
:param-json str password:
:param-json str fullName:
:raises: HTTPError(http.BAD_REQUEST) if validation fails or user already
exists
"""
# Verify email address match
if request.json['email1'] != request.json['email2']:
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long='Email addresses must match.')
)
# TODO: Sanitize fields
try:
user = auth.register_unconfirmed(
request.json['email1'],
request.json['password'],
request.json['fullName'],
)
auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
raise HTTPError(
http.BAD_REQUEST,
data=dict(
message_long=language.ALREADY_REGISTERED.format(
email=request.json['email1']
)
)
)
if website.settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(email=user.username)
return {'message': message}
else:
return {'message': 'You may now log in.'}
def register_user(**kwargs):
"""
Register new user account.
HTTP Method: POST
:param-json str email1:
:param-json str email2:
:param-json str password:
:param-json str fullName:
:param-json str campaign:
:raises: HTTPError(http.BAD_REQUEST) if validation fails or user already exists
"""
# Verify that email address match.
# Note: Both `landing.mako` and `register.mako` already have this check on the form. Users can not submit the form
# if emails do not match. However, this check should not be removed given we may use the raw api call directly.
json_data = request.get_json()
if str(json_data['email1']).lower() != str(json_data['email2']).lower():
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long='Email addresses must match.')
)
# Verify that captcha is valid
if settings.RECAPTCHA_SITE_KEY and not validate_recaptcha(json_data.get('g-recaptcha-response'), remote_ip=request.remote_addr):
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long='Invalid Captcha')
)
try:
full_name = request.json['fullName']
full_name = strip_html(full_name)
campaign = json_data.get('campaign')
if campaign and campaign not in campaigns.get_campaigns():
campaign = None
user = framework_auth.register_unconfirmed(
request.json['email1'],
request.json['password'],
full_name,
campaign=campaign,
)
framework_auth.signals.user_registered.send(user)
except (ValidationValueError, DuplicateEmailError):
raise HTTPError(
http.BAD_REQUEST,
data=dict(
message_long=language.ALREADY_REGISTERED.format(
email=markupsafe.escape(request.json['email1'])
)
)
)
except ValidationError as e:
raise HTTPError(
http.BAD_REQUEST,
data=dict(message_long=e.message)
)
if settings.CONFIRM_REGISTRATIONS_BY_EMAIL:
send_confirm_email(user, email=user.username)
message = language.REGISTRATION_SUCCESS.format(email=user.username)
return {'message': message}
else:
return {'message': 'You may now log in.'}