コード例 #1
0
    def _change_password_by_code(cls, code, user, new_password):
        code_links = UserActivationLink.query.filter_by(auth_user=user, used_date=None, link_type=ConfirmationLinkTypeEnum.CLT_PASSWORD)

        if not code_links.count():
            raise errors.ActivationCodeExpiredOrInvalid()

        max_use_count = 0
        found_link = None
        for code_link in code_links:
            code_link.use_attempts += 1

            if code_link.use_attempts > max_use_count:
                max_use_count = code_link.use_attempts
            if code_link.link_code != code:
                continue

            found_link = code_link

        if not found_link or max_use_count > 5:
            raise errors.ActivationCodeExpiredOrInvalid()

        found_link.used_date = datetime.utcnow()
        user = found_link.auth_user
        user.password = unicode(encrypt_password(new_password))
        db.session.commit()
        return user
コード例 #2
0
    def change_password(cls, user_id, code, old_password, new_password):
        user = AuthUser.query.filter_by(uuid=user_id).first()
        if not user:
            raise errors.UserNotFound()

        if code:
            return UserManager._change_password_by_code(code, user, new_password)

        if user.password is not None:
            if not check_password(old_password, user.password):
                raise errors.InvalidCurrentPassword()

        user.password = unicode(encrypt_password(new_password))
        db.session.commit()
        return user
コード例 #3
0
        def _register(self, *args, **kwargs):
            new_user = AuthUser(**{
                "password": encrypt_password('TestPassword123'),
                "email": '*****@*****.**',
                'enabled': True,
                'email_confirmed': True,
                'mobile': "+79001112233",
                'mobile_confirmed': True,

                'name': 'Name',
                'surname': 'Surname',
                'patronymic': 'Patronymic',
                'is_tester': True,
                'temporal': is_temporal
            })
            sql_db.session.add(new_user)
            sql_db.session.flush()
            self.user = new_user
            return func(self, *args, **kwargs)
コード例 #4
0
 def _register(self, *args, **kwargs):
     new_user = AuthUser(
         **{
             "password": encrypt_password('TestPassword123'),
             "email": '*****@*****.**',
             'enabled': True,
             'email_confirmed': True,
             'mobile': "+79001112233",
             'mobile_confirmed': True,
             'name': 'Name',
             'surname': 'Surname',
             'patronymic': 'Patronymic',
             'is_tester': True,
             'temporal': is_temporal
         })
     sql_db.session.add(new_user)
     sql_db.session.flush()
     self.user = new_user
     return func(self, *args, **kwargs)
コード例 #5
0
        def _authorize(self, *args, **kwargs):
            if user_id is not None:
                user = AuthUser.query.filter_by(id=user_id).first()
                with self.test_client.session_transaction() as sess:
                    sess['user_id'] = user_id
                self.user = user
                with self.app.test_request_context():
                    _request_ctx_stack.top.user = self.user
                    return func(self, *args, **kwargs)

            enabled = kwargs.get('user_enabled', True)
            data = {
                "password": encrypt_password('TestPassword123'),
                "email": '*****@*****.**',
                'enabled': enabled,
                'email_confirmed': True,
                'mobile': "+79001112233",
                'mobile_confirmed': True,

                'name': 'Name',
                'surname': 'Surname',
                'patronymic': 'Patronymic',
                'is_tester': True,
                'temporal': is_temporal
            } if not is_temporal else {
                'enabled': enabled,
                'is_tester': True,
                'temporal': is_temporal
            }
            if admin:
                data['admin'] = True
            new_user = AuthUser(**data)
            sql_db.session.add(new_user)
            sql_db.session.commit()
            with self.test_client.session_transaction() as sess:
                sess['user_id'] = new_user.get_id()
            self.user = new_user
            with self.app.test_request_context():
                _request_ctx_stack.top.user = self.user
                return func(self, *args, **kwargs)
コード例 #6
0
        def _authorize(self, *args, **kwargs):
            if user_id is not None:
                user = AuthUser.query.filter_by(id=user_id).first()
                with self.test_client.session_transaction() as sess:
                    sess['user_id'] = user_id
                self.user = user
                with self.app.test_request_context():
                    _request_ctx_stack.top.user = self.user
                    return func(self, *args, **kwargs)

            enabled = kwargs.get('user_enabled', True)
            data = {
                "password": encrypt_password('TestPassword123'),
                "email": '*****@*****.**',
                'enabled': enabled,
                'email_confirmed': True,
                'mobile': "+79001112233",
                'mobile_confirmed': True,
                'name': 'Name',
                'surname': 'Surname',
                'patronymic': 'Patronymic',
                'is_tester': True,
                'temporal': is_temporal
            } if not is_temporal else {
                'enabled': enabled,
                'is_tester': True,
                'temporal': is_temporal
            }
            if admin:
                data['admin'] = True
            new_user = AuthUser(**data)
            sql_db.session.add(new_user)
            sql_db.session.commit()
            with self.test_client.session_transaction() as sess:
                sess['user_id'] = new_user.get_id()
            self.user = new_user
            with self.app.test_request_context():
                _request_ctx_stack.top.user = self.user
                return func(self, *args, **kwargs)
コード例 #7
0
    def update_profile(cls, auth_user, new_email, new_mobile=None):

        temp_user = auth_user.temporal
        if new_email:
            new_email = new_email.lower()

        if new_email and auth_user.email != new_email:
            if AuthUser.query.filter_by(email=new_email).count():
                raise errors.DuplicateEmail()

            auth_user.email = new_email
            auth_user.email_confirmed = False

            if temp_user:
                new_password = UserManager.generate_password()
                password = unicode(encrypt_password(new_password))

                link_code = cls._generate_link_code(True)

                activation_link = UserActivationLink(
                    link_type=ConfirmationLinkTypeEnum.CLT_PASSWORD,
                    link_code=link_code,
                    auth_user=auth_user
                )
                db.session.add(activation_link)

                from fw.async_tasks import send_email

                schema = cls.__config['WEB_SCHEMA']
                domain = cls.__config['DOMAIN']
                selfcare_url = u"%s://%s/account/?" % (schema, domain)
                selfcare_url = utm_args(selfcare_url, 'new_account_user_notify', auth_user.id)
                selfcare_url = cls.make_auth_url(selfcare_url, auth_user).get_url(cls.__config)
                tmpl_data = {
                    'password': new_password,
                    "link_code": activation_link.link_code,
                    'email': new_email,
                    "domain": domain,
                    "schema": schema,
                    "user_id": auth_user.uuid,
                    "selfcare_url": selfcare_url # {{'?'|utm_args('', user_id)}}
                }
                send_email.send_email.delay(new_email, "new_account_user_notify", **tmpl_data)
                auth_user.password = password
                auth_user.temporal = False

            UserManager.confirm_new_email(auth_user, new_email, email_type="confirm_email")
            db.session.commit()

        elif new_email == u'':
            # empty string: delete current email
            raise errors.InvalidParameterValue('email')

        if new_mobile and auth_user.mobile != new_mobile:
            if AuthUser.query.filter_by(mobile=new_mobile).count():
                raise errors.DuplicateMobile()

            auth_user.mobile = new_mobile
            auth_user.mobile_confirmed = False
            UserManager.confirm_new_mobile(auth_user, new_mobile)
            db.session.commit()
        elif new_mobile == u"":
            auth_user.mobile = None
            auth_user.mobile_confirmed = False
            db.session.commit()

        return auth_user
コード例 #8
0
    def create_user(cls, social_service_access_token, mobile, email,
                    name, surname, patronymic, password, social_network, email_is_social=False, temp_user=None,
                    is_tester=False):

        is_temp_user = not mobile and not email
        email_confirmed = False
        social_uid = None
        social_email = ''
        social_backend = None
        token = None
        if social_service_access_token and social_network:
            token = social_service_access_token
            social_backend = SocialServiceBackends.backends.get(social_network)
            if social_backend:
                social_data = social_backend.get_user_data(cls.__config, token)
                social_uid = social_data.get('id', None)
                if not social_data or not social_uid:
                    raise errors.SocialAuthError()
                social_email = social_data.get('email', None)
                if social_email:
                    social_email = social_email.lower()
                social_service_user_link = social_backend.get_user_link(social_uid)
                if social_service_user_link:
                    user_id = social_service_user_link.auth_user
                    user = AuthUser.query.filter_by(id=user_id)
                    return user, False

        email = email.lower() if email else u''
        if email:
            if email_is_social or (social_email and email == social_email):
                email_confirmed = True
        elif not email and not mobile and social_backend:
            email = social_email
            if email:
                email_confirmed = True

        current_user = (AuthUser.query.filter_by(email=unicode(email)).first() if email else AuthUser.query.filter_by(mobile=unicode(mobile)).first() if mobile else None)

        if current_user:
            if email:
                if social_email and social_uid:
                    if current_user.email_confirmed:
                        social_backend.make_link(token, social_uid, current_user, cls.__config)
                        return current_user, False
                    else:
                        email = u''
                        email_confirmed = False
                else:
                    raise errors.DuplicateEmail()
            else:
                raise errors.DuplicateMobile()

        # Creating new auth user record
        user = temp_user or AuthUser(uuid=unicode(ObjectId()))
        user.email_confirmed = email_confirmed
        user.mobile_confirmed = False
        user.is_tester = is_tester
        if email_confirmed:
            user.email = email
        user.password = unicode(encrypt_password(password)) if password else None
        user.signup_date = datetime.utcnow()
        user.enabled = True
        user.email = unicode(email) if email else None
        user.mobile = unicode(mobile) if mobile else None
        user.name = unicode(name)
        user.surname = unicode(surname)
        user.patronymic = unicode(patronymic)
        user.temporal = is_temp_user

        try:
            db.session.add(user)
        except Exception, exc:
            cls.__logger.error('Failed to add user to DB: %s' % str(exc))
            db.session.rollback()
            raise