def activation_view(request, slug):
name = None
username = None
user_id = None
if slug:
auth = AuthClient('https://' + OKTA_ORG)
response = auth.recovery(slug)
if response.status_code == 200:
user = json.loads(response.content)['_embedded']['user']
name = user['profile']['firstName']
username = user['profile']['login']
user_id = user['id']
else:
return HttpResponseRedirect(reverse('not_authenticated'))
if request.method == 'POST':
if user_id is None:
return HttpResponseRedirect(reverse('not_authenticated'))
try:
form = ActivationForm(request.POST)
if form.is_valid():
pw = form.cleaned_data['password1']
user = {"credentials": {"password": {"value": pw}}}
client = UsersClient('https://' + OKTA_ORG, API_KEY)
client.set_password(user_id=user_id, user=user)
res = auth.authn(username, pw)
if res.status_code == 200:
session_token = json.loads(res.content)['sessionToken']
return redirect('https://' + OKTA_ORG +
LOGIN_NOPROMPT_BOOKMARK +
'?sessionToken={}'.format(session_token))
return HttpResponseRedirect(reverse('registration_success'))
except Exception as e:
print("Error: {}".format(e))
form.add_error(field=None, error=e)
else:
form = ActivationForm()
return render(request, 'activate.html', {
'form': form,
'slug': slug,
'firstName': name
})
def activation_wo_token_view(request):
state = None
if request.method == 'POST':
form = ActivationWithEmailForm(request.POST)
if form.is_valid():
state = form.cleaned_data['state']
email = form.cleaned_data['email']
otp = form.cleaned_data['verificationCode']
password1 = form.cleaned_data['password1']
password2 = form.cleaned_data['password2']
print('state={}'.format(state))
client = UsersClient('https://' + OKTA_ORG, API_KEY)
user = json.loads(client.get_user(email))
if state == 'verify-email':
state = 'verify-token'
print(user)
if user['status'] == 'PROVISIONED':
enroll_status = client.enroll_email_factor(
user['id'], email)
print(enroll_status.status_code)
#if enroll_status.status_code == 200:
response = client.list_factors(user['id'])
factors = json.loads(response)
for factor in factors:
if factor['factorType'] == 'email':
request.session['email_factor_id'] = factor['id']
request.session['verification_username'] = email
request.session['verification_user_id'] = user[
'id']
client.verify_email_factor(user['id'],
factor['id'])
elif state == 'verify-token':
state = 'set-password'
user_id = request.session['verification_user_id']
factor_id = request.session['email_factor_id']
response = client.verify_email_factor(user_id=user_id,
factor_id=factor_id,
pass_code=otp)
print(response.content)
elif state == 'set-password':
payload = {"credentials": {"password": {"value": password1}}}
client.set_password(
user_id=request.session['verification_user_id'],
user=payload)
auth = AuthClient('https://' + OKTA_ORG)
res = auth.authn(request.session['verification_username'],
password1)
if res.status_code == 200:
session_token = json.loads(res.content)['sessionToken']
return redirect('https://' + OKTA_ORG + IDP_DISCO_PAGE +
'?sessionToken={}'.format(session_token))
else:
print('invalid form')
else:
state = 'verify-email'
form = ActivationWithEmailForm()
return render(request, 'activate_w_email.html', {
'form': form,
'state': state
})
