def post_create_account(token):
form = CreateAccountForm(request.form)
if not form.validate():
template_data = {"error": {"type": form.errors}, "token": token}
return render_template("create-new-account.html", form=form, data=template_data)
try:
duration = app.config["EMAIL_TOKEN_EXPIRY"]
email = token_decoder.decode_email_token(token, duration)
except SignatureExpired:
logger.warning("Token expired for Response Operations create account", token=token)
return render_template("request-new-account-expired.html", token=token)
except (BadSignature, BadData):
logger.warning("Invalid token sent to Response Operations create account", token=token)
return render_template("request-new-account-expired.html", token=token)
password = request.form.get("password")
user_name = request.form.get("user_name")
first_name = request.form.get("first_name")
last_name = request.form.get("last_name")
errors = uaa_controller.create_user_account(email, password, user_name, first_name, last_name)
if errors is None:
logger.info("Successfully created user account", token=token)
send_confirm_created_email(email, first_name)
flash("Account successfully created", category="account_created")
return redirect(url_for("sign_in_bp.sign_in"))
else:
if "user_name" in errors:
template_data = {"error": {"type": errors}, "token": token}
return render_template("create-new-account.html", form=form, data=template_data)
return render_template("create-new-account-error.html")
def verify_email(token):
try:
duration = app.config["UPDATE_ACCOUNT_EMAIL_TOKEN_EXPIRY"]
json_token = token_decoder.decode_email_token(token, duration)
token_dict = json.loads(json_token)
user_id = session["user_id"]
if token_dict["user_id"] == user_id:
user_from_uaa = uaa_controller.get_user_by_id(user_id)
user_from_uaa["emails"][0]["value"] = token_dict["email"]
logger.info("Updating email in UAA")
errors = uaa_controller.update_user_account(user_from_uaa)
if errors is not None:
logger.error("Error updating email in UAA", msg=errors["message"])
flash("Failed to update email. Please try again", category="warn")
else:
flash("Your email has been changed", category="successful_signout")
return redirect(url_for("account_bp.confirm_email_change"))
else:
logger.error("Invalid link for user", user_id=user_id)
flash("Invalid link", category="warn")
return redirect(url_for("logout_bp.logout"))
except SignatureExpired:
logger.warning("Token expired for Response Operations email change", token=token)
flash("Your link has expired", category="successful_signout")
return redirect(url_for("logout_bp.logout"))
except (BadSignature, BadData):
logger.warning("Invalid token sent to Response Operations email change", token=token)
flash("Your link is invalid", category="successful_signout")
return redirect(url_for("logout_bp.logout"))
def test_generating_and_decoding_email_token(self):
with self.app.app_context():
try:
email_token = generate_email_token("*****@*****.**")
except InternalServerError:
self.fail("Exception raised in generating email token")
email = decode_email_token(email_token)
self.assertTrue(email == "*****@*****.**", "Email not successfully decoded from token")
time.sleep(2)
with self.assertRaises(SignatureExpired):
decode_email_token(email_token, 1)
with self.assertRaises(BadSignature):
decode_email_token("absoluterubbish")
def get_create_account(token, form_errors=None):
form = CreateAccountForm(request.form)
try:
duration = app.config["EMAIL_TOKEN_EXPIRY"]
_ = token_decoder.decode_email_token(token, duration)
except SignatureExpired:
logger.warning("Token expired for Response Operations account creation", token=token)
return render_template("request-new-account-expired.html", token=token)
except (BadSignature, BadData):
logger.warning("Invalid token sent to Response Operations account creation", token=token)
return render_template("request-new-account-expired.html", token=token)
template_data = {"error": {"type": form_errors}, "token": token}
return render_template("create-new-account.html", form=form, data=template_data)
def post_reset_password(token):
form = ResetPasswordForm(request.form)
if not form.validate():
return get_reset_password(token, form_errors=form.errors)
password = request.form.get('password')
try:
duration = app.config['EMAIL_TOKEN_EXPIRY']
email = token_decoder.decode_email_token(token, duration)
except SignatureExpired:
logger.warning('Token expired for Response Operations password reset',
token=token)
return render_template('reset-password-expired.html', token=token)
except (BadSignature, BadData):
logger.warning(
'Invalid token sent to Response Operations password reset',
token=token)
return render_template('reset-password-expired.html', token=token)
response = uaa_controller.change_user_password(email, password)
if response is not None:
if response.status_code == 200:
# 200 == All good
logger.info('Successfully changed user password', token=token)
send_confirm_change_email(email)
return redirect(
url_for('passwords_bp.reset_password_confirmation'))
if response.status_code == 422:
# 422 == New password same as old password
logger.info('New password same as old password', token=token)
errors = {
'password': [
'Please choose a different password or login with the old password'
]
}
return get_reset_password(token, form_errors=errors)
logger.warning('Error changing password in UAA', token=token)
return render_template('reset-password-error.html')
def post_create_account(token):
form = CreateAccountForm(request.form)
if not form.validate():
template_data = {"error": {"type": form.errors}, 'token': token}
return render_template('create-new-account.html',
form=form,
data=template_data)
try:
duration = app.config['EMAIL_TOKEN_EXPIRY']
email = token_decoder.decode_email_token(token, duration)
except SignatureExpired:
logger.warning('Token expired for Response Operations create account',
token=token)
return render_template('request-new-account-expired.html', token=token)
except (BadSignature, BadData):
logger.warning(
'Invalid token sent to Response Operations create account',
token=token)
return render_template('request-new-account-expired.html', token=token)
password = request.form.get('password')
user_name = request.form.get('user_name')
first_name = request.form.get('first_name')
last_name = request.form.get('last_name')
errors = uaa_controller.create_user_account(email, password, user_name,
first_name, last_name)
if errors is None:
logger.info('Successfully created user account', token=token)
send_confirm_created_email(email, first_name)
flash('Account successfully created', category='account_created')
return redirect(url_for('sign_in_bp.sign_in'))
else:
if 'user_name' in errors:
template_data = {"error": {"type": errors}, 'token': token}
return render_template('create-new-account.html',
form=form,
data=template_data)
return render_template('create-new-account-error.html')
def get_reset_password(token, form_errors=None):
form = ResetPasswordForm(request.form)
try:
duration = app.config['EMAIL_TOKEN_EXPIRY']
_ = token_decoder.decode_email_token(token, duration)
except SignatureExpired:
logger.warning('Token expired for Response Operations password reset',
token=token)
return render_template('reset-password-expired.html', token=token)
except (BadSignature, BadData):
logger.warning(
'Invalid token sent to Response Operations password reset',
token=token)
return render_template('reset-password-expired.html', token=token)
template_data = {"error": {"type": form_errors}, 'token': token}
return render_template('reset-password.html',
form=form,
data=template_data)
def resend_password_email_expired_token(token):
email = token_decoder.decode_email_token(token)
return send_password_change_email(email)
def resend_account_email_expired_token(token):
email = token_decoder.decode_email_token(token)
return send_create_account_email(email)
