def post_create_account(token): form = CreateAccountForm(request.form) if not form.validate(): template_data = {"error": {"type": form.errors}, "token": token} return render_template("create-new-account.html", form=form, data=template_data) try: duration = app.config["EMAIL_TOKEN_EXPIRY"] email = token_decoder.decode_email_token(token, duration) except SignatureExpired: logger.warning("Token expired for Response Operations create account", token=token) return render_template("request-new-account-expired.html", token=token) except (BadSignature, BadData): logger.warning("Invalid token sent to Response Operations create account", token=token) return render_template("request-new-account-expired.html", token=token) password = request.form.get("password") user_name = request.form.get("user_name") first_name = request.form.get("first_name") last_name = request.form.get("last_name") errors = uaa_controller.create_user_account(email, password, user_name, first_name, last_name) if errors is None: logger.info("Successfully created user account", token=token) send_confirm_created_email(email, first_name) flash("Account successfully created", category="account_created") return redirect(url_for("sign_in_bp.sign_in")) else: if "user_name" in errors: template_data = {"error": {"type": errors}, "token": token} return render_template("create-new-account.html", form=form, data=template_data) return render_template("create-new-account-error.html")
def verify_email(token): try: duration = app.config["UPDATE_ACCOUNT_EMAIL_TOKEN_EXPIRY"] json_token = token_decoder.decode_email_token(token, duration) token_dict = json.loads(json_token) user_id = session["user_id"] if token_dict["user_id"] == user_id: user_from_uaa = uaa_controller.get_user_by_id(user_id) user_from_uaa["emails"][0]["value"] = token_dict["email"] logger.info("Updating email in UAA") errors = uaa_controller.update_user_account(user_from_uaa) if errors is not None: logger.error("Error updating email in UAA", msg=errors["message"]) flash("Failed to update email. Please try again", category="warn") else: flash("Your email has been changed", category="successful_signout") return redirect(url_for("account_bp.confirm_email_change")) else: logger.error("Invalid link for user", user_id=user_id) flash("Invalid link", category="warn") return redirect(url_for("logout_bp.logout")) except SignatureExpired: logger.warning("Token expired for Response Operations email change", token=token) flash("Your link has expired", category="successful_signout") return redirect(url_for("logout_bp.logout")) except (BadSignature, BadData): logger.warning("Invalid token sent to Response Operations email change", token=token) flash("Your link is invalid", category="successful_signout") return redirect(url_for("logout_bp.logout"))
def test_generating_and_decoding_email_token(self): with self.app.app_context(): try: email_token = generate_email_token("*****@*****.**") except InternalServerError: self.fail("Exception raised in generating email token") email = decode_email_token(email_token) self.assertTrue(email == "*****@*****.**", "Email not successfully decoded from token") time.sleep(2) with self.assertRaises(SignatureExpired): decode_email_token(email_token, 1) with self.assertRaises(BadSignature): decode_email_token("absoluterubbish")
def get_create_account(token, form_errors=None): form = CreateAccountForm(request.form) try: duration = app.config["EMAIL_TOKEN_EXPIRY"] _ = token_decoder.decode_email_token(token, duration) except SignatureExpired: logger.warning("Token expired for Response Operations account creation", token=token) return render_template("request-new-account-expired.html", token=token) except (BadSignature, BadData): logger.warning("Invalid token sent to Response Operations account creation", token=token) return render_template("request-new-account-expired.html", token=token) template_data = {"error": {"type": form_errors}, "token": token} return render_template("create-new-account.html", form=form, data=template_data)
def post_reset_password(token): form = ResetPasswordForm(request.form) if not form.validate(): return get_reset_password(token, form_errors=form.errors) password = request.form.get('password') try: duration = app.config['EMAIL_TOKEN_EXPIRY'] email = token_decoder.decode_email_token(token, duration) except SignatureExpired: logger.warning('Token expired for Response Operations password reset', token=token) return render_template('reset-password-expired.html', token=token) except (BadSignature, BadData): logger.warning( 'Invalid token sent to Response Operations password reset', token=token) return render_template('reset-password-expired.html', token=token) response = uaa_controller.change_user_password(email, password) if response is not None: if response.status_code == 200: # 200 == All good logger.info('Successfully changed user password', token=token) send_confirm_change_email(email) return redirect( url_for('passwords_bp.reset_password_confirmation')) if response.status_code == 422: # 422 == New password same as old password logger.info('New password same as old password', token=token) errors = { 'password': [ 'Please choose a different password or login with the old password' ] } return get_reset_password(token, form_errors=errors) logger.warning('Error changing password in UAA', token=token) return render_template('reset-password-error.html')
def post_create_account(token): form = CreateAccountForm(request.form) if not form.validate(): template_data = {"error": {"type": form.errors}, 'token': token} return render_template('create-new-account.html', form=form, data=template_data) try: duration = app.config['EMAIL_TOKEN_EXPIRY'] email = token_decoder.decode_email_token(token, duration) except SignatureExpired: logger.warning('Token expired for Response Operations create account', token=token) return render_template('request-new-account-expired.html', token=token) except (BadSignature, BadData): logger.warning( 'Invalid token sent to Response Operations create account', token=token) return render_template('request-new-account-expired.html', token=token) password = request.form.get('password') user_name = request.form.get('user_name') first_name = request.form.get('first_name') last_name = request.form.get('last_name') errors = uaa_controller.create_user_account(email, password, user_name, first_name, last_name) if errors is None: logger.info('Successfully created user account', token=token) send_confirm_created_email(email, first_name) flash('Account successfully created', category='account_created') return redirect(url_for('sign_in_bp.sign_in')) else: if 'user_name' in errors: template_data = {"error": {"type": errors}, 'token': token} return render_template('create-new-account.html', form=form, data=template_data) return render_template('create-new-account-error.html')
def get_reset_password(token, form_errors=None): form = ResetPasswordForm(request.form) try: duration = app.config['EMAIL_TOKEN_EXPIRY'] _ = token_decoder.decode_email_token(token, duration) except SignatureExpired: logger.warning('Token expired for Response Operations password reset', token=token) return render_template('reset-password-expired.html', token=token) except (BadSignature, BadData): logger.warning( 'Invalid token sent to Response Operations password reset', token=token) return render_template('reset-password-expired.html', token=token) template_data = {"error": {"type": form_errors}, 'token': token} return render_template('reset-password.html', form=form, data=template_data)
def resend_password_email_expired_token(token): email = token_decoder.decode_email_token(token) return send_password_change_email(email)
def resend_account_email_expired_token(token): email = token_decoder.decode_email_token(token) return send_create_account_email(email)