def test_reset_password(self):
response = self.client.post(url_for('auth.forget_password'), data=dict(
email='*****@*****.**',
), follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Password reset email sent, check your inbox.', data)
user = User.query.filter_by(email='*****@*****.**').first()
self.assertTrue(user.validate_password('123'))
token = generate_token(user=user, operation=Operations.RESET_PASSWORD)
response = self.client.post(url_for('auth.reset_password', token=token), data=dict(
email='*****@*****.**',
password='******',
password2='new-password'
), follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Password updated.', data)
self.assertTrue(user.validate_password('new-password'))
self.assertFalse(user.validate_password('123'))
# bad token
response = self.client.post(url_for('auth.reset_password', token='bad token'), data=dict(
email='*****@*****.**',
password='******',
password2='new-password'
), follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Invalid or expired link.', data)
self.assertNotIn('Password updated.', data)
def test_reset_password(self):
response = self.client.post(url_for('auth.forget_password'),
data=dict(email='*****@*****.**', ),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('邮件已发送请注意查收', data)
user = User.query.filter_by(email='*****@*****.**').first()
self.assertTrue(user.validate_password('12345678'))
token = generate_token(user=user, operation=Operations.RESET_PASSWORD)
response = self.client.post(url_for('auth.reset_password',
token=token),
data=dict(email='*****@*****.**',
password='******',
password2='new-password'),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('修改密码成功', data)
self.assertTrue(user.validate_password('new-password'))
self.assertFalse(user.validate_password('12345678'))
# bad token
response = self.client.post(url_for('auth.reset_password',
token='bad token'),
data=dict(email='*****@*****.**',
password='******',
password2='new-password'),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('令牌失效, 重新发送验证邮件', data)
self.assertNotIn('修改密码成功', data)
def resend_confirm_email():
if current_user.confirmed:
return redirect(url_for('main.index'))
token = generate_token(user=current_user, operation=Operations.CONFIRM)
send_confirm_email(user=current_user, token=token)
flash('New email sent, check your inbox.', 'info')
return redirect(url_for('main.index'))
def register():
"""
注册
"""
logger.info('url = ' + str(request.url))
# 如果用户已经登录,则直接返回主页
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegisterForm()
if form.validate_on_submit():
name = form.name.data
# 将邮箱转成小写,避免验证出问题
email = form.email.data.lower()
username = form.username.data
password = form.password.data
user = User(name=name, email=email, username=username)
user.set_password(password)
db.session.add(user)
db.session.commit()
# 获取token
token = generate_token(user=user, operation='confirm')
# 发送验证邮箱
send_confirm_email(user=user, token=token)
flash('邮件已发送,请登录邮箱验证!', 'info')
return redirect(url_for('.login'))
return render_template('auth/register.html', form=form)
def resend_confirm_email():
if current_user.confirmed:
return redirect(url_for('main.index'))
token = generate_token(user=current_user, operation=Operations.CONFIRM)
send_confirm_email(user=current_user, token=token)
flash('新的邮件已发送,请检查你的邮箱', 'info')
return redirect(url_for('main.index'))
def change_email_request():
form = ChangeEmailForm()
if form.validate_on_submit():
token = generate_token(user=current_user, operation=Operations.CHANGE_EMAIL, new_email=form.email.data.lower())
send_change_email_email(to=form.email.data, user=current_user, token=token)
flash('Confirm email sent, check your inbox.', 'info')
return redirect(url_for('.index', username=current_user.username))
return render_template('user/settings/change_email.html', form=form)
def resend_confirm_email():
if current_user.confirmed:
return redirect(url_for("main.index"))
token = generate_token(user=current_user, operation=Operations.CONFIRM)
print(current_user, token)
send_confirm_email(user=current_user, token=token)
flash("New Email sent, check your inbox.", "info")
return redirect(url_for("main.index"))
def test_confirm_account(self):
user = User.query.filter_by(email='*****@*****.**').first()
self.assertFalse(user.confirmed)
token = generate_token(user=user, operation='confirm')
self.login(email='*****@*****.**', password='******')
response = self.client.get(url_for('auth.confirm', token=token), follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Account confirmed.', data)
self.assertTrue(user.confirmed)
def send_email_to_admire_doctor(photo_id):
photo = Photo.query.get_or_404(photo_id)
token_id = request.form['stripeToken']
to = request.form['email']
doctor_name = request.form['name']
mail_token = generate_token(photo.author, Operations.Invite_Doctor, expire_in=None, stripe_token_id=token_id,
photo_id=photo_id, email=to, sender_name = photo.author.username)
send_invite_email(photo.author, mail_token, to, doctor_name=doctor_name)
flash('The Email has been sent to the Doctor %s' % doctor_name, 'success')
return redirect(url_for('.show_photo', photo_id=photo_id))
def resend_confirm_email():
"""
重新发送确认邮件
:return:
"""
if current_user.confirmed:
return redirect(url_for('main.index'))
token = generate_token(user=current_user, operation=Operations.CONFIRM)
send_confirm_email(user=current_user, token=token)
flash("New email send, check your inbox ", 'info')
return redirect(url_for("main.index"))
def change_email_request():
form = ChangeEmailForm()
if form.validate_on_submit():
token = generate_token(current_user,
operation=Operations.CHANGE_EMAIL,
new_email=form.email.data)
send_change_email_email(current_user, token=token, to=form.email.data)
flash('确认邮件已发送到你的新邮箱,请注意查收。', 'success')
return redirect(url_for('.change_email_request'))
form.email.data = current_user.email
return render_template('user/settings/change_email.html', form=form)
def resend_confirm_email():
"""
重新发送验证邮件
"""
logger.info('url = ' + str(request.url))
if current_user.confirmed:
return redirect(url_for('main.index'))
token = generate_token(user=current_user, operation=Operations.CONFIRM)
send_confirm_email(user=current_user, token=token)
flash('新邮件已发送,请登录邮箱验证!', 'info')
return redirect(url_for('main.index'))
def forget_password():
if current_user.is_authenticated:
return redirect(url_for('main.index.html'))
form = ForgetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = generate_token(user=user, operation=Operations.CONFIRM)
send_rest_password_email(user=user, token=token)
flash('Password reset emails sent, check you inbox.', 'info')
return redirect(url_for('.login'))
flash('Invalid emails.', 'warning')
return redirect(url_for('.forget_password'))
return render_template('auth/reset_password.html', form=form)
def change_email_request():
"""
发送修改邮箱的邮件
"""
logger.info('url = ' + str(request.url))
form = ChangeEmailForm()
if form.validate_on_submit():
# 获取token
token = generate_token(user=current_user, operation=Operations.CHANGE_EMAIL, new_email=form.email.data.lower())
# 发送验证邮件
send_confirm_email(to=form.email.data, user=current_user, token=token)
flash('邮件已发送,请登录邮箱验证!', 'info')
return redirect(url_for('.index', username=current_user.username))
return render_template('user/settings/change_email.html', form=form)
def test_change_email(self):
user = User.query.get(2)
self.assertEqual(user.email, '*****@*****.**')
token = generate_token(user=user, operation=Operations.CHANGE_EMAIL, new_email='*****@*****.**')
self.login()
response = self.client.get(url_for('user.change_email', token=token), follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Email updated.', data)
self.assertEqual(user.email, '*****@*****.**')
response = self.client.get(url_for('user.change_email', token='bad'), follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Invalid or expired token.', data)
def register():
invite_token = request.args.get('token')
data = None
if invite_token:
data = validate_invite_token(invite_token)
if current_user.is_authenticated:
return redirect(url_for('main.index'))
if data:
form = RegisterForm(email=data['email'], role='Doctor')
else:
form = RegisterForm()
if form.validate_on_submit():
name = form.name.data
email = form.email.data.lower()
username = form.username.data
password = form.password.data
user = User(name=name, email=email, username=username)
user.set_role_with_name(form.role.data)
if form.role.data == 'Doctor':
doctor = Doctor()
user.doctor = doctor
user.set_password(password)
db.session.add(user)
db.session.commit()
token = generate_token(user=user, operation='confirm')
send_confirm_email(user=user, token=token)
flash('Confirm email sent, check your inbox.', 'info')
try:
photo = Photo.query.get(data['photo_id'])
if photo:
invite = Invite(photo_id=data['photo_id'],
user=user,
token_id=data['stripe_token_id'])
db.session.add(invite)
push_invite_notification(photo, user)
else:
flash(
'Unfortunately the photo that you have to comment has been removed by'
+ Markup(' <a href="%s">owner</a>. ' % url_for(
'user.index', username=data['sender_name'])),
'warning')
except Exception as e:
db.session.remove()
return redirect(url_for('.login'))
if data:
flash('Welcome! You will help many people on this site.', 'info')
return render_template('auth/register.html',
form=form,
invite_token=invite_token)
def forget_password():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ForgetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = generate_token(user=user,
operation=Operations.RESET_PASSWORD)
send_reset_password_email(user=user, token=token)
flash("Password reset email sent, check you inbox.", "info")
return redirect(url_for('auth.login'))
flash("Invalid email.", "warning")
return redirect(url_for("auth.forget_password"))
return render_template("auth/reset_password.html", form=form)
def forget_password():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ForgetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = generate_token(user=user,
operation=Operations.RESET_PASSWORD)
send_reset_password_email(user=user, token=token)
flash('重置密码已发送到您邮箱,请登录邮箱查看。', 'info')
return redirect(url_for('.login'))
flash('邮箱不合法.', 'warning')
return redirect(url_for('.forget_password'))
return render_template('auth/reset_password.html', form=form)
def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegisterForm()
if form.validate_on_submit():
name = form.name.data
email = form.email.data.lower()
username = form.username.data
password = form.password.data
user = User(name=name, email=email, username=username)
user.set_password(password)
db.session.add(user)
db.commit()
token = generate_token(user=user, operation=Operations.CONFIRM)
send_confirm_email(user=user, token=token)
flash('Confirm email sent, check your inbox.', 'info')
return redirect(url_for('.login'))
return render_template('auth/register.html', form=form)
def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegisterForm()
if form.validate_on_submit():
user = User(name=form.name.data,
email=form.email.data,
username=form.username.data,
role_id=4,
confirmed=True)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
token = generate_token(user=user, operation='confirm')
send_confirm_email(user=user, token=token)
flash('注册成功,请登录', 'info')
return redirect(url_for('.login'))
return render_template('auth/register.html', form=form)
def forget_password():
"""
忘记密码
"""
logger.info('url = ' + str(request.url))
# 如果已经登录,则跳转到主页
# 该功能只适用于登录记不起密码时使用
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ForgetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = generate_token(user=user, operation=Operations.RESET_PASSWORD)
# 重置密码
send_reset_password_email(user=user, token=token)
flash('邮件已发送,请登录邮箱点击链接重置密码!', 'info')
return redirect(url_for('.login'))
flash('无效邮箱,请重新输入!', 'warning')
return redirect(url_for('.forget_password'))
return render_template('auth/reset_password.html', form=form)
