예제 #1
0
def _do_registration(form, service=None, send_sms=True, send_email=True):
    if user_api_client.is_email_unique(form.email_address.data):
        user = user_api_client.register_user(form.name.data,
                                             form.email_address.data,
                                             form.mobile_number.data,
                                             form.password.data)

        # TODO possibly there should be some exception handling
        # for sending sms and email codes.
        # How do we report to the user there is a problem with
        # sending codes apart from service unavailable?
        # at the moment i believe http 500 is fine.

        if send_email:
            user_api_client.send_verify_email(user.id, user.email_address)

        if send_sms:
            user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
        session['expiry_date'] = str(datetime.utcnow() + timedelta(hours=1))
        session['user_details'] = {"email": user.email_address, "id": user.id}
    else:
        if send_email:
            user = user_api_client.get_user_by_email(form.email_address.data)
            user_api_client.send_already_registered_email(user.id, user.email_address)
        session['expiry_date'] = str(datetime.utcnow() + timedelta(hours=1))
        session['user_details'] = {"email": user.email_address, "id": user.id}
예제 #2
0
def new_password(token):
    from notifications_utils.url_safe_token import check_token

    try:
        token_data = check_token(
            token,
            current_app.config["SECRET_KEY"],
            current_app.config["DANGEROUS_SALT"],
            current_app.config["TOKEN_MAX_AGE_SECONDS"],
        )
    except SignatureExpired:
        flash("The link in the email we sent you has expired. Enter your email address to resend.")
        return redirect(url_for(".forgot_password"))

    email_address = json.loads(token_data)["email"]
    user = user_api_client.get_user_by_email(email_address)
    if user.password_changed_at and datetime.strptime(
        user.password_changed_at, "%Y-%m-%d %H:%M:%S.%f"
    ) > datetime.strptime(json.loads(token_data)["created_at"], "%Y-%m-%d %H:%M:%S.%f"):
        flash("The link in the email has already been used")
        return redirect(url_for("main.index"))

    form = NewPasswordForm()

    if form.validate_on_submit():
        user_api_client.send_verify_code(user.id, "sms", user.mobile_number)
        session["user_details"] = {"id": user.id, "email": user.email_address, "password": form.new_password.data}
        return redirect(url_for("main.two_factor"))
    else:
        return render_template("views/new-password.html", token=token, form=form, user=user)
예제 #3
0
def check_and_resend_verification_code():
    user = user_api_client.get_user_by_email(session['user_details']['email'])
    user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
    if user.state == 'pending':
        return redirect(url_for('main.verify'))
    else:
        return redirect(url_for('main.two_factor'))
예제 #4
0
def _do_registration(form,
                     send_sms=True,
                     send_email=True,
                     organisation_id=None):
    if user_api_client.is_email_already_in_use(form.email_address.data):
        user = user_api_client.get_user_by_email(form.email_address.data)
        if send_email:
            user_api_client.send_already_registered_email(
                user.id, user.email_address)
        session['expiry_date'] = str(datetime.utcnow() + timedelta(hours=1))
        session['user_details'] = {"email": user.email_address, "id": user.id}
    else:
        user = user_api_client.register_user(form.name.data,
                                             form.email_address.data,
                                             form.mobile_number.data or None,
                                             form.password.data,
                                             form.auth_type.data)
        if send_email:
            user_api_client.send_verify_email(user.id, user.email_address)

        if send_sms:
            user_api_client.send_verify_code(user.id, 'sms',
                                             user.mobile_number)
        session['expiry_date'] = str(datetime.utcnow() + timedelta(hours=1))
        session['user_details'] = {"email": user.email_address, "id": user.id}
    if organisation_id:
        session['organisation_id'] = organisation_id
예제 #5
0
def check_and_resend_text_code():
    user = user_api_client.get_user_by_email(session['user_details']['email'])

    if user.state == 'active':
        # this is a verified user and therefore redirect to page to request resend without edit mobile
        return render_template('views/verification-not-received.html')

    form = TextNotReceivedForm(mobile_number=user.mobile_number)
    if form.validate_on_submit():
        user_api_client.send_verify_code(user.id, 'sms', to=form.mobile_number.data)
        user = user_api_client.update_user_attribute(user.id, mobile_number=form.mobile_number.data)
        return redirect(url_for('.verify'))

    return render_template('views/text-not-received.html', form=form)
예제 #6
0
def check_and_resend_text_code():
    user = user_api_client.get_user_by_email(session['user_details']['email'])

    if user.state == 'active':
        # this is a verified user and therefore redirect to page to request resend without edit mobile
        return render_template('views/verification-not-received.html')

    form = TextNotReceivedForm(mobile_number=user.mobile_number)
    if form.validate_on_submit():
        user_api_client.send_verify_code(user.id, 'sms', to=form.mobile_number.data)
        user.mobile_number = form.mobile_number.data
        user_api_client.update_user(user)
        return redirect(url_for('.verify'))

    return render_template('views/text-not-received.html', form=form)
예제 #7
0
def new_password(token):
    try:
        token_data = check_token(token, current_app.config['SECRET_KEY'],
                                 current_app.config['DANGEROUS_SALT'],
                                 current_app.config['EMAIL_EXPIRY_SECONDS'])
    except SignatureExpired:
        flash(
            'The link in the email we sent you has expired. Enter your email address to resend.'
        )
        return redirect(url_for('.forgot_password'))

    email_address = json.loads(token_data)['email']
    user = user_api_client.get_user_by_email(email_address)
    if user.password_changed_at and datetime.strptime(user.password_changed_at, '%Y-%m-%d %H:%M:%S.%f') > \
            datetime.strptime(json.loads(token_data)['created_at'], '%Y-%m-%d %H:%M:%S.%f'):
        flash('The link in the email has already been used')
        return redirect(url_for('main.index'))

    form = NewPasswordForm()

    if form.validate_on_submit():
        user_api_client.reset_failed_login_count(user.id)
        session['user_details'] = {
            'id': user.id,
            'email': user.email_address,
            'password': form.new_password.data
        }

        # TODO: remove this after alpha, when templates are sorted
        if user.id == NOTIFY_USER_ID:
            return log_in_user(user.id)

        if user.auth_type == 'email_auth':
            # they've just clicked an email link, so have done an email auth journey anyway. Just log them in.
            return log_in_user(user.id)
        else:
            # send user a 2fa sms code
            user_api_client.send_verify_code(user.id, 'sms',
                                             user.mobile_number)
            return redirect(url_for('main.two_factor'))
    else:
        return render_template('views/new-password.html',
                               token=token,
                               form=form,
                               user=user)
예제 #8
0
def resend_email_verification():
    user = user_api_client.get_user_by_email(session['user_details']['email'])
    user_api_client.send_verify_email(user.id, user.email_address)
    return render_template('views/resend-email-verification.html',
                           email=user.email_address)
예제 #9
0
def resend_email_verification():
    user = user_api_client.get_user_by_email(session['user_details']['email'])
    user_api_client.send_verify_email(user.id, user.email_address)
    return render_template('views/resend-email-verification.html', email=user.email_address)