def send_secret_code (username, code, mode) :
	"""
	if phone exist we send and SMS
	if not we send an email
	return : 'sms' or 'email' or None
	"""
	data = ns.get_data_from_username(username, mode)
	if not data :
		logging.error('cannot send secret code')
		return None
	if not data['phone'] :
		try :
			subject = 'Talao : Email authentification  '
			Talao_message.messageHTML(subject, data['email'], 'code_auth', {'code' : code}, mode)
			logging.info('code sent by email')
			return 'email'
		except :
			logging.error('sms failed, no phone')
			return None
	try :
		sms.send_code(data['phone'], code, mode)
		logging.info('code sent by sms')
		return 'sms'
	except :
		subject = 'Talao : Email authentification  '
		try :
			Talao_message.messageHTML(subject, data['email'], 'code_auth', {'code' : code}, mode)
			logging.info('sms failed, code sent by email')
			return 'email'
		except :
			logging.error('sms failed, email failed')
			return None
def cci_password(mode):
	if not session.get('email') :
		return redirect(mode.server + 'create_company_cci/')
	session['password'] = request.form['password']
	session['code'] = str(random.randint(10000, 99999))
	session['code_delay'] = datetime.now() + timedelta(seconds= 180)
	session['try_number'] = 0
	subject = 'Talao : Email authentification  '
	Talao_message.messageHTML(subject, session['email'], 'code_auth', {'code' : session['code']}, mode)
	print("Warning : code sent =" + session['code'])
	return render_template("CCI/create_company_cci_code.html", message_class='text-info', message = '')
def forgot_password(mode) :
	"""
	@app.route('/forgot_password/', methods = ['GET', 'POST'])
	This function is called from the login view.
	build JWE to store timestamp, username and email, we use Talao RSA key
	"""
	if request.method == 'GET' :
		return render_template('./login/forgot_password_init.html')
	if request.method == 'POST' :
		username = request.form.get('username')
		if not ns.username_exist(username, mode) :
			flash("Username not found", "warning")
			return render_template('./login/login_password.html')
		email= ns.get_data_from_username(username, mode)['email']
		private_rsa_key = privatekey.get_key(mode.owner_talao, 'rsa_key', mode)
		RSA_KEY = RSA.import_key(private_rsa_key)
		public_rsa_key = RSA_KEY.publickey().export_key('PEM').decode('utf-8')
		expired = datetime.timestamp(datetime.now()) + 180 # 3 minutes live
		# build JWE
		jwe = JsonWebEncryption()
		header = {'alg': 'RSA1_5', 'enc': 'A256GCM'}
		json_string = json.dumps({'username' : username, 'email' : email, 'expired' : expired})
		payload = bytes(json_string, 'utf-8')
		token = jwe.serialize_compact(header, payload, public_rsa_key)
		link = mode.server + 'forgot_password_token/?'+ urlencode({'token'  : token.decode('utf-8')}, doseq=True)
		subject = "Renew your password"
		if Talao_message.messageHTML(subject, email, 'forgot_password', {'link': link}, mode):
			flash("You are going to receive an email to renew your password.", "success")
		return render_template('./login/login_password.html')
예제 #4
0
def issue_credential_workflow(mode):
    """
    @route /company/issue_credential_workflow/?id=xxxx
    call = (created, user_name, reviewer_name, issuer_name, status, credential, id)
    update = update_verifiable_credential(id, host_name, reviewer_username, issuer_username, status, credential, mode)
    """
    if request.method == 'GET':
        session['credential_id'] = request.args['id']
        credential = company.Credential(session['host'], mode)
        session['call'] = credential.get_by_id(session['credential_id'])

        # credential cannot be updated if already signed
        field = "disabled" if session['call'][4] == 'signed' or session[
            'role'] in ['admin', 'creator'] else ""

        # credential is loaded  as dict
        my_credential = json.loads(session['call'][5])['credentialSubject']

        if my_credential["credentialCategory"] != 'experience':
            flash('view not yet available', 'warning')
            return redirect(mode.server + 'company/dashboard/')

        skills_str = ""
        for skill in my_credential['skills']:
            skills_str += skill['description'] + ','
        return render_template(
            './issuer/issue_experience_credential_workflow.html',
            credential_id=request.args['id'],
            picturefile=session['picture'],
            clipboard=mode.server + "board/?did=" + session['did'],
            **my_credential,
            scoreRecommendation=my_credential["reviewRecommendation"]
            ["reviewRating"]["ratingValue"],
            questionRecommendation=my_credential["reviewRecommendation"]
            ["reviewBody"],
            scoreSchedule=my_credential["reviewSchedule"]["reviewRating"]
            ["ratingValue"],
            questionSchedule=my_credential["reviewSchedule"]["reviewBody"],
            scoreCommunication=my_credential["reviewCommunication"]
            ["reviewRating"]["ratingValue"],
            questionCommunication=my_credential["reviewCommunication"]
            ["reviewBody"],
            scoreDelivery=my_credential["reviewDelivery"]["reviewRating"]
            ["ratingValue"],
            questionDelivery=my_credential["reviewDelivery"]["reviewBody"],
            skills_str=skills_str,
            field=field,
        )

    if request.method == 'POST':
        # credential is removed from database
        if request.form['exit'] == 'delete':
            credential = company.Credential(session['host'], mode)
            credential.delete(session['credential_id'])
            del session['credential_id']
            del session['call']
            return redirect(mode.server + 'company/dashboard/')

        # nothing is done
        if request.form['exit'] == 'back':
            del session['credential_id']
            del session['call']
            return redirect(mode.server + 'company/dashboard/')

        # get form data to update credential
        my_credential = json.loads(session['call'][5])
        get_form_data(my_credential, request.form)

        # update without review and signature
        if request.form.get('exit') == 'update':
            credential = company.Credential(session['host'], mode)
            credential.update(
                session['credential_id'],
                session['call'][2],
                session['call'][3],
                session['call'][4],
                json.dumps(my_credential),
            )

        # credential has been signed by issuer
        elif request.form.get('exit') == 'sign':
            # sign credential with company key
            manager_workspace_contract = ns.get_data_from_username(
                session['username'], mode)['identity_workspace_contract']
            my_credential['credentialSubject'][
                'managerSignature'] = json.loads(
                    ns.get_personal(manager_workspace_contract,
                                    mode))['signature']
            my_credential["issuanceDate"] = datetime.utcnow().replace(
                microsecond=0).isoformat() + "Z"
            my_credential['issuer'] = ns.get_did(session['workspace_contract'],
                                                 mode)
            signed_credential = vc_signature.sign(my_credential,
                                                  session['private_key_value'],
                                                  my_credential['issuer'])
            if not signed_credential:
                flash('Operation failed ', 'danger')
                logging.error('credential signature failed')
                del session['credential_id']
                del session['call']
                return redirect(mode.server + 'company/dashboard/')

            # update local company database
            credential = company.Credential(session['host'], mode)
            credential.update(
                session['credential_id'],
                session['call'][2],
                session['employee'],
                "signed",
                signed_credential,
            )

            # ulpoad credential to repository with company key signature
            subject_username = session['call'][1]
            subject = ns.get_data_from_username(subject_username, mode)
            my_certificate = Document('certificate')
            doc_id = my_certificate.add(session['address'],
                                        session['workspace_contract'],
                                        subject['address'],
                                        subject['workspace_contract'],
                                        session['private_key_value'],
                                        json.loads(signed_credential),
                                        mode,
                                        privacy='public',
                                        synchronous=False)[0]
            if not doc_id:
                flash('Operation failed ', 'danger')
                logging.error('certificate to repository failed')
            else:
                flash('The credential has been added to the user repository',
                      'success')
            """
            # send an email to user
            link = mode.server + 'guest/certificate/?certificate_id=did:talao:' + mode.BLOCKCHAIN + ':' + subject['workspace_contract'][2:] + ':document:' + str(doc_id)
            try :
                Talao_message.messageHTML('Your professional credential has been issued.', subject['email'], 'certificate_issued', {'username': session['name'], 'link': link}, mode)
            except :
                logging.error('email to subject failed')
            """
            # store signed credential on server
            try:
                filename = session['credential_id'] + '_credential.jsonld'
                path = "./signed_credentials/"
                with open(path + filename, 'w') as outfile:
                    json.dump(json.loads(signed_credential),
                              outfile,
                              indent=4,
                              ensure_ascii=False)
            except:
                logging.error('signed credential not stored')

            # send email to user
            try:
                signature = '\r\n\r\n\r\n\r\nThe Talao team.\r\nhttps://talao.io/'
                text = "\r\nHello\r\nYou will find attached your professional credential signed by your issuer." + signature
                Talao_message.message_file(subject['email'], text,
                                           "Your professional credential",
                                           [filename], path, mode)
            except:
                logging.error('email credential to subject failed')

        # credential has been reviewed
        elif request.form['exit'] == 'validate':
            # update local database
            credential = company.Credential(session['host'], mode)
            credential.update(
                session['credential_id'],
                session['employee'],
                session['call'][3],
                "reviewed",
                json.dumps(my_credential, ensure_ascii=False),
            )
            # send an email to issuer to go forward
            issuer_email = ns.get_data_from_username(
                session['referent'] + '.' + session['host'], mode)['email']
            subject_name = my_credential['credentialSubject']['name']
            subject = 'You have received a professional credential from ' + subject_name + ' to issue'
            try:
                Talao_message.messageHTML(subject, issuer_email,
                                          'request_certificate', {
                                              'name': subject_name,
                                              'link': 'https://talao.co'
                                          }, mode)
            except:
                logging.error('email error')

            flash('Credential has been reviewed and validated', 'success')

        # all exits except delete and back
        del session['credential_id']
        del session['call']
        return redirect(mode.server + 'company/dashboard/')
예제 #5
0
def request_experience_credential(mode):
    """ Basic request for experience credential

    @app.route('/user/request_experience_certificate/', methods=['POST'])

    """
    check_login()

    # check if campaign exist
    reference = request.form['reference']
    campaign = company.Campaign(session['credential_issuer_username'], mode)
    if not campaign.get(reference.split(':')[0]):
        flash('This reference does not exist.', 'warning')
        logging.warning('campaign does ot exist')
        return render_template('./issuer/request_experience_credential.html',
                               **session['menu'],
                               select=session['select'])

    # load templates for verifiable credential template
    unsigned_credential = json.load(
        open('./verifiable_credentials/experience.jsonld', 'r'))

    # update credential with form data
    id = str(uuid.uuid1())
    unsigned_credential["id"] = "data:" + id
    unsigned_credential["credentialSubject"]["id"] = ns.get_did(
        session['workspace_contract'], mode)
    unsigned_credential["credentialSubject"]["name"] = session['name']
    unsigned_credential["credentialSubject"]["title"] = request.form['title']
    unsigned_credential["credentialSubject"]["description"] = request.form[
        'description']
    unsigned_credential["credentialSubject"]["startDate"] = request.form[
        'start_date']
    unsigned_credential["credentialSubject"]["endDate"] = request.form[
        'end_date']
    unsigned_credential["credentialSubject"]["skills"] = list()
    for skill in request.form['skills'].split(','):
        unsigned_credential["credentialSubject"]["skills"].append({
            "@type":
            "DefinedTerm",
            "description":
            skill
        })
    unsigned_credential["credentialSubject"]["companyLogo"] = session[
        'issuer_explore']['picture']
    unsigned_credential["credentialSubject"]["companyName"] = session[
        'issuer_explore']['name']
    unsigned_credential["credentialSubject"]["managerName"] = ""
    unsigned_credential["credentialSubject"]["reviewerName"] = ""

    # update local issuer database
    manager_username = ns.get_data_from_username(
        request.form['reviewer_username'] + '.' +
        session['credential_issuer_username'], mode)['referent']
    credential = company.Credential(session['credential_issuer_username'],
                                    mode)
    credential.add(session['username'], request.form['reviewer_username'],
                   manager_username, "drafted", id,
                   json.dumps(unsigned_credential), reference)

    # send an email to reviewer for workflow
    reviewer_email = ns.get_data_from_username(
        request.form['reviewer_username'] + '.' +
        session['credential_issuer_username'], mode)['email']
    subject = 'You have received a professional credential from ' + session[
        'name'] + ' to review'
    try:
        Talao_message.messageHTML(subject, reviewer_email,
                                  'request_certificate', {
                                      'name': session['name'],
                                      'link': 'https://talao.co'
                                  }, mode)
    except:
        logging.error('email failed')

    # send email to user
    flash(
        'Your request for an experience credential has been registered for review.',
        'success')

    # clean up and return
    issuer_username = session['credential_issuer_username']
    del session['select']
    return redirect(mode.server + 'user/issuer_explore/?issuer_username=' +
                    issuer_username)