def post(self, token=None):
password_form = PasswordForm().get_form(self.request.POST)
user = self.validate_token(token)
if user and password_form.validate():
# get password from request
password = self.request.get('password')
# hash password (same as passing password_raw to user_create)
password_hash = security.generate_password_hash(password, length=12)
user.password = password_hash
user.put()
# login with new password
self.login_user(user.get_email(), password)
# clear the tokens to prevent further shenanigans
provider = db.get_provider_from_user(user)
redirect_url = None
if user.resetpassword_token:
self.delete_token(token, 'reset')
redirect_url = '/provider/message/reset/' + provider.vanity_url
elif user.claim_url:
self.delete_token(token)
redirect_url = '/provider/welcome/' + provider.vanity_url
# redirect patient or provider
if auth.PROVIDER_ROLE in user.roles:
self.redirect(redirect_url)
self.log_event(user, "User claimed their profile")
elif auth.PATIENT_ROLE in user.roles:
patient = db.get_patient_from_user(user)
self.redirect('/patient/bookings/' + patient.key.urlsafe())
# password form was not validate, re-render and try again!
else:
self.render_template('user/password.html', form=password_form, token=token)
def get(self, next_action=None, key=None):
''' Show login page '''
user = self.get_current_user()
if user and next_action and key:
# if already logged in
provider_from_user = db.get_provider_from_user(user)
patient_from_user = db.get_patient_from_user(user)
# check if logged in provider is the provider from
# already logged in, don't login again
if next_action == 'accept':
provider_network_connection = ndb.Key(urlsafe=key).get()
target_provider_key = provider_network_connection.target_provider
if provider_from_user.key == target_provider_key:
# the target provider is logged in, accept the connection bypassing login
target_url = '/provider/network/' + provider_from_user.vanity_url + '/accept/' + key
self.redirect(target_url)
else:
self.render_login(next_action=next_action, key=key)
elif next_action == 'booking':
booking = ndb.Key(urlsafe=key).get()
if patient_from_user.key == booking.patient:
self.email_and_confirm_booking(booking)
self.redirect('/patient/bookings/' +
patient_from_user.key.urlsafe())
else:
self.render_login(next_action=next_action, key=key)
else:
# check if an admin is logged in, if so don't proceed
google_user = users.get_current_user()
if google_user and users.is_current_user_admin():
self.render_login(error_message='Logged in as admin already.')
else:
# no admin, not next_action, show the plain ol' login screen
self.render_login(next_action=next_action, key=key)
def get(self, next_action=None, key=None):
''' Show login page '''
user = self.get_current_user()
if user and next_action and key:
# if already logged in
provider_from_user = db.get_provider_from_user(user)
patient_from_user = db.get_patient_from_user(user)
# check if logged in provider is the provider from
# already logged in, don't login again
if next_action == 'accept':
provider_network_connection = ndb.Key(urlsafe=key).get()
target_provider_key = provider_network_connection.target_provider
if provider_from_user.key == target_provider_key:
# the target provider is logged in, accept the connection bypassing login
target_url = '/provider/network/' + provider_from_user.vanity_url + '/accept/' + key
self.redirect(target_url)
else:
self.render_login(next_action=next_action, key=key)
elif next_action == 'booking':
booking = ndb.Key(urlsafe=key).get()
if patient_from_user.key == booking.patient:
self.email_and_confirm_booking(booking)
self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe())
else:
self.render_login(next_action=next_action, key=key)
else:
# check if an admin is logged in, if so don't proceed
google_user = users.get_current_user()
if google_user and users.is_current_user_admin():
self.render_login(error_message='Logged in as admin already.')
else:
# no admin, not next_action, show the plain ol' login screen
self.render_login(next_action=next_action, key=key)
def post(self, vanity_url=None):
'''
Booking process from public profile
'''
appointment_details_form = None
provider = db.get_provider_from_vanity_url(vanity_url)
user = self.get_current_user()
if user:
appointment_details_form = AppointmentDetailsForLoggedInUser(
).get_form(self.request.POST, provider=provider)
else:
appointment_details_form = AppointmentDetails().get_form(
self.request.POST, provider=provider)
provider = db.get_provider_from_vanity_url(vanity_url)
if appointment_details_form.validate():
# create the booking object
booking = Booking()
booking.provider = provider.key
booking.booking_source = 'profile'
booking_date = appointment_details_form['booking_date'].data
booking_time = appointment_details_form['booking_time'].data
booking.datetime = to_utc(
datetime.strptime(booking_date + " " + booking_time,
'%Y-%m-%d %H:%M'))
booking.comments = appointment_details_form['comments'].data
schedule = db.get_schedule_for_date_time(provider, booking_date,
booking_time)
booking.schedule = schedule.key
if appointment_details_form.__contains__('service'):
service_key_from_form = appointment_details_form[
'service'].data
if service_key_from_form:
service_key = ndb.Key(urlsafe=service_key_from_form)
provider_service = service_key.get()
if provider_service:
booking.service = service_key
if user:
# user is logged in, is this a patient?
existing_patient = db.get_patient_from_user(user)
if existing_patient:
booking.patient = existing_patient.key
else:
self.link_user_to_new_patient(appointment_details_form,
user, booking)
# confirm the booking since it is a "known" user
booking.confirmed = True
booking.email_sent_to_patient = False
booking.email_sent_to_provider = False
# save booking
booking.put()
# already logged in so go directly to bookings list
self.redirect('/patient/bookings/' + booking.patient.urlsafe())
# mail it to the patient
mail.email_booking_to_patient(self, booking)
# mail it to the provider
mail.email_booking_to_provider(self, booking)
else:
# no user is logged in, check if the email address exists, this means they just didn't log in
email = appointment_details_form['email'].data
existing_user = db.get_user_from_email(email)
if existing_user:
existing_patient = db.get_patient_from_user(existing_user)
if existing_patient:
# email is in datastore, but not logged in
# link booking to existing patient
booking.patient = existing_patient.key
booking.put()
else:
self.link_user_to_new_patient(appointment_details_form,
user, booking)
# confirm the booking since it is a "known" user
booking.confirmed = True
booking.email_sent_to_patient = False
booking.email_sent_to_provider = False
# save booking
booking.put()
# get the user to login
key = booking.key.urlsafe()
self.redirect('/login/booking/' + key)
else:
# no patient, no user. get them to fill a profile in the form
booking.put()
patient_form = RegistrationDetailsForNewPatient().get_form(
)
patient_form['terms_agreement'].data = True
patient_form['booking_date'].data = booking_date
patient_form['booking_time'].data = booking_time
patient_form['booking_key'].data = booking.key.urlsafe()
patient_form['email'].data = email
self.render_template(
'provider/public/booking_new_patient.html',
provider=provider,
patient_form=patient_form)
logging.info('Created booking from public profile: %s' % booking)
else:
self.render_template('provider/public/booking_details.html',
provider=provider,
booking_form=appointment_details_form)
def post(self, next_action=None, key=None):
''' checks username, password, logs in user and redirect to start page '''
login_form = LoginForm().get_form(self.request.POST)
if login_form.validate():
email = login_form['email'].data
password = login_form['password'].data
remember_me = login_form['remember_me'].data
logging.info('(LoginHandler.post) Trying to login email: %s' %
email)
# Username and password check
try:
user = self.login_user(email, password, remember_me)
user.last_login = datetime.datetime.now()
user.put()
# set the language from user profile
self.set_language(user.language)
# login was succesful, User is in the session
if next_action == 'booking':
# moved booking up here since it can come from any role (provider or patient)
booking = ndb.Key(urlsafe=key).get()
patient_from_user = db.get_patient_from_user(user)
if patient_from_user.key == booking.patient:
self.email_and_confirm_booking(booking)
self.redirect('/patient/bookings/' +
patient_from_user.key.urlsafe())
else:
# check role of user, redirect to appropriate page after login
if auth.PROVIDER_ROLE in user.roles:
provider = db.get_provider_from_user(user)
logging.info(
'(LoginHandler.post) User %s logged in as provider, redirecting to profile page',
user.get_email())
# check the action, if it's from a connection do that first
# and then redirect back to profile page with a message
if next_action == 'connect':
connected_provider_key = ndb.Key(urlsafe=key)
connected_provider = connected_provider_key.get()
target_url = '/' + connected_provider.vanity_url + '/connect'
self.redirect(target_url)
elif next_action == 'accept':
target_url = '/provider/network/' + provider.vanity_url + '/accept/' + key
self.redirect(target_url)
elif provider.display_welcome_page:
self.redirect('/provider/welcome/' +
provider.vanity_url)
else:
self.redirect('/provider/profile/%s' %
provider.vanity_url)
# log the event
self.log_event(user, "Provider Logged In")
elif auth.PATIENT_ROLE in user.roles:
patient = db.get_patient_from_user(user)
logging.info(
'(LoginHandler.post) User %s logged in as patient, redirecting to / page',
user.get_email())
self.redirect('/patient/bookings/' +
patient.key.urlsafe())
else:
logging.error(
'(LoginHandler.post) User %s logged in without roles',
user.get_email())
error_message = 'Your account is not activated. Please check your email for an activation message or <a href="/contact">contact us</a> if you require assistance.'
self.render_template('user/login.html',
login_form=login_form,
error_message=error_message)
except (InvalidAuthIdError, InvalidPasswordError), e:
# throws InvalidAuthIdError if user is not found, throws InvalidPasswordError if provided password doesn't match with specified user
error_message = _(u'Login failed. Try again.')
self.render_template('user/login.html',
login_form=login_form,
error_message=error_message)
except AttributeError, ae:
logging.warn('User has not password, authentication fails %s' %
ae)
def post(self, next_action=None, key=None):
''' checks username, password, logs in user and redirect to start page '''
login_form = LoginForm().get_form(self.request.POST)
if login_form.validate():
email = login_form['email'].data
password = login_form['password'].data
remember_me = login_form['remember_me'].data
logging.info('(LoginHandler.post) Trying to login email: %s' % email)
# Username and password check
try:
user = self.login_user(email, password, remember_me)
user.last_login = datetime.datetime.now()
user.put()
# set the language from user profile
self.set_language(user.language)
# login was succesful, User is in the session
if next_action == 'booking':
# moved booking up here since it can come from any role (provider or patient)
booking = ndb.Key(urlsafe=key).get()
patient_from_user = db.get_patient_from_user(user)
if patient_from_user.key == booking.patient:
self.email_and_confirm_booking(booking)
self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe())
else:
# check role of user, redirect to appropriate page after login
if auth.PROVIDER_ROLE in user.roles:
provider = db.get_provider_from_user(user)
logging.info('(LoginHandler.post) User %s logged in as provider, redirecting to profile page', user.get_email())
# check the action, if it's from a connection do that first
# and then redirect back to profile page with a message
if next_action == 'connect':
connected_provider_key = ndb.Key(urlsafe=key)
connected_provider = connected_provider_key.get()
target_url = '/' + connected_provider.vanity_url + '/connect'
self.redirect(target_url)
elif next_action == 'accept':
target_url = '/provider/network/' + provider.vanity_url + '/accept/' + key
self.redirect(target_url)
elif provider.display_welcome_page:
self.redirect('/provider/welcome/' + provider.vanity_url)
else:
self.redirect('/provider/profile/%s' % provider.vanity_url)
# log the event
self.log_event(user, "Provider Logged In")
elif auth.PATIENT_ROLE in user.roles:
patient = db.get_patient_from_user(user)
logging.info('(LoginHandler.post) User %s logged in as patient, redirecting to / page', user.get_email())
self.redirect('/patient/bookings/' + patient.key.urlsafe())
else:
logging.error('(LoginHandler.post) User %s logged in without roles', user.get_email())
error_message = 'Your account is not activated. Please check your email for an activation message or <a href="/contact">contact us</a> if you require assistance.'
self.render_template('user/login.html', login_form=login_form, error_message=error_message)
except (InvalidAuthIdError, InvalidPasswordError), e:
# throws InvalidAuthIdError if user is not found, throws InvalidPasswordError if provided password doesn't match with specified user
error_message = _(u'Login failed. Try again.')
self.render_template('user/login.html', login_form=login_form, error_message=error_message)
except AttributeError, ae:
logging.warn('User has not password, authentication fails %s' % ae)
def patient_confirms_latest_booking(self, date_string, time_string, new_user=True, logged_in=False):
# check email to patient
booking_datetime = datetime.strptime(testutil.next_monday_date_string() + " " + str(time_string), '%Y-%m-%d %H')
french_datetime_string = format_datetime(booking_datetime, "EEEE 'le' d MMMM yyyy", locale='fr_CA') + " à " + format_datetime(booking_datetime, "H:mm", locale='fr_CA')
english_datetime_string = format_datetime(booking_datetime, "EEEE d MMMM yyyy", locale='en') + " at " + format_datetime(booking_datetime, "H:mm", locale='en')
booking_datetime = datetime.strptime(testutil.next_monday_date_string(), '%Y-%m-%d')
booking_datetime_string = format_date(booking_datetime, format="d MMM yyyy", locale='fr_CA')
booking_time = datetime.strptime(str(time_string), '%H')
booking_time_string = format_time(booking_time, format="short", locale='fr')
logging.info('French date time of booking: %s' % french_datetime_string)
# check that confirmation emails was sent to patient
messages = self.mail_stub.get_sent_messages(to=self._TEST_PATIENT_EMAIL)
patient_email_count = len(messages)
# get last email sent
m = messages[patient_email_count - 1]
self.assertEqual(self._TEST_PATIENT_EMAIL, m.to)
# activate account
messages = self.mail_stub.get_sent_messages(to=self._TEST_PATIENT_EMAIL)
self.assertEquals(m.subject, 'Veosan Appointment - Osteopath')
user = db.get_user_from_email(self._TEST_PATIENT_EMAIL)
# check email content
self.assertIn('Hi', m.body.payload)
self.assertIn('Thank you', m.body.payload)
self.assertIn(english_datetime_string, m.body.payload)
self.assertNotIn('None', m.body.payload)
patient = db.get_patient_from_user(user)
bookings = db.get_bookings_for_patient(patient)
booking = bookings[0]
if new_user:
self.assertTrue('/login/booking/%s' % booking.key.urlsafe() in m.body.payload)
response = self.testapp.get('/')
is_french = 'Déconnexion' in response
is_english = 'Logout' in response
user_logged_in = False
if is_english:
user_logged_in = 'Logout' in response
elif is_french:
user_logged_in = 'Déconnexion' in response
# click the link
response = self.testapp.get('/login/booking/%s' % booking.key.urlsafe())
# is user logged in?
if not user_logged_in:
if is_english:
response.mustcontain("Login to Veosan")
elif is_french:
response.mustcontain("Connexion à Veosan")
login_form = response.forms['login_form']
login_form['password'] = self._TEST_PATIENT_PASSWORD
response = login_form.submit().follow()
else:
response = response.follow()
response.mustcontain("Upcoming Appointments")
response.mustcontain('Fantastic Fox')
#response.mustcontain(booking_time_string)
response.mustcontain(english_datetime_string)
# patient email in navbar
response.mustcontain(self._TEST_PATIENT_EMAIL)
response.mustcontain('Logout')
def post(self, vanity_url=None):
'''
Booking process from public profile
'''
appointment_details_form = None
provider = db.get_provider_from_vanity_url(vanity_url)
user = self.get_current_user()
if user:
appointment_details_form = AppointmentDetailsForLoggedInUser().get_form(self.request.POST, provider=provider)
else:
appointment_details_form = AppointmentDetails().get_form(self.request.POST, provider=provider)
provider = db.get_provider_from_vanity_url(vanity_url)
if appointment_details_form.validate():
# create the booking object
booking = Booking()
booking.provider = provider.key
booking.booking_source = 'profile'
booking_date = appointment_details_form['booking_date'].data
booking_time = appointment_details_form['booking_time'].data
booking.datetime = to_utc(datetime.strptime(booking_date + " " + booking_time, '%Y-%m-%d %H:%M'))
booking.comments = appointment_details_form['comments'].data
schedule = db.get_schedule_for_date_time(provider, booking_date, booking_time)
booking.schedule = schedule.key
if appointment_details_form.__contains__('service'):
service_key_from_form = appointment_details_form['service'].data
if service_key_from_form:
service_key = ndb.Key(urlsafe=service_key_from_form)
provider_service = service_key.get()
if provider_service:
booking.service = service_key
if user:
# user is logged in, is this a patient?
existing_patient = db.get_patient_from_user(user)
if existing_patient:
booking.patient = existing_patient.key
else:
self.link_user_to_new_patient(appointment_details_form, user, booking)
# confirm the booking since it is a "known" user
booking.confirmed = True
booking.email_sent_to_patient = False
booking.email_sent_to_provider = False
# save booking
booking.put()
# already logged in so go directly to bookings list
self.redirect('/patient/bookings/' + booking.patient.urlsafe())
# mail it to the patient
mail.email_booking_to_patient(self, booking)
# mail it to the provider
mail.email_booking_to_provider(self, booking)
else:
# no user is logged in, check if the email address exists, this means they just didn't log in
email = appointment_details_form['email'].data
existing_user = db.get_user_from_email(email)
if existing_user:
existing_patient = db.get_patient_from_user(existing_user)
if existing_patient:
# email is in datastore, but not logged in
# link booking to existing patient
booking.patient = existing_patient.key
booking.put()
else:
self.link_user_to_new_patient(appointment_details_form, user, booking)
# confirm the booking since it is a "known" user
booking.confirmed = True
booking.email_sent_to_patient = False
booking.email_sent_to_provider = False
# save booking
booking.put()
# get the user to login
key = booking.key.urlsafe()
self.redirect('/login/booking/' + key)
else:
# no patient, no user. get them to fill a profile in the form
booking.put()
patient_form = RegistrationDetailsForNewPatient().get_form()
patient_form['terms_agreement'].data = True
patient_form['booking_date'].data = booking_date
patient_form['booking_time'].data = booking_time
patient_form['booking_key'].data = booking.key.urlsafe()
patient_form['email'].data = email
self.render_template('provider/public/booking_new_patient.html', provider=provider, patient_form=patient_form)
logging.info('Created booking from public profile: %s' % booking)
else:
self.render_template('provider/public/booking_details.html', provider=provider, booking_form=appointment_details_form)
