예제 #1
0
def create_user(encoded_token):
    form = CreateUserForm()

    token = decode_invitation_token(encoded_token, role='supplier')

    if token is None:
        current_app.logger.warning(
            "createuser.token_invalid: {encoded_token}",
            extra={'encoded_token': encoded_token})
        return render_template(
            "auth/create_user_error.html",
            token=None), 400

    user_json = data_api_client.get_user(email_address=token.get("email_address"))

    if not user_json:
        return render_template(
            "auth/create_user.html",
            form=form,
            email_address=token['email_address'],
            supplier_name=token['supplier_name'],
            token=encoded_token), 200

    user = User.from_json(user_json)
    return render_template(
        "auth/create_user_error.html",
        token=token,
        user=user), 400
def test_decode_invitation_token_does_not_work_if_token_expired(email_app):
    with freeze_time('2015-01-02 03:04:05'):
        data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
        token = generate_token(data, email_app.config['SHARED_EMAIL_KEY'], email_app.config['INVITE_EMAIL_SALT'])
    with email_app.app_context():

        assert decode_invitation_token(token, role='supplier') is None
def create_user(encoded_token):
    form = CreateUserForm()

    token = decode_invitation_token(encoded_token, role='supplier')

    if token is None:
        current_app.logger.warning(
            "createuser.token_invalid: {encoded_token}",
            extra={'encoded_token': encoded_token})
        return render_template(
            "auth/create_user_error.html",
            token=None), 400

    user_json = data_api_client.get_user(email_address=token.get("email_address"))

    if not user_json:
        return render_template(
            "auth/create_user.html",
            form=form,
            email_address=token['email_address'],
            supplier_name=token['supplier_name'],
            token=encoded_token), 200

    user = User.from_json(user_json)
    return render_template(
        "auth/create_user_error.html",
        token=token,
        user=user), 400
def test_decode_invitation_token_does_not_work_if_token_expired(email_app):
    with freeze_time('2015-01-02 03:04:05'):
        data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
        token = generate_token(data, TEST_SECRET_KEY, email_app.config['INVITE_EMAIL_SALT'])

    with email_app.app_context():
        assert decode_invitation_token(token, role='supplier') is None
예제 #5
0
def test_decode_invitation_token_decodes_ok_for_supplier(email_app):
    with email_app.app_context():
        data = {
            'email_address': '*****@*****.**',
            'supplier_code': 1234,
            'supplier_name': 'A. Supplier'
        }
        token = generate_token(data, TEST_SECRET_KEY, 'Salt')
        assert decode_invitation_token(token, role='supplier') == data
예제 #6
0
def test_decode_invitation_token_does_not_work_if_bad_token(email_app):
    with email_app.app_context():
        data = {
            'email_address': '*****@*****.**',
            'supplier_name': 'A. Supplier'
        }
        token = generate_token(data, TEST_SECRET_KEY,
                               email_app.config['INVITE_EMAIL_SALT'])[1:]

        assert decode_invitation_token(token, role='supplier') is None
def create_user(encoded_token):
    token = decode_invitation_token(encoded_token)

    if token.get('error') == 'token_invalid':
        current_app.logger.warning("createuser.token_invalid: {encoded_token}",
                                   extra={'encoded_token': encoded_token})
        # Replace this with a proper dedicated template.
        return render_error_page(
            status_code=400,
            error_message=INVALID_TOKEN_MESSAGE.format(
                support_email=current_app.config['SUPPORT_EMAIL_ADDRESS']),
        )

    role = token["role"]

    if token.get('error') == 'token_expired':
        current_app.logger.warning("createuser.token_expired: {encoded_token}",
                                   extra={'encoded_token': encoded_token})
        return render_template(
            "auth/create-user-error.html",
            error=None,
            support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
            role=role,
            token=None,
            user=None), 400

    form = CreateUserForm()

    user_json = data_api_client.get_user(email_address=token["email_address"])

    if not user_json:
        return render_template("auth/create-user.html",
                               email_address=token['email_address'],
                               form=form,
                               errors=get_errors_from_wtform(form),
                               role=role,
                               supplier_name=token.get('supplier_name'),
                               token=encoded_token), 200

    user = User.from_json(user_json)
    return render_template(
        "auth/create-user-error.html",
        error=None,
        support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
        role=role,
        token=token,
        user=user), 400
def submit_create_user(encoded_token):
    form = CreateUserForm()

    token = decode_invitation_token(encoded_token)
    if token is None:
        current_app.logger.warning("createuser.token_invalid: {encoded_token}",
                                   extra={'encoded_token': encoded_token})
        return render_template("auth/create_user_error.html", token=None), 400

    else:
        if not form.validate_on_submit():
            current_app.logger.warning(
                "createuser.invalid: {form_errors}",
                extra={'form_errors': ", ".join(form.errors)})
            return render_template("auth/create_user.html",
                                   form=form,
                                   token=encoded_token,
                                   email_address=token['email_address'],
                                   supplier_name=token['supplier_name']), 400

        try:
            user = data_api_client.create_user({
                'name':
                form.name.data,
                'password':
                form.password.data,
                'emailAddress':
                token['email_address'],
                'role':
                'supplier',
                'supplierId':
                token['supplier_id']
            })

            user = User.from_json(user)
            login_user(user)

        except HTTPError as e:
            if e.status_code != 409:
                raise

            return render_template("auth/create_user_error.html",
                                   token=None), 400

        flash('account-created', 'flag')
        return redirect(url_for('.dashboard'))
예제 #9
0
def submit_create_user(encoded_token):
    form = CreateUserForm()

    token = decode_invitation_token(encoded_token, role='supplier')
    if token is None:
        current_app.logger.warning("createuser.token_invalid: {encoded_token}",
                                   extra={'encoded_token': encoded_token})
        return render_template(
            "auth/create_user_error.html",
            token=None), 400

    else:
        if not form.validate_on_submit():
            current_app.logger.warning(
                "createuser.invalid: {form_errors}",
                extra={'form_errors': ", ".join(form.errors)})
            return render_template(
                "auth/create_user.html",
                form=form,
                token=encoded_token,
                email_address=token.get('email_address'),
                supplier_name=token.get('supplier_name')), 400

        try:
            user = data_api_client.create_user({
                'name': form.name.data,
                'password': form.password.data,
                'emailAddress': token.get('email_address'),
                'role': 'supplier',
                'supplierId': token.get('supplier_id')
            })

            user = User.from_json(user)
            login_user(user)

        except HTTPError as e:
            if e.status_code != 409:
                raise

            return render_template(
                "auth/create_user_error.html",
                token=None), 400

        return redirect(url_for('.dashboard'))
def test_decode_invitation_token_does_not_work_if_bad_token(email_app):
    with email_app.app_context():
        data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
        token = generate_token(data, email_app.config['SHARED_EMAIL_KEY'], email_app.config['INVITE_EMAIL_SALT'])[1:]

        assert decode_invitation_token(token, role='supplier') is None
def test_decode_invitation_token_decodes_ok_for_supplier(email_app):
    with email_app.app_context():
        data = {'email_address': '*****@*****.**', 'supplier_id': 1234, 'supplier_name': 'A. Supplier'}
        token = generate_token(data, 'Key', 'Salt')
        assert decode_invitation_token(token, role='supplier') == data
def test_decode_invitation_token_decodes_ok_for_buyer(email_app):
    with email_app.app_context():
        data = {'email_address': '*****@*****.**'}
        token = generate_token(data, 'Key', 'Salt')
        assert decode_invitation_token(token, role='buyer') == data
예제 #13
0
def test_decode_invitation_token_decodes_ok_for_buyer(email_app):
    with email_app.app_context():
        data = {'email_address': '*****@*****.**'}
        token = generate_token(data, TEST_SECRET_KEY, 'Salt')
        assert decode_invitation_token(token, role='buyer') == data
def submit_create_user(encoded_token):
    token = decode_invitation_token(encoded_token)

    if token.get('error') == 'token_invalid':
        current_app.logger.warning("createuser.token_invalid: {encoded_token}",
                                   extra={'encoded_token': encoded_token})
        return render_error_page(
            status_code=400,
            error_message=INVALID_TOKEN_MESSAGE.format(
                support_email=current_app.config['SUPPORT_EMAIL_ADDRESS']),
        )

    role = token["role"]

    if token.get('error') == 'token_expired':
        current_app.logger.warning("createuser.token_expired: {encoded_token}",
                                   extra={'encoded_token': encoded_token})
        return render_template(
            "auth/create-user-error.html",
            error=None,
            support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
            role=role,
            token=None,
            user=None), 400

    form = CreateUserForm()

    if not form.validate_on_submit():
        current_app.logger.warning(
            "createuser.invalid: {form_errors}",
            extra={'form_errors': ", ".join(form.errors)})
        return render_template("auth/create-user.html",
                               email_address=token['email_address'],
                               form=form,
                               errors=get_errors_from_wtform(form),
                               role=role,
                               supplier_name=token.get('supplier_name'),
                               token=encoded_token), 400

    try:
        user_data = {
            'name': form.name.data,
            'password': form.password.data,
            'emailAddress': token['email_address'],
            'role': role
        }

        if role == 'buyer':
            user_data.update({'phoneNumber': form.phone_number.data})
        elif role == 'supplier':
            user_data.update({'supplierId': token['supplier_id']})

        user_create_response = data_api_client.create_user(user_data)
        user = User.from_json(user_create_response)
        login_user(user)

    except HTTPError as e:
        if e.status_code == 409 or e.message == 'invalid_buyer_domain':
            return render_template("auth/create-user-error.html",
                                   error=e.message,
                                   support_email_address=current_app.
                                   config['SUPPORT_EMAIL_ADDRESS'],
                                   role=role,
                                   token=None), 400
        else:
            abort(503)

    return redirect_logged_in_user(account_created=True)
def test_decode_invitation_token_does_not_work_if_there_are_missing_keys(email_app):
    with email_app.app_context():
        data = {'email_address': '*****@*****.**', 'supplier_name': 'A. Supplier'}
        token = generate_token(data, TEST_SECRET_KEY, email_app.config['INVITE_EMAIL_SALT'])

        assert decode_invitation_token(token, role='supplier') is None