예제 #1
0
def update_email():
    """Allow the user to update their email address."""
    if flask.request.method != 'POST':
        return flask.redirect(flask.request.referrer
                              or flask.url_for('dashboard.profile'))

    flashes = []

    if (flask.request.form['email'] != login.current_user.email and
            models.User.get_by_email(flask.request.form['email']) is not None):
        flashes.append('That email address is already in use. ')

    if ('email' not in flask.request.form
            or flask.request.form['email'] == ''):
        flashes.append('Email cannot be blank')

    if flashes:
        flask.flash(('There were errors in your provided details. Please fix '
                     'these and try again'), 'error')

        for msg in flashes:
            flask.flash(msg, 'warning')

        return flask.redirect(flask.request.referrer
                              or flask.url_for('dashboard.profile'))

    if flask.request.form['email'] != login.current_user.email:
        login.current_user.new_email = flask.request.form['email']
        login.current_user.secret_key = util.generate_key(64)
        login.current_user.secret_key_expiry = (datetime.datetime.utcnow() +
                                                datetime.timedelta(days=7))

        APP.email_manager.send_template(
            flask.request.form['email'],
            'Confirm your Email Address',
            'email_change_confirm.email',
            name=login.current_user.forenames,
            confirmurl=flask.url_for('front.confirm_email',
                                     user_id=login.current_user.object_id,
                                     secret_key=login.current_user.secret_key,
                                     _external=True))

        flask.flash(('You must confirm your new email address to make '
                     'sure that we can contact you if necessary. Please '
                     'check your email for further instructions.'), 'info')

        DB.session.commit()

        APP.log_manager.log_event('Updated email address',
                                  user=login.current_user)
    else:
        flask.flash('Your email has not been changed.', 'info')

    return flask.redirect(flask.request.referrer
                          or flask.url_for('dashboard.profile'))
예제 #2
0
def reset_password(user_id, secret_key):
    """Complete the password reset process.

    To reset their password, the user is sent an email with a link to this view.
    Upon clicking it, they are presented with a form to define a new password,
    which is saved when the form is submitted (to this view)
    """
    user = models.User.query.get_or_404(user_id)

    if user is None or user.secret_key != secret_key:
        if user is not None:
            user.secret_key = None
            user.secret_key_expiry = None

            DB.session.commit()

        flask.flash('Could not complete password reset. Please try again',
                    'error')

        return flask.redirect(flask.url_for('shop.home'))

    if flask.request.method == 'POST':
        if flask.request.form['password'] != flask.request.form['confirm']:
            user.secret_key = util.generate_key(64)
            user.secret_key_expiry = (datetime.datetime.utcnow() +
                                      datetime.timedelta(minutes=5))

            DB.session.commit()

            flask.flash('Passwords do not match, please try again', 'warning')

            return flask.redirect(
                flask.url_for('shop.reset_password',
                              user_id=user.object_id,
                              secret_key=user.secret_key))
        else:
            user.set_password(flask.request.form['password'])

            user.secret_key = None
            user.secret_key_expiry = None

            DB.session.commit()

            APP.log_manager.log_event('Completed password reset', user=user)

            flask.flash('Your password has been reset, please log in.',
                        'success')

            return flask.redirect(flask.url_for('shop.home'))
    else:
        return flask.render_template('front/reset_password.html',
                                     user_id=user_id,
                                     secret_key=secret_key)
예제 #3
0
def email_confirm():
    """Retry email confirmation.

    If the user somehow manages to lose the email confirmation message, they can
    use this view to have it resent.
    """
    if flask.request.method == 'POST':
        user = models.User.get_by_email(flask.request.form['email'])

        if not user:
            APP.log_manager.log_event('Attempted email confirm for {0}'.format(
                flask.request.form['email']))

            APP.email_manager.send_template(flask.request.form['email'],
                                            'Attempted Account Access',
                                            'email_confirm_fail.email')
        else:
            user.secret_key = util.generate_key(64)
            user.secret_key_expiry = None

            DB.session.commit()

            APP.log_manager.log_event('Requested email confirm', user=user)

            APP.email_manager.send_template(
                flask.request.form['email'],
                'Confirm your Email Address',
                'email_confirm.email',
                name=user.forenames,
                confirmurl=flask.url_for('shop.confirm_email',
                                         user_id=user.object_id,
                                         secret_key=user.secret_key,
                                         _external=True),
                destroyurl=flask.url_for('shop.destroy_account',
                                         user_id=user.object_id,
                                         secret_key=user.secret_key,
                                         _external=True))

        flask.flash(
            ('An email has been sent to {0} with detailing what to do '
             'next. Please check your email (including your spam folder) '
             'and follow the instructions given').format(
                 flask.request.form['email']), 'info')

        return flask.redirect(flask.url_for('shop.home'))
    else:
        return flask.render_template('front/email_confirm.html')
예제 #4
0
def password_reset():
    """Display a form to start the password reset process.

    User enters their email, and is sent an email containing a link with a
    random key to validate their identity.
    """
    if flask.request.method == 'POST':
        user = models.User.get_by_email(flask.request.form['email'])

        if not user:
            APP.log_manager.log_event(
                'Attempted password reset for {0}'.format(
                    flask.request.form['email']))

            APP.email_manager.send_template(flask.request.form['email'],
                                            'Attempted Account Access',
                                            'password_reset_fail.email')
        else:
            user.secret_key = util.generate_key(64)
            user.secret_key_expiry = (datetime.datetime.utcnow() +
                                      datetime.timedelta(minutes=30))

            DB.session.commit()

            APP.log_manager.log_event('Started password reset', user=user)

            APP.email_manager.send_template(flask.request.form['email'],
                                            'Confirm Password Reset',
                                            'password_reset_confirm.email',
                                            name=user.forenames,
                                            confirmurl=flask.url_for(
                                                'shop.reset_password',
                                                user_id=user.object_id,
                                                secret_key=user.secret_key,
                                                _external=True))

        flask.flash(
            ('An email has been sent to {0} with detailing what to do '
             'next. Please check your email (including your spam folder) '
             'and follow the instructions given').format(
                 flask.request.form['email']), 'info')

        return flask.redirect(flask.url_for('shop.home'))
    else:
        return flask.render_template('front/password_reset.html')
예제 #5
0
    def __init__(self, email, password, forenames, surname, phone, college,
                 affiliation, photo):
        self.email = email
        self.forenames = forenames
        self.surname = surname
        self.phone = phone
        self.college = college
        self.affiliation = affiliation
        self.photo = photo

        self.set_password(password)

        self.secret_key = util.generate_key(64)
        self.verified = False
        self.deleted = False
        self.role = 'User'
        if affiliation.name == 'None':
            self.affiliation_verified = True
        else:
            self.affiliation_verified = False
예제 #6
0
def generate_barcodes(send_only_new):
    """Given a ticket, generate a 20 character long unique ID for each ticket.
    This will then be used in the QR code that we generate.

    This returns the tickets that will then be used by 'send_claim_codes'.

    """
    # Get all the tickets that need to have barcodes added to them
    tickets = []
    if send_only_new:
        tickets = models.Ticket.query.filter(
            # We have not sent them an email yet (it has not been "claimed")
            models.Ticket.barcode == None,
            # # Ticket has a holder
            # models.Ticket.holder_id != None,
            # The ticket is paid for.
            models.Ticket.paid,
            # The ticket has not been cancelled.
            models.Ticket.cancelled == False).all()
    else:
        tickets = models.Ticket.query.filter(
            # # Ticket has a holder
            # models.Ticket.holder_id != None,
            # The ticket is paid for.
            models.Ticket.paid,
            # The ticket has not been cancelled.
            models.Ticket.cancelled == False).all()

    for ticket in tickets:
        if not ticket.barcode:  # Need to generate a bar code
            # Generate a unique key for this ticket.
            key = util.generate_key(20).decode('utf-8')
            # and add it
            ticket.barcode = key
            DB.session.commit()
    # Return the tickets
    return tickets
예제 #7
0
def member_password_create(user):
    """
    as above, but jsut sends the reset password email
    """

    if not user:
        APP.log_manager.log_event('Attempted password reset for {0}'.format(
            flask.request.form['email']))

        APP.email_manager.send_template(flask.request.form['email'],
                                        'Attempted Account Access',
                                        'password_reset_fail.email')
    else:
        user.secret_key = util.generate_key(64)
        user.secret_key_expiry = (datetime.datetime.utcnow() +
                                  datetime.timedelta(minutes=4320)
                                  )  #expires in 3 days

        DB.session.add(user)
        DB.session.commit()

        # APP.log_manager.log_event(
        #     'Started password creation',
        #     user=user
        # )

        APP.email_manager.send_template(
            user.email,
            'Confirm Password Reset',
            'create_user_password.email',
            name=user.forenames,
            confirmurl="{}resetpassword/{}/{}".format(
                app.APP.config['FLASKSHOP_URL'], user.object_id,
                user.secret_key))

    return True
예제 #8
0
 def generate_barcode(self):
     # generate barcode
     key = util.generate_key(20).decode('utf-8')
     self.barcode = key