def invite_new_opendata_admin(cls, email): """ Creates a new ODTF member. Sends invitation to join CKAN Manager via Email. """ user = cls() user.original_email = email user.current_email = email user.email_list = [email] user.confirmation_token = generate_token() user.role = "OPENDATAADMIN" user.status = "INVITE" user.put() content = {"token": user.confirmation_token, "uid": str(user.key.id())} send_email( receiver_name="OPEN DATA ADMIN", receiver_email=user.current_email, subject="Open Data Admin Invitation", content=content, email_type="invite_opendata_admin", ) return user
def post(self): """ Handles the /login endpoint. Logs in users. """ if self.POST("email") and self.POST("password"): url = "/login" redirect = None email = self.POST("email").strip().lower() query = User.query() query = query.filter(User.current_email == email) user = query.get() if self.POST("redirect"): redirect = urllib.quote(self.POST("redirect")) url += "?redirect=" + str(redirect) if not user: error = "Invalid email or password." error_message(self, error) self.redirect(url) return if user.hashed_password: if not user.verify_password(self.POST("password")): error = "Invalid email or password." error_message(self, error) self.redirect(url) return else: password = hp(email=email, password=self.POST("password")) if user.password != password: error = "Invalid email or password." error_message(self, error) self.redirect(url) return else: user.hashed_password = user.hash_password( self.POST("password")) user.put() if user.status == "PENDING": error = "Your account has not been verified. " error += "Please verify your account by opening the " error += "verification email we sent you. " error_message(self, error) self.redirect(url) return if user.status == "DISABLED": error = "Your account has been disabled. " error += "Please contact the Geostore Admin." error_message(self, error) self.redirect(url) return if user.role in ["AGENCYADMIN", "USER"]: if user.status == "VERIFIED": error = "Your account is still pending approval. " error += "Once your account is approved, you will be able " error += "to login. You will receive an email once your " error += "account is approved." error_message(self, error) self.redirect(url) return if user.status == "DISAPPROVED": error = "Your account has been disapproved. " error += "Please contact the Geostore Admin." error_message(self, error) self.redirect(url) return user.csrf_token = generate_token() session = SessionHandler(user) session.login() code = session.generate_login_code() if self.POST("redirect"): self.redirect(urllib.unquote(str(self.POST("redirect")))) else: self.redirect("/dashboard") return error = "Please enter your email and password." error_message(self, error) self.redirect("/login")
def post(self): """ Handles the /password/reset endpoint. Resets password of the user. """ if self.POST("email"): email = self.POST("email").lower().strip() query = User.query() query = query.filter(User.current_email == email) user = query.get() if user: user.password_token = generate_token() user.put() content = { "token": user.password_token, "uid": str(user.key.id()), "receiver_name": user.first_name, "receiver_email": user.current_email, "subject": "Reset Password", "email_type": "password_reset" } taskqueue.add(url="/tasks/email/send", params=content, method="POST") success = "We sent an email to " success += self.POST("email") + ". Please open the " success += "email and click on the password reset link " success += "to reset your password." success_message(self, success) self.redirect("/password/reset") else: error = "Sorry, " + self.POST("email") error += " does not belong to an existing account." error_message(self, error) self.redirect("/password/reset") elif self.POST("new_password") and self.POST("confirm_password") \ and self.GET("uid") and self.GET("password_token"): if self.POST("new_password") == self.POST("confirm_password"): user = User.get_by_id(int(self.GET("uid"))) if user: if user.password_token == self.GET("password_token"): password = user.hash_password( self.POST("new_password")) user.password_token = generate_token() user.previous_passwords.append(password) user.password_update = datetime.datetime.now() user.hashed_password = password user.put() session = SessionHandler(user) session.login() code = session.generate_login_code() if self.POST("redirect"): self.redirect( urllib.unquote(str(self.POST("redirect")))) else: self.redirect("/dashboard") return else: error = "Sorry, your password reset request has expired." error += " Please create a new request." error_message(self, error) self.redirect("/password/reset") else: error = "Sorry, we couldn't process your request. " error += "Please try again." error_message(self, error) self.redirect("/password/reset") else: error = "Passwords do not match." error_message(self, error) url = "/password/reset?password_token=" + self.POST( "password_token") url += "&uid=" + self.POST("uid") self.redirect(url) else: error = "Please fill all required fields." error_message(self, error) self.redirect("/password/reset")
def create_new_user( cls, first_name, last_name, password, email, role="USER", department="", agency="", region="", operating_unit="", uacs="", middle_name="", mobile="", designation="", salutation="", send=True, ): """ Creates a new user. """ user = cls() user.salutation = salutation user.first_name = first_name user.last_name = last_name user.middle_name = middle_name or "" user.name = " ".join([first_name, middle_name or "", last_name]) user.mobile_number = mobile user.original_email = email user.current_email = email user.email_list = [email] user.password = hp(email, password) user.previous_passwords = [hp(email, password)] # user.department = department # user.position = position user.confirmation_token = generate_token() if uacs: user.permissions = ["->".join(["UACS_ID", uacs])] if role: user.role = role.upper() if designation: user.designation = designation.upper() user.department = department user.agency = agency user.region = region user.operating_unit = operating_unit user.uacs = uacs user.put() if send: content = {"token": user.confirmation_token, "uid": str(user.key.id())} send_email( receiver_name=user.first_name, receiver_email=user.current_email, subject="Email Verfication", content=content, email_type="verify", ) return user