예제 #1
0
    def _process(self):
        if self.verification_email_sent and 'token' in request.args:
            email = secure_serializer.loads(request.args['token'], max_age=3600, salt='link-identity-email')
            if email not in self.emails:
                raise BadData('Emails do not match')
            session['login_identity_info']['email_verified'] = True
            session.modified = True
            flash(_('You have successfully validated your email address and can now proceed with the login.'),
                  'success')
            return redirect(url_for('.link_account', provider=self.identity_info['provider']))

        if self.must_choose_email:
            form = SelectEmailForm()
            form.email.choices = zip(self.emails, self.emails)
        else:
            form = IndicoForm()

        if form.validate_on_submit():
            if self.email_verified:
                return self._create_identity()
            elif not self.verification_email_sent:
                return self._send_confirmation(form.email.data if self.must_choose_email else self.emails[0])
            else:
                flash(_('The validation email has already been sent.'), 'warning')

        return WPAuth.render_template('link_identity.html', identity_info=self.identity_info, user=self.user,
                                      email_sent=self.verification_email_sent, emails=' / '.join(self.emails),
                                      form=form, must_choose_email=self.must_choose_email)
예제 #2
0
파일: controllers.py 프로젝트: javfg/indico
    def _process(self):
        if self.verification_email_sent and 'token' in request.args:
            email = secure_serializer.loads(request.args['token'], max_age=3600, salt='link-identity-email')
            if email not in self.emails:
                raise BadData('Emails do not match')
            session['login_identity_info']['email_verified'] = True
            session.modified = True
            flash(_('You have successfully validated your email address and can now proceed with the login.'),
                  'success')
            return redirect(url_for('.link_account', provider=self.identity_info['provider']))

        if self.must_choose_email:
            form = SelectEmailForm()
            form.email.choices = list(zip(self.emails, self.emails))
        else:
            form = IndicoForm()

        if form.validate_on_submit():
            if self.email_verified:
                return self._create_identity()
            elif not self.verification_email_sent:
                return self._send_confirmation(form.email.data if self.must_choose_email else self.emails[0])
            else:
                flash(_('The validation email has already been sent.'), 'warning')

        return WPAuth.render_template('link_identity.html', identity_info=self.identity_info, user=self.user,
                                      email_sent=self.verification_email_sent, emails=' / '.join(self.emails),
                                      form=form, must_choose_email=self.must_choose_email)
예제 #3
0
 def _request_token(self):
     form = ResetPasswordEmailForm()
     if form.validate_on_submit():
         user = form.user
         # The only case where someone would have more than one identity is after a merge.
         # And the worst case that can happen here is that we send the user a different
         # username than the one he expects. But he still gets back into his profile.
         # Showing a list of usernames would be a little bit more user-friendly but less
         # secure as we'd expose valid usernames for a specific user to an untrusted person.
         identity = next(iter(user.local_identities))
         _send_confirmation(form.email.data,
                            'reset-password',
                            '.resetpass',
                            'auth/emails/reset_password.txt', {
                                'user': user,
                                'username': identity.identifier
                            },
                            data=identity.id)
         session['resetpass_email_sent'] = True
         return redirect(url_for('.resetpass'))
     return WPAuth.render_template('reset_password.html',
                                   form=form,
                                   identity=None,
                                   widget_attrs={},
                                   email_sent=session.pop(
                                       'resetpass_email_sent', False))
예제 #4
0
    def _process(self):
        if session.user:
            return redirect(url_for('misc.index'))
        handler = MultipassRegistrationHandler(self) if self.identity_info else LocalRegistrationHandler(self)
        verified_email = self._get_verified_email()
        if verified_email is not None:
            handler.email_verified(verified_email)
            flash(_('You have successfully validated your email address and can now proceeed with the registration.'),
                  'success')
            return redirect(url_for('.register', provider=self.provider_name))

        form = handler.create_form()
        # Check for pending users if we have verified emails
        pending = None
        if not handler.must_verify_email:
            pending = User.find_first(~User.is_deleted, User.is_pending,
                                      User.all_emails.contains(db.func.any(list(handler.get_all_emails(form)))))

        if form.validate_on_submit():
            if handler.must_verify_email:
                return self._send_confirmation(form.email.data)
            else:
                return self._create_user(form, handler, pending)
        elif not form.is_submitted() and pending:
            # If we have a pending user, populate empty fields with data from that user
            for field in form:
                value = getattr(pending, field.short_name, '')
                if value and not field.data:
                    field.data = value
        if pending:
            flash(_("There is already some information in Indico that concerns you. "
                    "We are going to link it automatically."), 'info')
        return WPAuth.render_template('register.html', form=form, local=(not self.identity_info),
                                      must_verify_email=handler.must_verify_email, widget_attrs=handler.widget_attrs,
                                      email_sent=session.pop('register_verification_email_sent', False))
예제 #5
0
    def _process(self):
        if session.user:
            return redirect(url_for('misc.index'))
        handler = MultipassRegistrationHandler(self) if self.identity_info else LocalRegistrationHandler(self)
        verified_email = self._get_verified_email()
        if verified_email is not None:
            handler.email_verified(verified_email)
            flash(_('You have successfully validated your email address and can now proceeed with the registration.'),
                  'success')

            # Check whether there is already an existing pending user with this e-mail
            pending = User.find_first(User.all_emails.contains(verified_email), is_pending=True)

            if pending:
                session['register_pending_user'] = pending.id
                flash(_("There is already some information in Indico that concerns you. "
                        "We are going to link it automatically."), 'info')

            return redirect(url_for('.register', provider=self.provider_name))

        form = handler.create_form()
        if form.validate_on_submit():
            if handler.must_verify_email:
                return self._send_confirmation(form.email.data)
            else:
                return self._create_user(form, handler)
        return WPAuth.render_template('register.html', form=form, local=(not self.identity_info),
                                      must_verify_email=handler.must_verify_email, widget_attrs=handler.widget_attrs,
                                      email_sent=session.pop('register_verification_email_sent', False))
예제 #6
0
 def _reset_password(self, identity):
     form = ResetPasswordForm()
     if form.validate_on_submit():
         identity.password = form.password.data
         flash(_("Your password has been changed successfully."), 'success')
         login_user(identity.user, identity)
         # We usually come here from a multipass login page so we should have a target url
         return multipass.redirect_success()
     form.username.data = identity.identifier
     return WPAuth.render_template('reset_password.html', form=form, identity=identity,
                                   widget_attrs={'username': {'disabled': True}})
예제 #7
0
    def _process(self):
        if session.user:
            return redirect(url_for_index())

        handler = MultipassRegistrationHandler(
            self) if self.identity_info else LocalRegistrationHandler(self)
        verified_email, prevalidated = self._get_verified_email()
        if verified_email is not None:
            handler.email_verified(verified_email)
            if prevalidated:
                flash(
                    _("You may change your email address after finishing the registration process."
                      ), 'info')
            else:
                flash(
                    _('You have successfully validated your email address and can now proceeed with the '
                      'registration.'), 'success')
            return redirect(url_for('.register', provider=self.provider_name))

        form = handler.create_form()
        if not handler.moderate_registrations and not handler.must_verify_email:
            del form.comment
        # Check for pending users if we have verified emails
        pending = None
        if not handler.must_verify_email:
            pending = User.find_first(
                ~User.is_deleted, User.is_pending,
                User.all_emails.contains(
                    db.func.any(list(handler.get_all_emails(form)))))
        if form.validate_on_submit():
            if handler.must_verify_email:
                return self._send_confirmation(form.email.data)
            elif handler.moderate_registrations:
                return self._create_registration_request(form, handler)
            else:
                return self._create_user(form, handler)
        elif not form.is_submitted() and pending:
            # If we have a pending user, populate empty fields with data from that user
            for field in form:
                value = getattr(pending, field.short_name, '')
                if value and not field.data:
                    field.data = value
        if pending:
            flash(
                _("There is already some information in Indico that concerns you. "
                  "We are going to link it automatically."), 'info')
        return WPAuth.render_template(
            'register.html',
            form=form,
            local=(not self.identity_info),
            must_verify_email=handler.must_verify_email,
            widget_attrs=handler.widget_attrs,
            email_sent=session.pop('register_verification_email_sent', False),
            moderate_accounts=handler.moderate_registrations)
예제 #8
0
 def _reset_password(self, identity):
     form = ResetPasswordForm()
     if form.validate_on_submit():
         identity.password = form.password.data
         flash(_("Your password has been changed successfully."), 'success')
         login_user(identity.user, identity)
         # We usually come here from a multipass login page so we should have a target url
         return multipass.redirect_success()
     form.username.data = identity.identifier
     return WPAuth.render_template('reset_password.html', form=form, identity=identity,
                                   widget_attrs={'username': {'disabled': True}})
예제 #9
0
 def _request_token(self):
     form = ResetPasswordEmailForm()
     if form.validate_on_submit():
         user = form.user
         # The only case where someone would have more than one identity is after a merge.
         # And the worst case that can happen here is that we send the user a different
         # username than the one he expects. But he still gets back into his profile.
         # Showing a list of usernames would be a little bit more user-friendly but less
         # secure as we'd expose valid usernames for a specific user to an untrusted person.
         identity = next(iter(user.local_identities))
         _send_confirmation(form.email.data, 'reset-password', '.resetpass', 'auth/emails/reset_password.txt',
                            {'user': user, 'username': identity.identifier}, data=identity.id)
         session['resetpass_email_sent'] = True
         return redirect(url_for('.resetpass'))
     return WPAuth.render_template('reset_password.html', form=form, identity=None, widget_attrs={},
                                   email_sent=session.pop('resetpass_email_sent', False))