def send_create_account_email(email): """Sends an email through GovNotify to the specified address with an encoded link to verify their email :param email: The email address to send to """ url_safe_serializer = URLSafeSerializer(app.config["SECRET_KEY"]) response = uaa_controller.get_user_by_email(email) if response is None: return render_template("request-new-account-error.html") if response["totalResults"] == 0: internal_url = app.config["RESPONSE_OPERATIONS_UI_URL"] verification_url = f"{internal_url}/account/create-account/{token_decoder.generate_email_token(email)}" logger.info("Sending create account email", verification_url=verification_url) personalisation = {"CREATE_ACCOUNT_URL": verification_url, "EMAIL": email} try: NotifyController().request_to_notify( email=email, template_name="request_create_account", personalisation=personalisation ) except NotifyError as e: logger.error("Error sending create account request email to Notify Gateway", msg=e.description) return render_template("request-new-account-error.html") logger.info("Successfully sent create account request email", encoded_email=url_safe_serializer.dumps(email)) else: logger.info( "Requested account creation for email already in UAA", encoded_email=url_safe_serializer.dumps(email) ) return render_template("request-new-account-exists.html", email=email) return render_template("request-new-account-check-email.html", email=email)
def request_token(): data = request.get_json(force=True) if data.get('type', '') not in ('deliver', 'company'): return bad_request('') s = Serializer(current_app.config['SECRET_KEY']) if data['type'] == 'deliver': phone_number = data.get('phone_number', '') device_id = data.get('device_id', '') if not (phone_number and device_id): return bad_request('') deliver_ = Deliver.query.filter( Deliver.phone_number == phone_number).first() if not deliver_: deliver_ = Deliver() deliver_.phone_number = phone_number deliver_.device_id = device_id else: deliver_.device_id = device_id db.session.add(deliver_) db.session.commit() token_ = s.dumps({ 'type': data['type'], 'phone_number': phone_number }).decode('utf-8') else: company_id = data.get('company_id', '') if not company_id: return bad_request('') token_ = s.dumps({ 'type': data['type'], 'company_id': company_id }).decode('utf-8') return {'token': token_}
def get_api_key(request): s1 = URLSafeSerializer(settings.API_SECRET, salt="rolf-ipaddress-key") k1 = s1.dumps(dict(username=request.user.username, remote_addr=request.META["REMOTE_ADDR"])) s2 = URLSafeTimedSerializer(settings.API_SECRET, salt="rolf-timed-key") k2 = s2.dumps(dict(username=request.user.username)) k3 = None ip = request.GET.get("ip", None) if ip: k3 = s1.dumps(dict(username=request.user.username, remote_addr=ip)) return dict(k1=k1, k2=k2, k3=k3, ip=ip, remote_addr=request.META["REMOTE_ADDR"])
def get_api_key(request): s1 = URLSafeSerializer(settings.API_SECRET, salt="rolf-ipaddress-key") k1 = s1.dumps(dict(username=request.user.username, remote_addr=request.META['REMOTE_ADDR'])) s2 = URLSafeTimedSerializer(settings.API_SECRET, salt="rolf-timed-key") k2 = s2.dumps(dict(username=request.user.username)) k3 = None ip = request.GET.get('ip', None) if ip: k3 = s1.dumps(dict(username=request.user.username, remote_addr=ip)) return dict(k1=k1, k2=k2, k3=k3, ip=ip, remote_addr=request.META['REMOTE_ADDR'])
def main(): abspath = os.path.abspath(__file__) dname = os.path.dirname(abspath) os.chdir(dname) action = sys.argv[1] secret_key = sys.argv[2] if action == "generate": filename = sys.argv[3] basename = filename.split(".")[-2] extension = filename.split(".")[-1] digest = hashlib.sha512(secret_key + basename).hexdigest() des = URLSafeSerializer(digest) credentials = { 'filename': filename.encode("base64"), 'ext': extension, 'length': len(filename), 'signature': digest } print des.dumps(credentials, salt="donttread") return signed_serial = sys.argv[3] result = URLSafeSerializer("").loads_unsafe(signed_serial) img = "snek.jpg" try: if result[1]: signature = result[1]['signature'] extension = result[1]['ext'] filename = result[1]['filename'].decode("base64") length = result[1]['length'] if len(filename) == length and len(extension) == 3: basename = filename.split(".")[-2] digest = hashlib.sha512(secret_key + splitext(filename)[0]).hexdigest() if digest == signature: des = URLSafeSerializer(digest) des.loads(signed_serial, salt="donttread") img = "%s.%s" % (basename, extension) except: pass proc = subprocess.Popen(["./read_file", img], stdout=subprocess.PIPE) imgo = proc.stdout.read().encode("base64").replace("\n", "") output = '<img src="data:image/png;base64,%s" alt="i am %s" />' % (imgo, img) print output
def get_private_alert_token(uid, send_id): signer = URLSafeSerializer(current_app.secret_key) return signer.dumps({ 'user': uid, 'send': send_id, }, salt='private_alert_token')
class SendEmail(object): def __init__(self): self.serial = URLSafeSerializer(app.config["SECRET_KEY"]) self.sg = SGMail self.template = os.path.dirname( __file__) + "/templates/email_template.html" def send_invite_email(self, sender, league, to_email): j2_env = jinja2.Environment( loader=jinja2.PackageLoader('MovieLeague', 'templates')) template = j2_env.get_template('email_template.html') from_email = Email("*****@*****.**") to_email = Email(to_email) subject = "Invite to join %s" % league html = template.render(sender=sender, league=league, token=self.token_dump(league)) content = Content("text/html", html) mail = Mail(from_email, subject, to_email, content) response = self.sg.client.mail.send.post(request_body=mail.get()) print(response.status_code) print(response.body) print(response.headers) def token_dump(self, data): return self.serial.dumps(data) def token_load(self, token): return self.serial.loads(token)
def test_user_signin(self): """Tests if a user can signin and get a auth token.""" data = dumps({ 'first_name': 'abc', 'last_name': 'def', 'email': '*****@*****.**', 'password': '******' }) self.create_new_user(data) response = self.client.post('/users/signin', data=dumps({ 'email': '*****@*****.**', 'password': '******' }), content_type='application/json') # Generate token and compare with the one returned by the API. s = URLSafeSerializer(CONFIG.SECRET_KEY) token = s.dumps('*****@*****.**') self.assertEqual( loads(response.data), { 'email': '*****@*****.**', 'first_name': 'abc', 'last_name': 'def', 'message': 'User Authenticated Succesfully', 'token': token })
def post(self): data = request.get_json(force=True) data = json.loads(data) if not request.json: abort(400, 'Invalid JSON Type') if not 'username' in request.json or not 'password' in request.json: return bad_request('Invalid JSON Key') active = dbcon.query.filter_by(email=data['username']).first() # checking for active state of the user if active: if not data or not data['username'] or not data['password']: return bad_request403('Login required') # checking for username availability if active.user_active: return bad_request403('User already logged in') # verifying password if check_password_hash(active.password, data['password']): s = URLSafeSerializer(app.config['SECRET'], salt='activate-salt') # Token creation active.user_active = 1 db.session.commit() respdata = { 'userID': active.user_no, 'token': s.dumps({'email': active.email}) } return success_response(200, 'Login Success', respdata) return bad_request403('Authentication failed! wrong password') else: return bad_request403('User not exists')
def notify_signup_accepted(event, signup): """Send an email to a user that his signup was accepted""" id_field = current_app.config['ID_FIELD'] if signup.get('user'): lookup = {id_field: signup['user']} user = current_app.data.find_one('users', None, **lookup) name = user['firstname'] email = user['email'] else: name = 'Guest of AMIV' email = signup['email'] s = URLSafeSerializer(get_token_secret()) token = s.dumps(str(signup[id_field])) if current_app.config.get('SERVER_NAME') is None: current_app.logger.warning("SERVER_NAME is not set. E-Mail links " "will not work!") deletion_link = url_for('emails.on_delete_signup', token=token, _external=True) mail([email], 'Eventsignup accepted', current_app.config['ACCEPT_EMAIL_TEXT'].format( name=name, title=event.get('title_en') or event.get('title_de'), link=deletion_link, deadline=event['time_register_end'].strftime('%H.%M %d.%m.%Y')))
def send_booking_mail(request, user, event): user_id = user.id event_id = event.id serial = URLSafeSerializer('some_secret_key', salt='cancel_reservation') data = {'event_id': event_id, 'user_id': user_id} cancel_token = serial.dumps(data) cancel_url = reverse('cancel_reservation', args=[cancel_token]) cancel_url = request.build_absolute_uri(cancel_url) event_url = reverse('event_detail', args=[event_id, event.slug]) event_url = request.build_absolute_uri(event_url) params = {'cancel_url': cancel_url, 'event_url': event_url, 'event': event} msg_plain = render_to_string('mail/relance.html', params) msg_html = render_to_string('mail/relance.html', params) date = event.starts_at.date().strftime("%d %B") location = event.location.name subject = "Votre réservation pour le " + date + " à " + location mail.send([user.email], '*****@*****.**', subject=subject, message=msg_plain, html_message=msg_html)
def login_as_user(id): s = URLSafeSerializer(app.config['SECRET_KEY']) payload = {"id": id, "stamp": time.time()} token = s.dumps(payload) pieces = [app.config["LIME_URL"], 'trowel', token] url = '/'.join(piece.strip('/') for piece in pieces) return redirect(url)
def send_confirmmail_to_unregistered_users(items): """Send a confirmation email for external signups(email only) Args: item: The item, which was just inserted into the database """ for item in items: if 'user' not in item: event = current_app.data.find_one( 'events', None, **{current_app.config['ID_FIELD']: item['event']}) title = event.get('title_en') or event.get('title_de') s = URLSafeSerializer(get_token_secret()) token = s.dumps(str(item['_id'])) if current_app.config.get('SERVER_NAME') is None: current_app.logger.warning("SERVER_NAME is not set. E-Mail " "links will not work!") confirm_link = url_for('emails.on_confirm_email', token=token, _external=True) mail([item['email']], 'Registration for %s' % title, current_app.config['CONFIRM_EMAIL_TEXT'].format( title=title, link=confirm_link))
def send_confirmmail_to_unregistered_users(items): """Send a confirmation email for external signups(email only) Args: item: The item, which was just inserted into the database """ for item in items: if item.get('user') is None: event = current_app.data.find_one( 'events', None, **{current_app.config['ID_FIELD']: item['event']}) title = event.get('title_en') or event.get('title_de') s = URLSafeSerializer(get_token_secret()) token = s.dumps(str(item['_id'])) if current_app.config.get('SERVER_NAME') is None: current_app.logger.warning("SERVER_NAME is not set. E-Mail " "links will not work!") confirm_link = url_for('emails.on_confirm_email', token=token, _external=True) mail([item['email']], 'Registration for %s' % title, current_app.config['CONFIRM_EMAIL_TEXT'].format( title=title, link=confirm_link))
def create_targeted_device_sharing_token(device_id, access_level_id, account_id=None): """ Creates device sharing token that can be passed only to account with passed id in order to allow access to device :param device_id: Id of device :type device_id: int :param access_level_id: Id of access level this link will give :type access_level_id: int :param account_id: Id of account :type account_id: int :raises: ValueError if device does not exist """ if not Device.exists(id=device_id): raise NotPresentError("Device does not exist!") if not AccessLevel.exists(id=access_level_id): raise NotPresentError("AccessLevel does not exist!") data_to_serialize = { 'device_id': device_id, 'access_level_id': access_level_id } if account_id is not None: data_to_serialize['account_id'] = account_id serializer = URLSafeSerializer(app.config['SECRET_KEY'], salt=app.config['SECURITY_PASSWORD_SALT']) token = serializer.dumps(data_to_serialize) return token
def resetpassword(): form = PasswordResetForm() if form.validate_on_submit(): if form.username.data: user = Users.query.filter_by(username=form.username.data).first() elif form.email.data: user = Users.query.filter_by(email=form.email.data).first() else: flash("Username or password doesn't exists") if user: if user.email: s = URLSafeSerializer('serliaizer_code') key = s.dumps([user.username, user.email]) msg = Message("Password reset", sender="your_id@your_host.com", recipients=[user.email]) msg.html = "<b>Click on this link to reset your password.</b> \ #<a href='http://127.0.0.1:5000/passwordreset/ \ " + key + "'>http://127.0.0.1:5000/passwordreset/ \ " + key + "</a>" send_async_email(msg) flash('Email sent to: ' + user.email) return redirect(url_for('resetpassword')) else: flash('No such user') return redirect(url_for('resetpassword')) flash(u'Enter your email or username') return render_template('reset_password.html', form=form)
def generate_auth_token(self): if self.id: s = Serializer(app.secret_key) return s.dumps(str(self.id)) else: raise ValueError( 'APIKey must be saved before requesting an auth token.')
def post(self): '''Adds a new user''' args = self.parser.parse_args() password = args.pop('password') new_user = User(**args) new_user.set_password(password) db.session.add(new_user) try: db.session.commit() except IntegrityError as e: if 'UNIQUE constraint failed: users.email' in str(e): json_abort(422, message='email_taken') else: raise finally: db.session.rollback() # send email verification link ts = URLSafeSerializer(current_app.config["SECRET_KEY"], salt='verify-email') token = ts.dumps(new_user.id) link = ext_url_for('auth.verify_email', token=token) send_email( new_user.email, 'Registrierung bei Supermarkt abschließen', render_template('registration.txt', validation_link=link, name=new_user.name)) return dict(message='verify_email', user=new_user.as_dict()), 201
def send_invite(user): s = URLSafeSerializer(app.config['SECRET_KEY']) payload = s.dumps(str(user.id)) link_href = url_for("root.confirm", payload=payload, _external=True) InviteEmail(user.email, link_href).send() flash("Successfully sent invitation.")
def save(self, *args, **kwargs): if self.pk is None: from itsdangerous import URLSafeSerializer s = URLSafeSerializer(SECRET_KEY) x = datetime.now() self.ss_id = s.dumps(str(x)) super(Question, self).save(*args, **kwargs)
def forgot_password(): form = ForgotPasswordForm() if (form.validate_on_submit()): user = User.query.filter_by(username=form.username.data).first() if user is not None: s = URLSafeSerializer(Config.SECRET_KEY) user.reset_password_token = s.dumps([user.id, user.password]) db.session.commit() reset_link = url_for('public.reset_password', token=user.reset_password_token) email_message = '''Hello, you have requested a reset password token. Ignore this if you do not think you requested one. <a href="{}"> {}</a>''' email_message = email_message.format(reset_link, reset_link) return email_message msg = Message(email_message, sender="*****@*****.**", recipients=['*****@*****.**']) mail.send(msg) flash( "We have send a link to reset your password. Please check your email" ) return redirect(url_for('public.index')) else: flash('no user found') return redirect(url_for('public.index')) return render_template('forgot-password.html', form=form)
def test_resetpassword_old_request(self): user = app_model.User(email_address='*****@*****.**', user_name='test', display_name='Test', password='******') try: app_model.DBSession.add(user) except AttributeError: # Ming DBSession doesn't have/require .add pass old_password = user.password flush_db_changes() from datetime import datetime from dateutil.relativedelta import relativedelta old_date = datetime.utcnow() - relativedelta(years=3) import tg secret = tg.config.get('session.secret', tg.config.get('beaker.session.secret')) from itsdangerous import URLSafeSerializer serializer = URLSafeSerializer(secret) serialized_data = serializer.dumps( dict(request_date=old_date.strftime('%m/%d/%Y %H:%M'), email_address='*****@*****.**', password_frag='eh', redirect_to='/')) new_url = 'http://localhost/resetpassword/change_password/?data=' + serialized_data resp = self.app.get(new_url) form = resp.form form['password'] = '******' form['password_confirm'] = 'alfa' resp = form.submit() assert 'Password%20reset%20request%20timed%20out' in resp.headers[ 'Set-Cookie']
def register(): form = RegisterUserForm() if form.validate_on_submit(): user = User.create( username=form.data['username'], email=form.data['email'], password=form.data['password'], remote_addr=request.remote_addr, ) s = URLSafeSerializer(current_app.secret_key) token = s.dumps(user.id) send_registration_email.delay( { 'username': user.username, 'email': user.email }, token) flash( gettext( 'Sent verification email to {email}'.format(email=user.email)), 'success') return redirect(url_for('index')) return render_template('register.html', form=form)
def post(self, request): try: username = request.POST.get('username') password1 = request.POST.get('password1') password2 = request.POST.get('password2') email = request.POST.get('email') user = authenticate(username=username, password=password1) if user: # 用户已经存在 return render(request, 'register.html', {'msg': '用户名已存在'}) else: # 保存用户 user = User.objects.create_user(username=username, password=password1, email=email, is_active=0) auth_s = URLSafeSerializer(settings.SECRET_KEY, "auth") token = auth_s.dumps({'name': username}) cache.set(token, user.id, timeout=10 * 60) active_url = f'http://127.0.0.1:8000/active/?tooken={token}' content = loader.render_to_string('email.html', request=request, context={ 'username': username, 'active_url': active_url }) sendmail.delay(content) return redirect('/') except Exception as e: return render(request, 'register.html', {'msg': '注册失败'})
def create_reset_link(user): l = "http://localhost:5001/reset/" s = URLSafeSerializer("hacker-bees") token = s.dumps(user.id) l += token user.reset_time = datetime.today() return l
def generate_client_token(self): """ use client_id & client_key to generate client grant token """ s = Serializer(current_app.config["SECRET_KEY"]) return s.dumps({'client_id': self.id})
def resetpassword(): form = PasswordResetForm() if form.validate_on_submit(): if form.username.data: user = Users.query.filter_by(username=form.username.data).first() elif form.email.data: user = Users.query.filter_by(email=form.email.data).first() else: flash("Username or password not in system") if user: if user.email: s = URLSafeSerializer('12fe454t') key = s.dumps([user.username, user.email]) #s.loads('WzEsMiwzLDRd.wSPHqC0gR7VUqivlSukJ0IeTDgo') msg = Message("Password reset", sender="*****@*****.**", recipients=[user.email]) msg.html = "<b>testing</b> \ #<a href='http://127.0.0.1:5000/passwordreset/" + key + "'>http://127.0.0.1:5000/passwordreset/" + key + "</a>" print msg.html mail.send(msg) flash('Email sent to: ' + user.email) return redirect(url_for('resetpassword')) else: flash('No such user') return redirect(url_for('resetpassword')) else: flash('No such user') return redirect(url_for('resetpassword')) return render_template('reset_password.html', form=form)
def new_task(app_id): """Return a new task for an application.""" # Check if the request has an arg: try: app = db.session.query(model.App).get(app_id) if app is None: raise NotFound if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 user_id = None if current_user.is_anonymous() else current_user.id user_ip = request.remote_addr if current_user.is_anonymous() else None task = sched.new_task(app_id, user_id, user_ip, offset) # If there is a task for the user, return it if task: s = URLSafeSerializer(current_app.config.get('SECRET_KEY')) r = make_response(json.dumps(task.dictize())) r.mimetype = "application/json" cookie_id = 'task_run_for_task_id_%s' % task.id r.set_cookie(cookie_id, s.dumps(task.dictize())) return r else: return Response(json.dumps({}), mimetype="application/json") except Exception as e: return error.format_exception(e, target='app', action='GET')
def send_confirmation(email): serializer = URLSafeSerializer(admininfo.secret_key, salt=admininfo.confirm_salt) token = serializer.dumps(email) url = 'http://praxtrain.com/confirm/' + token text = generateEmail.generateConfText(url) html = generateEmail.generateConfHTML(url) sender = '*****@*****.**' smtpserver = smtplib.SMTP('smtp.zoho.com', 587) smtpserver.ehlo() smtpserver.starttls() smtpserver.login(sender, admininfo.zoho_pw) msg = MIMEMultipart('alternative') msg['Subject'] = "Confirm your email subscription to PraxTrain" msg['From'] = 'DailyPrax <' + sender + '>' msg['To'] = email part1 = MIMEText(text, 'plain') part2 = MIMEText(html, 'html') msg.attach(part1) msg.attach(part2) smtpserver.sendmail(sender, email, msg.as_string()) print('Email sent to ' + email) smtpserver.quit()
def create_new_profile(user_profile): token_signer = URLSafeSerializer( config_secrets["UUIDSECRET"]["secret_key"], salt=config_secrets["UUIDSECRET"]["secret_salt"]) print("Creating a new entry for user!") # Generate New User ID --> Random and unique user_id = 'UI_' + str(uuid.uuid4()) # Generate New User Token user_token = token_signer.dumps(user_id) # New User Record Structure new_user_profile = { 'FACEBOOK_ID': user_profile['FACEBOOK_ID'], 'USER_ID': user_id, 'USER_NAME': user_profile['USER_NAME'], 'EMAIL_ID': user_profile['EMAIL_ID'], 'GENDER': user_profile['GENDER'], 'USER_TOKEN': user_token, 'FIREBASE_ID': user_profile['FIREBASE_ID'] } user_profile_table.put_item(Item=new_user_profile) print("New entry created!") # ADD CODE TO CREATE RECORDS FOR FRIENDLIST, PREFERENCE, AND FEEDBACK # ------------------------------------------------------------------- return user_token
class LinkGenerator: """ Link to personalised form in email """ DELIMITER = ';' def __init__(self, app): self._app = app self._serializer = URLSafeSerializer(app.config['SECRET_KEY']) def generate_payload(self, gala_id, club_id, swimmer_id): """ Include identifiers in payload :param gala_id: :param club_id: :param swimmer_id: """ payload = str(time()) + self.DELIMITER + str(gala_id) + self.DELIMITER + str(club_id) + \ self.DELIMITER + str(swimmer_id) return self._serializer.dumps(payload, salt=constants.LINK_GENERATOR_SALT) def load_payload(self, payload): """ Retrieve identifiers from payload :param payload: """ plain_payload = self._serializer.loads(payload, salt=constants.LINK_GENERATOR_SALT) try: plain_payload = plain_payload.split(self.DELIMITER) return {'gala_id': plain_payload[1], 'club_id': plain_payload[2], 'swimmer_id': plain_payload[3]} except: raise ValueError('Invalid payload format detected.')
def generate_jwt(claims, lifetime=None, expires=None, not_before=None): """ Generate a JSON Web Token. - **exp** (*IntDate*) -- The UTC expiry date and time of the token, in number of seconds from 1970-01-01T0:0:0Z UTC. - **iat** (*IntDate*) -- The UTC date and time at which the token was generated. - **nbf** (*IntDate*) -- The UTC valid-from date and time of the token. - **jti** (*str*) -- A unique identifier for the token. """ claims = dict(claims) now = datetime.utcnow() claims['iat'] = timegm(now.utctimetuple()) claims['nbf'] = timegm((not_before or now).utctimetuple()) claims['jti'] = urlsafe_b64encode(urandom(128)) if lifetime: claims['exp'] = timegm((now + lifetime).utctimetuple()) elif expires: claims['exp'] = timegm(expires.utctimetuple()) signer = URLSafeSerializer(SECRET_KEY) return signer.dumps(claims)
def get_context_data(self, **kwargs): context = super(AlbumView, self).get_context_data(**kwargs) serializer = URLSafeSerializer(settings.SECRET_KEY) token = serializer.dumps({'album_id': self.object.id}) context['token'] = token context['album'] = self.object return context
def resend_activation(): """ Resend the activation token in the user's email. returns: 403 if any errors occur. 200 if successful, and user get the activation mail resent to him. """ req = request.get_json() try: user = (User.query .filter(User.email == req['email']) .one()) if user.is_active: return Error("User is already active", 403)() serializer = URLSafeSerializer(app.config['SECRET_KEY']) activation_token = serializer.dumps(user.email) activation_url = url_for('User.activate_user', activation_token=activation_token, _external=True) Mail(req['email'], subject_data={'name': user.full_name}, html_data={'token': activation_url}, text_data={'name': user.full_name}, template_root=SIGNUP_ACTIVATION ).send() return "" except NoResultFound: return Error("User with that email doesnt exist", 403)()
def reset_password(): form = PasswordResetForm() if form.validate_on_submit(): if form.username.data: user = Users.query.filter_by(username=form.username.data).first() elif form.email.data: user = Users.query.filter_by(email=form.email.data).first() else: flash("Username or password doesn't exists") if user: if user.email: s = URLSafeSerializer('serliaizer_code') key = s.dumps([user.username, user.email]) msg = Message("Password reset", sender="your_id@your_host.com", recipients=[user.email]) msg.html = "<b>Click on this link to reset your password.</b> \ #<a href='http://127.0.0.1:5000/passwordreset/ \ " + key + "'>http://127.0.0.1:5000/passwordreset/ \ " + key + "</a>" send_async_email(msg) flash('Email sent to: ' + user.email) return redirect(url_for('reset_password')) else: flash('No such user') return redirect(url_for('reset_password')) flash(u'Enter your email or username') return render_template('reset_password.html', form=form)
def register(): form = RegisterUserForm() if form.validate_on_submit(): user = User.create( username=form.data['username'], email=form.data['email'], password=form.data['password'], remote_addr=request.remote_addr, ) s = URLSafeSerializer(current_app.secret_key) token = s.dumps(user.id) send_registration_email.delay(user, token) flash( gettext( 'Sent verification email to {email}'.format( email=user.email ) ), 'success' ) return redirect(url_for('index')) return render_template('register.html', form=form)
def reset_request(self, **kw): user = model.provider.query(app_model.User, filters=dict(email_address=kw['email_address']))[1][0] password_frag = user.password[0:4] serializer = URLSafeSerializer(tg.config['beaker.session.secret']) serialized_data = serializer.dumps(dict(request_date=datetime.utcnow().strftime('%m/%d/%Y %H:%M'), email_address=kw['email_address'], password_frag=password_frag)) password_reset_link = tg.url(self.mount_point + "/change_password/", params=dict(data=serialized_data), qualified=True) reset_password_config = tg.config.get('_pluggable_resetpassword_config') mail_body = reset_password_config.get('mail_body', _(''' We've received a request to reset the password for this account. Please click this link to reset your password: %(password_reset_link)s If you no longer wish to make the above change, or if you did not initiate this request, please disregard and/or delete this e-mail. ''')) email_data = {'sender': tg.config['resetpassword.email_sender'], 'subject': reset_password_config.get('mail_subject', _('Password reset request')), 'body': mail_body, 'rich': reset_password_config.get('mail_rich', '')} tg.hooks.notify('resetpassword.on_request', args=(user, email_data, password_reset_link)) email_data['body'] = email_data['body'] % dict(password_reset_link=password_reset_link) email_data['rich'] = email_data['rich'] % dict(password_reset_link=password_reset_link) send_email(user.email_address, **email_data) flash(_('Password reset request sent')) return plug_redirect('resetpassword', '/')
def generate_user_token(email, salt): with open('credentials.txt') as f: credentials = {k: v for k, v in map(str.split, f.readlines())} server_secret = credentials['SERVER_SECRET'] serializer = URLSafeSerializer(server_secret, salt=salt) return serializer.dumps(email)
def resend_activation_email(email_to_activate): """ Function to resend the activation email """ #check local database loc_db_user = AdsUserRecord.query.filter(AdsUserRecord.username==email_to_activate) #@UndefinedVariable #get the user object user_rec = loc_db_user.first() if user_rec: #create an itsdangerous object to sign the verification email itsd = URLSafeSerializer(config.ACCOUNT_VERIFICATION_SECRET) #send the confirmation email act_code = itsd.dumps(email_to_activate) message_html = """<h3>Dear %(name)s %(lastname)s, thank you for registering to the NASA ADS</h3> <p>Your activation code is <strong>%(code)s</strong></p> <p>To activate your account, please click <a href="%(act_url)s">here</a></p> <p>If the link doesn't work, please copy the following URL and paste it in your browser:<br/>%(act_url)s</p> <p>Please do not replay to this email: to contact us please use our <a href="%(feedb_url)s">feedback form</a></p> <p>Regards,<br/>The ADS team</p> """ % {'name':user_rec.firstname, 'lastname':user_rec.lastname, 'code':act_code, 'act_url': '%s%s?id=%s' % (config.MAIL_CONTENT_REDIRECT_BASE_URL, url_for('user.activate'), act_code), 'feedb_url' : '%s%s'%(config.MAIL_CONTENT_REDIRECT_BASE_URL, url_for('feedback.feedback')) } try: send_email_to_user(u"NASA ADS Account confirmation required", message_html, [email_to_activate]) except: app.logger.error('Failed to re-send confirmation email for user creation') return False, 'There are some technical problems: please try later.', 'error' return True, 'A new email with the activation code has been sent to your email address.', 'success' else: app.logger.error('Tried to re-send confirmation email for user creation for user not yet created or not stored in the DB. Email used %s' % email_to_activate) return False, 'The user with the given email does not exist', 'error'
def new_task(app_id): # Check if the request has an arg: try: app = db.session.query(model.App).get(app_id) if app is None: raise NotFound if request.args.get('offset'): offset = int(request.args.get('offset')) else: offset = 0 user_id = None if current_user.is_anonymous() else current_user.id user_ip = request.remote_addr if current_user.is_anonymous() else None task = sched.new_task(app_id, user_id, user_ip, offset) # If there is a task for the user, return it if task: s = URLSafeSerializer(current_app.config.get('SECRET_KEY')) r = make_response(json.dumps(task.dictize())) r.mimetype = "application/json" cookie_id = 'task_run_for_task_id_%s' % task.id r.set_cookie(cookie_id, s.dumps(task.dictize())) return r else: return Response(json.dumps({}), mimetype="application/json") except Exception as e: return error.format_exception(e, target='app', action='GET')
class Serializer: def __init__(self, app): self.serializer = URLSafeSerializer(app.config['SECRET_KEY']) self.salt = app.config['SECRET_SALT'] def loads(self, token): return self.serializer.loads(token) def dumps(self, string): return self.serializer.dumps(string) def loads_salted(self, token): return self.serializer.loads(token, salt=self.salt) def dumps_salted(self, string): return self.serializer.dumps(string, salt=self.salt)
def save(self, *args, **kwargs): from itsdangerous import URLSafeSerializer s = URLSafeSerializer(SECRET_KEY) x = datetime.now() self.ss_id = s.dumps(str(x)) if self.pk is None: super(Question, self).save(self, *args, **kwargs)
def generate_auth_token(self): """generate a token""" s = Serializer( current_app.config['SECRET_KEY'] # expiration ) return s.dumps({'id': self.id})
def toggle_choice(request): campaign = get_active_campaign_or_404() volunteer = get_object_or_404(Volunteer, pk=request.POST.get('volunteer_id')) with transaction.atomic(): cursor = connection.cursor() cursor.execute('LOCK TABLE %s' % VolunteerCampaign._meta.db_table) created = False try: obj = VolunteerCampaign.objects.get( Q(accepted__isnull=True) | Q(accepted=True), campaign=campaign, volunteer=volunteer, ) except VolunteerCampaign.DoesNotExist: obj, created = VolunteerCampaign.objects.get_or_create( campaign=campaign, volunteer=volunteer, organisation=request.user.organisation, ) if created: serializer = URLSafeSerializer(settings.SECRET_KEY) confirm_invite_url = reverse('confirm_invite', args=[serializer.dumps(obj.pk)]) get_adapter().send_mail('emails/volunteer_invitation', volunteer.user.email, { 'organisation': request.user.organisation, 'confirm_invite_url': request.build_absolute_uri(confirm_invite_url), }) state, label = get_volunteer_status(obj, request.user.organisation) return JsonResponse({ 'state': state, 'label': label, })
def forgot_password(): """ Sends Reset Password link to User's email address. User can change his/her password through the link mentioned in the Email. It won't be an endpoint, it will be a webpage :return: 403 if any errors, else return 200 """ req = request.get_json() serializer = URLSafeSerializer(app.config['SECRET_KEY']) try: user = User.query \ .filter(User.email == req['email']) \ .filter(User.is_active) \ .one() token = serializer.dumps(req['email']) reset_password_link = f"{request.url_root}reset_password?token={token}" Mail(user.email, subject_data={'name': user.full_name}, html_data={'token': reset_password_link}, text_data={'token': reset_password_link}, template_root=FORGOT_PASSWORD ).send() return "" except NoResultFound: return Error('Invalid Email Address', 403)()
def main(): abspath = os.path.abspath(__file__) dname = os.path.dirname(abspath) os.chdir(dname) action = sys.argv[1] secret_key = sys.argv[2] if action == "generate": filename = sys.argv[3] basename = filename.split(".")[-2] extension = filename.split(".")[-1] digest = hashlib.sha512(secret_key + basename).hexdigest() des = URLSafeSerializer(digest) credentials = {'filename': filename.encode("base64"), 'ext': extension, 'length': len(filename), 'signature': digest} print des.dumps(credentials, salt="donttread") return signed_serial = sys.argv[3] result = URLSafeSerializer("").loads_unsafe(signed_serial) img = "snek.jpg" try: if result[1]: signature = result[1]['signature'] extension = result[1]['ext'] filename = result[1]['filename'].decode("base64") length = result[1]['length'] if len(filename) == length and len(extension) == 3: basename = filename.split(".")[-2] digest = hashlib.sha512(secret_key + splitext(filename)[0]).hexdigest() if digest == signature: des = URLSafeSerializer(digest) des.loads(signed_serial, salt="donttread") img = "%s.%s" % (basename, extension) except: pass proc = subprocess.Popen(["./read_file", img], stdout=subprocess.PIPE) imgo = proc.stdout.read().encode("base64").replace("\n", "") output = '<img src="data:image/png;base64,%s" alt="i am %s" />' % (imgo, img) print output
def get_api_key(request): remote_addr = request.META.get( 'HTTP_X_FORWARDED_FOR', request.META.get('REMOTE_ADDR')) s1 = URLSafeSerializer(settings.API_SECRET, salt="rolf-ipaddress-key") k1 = s1.dumps(dict(username=request.user.username, remote_addr=remote_addr)) s2 = URLSafeTimedSerializer(settings.API_SECRET, salt="rolf-timed-key") k2 = s2.dumps(dict(username=request.user.username)) k3 = None ip = request.GET.get('ip', None) if ip: k3 = s1.dumps(dict(username=request.user.username, remote_addr=ip)) return render(request, 'rolf/get_api_key.html', dict(k1=k1, k2=k2, k3=k3, ip=ip, remote_addr=remote_addr))
def encrypt(self, payload, timestamp=False): result = '' s1 = URLSafeSerializer(self.secret_key) result = s1.dumps(payload) if(timestamp == True): s2 = TimestampSigner(self.secret_key) result = s2.sign(result) return result
def save(self, *args, **kwargs): from itsdangerous import URLSafeSerializer s = URLSafeSerializer(SECRET_KEY) x = Test.objects.all().count() print(x) print(type(x)) self.s_id = s.dumps(x + 1) if self.pk is None: super(Test, self).save(self, *args, **kwargs)
def __generate_key(string): app = current_app._get_current_object() s = URLSafeSerializer(app.config['SECRET_KEY']) string = '%s.%s.%s' % (string, time.time(), random.getrandbits(256)) string = sha256(string).hexdigest() string = s.dumps(string) # return base64.b64encode(sha1(string).hexdigest(), # ).rstrip('==') return sha1(string).hexdigest()
def generate_confirmation_token(email): """ Generates a confirmation token for the user to confirm their account The actual email is encoded in the token :param email: The user email :return: """ serializer = URLSafeSerializer(current_app.config.get("SECRET_KEY")) return serializer.dumps(email, salt=current_app.config.get("SECURITY_PASSWORD_SALT"))
def send_activation_email(self): s = URLSafeSerializer(app.config['SECRET_KEY']) payload = s.dumps(self.username) url = url_for('activate', payload=payload, _external=True) subject = "Activate your account" text = render_template("activate.txt", url=url) html = render_template("activate.html", url=url) email_helper.send_email(self.get_email(), subject, text, html)
def generate_client_token(self): """ use client_id & client_key to generate client grant token """ s = Serializer( current_app.config["SECRET_KEY"] ) return s.dumps({'client_id': self.id})
class Encryption: def init_app(self, app): self.serializer = URLSafeSerializer(app.config.get('SECRET_KEY')) self.salt = app.config.get('DANGEROUS_SALT') def encrypt(self, thing_to_encrypt): return self.serializer.dumps(thing_to_encrypt, salt=self.salt) def decrypt(self, thing_to_decrypt): return self.serializer.loads(thing_to_decrypt, salt=self.salt)
def _generate_signed_string(payload): """ :param payload: :return: """ signer_kwargs = {"digest_method": sha256} signer = URLSafeSerializer(app.secret_key, signer_kwargs=signer_kwargs) signature = signer.dumps(payload) return signature
def create_user(signup_form): """ Function that inserts the user info in the local database before being activated and sends an email with the confirmation code """ # create an itsdangerous object to sign the verification email and encrypt the password itsd = URLSafeSerializer(config.ACCOUNT_VERIFICATION_SECRET) # send the confirmation email act_code = itsd.dumps(signup_form.login.data) message_html = """<h3>Dear %(name)s %(lastname)s, thank you for registering to the NASA ADS</h3> <p>Your activation code is <strong>%(code)s</strong></p> <p>To activate your account, please click <a href="%(act_url)s">here</a></p> <p>If the link doesn't work, please copy the following URL and paste it in your browser:<br/>%(act_url)s</p> <p>Please do not replay to this email: to contact us please use our <a href="%(feedb_url)s">feedback form</a></p> <p>Regards,<br/>The ADS team</p> """ % { "name": signup_form.name.data, "lastname": signup_form.lastname.data, "code": act_code, "act_url": "%s%s?id=%s" % (config.MAIL_CONTENT_REDIRECT_BASE_URL, url_for("user.activate"), act_code), "feedb_url": "%s%s" % (config.MAIL_CONTENT_REDIRECT_BASE_URL, url_for("feedback.feedback")), } try: send_email_to_user(u"NASA ADS Account confirmation required", message_html, [signup_form.login.data]) except: app.logger.error("Failed to send confirmation email for user creation") return False, "There are some technical problems: please try later.", "error" # create a new user object new_rec = AdsUserRecord( cookie_id=g.user_cookie_id, # temporary unique cookie id username=signup_form.login.data, firstname=signup_form.name.data, lastname=signup_form.lastname.data, password=itsd.dumps(signup_form.password.data), registered=datetime.utcnow().replace(tzinfo=pytz.utc), active=False, anonymous=False, ) # save the user new_rec.save() return True, "Thanks for the registration. An email with the activation code has been sent to you.", "success"
def change_password(): ''' Let users change password ''' if request.method == 'GET': return render_template('change_password.html') elif request.method == 'POST': if request.form['submit'] == 'Cancel': flash('Password change cancelled.') return redirect(url_for('main.settings')) current_password = request.form['wyr_current_password'] new_password = request.form['wyr_new_password'] confirm_password = request.form['wyr_confirm_password'] #first verify current password myctx = CryptContext(schemes=['pbkdf2_sha256']) if myctx.verify(current_password, current_user.password) == True: #password checks if len(new_password) < 5: flash('Password is too short. Please try again.') return redirect(url_for('main.change_password')) elif new_password != confirm_password: flash('The confirmation password did not match the new password you entered.') return redirect(url_for('main.change_password')) else: #use passlib to encrypt password myctx = CryptContext(schemes=['pbkdf2_sha256']) hash = myctx.encrypt(new_password) current_user.password = hash db.session.commit() # send user email to confirm, allow reset of password #hash for confirm change serializer = URLSafeSerializer(current_app.config['SECRET_KEY']) email_hash = serializer.dumps([current_user.email], salt='reset_password') to = current_user.email subject = 'Password Change' text = """The password for your What You've Read account has been changed. If this was not you, someone has access to your account. You should <a href="http://www.whatyouveread.com/reset_password?code={}">reset your password</a> immediately.<br> <br> -Kris @ What You've Read""".format(email_hash) common.send_simple_message(to, subject, text) flash('Your password has been updated.') return redirect(url_for('main.settings')) else: flash('Password is incorrect.') return redirect(url_for('main.change_password')) else: return abort(405)
def email_verify(username, email): s = URLSafeSerializer(secret_key, salt=email_verify_salt) token = s.dumps( dict( u=username, e=email)) url = 'http://www.genitag.org/action/accountverify?token=' + token subject = 'Verify email for Genitag account' message = 'visit this link to verify your email address to the account with the username ' \ + username + '\r\n' + 'link: ' + url send_email(message, subject, email) return None