def register():
if current_user.is_authenticated():
return redirect('/')
form = RegisterForm(request.form)
if form.validate_on_submit():
user = User(
email=form.email.data,
password=form.password.data,
confirmed=False
)
db.session.add(user)
db.session.commit()
token = generate_confirmation_token(user.email)
confirm_url = url_for('user.confirm_email', token=token, _external=True)
html = render_template('user/activate.html', confirm_url=confirm_url)
subject = "Please confirm your email"
send_email(user.email, subject, html)
login_user(user)
flash('A confirmation email has been sent via email.', 'success')
return redirect(url_for("user.unconfirmed"))
return render_template('user/register.html', form=form)
def test_confirm_token_route_expired_token(self):
# Ensure user cannot confirm account with expired token.
user = User(email='*****@*****.**', password='******', confirmed=False)
db.session.add(user)
db.session.commit()
token = generate_confirmation_token('*****@*****.**')
self.assertFalse(confirm_token(token, -1))
def resend_confirmation():
token = generate_confirmation_token(current_user.email)
confirm_url = url_for('user.confirm_email', token=token, _external=True)
html = render_template('user/activate.html', confirm_url=confirm_url)
subject = "Please confirm your email"
send_email(current_user.email, subject, html)
flash('A new confirmation email has been sent.', 'success')
return redirect(url_for('user.unconfirmed'))
def test_invalid_confirmation_token(self):
user1 = User(email='*****@*****.**', password='******', confirmed=False)
user2 = User(email='*****@*****.**', password='******', confirmed=False)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = generate_confirmation_token('*****@*****.**')
confirm_token(token)
self.assertFalse(user1.confirmed)
def test_confirm_token_route_invalid_token(self):
# Ensure user cannot confirm account with invalid token.
token = generate_confirmation_token('*****@*****.**')
with self.client:
self.client.post('/login', data=dict(
email='*****@*****.**', password='******'
), follow_redirects=True)
response = self.client.get('/confirm/'+token, follow_redirects=True)
self.assertIn(
b'The confirmation link is invalid or has expired.',
response.data
)
def test_confirm_token_route_valid_token(self):
# Ensure user can confirm account with valid token.
with self.client:
self.client.post('/login', data=dict(
email='*****@*****.**', password='******'
), follow_redirects=True)
token = generate_confirmation_token('*****@*****.**')
response = self.client.get('/confirm/'+token, follow_redirects=True)
self.assertIn(b'You have confirmed your account. Thanks!', response.data)
self.assertTemplateUsed('main/index.html')
user = User.query.filter_by(email='*****@*****.**').first_or_404()
self.assertIsInstance(user.confirmed_on, datetime.datetime)
self.assertTrue(user.confirmed)
def reset_post():
email=request.form.get('email')
user=User.query.filter_by(email=email).first()
if user==None:
flash("Email is not registered. Go to Signup page",'danger')
else:
token=generate_confirmation_token(email)
confirm_url = url_for('auth.newpassword', token=token, _external=True)
html = render_template('resetmail.html', confirm_url=confirm_url)
subject="Password Reset"
msg=Message(subject=subject,sender="*****@*****.**",recipients=[email],html=html)
mail.send(msg)
flash("Reset password email successfully sent. Go check your email",'success')
return render_template('resetpassword.html')
def test_request_pw_reset_valid_token(self):
# Ensure user can request a valid token.
with self.client:
self.client.post(
'/',
data=dict(email="*****@*****.**", mailbox='test_user_com'),
follow_redirects=True)
token = generate_confirmation_token('*****@*****.**')
response = self.client.get('/reset/'+token, follow_redirects=True)
self.assertTemplateUsed('main/reset_password.html')
self.assertIn(
b'You can now change your password.',
response.data
)
def test_invalid_confirmation_token_views(self):
user1 = User(email='*****@*****.**', password='******', confirmed=False)
user2 = User(email='*****@*****.**', password='******', confirmed=False)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = generate_confirmation_token('*****@*****.**')
with self.client:
self.client.post('/login', data=dict(
email='*****@*****.**', password='******'
), follow_redirects=True)
response = self.client.get(
'/confirm/'+str(token), follow_redirects=True)
self.assertIn('The confirmation link is invalid or has expired.',
response.data)
def test_confirm_token_route_valid_token(self):
# Ensure user can confirm account with valid token.
with self.client:
self.client.post('/login', data=dict(
email='*****@*****.**', password='******'
), follow_redirects=True)
token = generate_confirmation_token('*****@*****.**')
response = self.client.get(
'/confirm/'+token, follow_redirects=True)
self.assertIn(
b'You have confirmed your account. Thanks!', response.data)
self.assertTemplateUsed('main/index.html')
user = User.query.filter_by(email='*****@*****.**').first_or_404()
self.assertIsInstance(user.confirmed_on, datetime.datetime)
self.assertTrue(user.confirmed)
def test_invalid_confirmation_token_views(self):
user1 = User(email='*****@*****.**', password='******', confirmed=False)
user2 = User(email='*****@*****.**', password='******', confirmed=False)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = generate_confirmation_token('*****@*****.**')
with self.client:
self.client.post('/login',
data=dict(email='*****@*****.**',
password='******'),
follow_redirects=True)
response = self.client.get('/confirm/' + str(token),
follow_redirects=True)
self.assertIn('The confirmation link is invalid or has expired.',
response.data)
def home():
form = RequestForm(request.form)
if form.validate_on_submit():
token = generate_confirmation_token(form.mailbox.data)
reset_url = url_for('main.reset_password', token=token, _external=True)
html = render_template('main/reset.html',
mailbox=form.mailbox.data,
reset_url=reset_url)
subject = "Reset your email password"
send_email(form.email.data, subject, html)
flash(
'A password reset email has been sent. Check your spam/junk folders if it does not arrive.',
'success')
return redirect(url_for("main.home"))
return render_template('main/request_pwdch.html', form=form)
def apiregister():
data = {}
if request.headers['Content-Type'] == 'application/json':
user = User(email=request.json['email'],
password=request.json['password'],
name=request.json['username'],
confirmed=True,
user_token=generate_password_hash(
request.json['email'].encode()))
db.session.add(user)
db.session.commit()
token = generate_confirmation_token(user.email)
login_user(user)
data['response'] = "success"
# return "registered: %s %s you need to confirm"%(request.json['email'], request.json['password'])
return json.dumps(data)
else:
data['response'] = "failure"
return json.dumps(data)
def apiregister():
data = {}
if request.headers['Content-Type'] == 'application/json':
user = User(
email = request.json['email'],
password = request.json['password'],
name = request.json['username'],
confirmed = True,
user_token = generate_password_hash(request.json['email'].encode())
)
db.session.add(user)
db.session.commit()
token = generate_confirmation_token(user.email)
login_user(user)
data['response'] = "success"
# return "registered: %s %s you need to confirm"%(request.json['email'], request.json['password'])
return json.dumps(data)
else:
data['response'] = "failure"
return json.dumps(data)
def forgot():
form = ForgotForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
token = generate_confirmation_token(user.email)
user.password_reset_token = token
db.session.commit()
reset_url = url_for('user.forgot_new', token=token, _external=True)
html = render_template('user/reset.html',
username=user.email,
reset_url=reset_url)
subject = "Reset your password"
send_email(user.email, subject, html)
flash('A password reset email has been sent via email.', 'success')
return redirect(url_for("main.home"))
return render_template('user/forgot.html', form=form)
def forgot():
form = ForgotForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
token = generate_confirmation_token(user.email)
user.password_reset_token = token
db.session.commit()
reset_url = url_for('user.forgot_new', token=token, _external=True)
html = render_template('user/reset.html',
username=user.email,
reset_url=reset_url)
subject = "Reset your password"
send_email(user.email, subject, html)
flash('A password reset email has been sent via email.', 'success')
return redirect(url_for("main.home"))
return render_template('user/forgot.html', form=form)
def forgot():
form = ResetPasswordRequestForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
token = generate_confirmation_token(user.email)
user.password_reset_token = token
db.session.commit()
reset_url = url_for('auth.forgot_new', token=token, _external=True)
html = render_template('auth/reset.html',
username=user.email,
reset_url=reset_url)
subject = "Passwort zurücksetzen"
send_email(user.email, subject, html)
flash('Eine Email zum zurücksetzen des Passwortes wurde versendet.',
'success')
return redirect(url_for("main.index"))
return render_template('auth/forgot.html', form=form)
def test_reset_forgotten_password_valid_token_invalid_login(self):
# Ensure user can confirm account with valid token.
with self.client:
self.client.post('/forgot', data=dict(
email='*****@*****.**',
), follow_redirects=True)
token = generate_confirmation_token('*****@*****.**')
response = self.client.get('/forgot/new/'+token, follow_redirects=True)
self.assertTemplateUsed('user/forgot_new.html')
self.assertIn(
b'You can now change your password.',
response.data
)
response = self.client.post(
'/forgot/new/'+token,
data=dict(password="******", confirm="new-password"),
follow_redirects=True
)
self.assertIn(
b'Password successfully changed.',
response.data
)
self.assertTemplateUsed('user/profile.html')
self.assertTrue(current_user.is_authenticated())
self.client.get('/logout')
self.assertFalse(current_user.is_authenticated())
response = self.client.post(
'/login',
data=dict(email="*****@*****.**", password="******"),
follow_redirects=True
)
self.assertTrue(response.status_code == 200)
self.assertFalse(current_user.is_authenticated())
self.assertIn(
b'Invalid email and/or password.',
response.data
)
self.assertTemplateUsed('user/login.html')
def register():
form = RegisterForm(request.form)
if form.validate_on_submit():
user = User(email=form.email.data,
password=form.password.data,
confirmed=False)
db.session.add(user)
db.session.commit()
token = generate_confirmation_token(user.email)
confirm_url = url_for('user.confirm_email',
token=token,
_external=True)
html = render_template('user/activate.html', confirm_url=confirm_url)
subject = "Please confirm your email"
send_email(user.email, subject, html)
login_user(user)
flash('A confirmation email has been sent via email.', 'success')
return redirect(url_for("user.unconfirmed"))
return render_template('user/register.html', form=form)
def register():
form = RegisterForm(request.form)
if form.validate_on_submit():
profile = User(
email=form.email.data,
password=form.password.data,
confirmed=False,
)
db.session.add(profile)
db.session.commit()
token = generate_confirmation_token(profile.email)
confirm_url = url_for('profile.confirm_email', token=token, _external=True)
html = render_template('profile/activate.html', confirm_url=confirm_url)
subject = "Please confirm your email for Pet Portrait Club"
send_email(profile.email, subject, html)
login_user(profile)
flash('A confirmation email has been sent via email.', 'success')
return redirect(url_for("profile.unconfirmed"))
return render_template('profile/register.html', form=form)
def test_request_pw_reset_valid_token_correct_login(self):
# Ensure user can use token to reset p/w.
with self.client:
self.client.post(
'/',
data=dict(email="*****@*****.**", mailbox='test_user_com'),
follow_redirects=True)
token = generate_confirmation_token('*****@*****.**')
response = self.client.get('/reset/'+token, follow_redirects=True)
self.assertIn(
b'You can now change your password.',
response.data
)
# test really starts herer
response = self.client.post(
'/reset/'+token,
data=dict(password="******", confirm="New-p@ssw0rd"),
follow_redirects=True
)
self.assertIn(
b'Password successfully changed.',
response.data
)
def signup():
form = SignupForm()
verified=False;
if request.method == 'POST':
pass_hash = generate_password_hash(form.password.data, method='pbkdf2:sha256')
verified = True;
k = hashlib.pbkdf2_hmac('sha256', b'password', b'salt', 100000)
stoken = binascii.hexlify(k)
print(stoken)
# Insert the user in the DB
try:
mongo.db.users.insert({"_id": form.username.data, "password": pass_hash, "email": form.email.data,"status":"activated","key":stoken})
#return 'Welcome! Thanks for signing up. Please follow this link in your email to activate your account:'
return 'Welcome! Thanks for signing up, Please follow to the link to Login <a href="/login">Login</a>'
# except DuplicateKeyError:
# return 'user alreaday exist'
except Exception as e:
if 'duplicate key' in str(e):
return "A user with that credentials already exist!"
return str(e);#"User already present in DB."
#user = mongo.db.users.find_one({"_id": form.username.data})
token = generate_confirmation_token(user.email)
confirm_url = url_for('user.confirm_email', token=token, _external=True)
html = render_template('user/activate.html', confirm_url=confirm_url)
subject = "Please confirm your email"
send_email(user.email, subject, html)
login_user(user)
flash('A confirmation email has been sent via email.', 'success')
return redirect(url_for("home.html"))
return render_template('signup.html', title='signup', form=form)
def register():
form = RegisterForm(request.form)
if form.validate_on_submit():
user = User(
email=form.email.data,
password=form.password.data,
confirmed=False
)
db.session.add(user)
db.session.commit()
token = generate_confirmation_token(user.email)
confirm_url = url_for('user.confirm_email', token=token, _external=True)
html = render_template('user/activate.html', confirm_url=confirm_url)
subject = "Please confirm your email"
send_email(user.email, subject, html)
login_user(user)
flash('You registered and are now logged in. Welcome!', 'success')
return redirect(url_for('user.unconfirmed'))
return render_template('user/register.html', form=form)
def register():
choices = [{'value': None, 'name': u'المنطقة البلدية'}]
choices.extend([{
'value': _.municipal_id,
'name': _.municipal_name_ar + ' ' + _.municipal_name
} for _ in Municipality.query.filter_by(approved=True).all()
if _.municipal_id != '1'])
form = RegisterForm(request.form)
if form.validate_on_submit():
if form.municipal_id.data != 'None':
ckan_name = (form.email.data.split('@')[0] + '_' +
form.municipal_id.data).replace('.',
'').replace('-', '')
password = form.password.data
fullname = form.name.data + ' ' + form.last_name.data
email = form.email.data
list_ckan_user = get_list_user()
ckan_email_list = [_['email'] for _ in list_ckan_user]
if email in ckan_email_list:
for e in list_ckan_user:
if e['email'] == email:
api_dict = e
ckan_name = e['name']
else:
api_dict = create_user_ckan(ckan_name, password, fullname,
email)
user = User(email=form.email.data,
password=form.password.data,
name=form.name.data,
last_name=form.last_name.data,
municipal_id=form.municipal_id.data,
confirmed=False,
deleted=False,
activate=False,
last_login=datetime.datetime.now(),
phone_number=form.phone_number.data,
work_position=form.work_position.data,
api_key=api_dict['apikey'],
ckan_id=api_dict['id'],
ckan_name=ckan_name)
db.session.add(user)
db.session.commit()
token = generate_confirmation_token(user.email)
confirm_url = url_for('user.confirm_email',
token=token,
_external=True)
mun_name = Municipality.query.filter_by(municipal_id=str(
form.municipal_id.data)).first().municipal_name
html = render_template('user/activate.html',
confirm_url=confirm_url,
name=form.name.data,
last_name=form.last_name.data,
last_login=datetime.datetime.now(),
mun_name=mun_name)
subject = u"برجاء تأكيد بريدك الالكترونى"
send_email(user.email, subject, html)
login_user(user)
# flash(u'تم إرسال رسالة تأكيد عبر البريد الإلكتروني.', 'success')
return redirect(url_for("user.unconfirmed"))
else:
flash(u'خانة المنطقة البلدية اجبارية', 'warning')
return render_template('user/register.html', form=form, choices=choices)
def authorize():
form = request.form
username = form.get('username')
usernameReg = form.get('usernameReg')
if form.get("signInButton") :
"""Log user in."""
if current_user.is_authenticated:
return redirect(url_for('main.home'))
# if user reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# ensure username or pwd was submitted
if not username or not form.get("pass"):
flash('must provide username or pass', 'danger')
return apology("must provide username or pass")
user = User.query.filter_by(name = username).first()
remember_me = False
if form.get("check"): remember_me = True
# ensure username exists and password is correct
if user and bcrypt.check_password_hash(user.password, form.get("pass")):
login_user(user, remember=remember_me)
flash('Welcome.', 'success')
return redirect(url_for('main.home'))
else:
flash('Invalid email and/or password.', 'danger')
return render_template('user/authorize.html', form=form)
else:
"""Register user."""
# if user reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# ensure username was submitted
if not usernameReg:
return apology("Missing username!")
# ensure password was submitted
elif not form.get("password"):
return apology("Missing password!")
# ensure confirm_password was submitted
elif not form.get("confirm_password"):
return apology("Missing confirm password!")
elif not form.get("password")==form.get("confirm_password"):
return apology("Passwords do not match!")
elif not form.get("email"):
return apology("Missing email!")
try:
countryJson = requests.get('https://api.ipdata.co/').json()
countryCode = countryJson['country_code']
except:
countryCode = None
user = User.query.filter_by(name = usernameReg).first()
if user is None:
gender = None;
if not form.get("gender") == "null":
gender = bool(distutils.util.strtobool(form.get("gender")))
user = User(password = form.get("password"), name = usernameReg)
db.session.add(user)
db.session.commit()
email = form.get("email")
details = Details(email = email, gender = gender, age = int(form.get("age")), locale = countryCode, user_id = user.id, confirmed = False, user = user)
db.session.add(details)
db.session.commit()
else:
return apology("Something wrong...Maybe the username was already registered.")
token = generate_confirmation_token(email)
confirm_url = url_for('user.confirm_email', token=token, _external=True)
html = render_template('user/activate.html', confirm_url = confirm_url)
subject = "Please confirm your email"
send_email(email, subject, html)
login_user(user)
flash('You registered and are now logged in. Welcome!', 'success')
return redirect(url_for('main.home'))
# return redirect(url_for("unconfirmed"))
return render_template("user/authorize.html", form=form)