def customerio(): if request.headers.get('x-cio-timestamp', '') == '': return make_response( jsonify({ 'success': False, 'reason': 'Invalid request made.' }), 400) payload = b'v0:' + request.headers.get( 'x-cio-timestamp').encode() + b':' + request.get_data() signature = hmac.new( key=current_app.config.get('CUSTOMERIO_SIGNING_KEY').encode(), msg=payload, digestmod=hashlib.sha256).hexdigest() if signature != request.headers.get('x-cio-signature'): return make_response( jsonify({ 'success': False, 'reason': 'Invalid request made.' }), 400) body = request.get_json() assert body.get('event_type') == 'email_bounced' account = Account.find_by_email(body.get('data').get('email_address')) if account is None: return 'ok' account.lock('bounced') account.save(True) return 'ok'
def login(): if "email" in session: account = Account.find_by_email(session["email"]) if account: return redirect(url_for("instances.list")) return render_template("auth/login.html", form=AuthenticationForm())
def lost_password(): """ Send a one time login link to authenticate the user. The link will contain an Session token that can be used directly from the app. """ form = LostPasswordForm.load(request) form.validate() account = Account.find_by_email(form.email.data) if account: ot = Session(account.id) ot.save(True) ot.send() return jsonify({ 'success': True })
def authenticate(): form = AuthenticationForm(request.form) if not form.validate(): return render_template("auth/login.html", form=form) account = Account.find_by_email(form.email.data) if not account: form.email.errors = ["Invalid email or password."] elif not account.check_passwd(form.password.data): form.email.errors = ["Invalid email or password."] if len(form.email.errors) > 0: form.password.data = None return render_template("auth/login.html", form=form) session["email"] = form.email.data return redirect(url_for("instances.list"))
def login(): """ Authenticate the user via the provided login/password """ form = AuthForm.load(request) form.validate() account = Account.find_by_email(form.email.data) if not account: form.error('email', 'Invalid email/password credentials provided.') if not account.verify_password(form.password.data): form.error('email', 'Invalid email/password credentials provided.') ot = Session(account.id).save(True) return jsonify({ 'success': True, 'token': ot.token, 'account': account.serialize() })
def update(): form = AccountUpdateForm.load(request) form.validate() if form.email.data != g.account.email: if Account.find_by_email(form.email.data): form.error('email', 'This email is already used on our service.') updates = form.get_as_dict() pendingEmail = False if updates.get('email', None) and g.account.email != updates['email']: ae = AccountEmail(g.account.id, updates['email']) ae.save(True) ae.send(updated=True) del updates['email'] pendingEmail = True if updates.get('company_vat'): try: details = get_vat_details(form.company_vat.data) if not updates.get('company_name') and not g.account.company_name: updates['company_name'] = details['name'] if not updates.get('company_details') and not g.account.company_details: updates['company_details'] = details['address'] if not updates.get('country') and not g.account.country: updates['country'] = details['countryCode'] except Exception as e: form.error('company_vat', 'Invalid VAT provided.') g.account.update(**updates) g.account.save(True) return jsonify({ 'success': True, 'pendingEmail': pendingEmail, 'account': g.account.serialize() })