def confirmEmailView(token):
session.clear()
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'User must set password':
errorMessage('Please set your password')
return redirect(url_for('authBP.setPasswordView',
tok=req['token']))
elif req['error'] == 'User already confirmed':
errorMessage('Your profile has already been confirmed')
return redirect(url_for('indexView'))
else:
errorMessage(req['error'])
elif 'success' in req:
if req['mustSetPass'] == 'True':
successMessage(
'Your profile has been confirmed, please set your new password'
)
return redirect(url_for('authBP.setPasswordView',
tok=req['token']))
else:
successMessage('Your profile has been confirmed, please login')
return redirect(url_for('authBP.loginView'))
return redirect(url_for('indexView'))
def confirmEmailView(token):
session.clear()
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
if req['error'] == 'User already confirmed':
if req['mustSetPass'] == 'True':
successMessage(
'Account confirmed, please set new password (the password your enter here will be your new password to the system)'
)
return redirect(
url_for('authBP.setPasswordView', tok=req['token']))
else:
errorMessage('Your profile has already been confirmed')
else:
errorMessage(req['error'])
elif 'success' in req:
if req['mustSetPass'] == 'True':
return redirect(url_for('authBP.setPasswordView',
tok=req['token']))
else:
successMessage('Your profile has already been confirmed')
return redirect(url_for('authBP.loginView'))
return redirect(url_for('indexView'))
def loginView():
if not 'token' in session:
kwargs = {'formWidth': 300, 'contentTitle': 'Login'}
form = loginForm()
if form.validate_on_submit():
regNo = form.regNo.data
email = form.email.data
password = form.password.data
dataDict = {'regNo': regNo, 'email': email, 'password': password}
req = authAPI('login', method='post', dataDict=dataDict)
if 'success' in req:
session['token'] = req['token']
session['email'] = req['email']
session['roles'] = req['roles']
successMessage('You are now logged in')
return redirect(url_for('indexView'))
else:
errorMessage('User / password combination error')
return render_template('auth/loginForm.html', form=form, **kwargs)
else:
errorMessage('You are already logged into the system')
return redirect(url_for('indexView'))
def companyView():
kwargs = {'title': 'Company information', 'formWidth': '350'}
compForm = companyForm()
if g.sijax.is_sijax_request:
g.sijax.register_object(SijaxHandler)
return g.sijax.process_request()
tenant = getCurrentTenant()
kwargs['tenant'] = tenant
contact = getContactPerson()
if 'error' in contact:
contact = {
'uuid': '',
'contactName': None,
'email': None,
'phone': None
}
errorMessage('Please assign contact person')
else:
contact = contact['success']
kwargs['contact'] = contact
compForm = companyForm(regNo=tenant[u'regNo'],
companyName=tenant[u'name'],
addr=tenant[u'addr'],
addr2=tenant[u'addr2'],
postcode=tenant[u'postcode'],
city=tenant[u'city'])
contForm = contactForm(contactName=contact['uuid'],
email=contact['email'],
phone=contact['phone'])
users = [(str(r['uuid']), str(r['name'] + ' - ' + r['email']))
for r in getUsers()['users']]
users.insert(0, ('', ''))
contForm.contactName.choices = users
return render_template('settings/newCompanyView.html',
contactForm=contForm,
companyForm=compForm,
**kwargs)
def setPasswordView(tok):
session.clear()
kwargs = {'formWidth': 300, 'title': 'Set new password'}
form = setPasswordForm()
if form.validate_on_submit():
dataDict = {'password': form.password.data}
req = authAPI('setPassword',
method='post',
dataDict=dataDict,
token=tok)
print str(req)
if 'error' in req:
errorMessage(req['error'])
elif 'success' in req:
successMessage('Your password has now been set, please login')
return redirect(url_for('authBP.loginView'))
return render_template('auth/setPasswordForm.html', form=form, **kwargs)
def registerView():
if not 'token' in session:
# universal variables
form = registerForm()
kwargs = {'formWidth': 400}
if form.validate_on_submit():
dataDict = {
'regNo': form.regNo.data,
'companyName': form.companyName.data,
'userName': form.userName.data,
'email': form.email.data,
'password': form.password.data
}
req = authAPI('register', method='post', dataDict=dataDict)
if r.status_code == 409:
errorMessage('accountExists')
elif r.status_code == 404:
errorMessage('cvrCheckError')
elif 'error' in req:
if req['error'] == 'Not valid email-address':
errorMessage('validateEmail')
elif 'success' in req:
# send email confirmation
subject = u'Bekræft tilmelding'
tok = req['token']
email = req['email']
confirm_url = url_for('authBP.confirmEmailView',
token=tok,
_external=True)
html = render_template('email/verify.html',
confirm_url=confirm_url)
#
sendMail(subject=subject,
sender='Henrik Poulsen',
recipients=[email],
html_body=html,
text_body=None)
successMessage('loginSuccess')
return redirect(url_for('indexView'))
return render_template('auth/registerForm.html', form=form, **kwargs)
else:
errorMessage('alreadyRegistered')
return redirect(url_for('indexView'))
def logoutView():
logout = authAPI(endpoint='logout', method='post', token=session['token'])
if ['error'] in logout:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Internal server error':
errorMessage(req['error'])
elif req['error'] == 'Invalid access token':
errorMessage(req['error'])
else:
session.clear()
successMessage('You are now logged out of the system')
return redirect(url_for('indexView'))
def userView(uuid=None, function=None):
# universal variables
form = userForm()
kwargs = {'contentTitle': 'Users', 'width': '', 'formWidth': '400'}
# Get users
if function == None:
kwargs['tableColumns'] = ['User name', 'Email', 'Roles', 'Groups']
kwargs['tableData'] = usersTable()
return render_template('listView.html', **kwargs)
elif function == 'delete':
delUsr = deleteUser(uuid)
if 'error' in delUsr:
errorMessage(delUsr['error'])
print delUsr
return redirect(url_for('userBP.userView'))
else:
if function == 'update':
usr = getUser(uuid=uuid,
includes=['includeRoles', 'includeGroups'])['user']
kwargs['contentTitle'] = 'Update user'
role = 'User'
for r in usr['roles']:
if r['title'] == 'Administrator':
role = 'Administrator'
elif r['title'] == 'Superuser':
role = 'Superuser'
grpForm = groupForm()
usrForm = userForm(
userName=usr['name'],
userEmail=usr['email'],
userPhone=usr['phone'],
userGroups=[str(r['uuid']) for r in usr['groups']],
userRole=role)
# Get all groups
usrForm.userGroups.choices = [(str(r['uuid']), r['name'])
for r in getGroups()['groups']]
if g.sijax.is_sijax_request:
g.sijax.register_object(SijaxHandler)
return g.sijax.process_request()
if usrForm.validate_on_submit():
dataDict = {
'name': usrForm.userName.data,
'email': usrForm.userEmail.data,
'phone': usrForm.userPhone.data,
'roles': [usrForm.userRole.data],
'groups': [usrForm.userGroups.data]
}
updateUser = putUser(dataDict=dataDict, uuid=uuid)
if not 'error' in updateUser:
apiMessage(updateUser)
return redirect(url_for('userBP.userView'))
else:
return unicode(updateUser)
return render_template('user/userForm.html',
usrForm=usrForm,
grpForm=grpForm,
**kwargs)
elif function == 'new':
usrForm = userForm(userRole='User')
grpForm = groupForm()
grpForm.groupUsers.choices = [(str(r['uuid']), r['email'])
for r in getUsers()['users']]
kwargs['contentTitle'] = 'New user'
groups = [(str(r['uuid']), r['name'])
for r in getGroups()['groups']]
usrForm.userGroups.choices = groups
if g.sijax.is_sijax_request:
g.sijax.register_object(SijaxHandler)
return g.sijax.process_request()
if usrForm.validate_on_submit():
dataDict = {
'name': usrForm.userName.data,
'email': usrForm.userEmail.data,
'phone': usrForm.userPhone.data
}
roles = ['User']
if usrForm.userRole.data == 'Superuser':
roles.append('Superuser')
elif usrForm.userRole.data == 'Administrator':
roles.append('Superuser')
roles.append('Administrator')
dataDict['roles'] = roles
dataDict['groups'] = usrForm.userGroups.data
newUser = postUser(dataDict)
if 'success' in newUser:
successMessage('The user has been created')
subject = u'Confirm signup'
confirm_url = url_for('authBP.confirmEmailView',
token=newUser['token'],
_external=True)
html = render_template('email/verify.html',
confirm_url=confirm_url)
sendMail(subject=subject,
sender='Henrik Poulsen',
recipients=[usrForm.userEmail.data],
html_body=html,
text_body=None)
return redirect(url_for('userBP.userView'))
else:
apiMessage(newUser)
return render_template('user/userForm.html',
usrForm=usrForm,
grpForm=grpForm,
**kwargs)
def changePasswordView():
kwargs = {'formWidth': 300, 'contentTitle': 'Change password'}
form = changePasswordForm()
if form.validate_on_submit():
dataDict = {'password': form.password.data}
req = authAPI(endpoint='changePassword',
method='put',
dataDict=dataDict,
token=session['token'])
if 'error' in req:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Request data incomplete':
errorMessage(req['error'])
elif req['error'] == 'Illegal null values present in request data':
errorMessage(req['error'])
elif req['error'] == 'Invalid access token':
errorMessage(req['error'])
elif req['error'] == 'Invalid server error':
errorMessage(req['error'])
else:
errorMessage(req['error'])
else:
successMessage('Your password has been changed')
return render_template('user/changePasswordForm.html', form=form, **kwargs)
def loginView():
if not 'token' in session:
kwargs = {'formWidth': 300, 'contentTitle': 'Login'}
form = loginForm()
if form.validate_on_submit():
regNo = form.regNo.data
email = form.email.data
password = form.password.data
dataDict = {'regNo': regNo, 'email': email, 'password': password}
req = authAPI('login', method='post', dataDict=dataDict)
if 'success' in req:
session['token'] = req['token']
session['email'] = req['email']
session['roles'] = req['roles']
successMessage('You are now logged in')
return redirect(url_for('indexView'))
elif 'error' in req:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Request data incomplete':
errorMessage(req['error'])
elif req[
'error'] == 'Illegal null values present in request data':
errorMessage(req['error'])
elif req['error'] == 'Invalid access token':
errorMessage(req['error'])
elif req['error'] == 'Internal server error':
errorMessage(req['error'])
elif req[
'error'] == 'User is locked out of the system due to multiple bad logins':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Tenant':
errorMessage(
'We are not able to validate your credentials')
elif req['error'] == 'Could not identify User':
errorMessage(
'We are not able to validate your credentials')
elif req['error'] == 'Wrong user/password combination':
errorMessage(req['error'] + ' - Attempts left: ' +
req['attempts left'])
elif req['error'] == 'User must change password':
session['token'] = req['token']
session['email'] = req['email']
session['roles'] = req['roles']
errorMessage('Please change your password')
return redirect(url_for('userBP.changePasswordView'))
return render_template('auth/loginForm.html', form=form, **kwargs)
else:
errorMessage('You are already logged into the system')
return redirect(url_for('indexView'))
def registerView():
if not 'token' in session:
# universal variables
form = registerForm()
kwargs = {'formWidth': 400}
if form.validate_on_submit():
dataDict = {
'regNo': form.regNo.data,
'companyName': form.companyName.data,
'userName': form.userName.data,
'email': form.email.data,
'password': form.password.data
}
req = authAPI('register', method='post', dataDict=dataDict)
if 'error' in req:
if req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Request data incomplete':
errorMessage(req['error'])
elif req['error'] == 'Reg/VAT number already exist':
errorMessage(
'An account using this Reg/VAT number already exist')
elif req['error'] == 'Invalid email-address':
errorMessage(req['error'])
elif req[
'error'] == 'Illegal null values present in request data':
errorMessage(req['error'])
elif req['error'] == 'Internal server error':
errorMessage(req['error'])
elif 'success' in req:
# send email confirmation
subject = u'Please confirm your account'
tok = req['token']
email = req['email']
confirm_url = url_for('authBP.confirmEmailView',
token=tok,
_external=True)
html = render_template('email/verify.html',
confirm_url=confirm_url)
sendMail(subject=subject,
sender='Henrik Poulsen',
recipients=[email],
html_body=html,
text_body=None)
successMessage(
'You have successfully registered your account, please check your email for confirmation.'
)
return redirect(url_for('indexView'))
return render_template('auth/registerForm.html', form=form, **kwargs)
else:
errorMessage('alreadyRegistered')
return redirect(url_for('indexView'))
def setPasswordView(tok):
if session['token']:
session['token'] = None
kwargs = {'formWidth': 300, 'title': 'Set new password'}
form = setPasswordForm()
if form.validate_on_submit():
dataDict = {'password': form.password.data}
print form.password.data
req = authAPI('setPassword',
method='post',
dataDict=dataDict,
token=tok)
if 'error' in req:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Request data incomplete':
errorMessage(req['error'])
elif req['error'] == 'Illegal null values present in request data':
errorMessage(req['error'])
elif req['error'] == 'Invalid access token':
errorMessage(req['error'])
else:
errorMessage(req['error'])
elif 'success' in req:
successMessage('Your password has now been set, please login')
return redirect(url_for('authBP.loginView'))
return render_template('auth/setPasswordForm.html', form=form, **kwargs)