def signup():
if not constants.ALLOW_SIGNUPS:
return abort(404)
form = SignupForm(invite_secret=request.args.get('invite_secret'))
if form.validate_on_submit():
team_secret = form.invite_secret.data
invite = (TeamMember.query.filter_by(invite_secret=team_secret, activated=False)
.one_or_none())
if invite:
user = User(form.email.data, form.password.data,
email_confirmed=True, team=invite.team)
invite.user = user
db.session.add(invite)
else:
user = User(form.email.data, form.password.data)
db.session.add(user)
db.session.commit()
session['current_team_membership_id'] = user.primary_membership_id
login_user(user)
if constants.REQUIRE_EMAIL_CONFIRMATION:
# Send confirm email
ConfirmEmail(user).send()
flash("Welcome to appname.", "success")
return redirect(request.args.get("next") or url_for("dashboard_home.index"))
return render_template("auth/signup.html", form=form, invite_secret=request.args.get('invite_secret'))
def seed_data():
""" Create test users. """
default_user = User("*****@*****.**", "test", admin=False)
db.session.add(default_user)
click.echo("Added [email protected]")
admin = User("*****@*****.**", "admin", admin=True, email_confirmed=True)
db.session.add(admin)
click.echo("Added [email protected]")
def resetdb():
""" Drops the tables & loads seed data
"""
actually_drop_tables()
db.create_all()
if env == 'dev':
# If you get a bunch of models, it might make sense to specify these as
# fixtures or maintain a development DB sqllite file.
default_user = User("*****@*****.**", "test", admin=False)
db.session.add(default_user)
click.echo("Added [email protected]")
admin = User("*****@*****.**",
"admin",
admin=True,
email_confirmed=True)
db.session.add(admin)
click.echo("Added [email protected]")
def test_user_password(self, testapp):
""" Test password hashing and checking """
admin = User('*****@*****.**', 'supersafepassword', admin=True)
assert admin.email == '*****@*****.**'
assert admin.email == '*****@*****.**'
assert admin.check_password('supersafepassword')
assert admin.is_admin
def test_user_encryption(self, testapp):
""" Test that encryption works """
user = User('*****@*****.**', 'supersafepassword')
secret = "baasdasdas"
user.encrypted_totp_secret = secret
db.session.add(user)
db.session.commit()
assert len(user.memberships) == 1
assert User.query.all()[-1].encrypted_totp_secret == secret
def test_user_save(self, testapp):
""" Test Saving the user model to the database """
user = User('*****@*****.**', 'supersafepassword')
db.session.add(user)
db.session.commit()
user_obj = User.query.filter_by(email="*****@*****.**").first()
assert user_obj is not None
assert not user_obj.is_admin
def testapp(request):
app = create_app('appname.settings.TestConfig')
client = app.test_client()
db.app = app
db.create_all()
if getattr(request.module, "create_user", True):
admin = User('*****@*****.**', 'supersafepassword', admin=True)
user = User('*****@*****.**', 'safepassword')
db.session.add_all([admin, user])
db.session.commit()
def teardown():
db.session.remove()
db.drop_all()
request.addfinalizer(teardown)
return client
def test_user_creation_of_team(self, testapp):
""" Test that creating a user, creates a group & a membership """
user = User('*****@*****.**', 'supersafepassword')
db.session.add(user)
db.session.commit()
assert len(user.memberships) == 1
membership = user.memberships[0]
assert membership.activated
assert membership.role == 'administrator'
assert membership.team.creator == user
def signup():
form = SignupForm()
if form.validate_on_submit():
user = User(form.email.data, form.password.data)
db.session.add(user)
db.session.commit()
login_user(user)
if constants.REQUIRE_EMAIL_CONFIRMATION:
# Send confirm email
ConfirmEmail(user).send()
flash("Welcome to appname.", "success")
return redirect(request.args.get("next") or url_for("dashboard.home"))
return render_template("auth/signup.html", form=form)
def test_user_group_creation(self, testapp):
""" Test that creating a user, creates a group & a membership """
user = User('*****@*****.**', 'supersafepassword')
db.session.add(user)
db.session.commit()
assert len(user.memberships) == 1
def google_logged_in(blueprint, token):
if not token:
flash("Failed to log in.", category="warning")
return False
resp = blueprint.session.get("/oauth2/v2/userinfo")
if not resp.ok:
msg = "Failed to fetch user info."
flash(msg, category="warning")
return False
google_info = resp.json()
google_user_id = google_info["id"]
# Find this OAuth token in the database, or create it
query = OAuth.query.filter_by(provider=blueprint.name,
provider_user_id=google_user_id)
try:
oauth = query.one()
except NoResultFound:
google_user_login = str(google_info["email"])
oauth = OAuth(
provider=blueprint.name,
provider_user_id=google_user_id,
provider_user_login=google_user_login,
token=token,
)
existing_user = User.lookup(google_info["email"])
# Since google verifies their primary emails, we can be more assured that we can directly login a user.
if oauth.user:
login_user(oauth.user)
flash("Welcome back.", 'success')
elif current_user.is_authenticated and current_user.email == google_info[
"email"]:
oauth.user = current_user
db.session.add(oauth)
db.session.commit()
flash("Successfully linked Google account.", 'success')
elif existing_user and existing_user.email == google_info['email']:
oauth.user = existing_user
db.session.add(oauth)
db.session.commit()
login_user(existing_user)
flash("Successfully signed in as {}".format(existing_user.email),
'success')
else:
# Create a new local user account for this user
user = User(email=google_info["email"],
name=google_info["name"],
email_confirmed=google_info["verified_email"])
# Associate the new local user account with the OAuth token
oauth.user = user
# Save and commit our database models
db.session.add_all([user, oauth])
db.session.commit()
# Log in the new local user account
login_user(user)
flash("Welcome to appname!", 'success')
# Disable Flask-Dance's default behavior for saving the OAuth token
return False