Exemplo n.º 1
0
def signup():
    if not constants.ALLOW_SIGNUPS:
        return abort(404)

    form = SignupForm(invite_secret=request.args.get('invite_secret'))

    if form.validate_on_submit():
        team_secret = form.invite_secret.data
        invite = (TeamMember.query.filter_by(invite_secret=team_secret, activated=False)
                            .one_or_none())

        if invite:
            user = User(form.email.data, form.password.data,
                        email_confirmed=True, team=invite.team)
            invite.user = user
            db.session.add(invite)
        else:
            user = User(form.email.data, form.password.data)
        db.session.add(user)
        db.session.commit()
        session['current_team_membership_id'] = user.primary_membership_id
        login_user(user)

        if constants.REQUIRE_EMAIL_CONFIRMATION:
            # Send confirm email
            ConfirmEmail(user).send()

        flash("Welcome to appname.", "success")
        return redirect(request.args.get("next") or url_for("dashboard_home.index"))

    return render_template("auth/signup.html", form=form, invite_secret=request.args.get('invite_secret'))
Exemplo n.º 2
0
def seed_data():
    """ Create test users. """
    default_user = User("*****@*****.**", "test", admin=False)
    db.session.add(default_user)
    click.echo("Added [email protected]")
    admin = User("*****@*****.**", "admin", admin=True, email_confirmed=True)
    db.session.add(admin)
    click.echo("Added [email protected]")
Exemplo n.º 3
0
def resetdb():
    """ Drops the tables & loads seed data
    """
    actually_drop_tables()
    db.create_all()
    if env == 'dev':
        # If you get a bunch of models, it might make sense to specify these as
        # fixtures or maintain a development DB sqllite file.
        default_user = User("*****@*****.**", "test", admin=False)
        db.session.add(default_user)
        click.echo("Added [email protected]")
        admin = User("*****@*****.**",
                     "admin",
                     admin=True,
                     email_confirmed=True)
        db.session.add(admin)
        click.echo("Added [email protected]")
Exemplo n.º 4
0
    def test_user_password(self, testapp):
        """ Test password hashing and checking """
        admin = User('*****@*****.**', 'supersafepassword', admin=True)

        assert admin.email == '*****@*****.**'
        assert admin.email == '*****@*****.**'
        assert admin.check_password('supersafepassword')
        assert admin.is_admin
Exemplo n.º 5
0
 def test_user_encryption(self, testapp):
     """ Test that encryption works """
     user = User('*****@*****.**', 'supersafepassword')
     secret = "baasdasdas"
     user.encrypted_totp_secret = secret
     db.session.add(user)
     db.session.commit()
     assert len(user.memberships) == 1
     assert User.query.all()[-1].encrypted_totp_secret == secret
Exemplo n.º 6
0
    def test_user_save(self, testapp):
        """ Test Saving the user model to the database """

        user = User('*****@*****.**', 'supersafepassword')
        db.session.add(user)
        db.session.commit()

        user_obj = User.query.filter_by(email="*****@*****.**").first()
        assert user_obj is not None
        assert not user_obj.is_admin
Exemplo n.º 7
0
def testapp(request):
    app = create_app('appname.settings.TestConfig')
    client = app.test_client()

    db.app = app
    db.create_all()

    if getattr(request.module, "create_user", True):
        admin = User('*****@*****.**', 'supersafepassword', admin=True)
        user = User('*****@*****.**', 'safepassword')
        db.session.add_all([admin, user])
        db.session.commit()

    def teardown():
        db.session.remove()
        db.drop_all()

    request.addfinalizer(teardown)

    return client
Exemplo n.º 8
0
    def test_user_creation_of_team(self, testapp):
        """ Test that creating a user, creates a group & a membership """
        user = User('*****@*****.**', 'supersafepassword')
        db.session.add(user)
        db.session.commit()

        assert len(user.memberships) == 1
        membership = user.memberships[0]
        assert membership.activated
        assert membership.role == 'administrator'
        assert membership.team.creator == user
Exemplo n.º 9
0
Arquivo: auth.py Projeto: zympz/Ignite
def signup():
    form = SignupForm()

    if form.validate_on_submit():
        user = User(form.email.data, form.password.data)
        db.session.add(user)
        db.session.commit()
        login_user(user)

        if constants.REQUIRE_EMAIL_CONFIRMATION:
            # Send confirm email
            ConfirmEmail(user).send()

        flash("Welcome to appname.", "success")
        return redirect(request.args.get("next") or url_for("dashboard.home"))

    return render_template("auth/signup.html", form=form)
Exemplo n.º 10
0
 def test_user_group_creation(self, testapp):
     """ Test that creating a user, creates a group & a membership """
     user = User('*****@*****.**', 'supersafepassword')
     db.session.add(user)
     db.session.commit()
     assert len(user.memberships) == 1
Exemplo n.º 11
0
def google_logged_in(blueprint, token):
    if not token:
        flash("Failed to log in.", category="warning")
        return False

    resp = blueprint.session.get("/oauth2/v2/userinfo")
    if not resp.ok:
        msg = "Failed to fetch user info."
        flash(msg, category="warning")
        return False

    google_info = resp.json()
    google_user_id = google_info["id"]

    # Find this OAuth token in the database, or create it
    query = OAuth.query.filter_by(provider=blueprint.name,
                                  provider_user_id=google_user_id)
    try:
        oauth = query.one()
    except NoResultFound:
        google_user_login = str(google_info["email"])
        oauth = OAuth(
            provider=blueprint.name,
            provider_user_id=google_user_id,
            provider_user_login=google_user_login,
            token=token,
        )

    existing_user = User.lookup(google_info["email"])
    # Since google verifies their primary emails, we can be more assured that we can directly login a user.

    if oauth.user:
        login_user(oauth.user)
        flash("Welcome back.", 'success')
    elif current_user.is_authenticated and current_user.email == google_info[
            "email"]:
        oauth.user = current_user
        db.session.add(oauth)
        db.session.commit()
        flash("Successfully linked Google account.", 'success')
    elif existing_user and existing_user.email == google_info['email']:
        oauth.user = existing_user
        db.session.add(oauth)
        db.session.commit()
        login_user(existing_user)
        flash("Successfully signed in as {}".format(existing_user.email),
              'success')
    else:
        # Create a new local user account for this user
        user = User(email=google_info["email"],
                    name=google_info["name"],
                    email_confirmed=google_info["verified_email"])
        # Associate the new local user account with the OAuth token
        oauth.user = user
        # Save and commit our database models
        db.session.add_all([user, oauth])
        db.session.commit()
        # Log in the new local user account
        login_user(user)
        flash("Welcome to appname!", 'success')

    # Disable Flask-Dance's default behavior for saving the OAuth token
    return False