Exemplo n.º 1
0
    def post(self, token=None):
        password_form = PasswordForm().get_form(self.request.POST)
        
        user = self.validate_token(token)
        
        if user and password_form.validate():        
            # get password from request
            password = self.request.get('password')
                
            # hash password (same as passing password_raw to user_create)
            password_hash = security.generate_password_hash(password, length=12)    
            user.password = password_hash
            user.put()
            
            # login with new password
            self.login_user(user.get_email(), password)
               
            # clear the tokens to prevent further shenanigans
            provider = db.get_provider_from_user(user)
            
            redirect_url = None
            if user.resetpassword_token:
                self.delete_token(token, 'reset')
                redirect_url = '/provider/message/reset/' + provider.vanity_url
            
            elif user.claim_url:
                self.delete_token(token)
                redirect_url = '/provider/welcome/' + provider.vanity_url
            
            
            # redirect patient or provider
            if auth.PROVIDER_ROLE in user.roles:
                self.redirect(redirect_url)
                self.log_event(user, "User claimed their profile")
            
            elif auth.PATIENT_ROLE in user.roles:
                patient = db.get_patient_from_user(user)
                self.redirect('/patient/bookings/' + patient.key.urlsafe())

        # password form was not validate, re-render and try again!
        else:
            self.render_template('user/password.html', form=password_form, token=token)
Exemplo n.º 2
0
    def get(self, next_action=None, key=None):
        ''' Show login page '''

        user = self.get_current_user()
        if user and next_action and key:
            # if already logged in
            provider_from_user = db.get_provider_from_user(user)
            patient_from_user = db.get_patient_from_user(user)

            # check if logged in provider is the provider from
            # already logged in, don't login again
            if next_action == 'accept':
                provider_network_connection = ndb.Key(urlsafe=key).get()
                target_provider_key = provider_network_connection.target_provider

                if provider_from_user.key == target_provider_key:
                    # the target provider is logged in, accept the connection bypassing login
                    target_url = '/provider/network/' + provider_from_user.vanity_url + '/accept/' + key
                    self.redirect(target_url)
                else:
                    self.render_login(next_action=next_action, key=key)

            elif next_action == 'booking':
                booking = ndb.Key(urlsafe=key).get()

                if patient_from_user.key == booking.patient:
                    self.email_and_confirm_booking(booking)

                    self.redirect('/patient/bookings/' +
                                  patient_from_user.key.urlsafe())
                else:
                    self.render_login(next_action=next_action, key=key)

        else:
            # check if an admin is logged in, if so don't proceed
            google_user = users.get_current_user()
            if google_user and users.is_current_user_admin():
                self.render_login(error_message='Logged in as admin already.')
            else:
                # no admin, not next_action, show the plain ol' login screen
                self.render_login(next_action=next_action, key=key)
Exemplo n.º 3
0
    def get(self, next_action=None, key=None):
        ''' Show login page '''
        
        user = self.get_current_user()
        if user and next_action and key:
            # if already logged in
            provider_from_user = db.get_provider_from_user(user)
            patient_from_user = db.get_patient_from_user(user)
            
            # check if logged in provider is the provider from
            # already logged in, don't login again
            if next_action == 'accept':
                provider_network_connection = ndb.Key(urlsafe=key).get()
                target_provider_key = provider_network_connection.target_provider

                if provider_from_user.key == target_provider_key:
                    # the target provider is logged in, accept the connection bypassing login
                    target_url = '/provider/network/' + provider_from_user.vanity_url + '/accept/' + key
                    self.redirect(target_url)
                else:
                    self.render_login(next_action=next_action, key=key)
            
            elif next_action == 'booking':
                booking = ndb.Key(urlsafe=key).get()
                
                if patient_from_user.key == booking.patient:
                    self.email_and_confirm_booking(booking)

                    self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe())
                else:
                    self.render_login(next_action=next_action, key=key)
                
        else:
            # check if an admin is logged in, if so don't proceed
            google_user = users.get_current_user()
            if google_user and users.is_current_user_admin():
                self.render_login(error_message='Logged in as admin already.')
            else:
                # no admin, not next_action, show the plain ol' login screen
                self.render_login(next_action=next_action, key=key)
Exemplo n.º 4
0
    def post(self, vanity_url=None):
        '''
            Booking process from public profile
        '''
        appointment_details_form = None
        provider = db.get_provider_from_vanity_url(vanity_url)

        user = self.get_current_user()
        if user:
            appointment_details_form = AppointmentDetailsForLoggedInUser(
            ).get_form(self.request.POST, provider=provider)
        else:
            appointment_details_form = AppointmentDetails().get_form(
                self.request.POST, provider=provider)

        provider = db.get_provider_from_vanity_url(vanity_url)
        if appointment_details_form.validate():
            # create the booking object
            booking = Booking()
            booking.provider = provider.key
            booking.booking_source = 'profile'

            booking_date = appointment_details_form['booking_date'].data
            booking_time = appointment_details_form['booking_time'].data
            booking.datetime = to_utc(
                datetime.strptime(booking_date + " " + booking_time,
                                  '%Y-%m-%d %H:%M'))
            booking.comments = appointment_details_form['comments'].data

            schedule = db.get_schedule_for_date_time(provider, booking_date,
                                                     booking_time)
            booking.schedule = schedule.key

            if appointment_details_form.__contains__('service'):
                service_key_from_form = appointment_details_form[
                    'service'].data
                if service_key_from_form:
                    service_key = ndb.Key(urlsafe=service_key_from_form)
                    provider_service = service_key.get()
                    if provider_service:
                        booking.service = service_key

            if user:
                # user is logged in, is this a patient?
                existing_patient = db.get_patient_from_user(user)
                if existing_patient:
                    booking.patient = existing_patient.key
                else:
                    self.link_user_to_new_patient(appointment_details_form,
                                                  user, booking)

                # confirm the booking since it is a "known" user
                booking.confirmed = True
                booking.email_sent_to_patient = False
                booking.email_sent_to_provider = False

                # save booking
                booking.put()

                # already logged in so go directly to bookings list
                self.redirect('/patient/bookings/' + booking.patient.urlsafe())

                # mail it to the patient
                mail.email_booking_to_patient(self, booking)

                # mail it to the provider
                mail.email_booking_to_provider(self, booking)

            else:
                # no user is logged in, check if the email address exists, this means they just didn't log in
                email = appointment_details_form['email'].data

                existing_user = db.get_user_from_email(email)
                if existing_user:
                    existing_patient = db.get_patient_from_user(existing_user)
                    if existing_patient:
                        # email is in datastore, but not logged in
                        # link booking to existing patient
                        booking.patient = existing_patient.key
                        booking.put()
                    else:
                        self.link_user_to_new_patient(appointment_details_form,
                                                      user, booking)

                    # confirm the booking since it is a "known" user
                    booking.confirmed = True
                    booking.email_sent_to_patient = False
                    booking.email_sent_to_provider = False

                    # save booking
                    booking.put()

                    # get the user to login
                    key = booking.key.urlsafe()
                    self.redirect('/login/booking/' + key)
                else:
                    # no patient, no user. get them to fill a profile in the form
                    booking.put()

                    patient_form = RegistrationDetailsForNewPatient().get_form(
                    )
                    patient_form['terms_agreement'].data = True
                    patient_form['booking_date'].data = booking_date
                    patient_form['booking_time'].data = booking_time
                    patient_form['booking_key'].data = booking.key.urlsafe()
                    patient_form['email'].data = email

                    self.render_template(
                        'provider/public/booking_new_patient.html',
                        provider=provider,
                        patient_form=patient_form)

            logging.info('Created booking from public profile: %s' % booking)

        else:
            self.render_template('provider/public/booking_details.html',
                                 provider=provider,
                                 booking_form=appointment_details_form)
Exemplo n.º 5
0
    def post(self, next_action=None, key=None):
        ''' checks username, password, logs in user and redirect to start page '''

        login_form = LoginForm().get_form(self.request.POST)
        if login_form.validate():
            email = login_form['email'].data
            password = login_form['password'].data
            remember_me = login_form['remember_me'].data

            logging.info('(LoginHandler.post) Trying to login email: %s' %
                         email)

            # Username and password check
            try:
                user = self.login_user(email, password, remember_me)
                user.last_login = datetime.datetime.now()
                user.put()

                # set the language from user profile
                self.set_language(user.language)

                # login was succesful, User is in the session
                if next_action == 'booking':
                    # moved booking up here since it can come from any role (provider or patient)
                    booking = ndb.Key(urlsafe=key).get()
                    patient_from_user = db.get_patient_from_user(user)

                    if patient_from_user.key == booking.patient:
                        self.email_and_confirm_booking(booking)
                        self.redirect('/patient/bookings/' +
                                      patient_from_user.key.urlsafe())

                else:
                    # check role of user, redirect to appropriate page after login
                    if auth.PROVIDER_ROLE in user.roles:
                        provider = db.get_provider_from_user(user)
                        logging.info(
                            '(LoginHandler.post) User %s logged in as provider, redirecting to profile page',
                            user.get_email())

                        # check the action, if it's from a connection do that first
                        # and then redirect back to profile page with a message
                        if next_action == 'connect':
                            connected_provider_key = ndb.Key(urlsafe=key)
                            connected_provider = connected_provider_key.get()
                            target_url = '/' + connected_provider.vanity_url + '/connect'
                            self.redirect(target_url)

                        elif next_action == 'accept':
                            target_url = '/provider/network/' + provider.vanity_url + '/accept/' + key
                            self.redirect(target_url)

                        elif provider.display_welcome_page:
                            self.redirect('/provider/welcome/' +
                                          provider.vanity_url)
                        else:
                            self.redirect('/provider/profile/%s' %
                                          provider.vanity_url)

                        # log the event
                        self.log_event(user, "Provider Logged In")

                    elif auth.PATIENT_ROLE in user.roles:
                        patient = db.get_patient_from_user(user)

                        logging.info(
                            '(LoginHandler.post) User %s logged in as patient, redirecting to / page',
                            user.get_email())
                        self.redirect('/patient/bookings/' +
                                      patient.key.urlsafe())

                    else:
                        logging.error(
                            '(LoginHandler.post) User %s logged in without roles',
                            user.get_email())
                        error_message = 'Your account is not activated. Please check your email for an activation message or <a href="/contact">contact us</a> if you require assistance.'
                        self.render_template('user/login.html',
                                             login_form=login_form,
                                             error_message=error_message)

            except (InvalidAuthIdError, InvalidPasswordError), e:
                # throws InvalidAuthIdError if user is not found, throws InvalidPasswordError if provided password doesn't match with specified user
                error_message = _(u'Login failed. Try again.')
                self.render_template('user/login.html',
                                     login_form=login_form,
                                     error_message=error_message)
            except AttributeError, ae:
                logging.warn('User has not password, authentication fails %s' %
                             ae)
Exemplo n.º 6
0
    def post(self, next_action=None, key=None):
        ''' checks username, password, logs in user and redirect to start page '''
        
        login_form = LoginForm().get_form(self.request.POST)
        if login_form.validate():
            email = login_form['email'].data
            password = login_form['password'].data
            remember_me = login_form['remember_me'].data
            
            logging.info('(LoginHandler.post) Trying to login email: %s' % email)

            # Username and password check
            try:
                user = self.login_user(email, password, remember_me)
                user.last_login = datetime.datetime.now()
                user.put()
                
                # set the language from user profile
                self.set_language(user.language)

                # login was succesful, User is in the session
                if next_action == 'booking':
                    # moved booking up here since it can come from any role (provider or patient)
                    booking = ndb.Key(urlsafe=key).get()
                    patient_from_user = db.get_patient_from_user(user)

                    if patient_from_user.key == booking.patient:
                        self.email_and_confirm_booking(booking)
                        self.redirect('/patient/bookings/' + patient_from_user.key.urlsafe())
                
                else:
                    # check role of user, redirect to appropriate page after login
                    if auth.PROVIDER_ROLE in user.roles:
                        provider = db.get_provider_from_user(user)
                        logging.info('(LoginHandler.post) User %s logged in as provider, redirecting to profile page', user.get_email())

                        # check the action, if it's from a connection do that first
                        # and then redirect back to profile page with a message
                        if next_action == 'connect':
                            connected_provider_key = ndb.Key(urlsafe=key)
                            connected_provider = connected_provider_key.get()
                            target_url = '/' + connected_provider.vanity_url + '/connect'
                            self.redirect(target_url)

                        elif next_action == 'accept':
                            target_url = '/provider/network/' + provider.vanity_url + '/accept/' + key
                            self.redirect(target_url)

                        elif provider.display_welcome_page:     
                            self.redirect('/provider/welcome/' + provider.vanity_url)
                        else:
                            self.redirect('/provider/profile/%s' % provider.vanity_url)

                        # log the event
                        self.log_event(user, "Provider Logged In")

                    elif auth.PATIENT_ROLE in user.roles:
                        patient = db.get_patient_from_user(user)
                        
                        logging.info('(LoginHandler.post) User %s logged in as patient, redirecting to / page', user.get_email())
                        self.redirect('/patient/bookings/' + patient.key.urlsafe())
                        
                    else:
                        logging.error('(LoginHandler.post) User %s logged in without roles', user.get_email())
                        error_message = 'Your account is not activated. Please check your email for an activation message or <a href="/contact">contact us</a> if you require assistance.'
                        self.render_template('user/login.html', login_form=login_form, error_message=error_message)
                
            except (InvalidAuthIdError, InvalidPasswordError), e:
                # throws InvalidAuthIdError if user is not found, throws InvalidPasswordError if provided password doesn't match with specified user
                error_message = _(u'Login failed. Try again.')
                self.render_template('user/login.html', login_form=login_form, error_message=error_message)
            except AttributeError, ae:
                logging.warn('User has not password, authentication fails %s' % ae)
Exemplo n.º 7
0
    def patient_confirms_latest_booking(self, date_string, time_string, new_user=True, logged_in=False):
        # check email to patient
        booking_datetime = datetime.strptime(testutil.next_monday_date_string() + " " + str(time_string), '%Y-%m-%d %H')
        french_datetime_string = format_datetime(booking_datetime, "EEEE 'le' d MMMM yyyy", locale='fr_CA') + " à " + format_datetime(booking_datetime, "H:mm", locale='fr_CA')

        english_datetime_string = format_datetime(booking_datetime, "EEEE d MMMM yyyy", locale='en') + " at " + format_datetime(booking_datetime, "H:mm", locale='en')

        
        booking_datetime = datetime.strptime(testutil.next_monday_date_string(), '%Y-%m-%d')
        booking_datetime_string = format_date(booking_datetime, format="d MMM yyyy", locale='fr_CA')
        
        booking_time = datetime.strptime(str(time_string), '%H')
        booking_time_string = format_time(booking_time, format="short", locale='fr')
        
        logging.info('French date time of booking: %s' % french_datetime_string) 
        # check that confirmation emails was sent to patient
        messages = self.mail_stub.get_sent_messages(to=self._TEST_PATIENT_EMAIL)
        patient_email_count = len(messages)
        # get last email sent
        m = messages[patient_email_count - 1]
        self.assertEqual(self._TEST_PATIENT_EMAIL, m.to)
        
        # activate account
        messages = self.mail_stub.get_sent_messages(to=self._TEST_PATIENT_EMAIL)
        
        self.assertEquals(m.subject, 'Veosan Appointment - Osteopath')
        user = db.get_user_from_email(self._TEST_PATIENT_EMAIL)
        
        # check email content
        self.assertIn('Hi', m.body.payload)
        self.assertIn('Thank you', m.body.payload)
        self.assertIn(english_datetime_string, m.body.payload)
        self.assertNotIn('None',  m.body.payload)
        
        patient = db.get_patient_from_user(user)
        bookings = db.get_bookings_for_patient(patient)        
        booking = bookings[0]
        
        if new_user:
            self.assertTrue('/login/booking/%s' % booking.key.urlsafe() in m.body.payload)
            
            response = self.testapp.get('/')
            is_french = 'Déconnexion' in response
            is_english = 'Logout' in response
            
            user_logged_in = False
            if is_english:
                user_logged_in = 'Logout' in response
            elif is_french:
                user_logged_in = 'Déconnexion' in response

    
            # click the link
            response = self.testapp.get('/login/booking/%s' % booking.key.urlsafe())


            # is user logged in?
            if not user_logged_in:
                if is_english:
                    response.mustcontain("Login to Veosan")
                elif is_french:
                    response.mustcontain("Connexion à Veosan")
                    
                login_form = response.forms['login_form']
                login_form['password'] = self._TEST_PATIENT_PASSWORD
                response = login_form.submit().follow()
            else:
                response = response.follow()
            
            response.mustcontain("Upcoming Appointments")
            response.mustcontain('Fantastic Fox')

            #response.mustcontain(booking_time_string)
            response.mustcontain(english_datetime_string)
            
            # patient email in navbar
            response.mustcontain(self._TEST_PATIENT_EMAIL)
            response.mustcontain('Logout')
Exemplo n.º 8
0
    def post(self, vanity_url=None):
        '''
            Booking process from public profile
        '''
        appointment_details_form = None
        provider = db.get_provider_from_vanity_url(vanity_url)
    
        user = self.get_current_user()
        if user:
            appointment_details_form = AppointmentDetailsForLoggedInUser().get_form(self.request.POST, provider=provider)
        else:
            appointment_details_form = AppointmentDetails().get_form(self.request.POST, provider=provider)
        
        provider = db.get_provider_from_vanity_url(vanity_url)
        if appointment_details_form.validate():
            # create the booking object
            booking = Booking()
            booking.provider = provider.key
            booking.booking_source = 'profile'
            
            booking_date = appointment_details_form['booking_date'].data
            booking_time = appointment_details_form['booking_time'].data
            booking.datetime = to_utc(datetime.strptime(booking_date + " " + booking_time, '%Y-%m-%d %H:%M'))
            booking.comments = appointment_details_form['comments'].data

            schedule = db.get_schedule_for_date_time(provider, booking_date, booking_time)
            booking.schedule = schedule.key            
            
            if appointment_details_form.__contains__('service'):
                service_key_from_form = appointment_details_form['service'].data
                if service_key_from_form:
                    service_key = ndb.Key(urlsafe=service_key_from_form)
                    provider_service = service_key.get()
                    if provider_service:
                        booking.service = service_key

            if user:
                # user is logged in, is this a patient?
                existing_patient = db.get_patient_from_user(user)
                if existing_patient:
                    booking.patient = existing_patient.key
                else:
                    self.link_user_to_new_patient(appointment_details_form, user, booking)
                    
                # confirm the booking since it is a "known" user
                booking.confirmed = True
                booking.email_sent_to_patient = False
                booking.email_sent_to_provider = False
                
                # save booking
                booking.put()
                
                # already logged in so go directly to bookings list
                self.redirect('/patient/bookings/' + booking.patient.urlsafe())
                
                # mail it to the patient
                mail.email_booking_to_patient(self, booking)
                
                # mail it to the provider
                mail.email_booking_to_provider(self, booking)
                    
            else:
                # no user is logged in, check if the email address exists, this means they just didn't log in
                email = appointment_details_form['email'].data

                existing_user = db.get_user_from_email(email)
                if existing_user:
                    existing_patient = db.get_patient_from_user(existing_user)
                    if existing_patient:                        
                        # email is in datastore, but not logged in
                        # link booking to existing patient 
                        booking.patient = existing_patient.key
                        booking.put()
                    else:
                        self.link_user_to_new_patient(appointment_details_form, user, booking)       
                    
                    # confirm the booking since it is a "known" user
                    booking.confirmed = True
                    booking.email_sent_to_patient = False
                    booking.email_sent_to_provider = False
                    
                    # save booking
                    booking.put()

                    # get the user to login
                    key = booking.key.urlsafe()
                    self.redirect('/login/booking/' + key)
                else:
                    # no patient, no user. get them to fill a profile in the form
                    booking.put()
                    
                    patient_form = RegistrationDetailsForNewPatient().get_form()
                    patient_form['terms_agreement'].data = True
                    patient_form['booking_date'].data = booking_date
                    patient_form['booking_time'].data = booking_time
                    patient_form['booking_key'].data = booking.key.urlsafe()
                    patient_form['email'].data = email

                    self.render_template('provider/public/booking_new_patient.html', provider=provider, patient_form=patient_form)
                        
            logging.info('Created booking from public profile: %s' % booking)
            
        else:
            self.render_template('provider/public/booking_details.html', provider=provider, booking_form=appointment_details_form)