Exemplo n.º 1
def trigger_reset():
    Allow user to trigger a reset of the password in case they forget it

    values = {"csrf_token": generate_csrf_token()}

    # If it's a simple GET method we return the form
    if request.method == 'GET':
        return render_template('account/trigger_reset.html', form_fill=values)

    # Get the email
    email = request.form.get('email')

    # Simple check to see if the email was provided. Flash error if not
    if email is None or not len(email):
        flash_error("Please enter an email address!")
        return render_template('account/trigger_reset.html', form_fill=values)

    # Get the account for this email
    account = Account.by_email(email)

    # If no account is found we let the user know that it's not registered
    if account is None:
        flash_error("No user is registered under this address!")
        return render_template('account/trigger_reset.html', form_fill=values)


    # Send the reset link to the email of this account

    # Redirect to the login page
    return redirect(url_for('account.email_message', id=account.id))
Exemplo n.º 2
def login_perform():
    account = Account.by_email(request.form.get('login'))
    #if account is not None and account.verified == True:
    if account is not None:
        if check_password_hash(account.password, request.form.get('password')):
            login_user(account, remember=True)
            flash_success("Welcome back, " + account.fullname + "!")
            return redirect(url_for('home.index'))
    flash_error("Incorrect user name or password!")
    return login()
Exemplo n.º 3
def login_perform():
    account = Account.by_email(request.form.get('login'))
    #if account is not None and account.verified == True:
    if account is not None:
        if check_password_hash(account.password, request.form.get('password')):
            login_user(account, remember=True)
            flash_success("Welcome back, " + account.fullname + "!")
            return redirect(url_for('home.index'))
    flash_error("Incorrect user name or password!")
    return login()
Exemplo n.º 4
    def trigger_reset(self):
        if request.method == 'GET':
            return render('account/trigger_reset.html')
        email = request.params.get('email')
        if email is None or not len(email):
            h.flash_error(_("Please enter an email address!"))
            return render('account/trigger_reset.html')
        account = Account.by_email(email)
        if account is None:
            h.flash_error(_("No user is registered under this address!"))
            return render('account/trigger_reset.html')

        h.flash_success(_("You've received an email with a link to reset your "
            + "password. Please check your inbox."))
        redirect(h.url_for(controller='account', action='login'))
Exemplo n.º 5
    def trigger_reset(self):
        if request.method == 'GET':
            return render('account/trigger_reset.html')
        email = request.params.get('email')
        if email is None or not len(email):
            h.flash_error(_("Please enter an email address!"))
            return render('account/trigger_reset.html')
        account = Account.by_email(email)
        if account is None:
            h.flash_error(_("No user is registered under this address!"))
            return render('account/trigger_reset.html')

            _("You've received an email with a link to reset your " +
              "password. Please check your inbox."))
        redirect(h.url_for(controller='account', action='login'))
Exemplo n.º 6
 def do_reset(self):
     email = request.params.get('email')
     if email is None or not len(email):
         h.flash_error(_("The reset link is invalid!"))
         redirect(h.url_for(controller='account', action='login'))
     account = Account.by_email(email)
     if account is None:
         h.flash_error(_("No user is registered under this address!"))
         redirect(h.url_for(controller='account', action='login'))
     if request.params.get('token') != account.token:
         h.flash_error(_("The reset link is invalid!"))
         redirect(h.url_for(controller='account', action='login'))
     who_api = request.environ['repoze.who.plugins']['auth_tkt']
     headers = who_api.remember(request.environ,
             {'repoze.who.userid': account.name})
     h.flash_success(_("Thanks! You have now been signed in - please change "
         + "your password!"))
     redirect(h.url_for(controller='account', action='settings'))
Exemplo n.º 7
def make_account(name='test', fullname='Test User',
                 admin=False, verified=True):
    from openspending.model.account import Account

    # First see if the account already exists and if so, return it
    account = Account.by_email(email)
    if account:
        return account

    # Account didn't exist so we create it and return it
    account = Account()
    account.fullname = fullname
    account.email = email
    account.admin = admin
    account.verified = verified
    return account
Exemplo n.º 8
 def do_reset(self):
     email = request.params.get('email')
     if email is None or not len(email):
         h.flash_error(_("The reset link is invalid!"))
         redirect(h.url_for(controller='account', action='login'))
     account = Account.by_email(email)
     if account is None:
         h.flash_error(_("No user is registered under this address!"))
         redirect(h.url_for(controller='account', action='login'))
     if request.params.get('token') != account.token:
         h.flash_error(_("The reset link is invalid!"))
         redirect(h.url_for(controller='account', action='login'))
     who_api = request.environ['repoze.who.plugins']['auth_tkt']
     headers = who_api.remember(request.environ,
                                {'repoze.who.userid': account.name})
         _("Thanks! You have now been signed in - please change " +
           "your password!"))
     redirect(h.url_for(controller='account', action='settings'))
Exemplo n.º 9
def make_account(name='test',
                 fullname='Test User',
    from openspending.model.account import Account

    # First see if the account already exists and if so, return it
    account = Account.by_email(email)
    if account:
        return account

    # Account didn't exist so we create it and return it
    account = Account()
    account.fullname = fullname
    account.email = email
    account.admin = admin
    account.verified = verified
    return account
Exemplo n.º 10
def trigger_reset():
    Allow user to trigger a reset of the password in case they forget it

    values = {"csrf_token": generate_csrf_token()}

    # If it's a simple GET method we return the form
    if request.method == 'GET':
        return render_template('account/trigger_reset.html', form_fill=values)

    # Get the email
    email = request.form.get('email')

    # Simple check to see if the email was provided. Flash error if not
    if email is None or not len(email):
        flash_error("Please enter an email address!")
        return render_template('account/trigger_reset.html',  form_fill=values)

    # Get the account for this email
    account = Account.by_email(email)

    # If no account is found we let the user know that it's not registered
    if account is None:
        flash_error("No user is registered under this address!")
        return render_template('account/trigger_reset.html',  form_fill=values)


    # Send the reset link to the email of this account

    # Redirect to the login page
    return redirect(url_for('account.email_message', id=account.id))
Exemplo n.º 11
    def trigger_reset(self):
        Allow user to trigger a reset of the password in case they forget it

        # Disable the cache

        # If it's a simple GET method we return the form
        if request.method == 'GET':
            return templating.render('account/trigger_reset.html')

        # Get the email
        email = request.params.get('email')

        # Simple check to see if the email was provided. Flash error if not
        if email is None or not len(email):
            h.flash_error(_("Please enter an email address!"))
            return templating.render('account/trigger_reset.html')

        # Get the account for this email
        account = Account.by_email(email)

        # If no account is found we let the user know that it's not registered
        if account is None:
            h.flash_error(_("No user is registered under this address!"))
            return templating.render('account/trigger_reset.html')

        # Send the reset link to the email of this account

        # Let the user know that email with link has been sent
            _("You've received an email with a link to reset your " +
              "password. Please check your inbox."))

        # Redirect to the login page
        redirect(h.url_for(controller='account', action='login'))
Exemplo n.º 12
    def trigger_reset(self):
        Allow user to trigger a reset of the password in case they forget it

        # Disable the cache

        # If it's a simple GET method we return the form
        if request.method == 'GET':
            return templating.render('account/trigger_reset.html')

        # Get the email
        email = request.params.get('email')

        # Simple check to see if the email was provided. Flash error if not
        if email is None or not len(email):
            h.flash_error(_("Please enter an email address!"))
            return templating.render('account/trigger_reset.html')

        # Get the account for this email
        account = Account.by_email(email)

        # If no account is found we let the user know that it's not registered
        if account is None:
            h.flash_error(_("No user is registered under this address!"))
            return templating.render('account/trigger_reset.html')

        # Send the reset link to the email of this account

        # Let the user know that email with link has been sent
        h.flash_success(_("You've received an email with a link to reset your "
            + "password. Please check your inbox."))

        # Redirect to the login page
        redirect(h.url_for(controller='account', action='login'))
Exemplo n.º 13
def register():
    """ Perform registration of a new user """
    errors, values = {}, dict(request.form.items())

        # Grab the actual data and validate it
        data = AccountRegister().deserialize(values)

        #check if email is already registered
            # it is, then send the email hash for the login

        #check that email is real
        #get the domain
        print data['email']
        if (data['email'].find('@') == -1 or data['email'].find('.') == -1):
            raise colander.Invalid(AccountRegister.email,
                    "You must use a valid USG email address")

        domain = data['email'][data['email'].find('@') + 1:]

        if 'EMAIL_WHITELIST' not in current_app.config.keys():
            raise colander.Invalid(AccountRegister.email,
                "System not set correctly.  Please contact the administrator.")

        domainvalid = False

        for domainemail in current_app.config['EMAIL_WHITELIST']:
            if domain.lower() == domainemail.lower():
                domainvalid = True

        if not domainvalid:
            raise colander.Invalid(AccountRegister.email,
                "Your email is not available for registration.  Currently it is only available for US Government emails.")

        # Check if the username already exists, return an error if so
        if Account.by_email(data['email']):
            #resend the hash here to the email and notify the user
            raise colander.Invalid(
                "Login Name already exists.  Click reset password.")

        # Create the account
        account = Account()
        account.fullname = data['fullname']
        account.email = data['email']


        # Perform a login for the user
        #login_user(account, remember=True)


        # TO DO redirect to email sent page
        return redirect(url_for('account.email_message', id=account.id))
    except colander.Invalid as i:
        errors = i.asdict()
    values["csrf_token"] = generate_csrf_token()
    return render_template('account/login.jade', form_fill=values,
Exemplo n.º 14
def register():
    """ Perform registration of a new user """
    errors, values = {}, dict(request.form.items())

        # Grab the actual data and validate it
        data = AccountRegister().deserialize(values)

        #check if email is already registered
        # it is, then send the email hash for the login

        #check that email is real
        #get the domain
        if (data['email'].find('@') == -1 or data['email'].find('.') == -1):
            flash_error("You must use a valid USG email address")
            raise colander.Invalid(AccountRegister.email,
                                   "You must use a valid USG email address")

        domain = data['email'][data['email'].find('@') + 1:]

        if 'EMAIL_WHITELIST' not in current_app.config.keys():
                "Your email is not current supported.  The login option is only available for US Government offices at this time."
            raise colander.Invalid(
                "System not set correctly.  Please contact the administrator.")

        domainvalid = False

        for domainemail in current_app.config['EMAIL_WHITELIST']:
            if domain.lower() == domainemail.lower():
                domainvalid = True

        if not domainvalid:
                "Your email is not current supported.  The login option is only available for US Government offices at this time."
            raise colander.Invalid(
                "Your email is not available for registration.  Currently it is only available for US Government emails."

        # Check if the username already exists, return an error if so
        if Account.by_email(data['email']):
                "Login Name already exists.  Click request password reset to change your password."

            #resend the hash here to the email and notify the user
            raise colander.Invalid(
                "Login Name already exists.  Click request password reset to change your password."

        # Create the account
        account = Account()
        account.fullname = data['fullname']
        account.email = data['email']


        # Perform a login for the user
        #login_user(account, remember=True)


        # TO DO redirect to email sent page
        return redirect(url_for('account.email_message', id=account.id))
    except colander.Invalid as i:
        errors = i.asdict()
    if request.form.get("csrf_token", None):
        values['csrf_token'] = request.form.get('csrf_token')
        values["csrf_token"] = generate_csrf_token()
    return render_template(
        form_fill_login={'csrf_token': values['csrf_token']})