def reset_password(auth_id, token):
auth = models.EmailAuth.from_urlsafe(auth_id)
if not auth:
time.sleep(config.security_wait)
return render_template('password-reset-not-found.html'), 404
assert isinstance(auth, models.EmailAuth)
account = auth.user_account.get()
assert isinstance(account, models.UserAccount)
if not isinstance(auth, models.EmailAuth):
time.sleep(config.security_wait)
return render_template('password-reset-not-found.html'), 404
if account.verify_reset_password(token=token):
form = PasswordResetForm(request.form)
if request.method == 'POST' and form.validate():
password = form.password.data
account.set_password(password)
account.put()
flasher.info(_("Password reset. You may now login."))
return flask.redirect(flask.url_for('users.login'))
return render_template('password-reset.html', form=form)
else:
time.sleep(config.security_wait)
return render_template('password-reset-not-found.html'), 404
def reset_password(auth_id, token):
auth = models.EmailAuth.from_urlsafe(auth_id)
if not auth:
time.sleep(config.security_wait)
return render_template('password-reset-not-found.html'), 404
assert isinstance(auth, models.EmailAuth)
account = auth.user_account.get()
assert isinstance(account, models.UserAccount)
if not isinstance(auth, models.EmailAuth):
time.sleep(config.security_wait)
return render_template('password-reset-not-found.html'), 404
if account.verify_reset_password(token=token):
form = PasswordResetForm(request.form)
if request.method == 'POST' and form.validate():
password = form.password.data
account.set_password(password)
account.put()
flasher.info(_("Password reset. You may now login."))
return flask.redirect(flask.url_for('users.login'))
return render_template('password-reset.html', form=form)
else:
time.sleep(config.security_wait)
return render_template('password-reset-not-found.html'), 404
def setup_tenant():
form = TenantSetupForm(flask.request.form)
if flask.request.method == 'POST' and form.validate():
name = form.name.data
tenant = Tenant(name=name, owner=g.current_account.key)
tenant.put()
activity = Activity(user=g.current_account.key,
subject=tenant.key,
type='tenant',
tags=['new-tenant'])
membership = TenantMembership(
tenant=tenant.key,
user=g.current_account.key,
user_type=TenantMembership.PRIVILEGE_OWNER)
# g.current_account.tenant = tenant.key
# g.current_account.put()
flask.session['current_tenant'] = tenant.key.urlsafe()
put_later(g.current_account, activity, membership)
flasher.info(_('Account Created'))
return redirect_to_view()
return flask.render_template('tenant-setup.html', form=form)
def post(self, urlsafe=None):
if urlsafe:
obj = self.fetch_object(urlsafe)
obj.delete()
time.sleep(.3)
flasher.info(_('%(name)s deleted', name=self.name_singular))
return flask.redirect(flask.url_for(self.list_view))
else:
return flask.abort(404)
def forgot_password():
form = PasswordRecoveryForm(request.form)
message = None
if request.method == 'POST' and form.validate():
email = form.email.data
auth = models.EmailAuth.from_email(email, create=False)
if auth:
account = auth.user_account.get()
account.recover_password()
flasher.info(_(
'If an account exists with that email address, a verification email will be sent. If no account exists with that address, no email will be sent.'))
return render_template('forgot-password.html', form=form, message=message)
def forgot_password():
form = PasswordRecoveryForm(request.form)
message = None
if request.method == 'POST' and form.validate():
email = form.email.data
auth = models.EmailAuth.from_email(email, create=False)
if auth:
account = auth.user_account.get()
account.recover_password()
flasher.info(
_('If an account exists with that email address, a verification email will be sent. If no account exists with that address, no email will be sent.'
))
return render_template('forgot-password.html', form=form, message=message)
def handle_add_email(self):
form = AddEmailForm(flask.request.form)
if form.validate_on_submit():
email = form.email.data.strip().lower()
existing_auth = models.EmailAuth.get_by_id(email)
if existing_auth:
flasher.error(_('Another user is already using this email address.'))
else:
flasher.info(_('Email address verification sent.'))
new_auth = models.EmailAuth.from_email(form.email.data, create=True, email_is_verified=False)
new_auth.user_account = g.current_account.key
put_later(new_auth)
else:
flasher.error(_(' '.join(form.errors.values())))
return flask.redirect(flask.url_for('users.profile'))
def signup_email():
form = EmailSignupForm(request.form)
if request.method == 'POST' and form.validate():
email = form.email.data
auth = models.EmailAuth.from_email(email, create=False)
if auth:
# Account exists. Check password.
assert isinstance(auth, models.EmailAuth)
account = auth.user_account.get()
if account.check_password(form.password.data):
return _login_user(account)
else:
flasher.warning(_('A user with that email address already exists'))
return flask.redirect(flask.url_for('users.login'))
else:
account, auth = models.UserAccount.from_email(form.email.data, current_account=g.current_account)
account.set_password(form.password.data)
models.ndb.put_multi((account, auth))
flasher.info(_('Thanks for signing up'))
return _login_user(account, flash_message=False)
return render_template('signup_email.html', form=form)
def handle_add_email(self):
form = AddEmailForm(flask.request.form)
if form.validate_on_submit():
email = form.email.data.strip().lower()
existing_auth = models.EmailAuth.get_by_id(email)
if existing_auth:
flasher.error(
_('Another user is already using this email address.'))
else:
flasher.info(_('Email address verification sent.'))
new_auth = models.EmailAuth.from_email(form.email.data,
create=True,
email_is_verified=False)
new_auth.user_account = g.current_account.key
put_later(new_auth)
else:
flasher.error(_(' '.join(form.errors.values())))
return flask.redirect(flask.url_for('users.profile'))
def setup_tenant():
form = TenantSetupForm(flask.request.form)
if flask.request.method == 'POST' and form.validate():
name = form.name.data
tenant = Tenant(name=name, owner=g.current_account.key)
tenant.put()
activity = Activity(user=g.current_account.key, subject=tenant.key, type='tenant', tags=['new-tenant'])
membership = TenantMembership(
tenant=tenant.key,
user=g.current_account.key,
user_type=TenantMembership.PRIVILEGE_OWNER
)
membership.put()
g.current_account.put()
flask.session['current_tenant'] = tenant.key.urlsafe()
put_later(activity)
flasher.info(_('Account Created'))
return redirect_to_view()
return flask.render_template('tenant-setup.html', form=form)
def signup_email():
form = EmailSignupForm(request.form)
if request.method == 'POST' and form.validate():
email = form.email.data
auth = models.EmailAuth.from_email(email, create=False)
if auth:
# Account exists. Check password.
assert isinstance(auth, models.EmailAuth)
account = auth.user_account.get()
if account.check_password(form.password.data):
return _login_user(account)
else:
flasher.warning(
_('A user with that email address already exists'))
return flask.redirect(flask.url_for('users.login'))
else:
account, auth = models.UserAccount.from_email(
form.email.data, current_account=g.current_account)
account.set_password(form.password.data)
models.ndb.put_multi((account, auth))
flasher.info(_('Thanks for signing up'))
return _login_user(account, flash_message=False)
return render_template('signup_email.html', form=form)
def flash_message(self, obj):
flasher.info(_('Profile Saved'))
def flash_message(self, obj):
flasher.info(_('Profile Saved'))
def flash_message(self, obj):
flasher.info(unicode(_('%(name)s updated', name=self.name_singular)))
