def send_activation_code(request):
body = JSONParser().parse(request)
user = authenticate(username=body['username'], password=body['password'])
if user is not None:
if user.approved:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.email_already_verified),
safe=False)
else:
activation_key, expiration_time = utils.generate_activation_key_and_expiredate(
body['username'])
user.activation_key = activation_key
user.key_expires = expiration_time
user.save()
utils.send_email(user.email, activation_key, 'activate')
return JsonResponse(create_response(data=None, success=True),
safe=False)
else:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.invalid_credentials),
safe=False)
def forgot_password(request):
body = JSONParser().parse(request)
if 'recaptcha_token' in body and utils.verify_recaptcha(
None, body['recaptcha_token'],
'forgot_password') == ResponseCodes.verify_recaptcha_failed:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.verify_recaptcha_failed),
safe=False)
username = body['username']
try:
user = User.objects.get(
Q(username__iexact=username) | Q(email__iexact=username))
activation_key, expiration_time = utils.generate_activation_key_and_expiredate(
user.username)
user.forgot_password_key = activation_key
user.forgot_password_key_expires = expiration_time
user.save()
utils.send_email(user.email, activation_key, 'validateForgotPassword')
except Exception as e:
log(traceback.format_exception(None, e, e.__traceback__), 'e')
return JsonResponse(create_response(data=None, success=True), safe=False)
def register(request):
# Get form values
body = JSONParser().parse(request)
if 'recaptcha_token' in body and utils.verify_recaptcha(
None, body['recaptcha_token'],
'signup') == ResponseCodes.verify_recaptcha_failed:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.verify_recaptcha_failed),
safe=False)
first_name = ''
last_name = ''
linkedin_auth_code = None
google_access_token = None
if 'first_name' in body:
first_name = body['first_name']
if 'last_name' in body:
last_name = body['last_name']
if 'linkedin_auth_code' in body:
linkedin_auth_code = body['linkedin_auth_code']
if 'google_access_token' in body:
google_access_token = body['google_access_token']
user_type, new = UserType.objects.get_or_create(name__iexact='Employer')
username = body['username']
email = body['email']
password = body['password']
password2 = body['password2']
if '@' in username:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.invalid_username),
safe=False)
# Check if passwords match
if password == password2:
# Check username
if User.objects.filter(username__iexact=username).exists():
success = False
code = ResponseCodes.username_exists
else:
if User.objects.filter(email__iexact=email).exists():
success = False
code = ResponseCodes.email_exists
else:
# Looks good
user = User.objects.create_user(username=username,
password=password,
email=email,
first_name=first_name,
user_type=user_type,
last_name=last_name,
approved=False,
activation_key=None,
key_expires=None)
user.save()
if linkedin_auth_code is None and google_access_token is None:
activation_key, expiration_time = utils.generate_activation_key_and_expiredate(
body['username'])
user.activation_key = activation_key
user.key_expires = expiration_time
user.save()
utils.send_email(user.email, activation_key, 'activate')
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'password',
'username': username,
'password': password
}
response = requests.post(
'http://localhost:8001/auth/token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
json_res = json.loads(response.text)
if 'error' in json_res:
success = False
code = ResponseCodes.couldnt_login
else:
success = True
code = ResponseCodes.success
json_res['user_type'] = UserTypeSerializer(
instance=user.user_type, many=False).data
json_res[
'signup_flow_completed'] = user.signup_flow_completed
return JsonResponse(create_response(data=json_res,
success=success,
error_code=code),
safe=False)
else:
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'convert_token'
}
if linkedin_auth_code is not None:
post_data['backend'] = 'linkedin-oauth2'
post_data['token'] = get_access_token_with_code(
body['linkedin_auth_code'])
else:
post_data['backend'] = 'google-oauth2'
post_data['token'] = body['google_access_token']
response = requests.post(
'http://localhost:8001/auth/convert-token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
jsonres = json.loads(response.text)
log(jsonres, 'e')
if 'error' in jsonres:
success = False
code = ResponseCodes.invalid_credentials
else:
social_user = UserSocialAuth.objects.get(
extra_data__icontains=post_data['token'])
if social_user.user.email != user.email:
social_user.user.delete()
social_user.user = user
social_user.save()
success = True
code = ResponseCodes.success
user = AccessToken.objects.get(
token=jsonres['access_token']).user
jsonres['user_type'] = UserTypeSerializer(
instance=user.user_type, many=False).data
jsonres[
'signup_flow_completed'] = user.signup_flow_completed
user.approved = True
user.save()
return JsonResponse(create_response(data=jsonres,
success=success,
error_code=code),
safe=False)
else:
success = False
code = ResponseCodes.passwords_do_not_match
return JsonResponse(create_response(data=None,
success=success,
error_code=code),
safe=False)