def authenticate_credentials(self, payload): """ Returns an active user that matches the payload's user id and email. """ user = User() username = jwt_get_username_from_payload(payload) if not username: msg = _('Invalid payload.') raise exceptions.AuthenticationFailed(msg) qs = user.collection.find({"username": username}) if qs.count() == 1: user_obj = qs.next() user.set_username(user_obj.get("username")) user.set_email(user_obj.get("email")) user.set_password(user_obj.get("password")) user.active(user_obj.get("is_active")) else: msg = _('Invalid signature.') raise exceptions.AuthenticationFailed(msg) # try: # user = User.objects.get_by_natural_key(username) # except User.DoesNotExist: # msg = _('Invalid signature.') # raise exceptions.AuthenticationFailed(msg) if not user.get_active(): msg = _('User account is disabled.') raise exceptions.AuthenticationFailed(msg) return user
def post(self, token): context = self.get_context() form = context.get('form') if form.validate(): try: user = User() form.populate_obj(user) user.set_password(form.password.data) user.active = True user.save() flash('User is created.') return redirect(url_for('pages.home')) except NotUniqueError: flash('User aready exists') else: flash_errors(form) return render_template('accounts/register.html', register_user_form=form)
def register_page(request): if request.user.is_authenticated() and (request.user.admin or request.user.manager or request.user.employee): form = RegisterForm(request.POST or None) address = AddressForm(request.POST or None) kid = KidForm(request.POST or None) instance = None if request.user.admin: instance = User.objects.all() elif request.user.manager: instance = User.objects.all().filter(admin=False) daycare = DaycareForm(request.user) context = { "form": form, "address": address, "daycare": daycare, "kid": kid, "instance": instance, } if request.POST: if request.POST['choices'] == 'admin': if form.is_valid() and address.is_valid(): name_age_pairs = zip( request.POST.getlist('child_first_name'), request.POST.getlist('child_last_name'), request.POST.getlist('gender')) profile = User() profile.email = form.cleaned_data['email'] profile.set_password(form.cleaned_data["password1"]) #profile.password = form.cleaned_data['password2'] profile.adult_first_name = form.cleaned_data[ 'adult_first_name'] profile.adult_last_name = form.cleaned_data[ 'adult_last_name'] profile.active = True profile.admin = True profile.staff = True profile.manager = False profile.employee = False profile.parent = False address_profile = Address() address_profile.address_line_1 = address.cleaned_data[ 'address_line_1'] address_profile.address_line_2 = address.cleaned_data[ 'address_line_2'] address_profile.city = address.cleaned_data['city'] address_profile.country = address.cleaned_data['country'] address_profile.province = address.cleaned_data[ 'postal_code'] address_profile.postal_code = address.cleaned_data[ 'province'] address_profile.home_phone = address.cleaned_data[ 'home_phone'] address_profile.cell_phone = address.cleaned_data[ 'cell_phone'] address_profile.save() profile.user_address = address_profile profile.save() all_selected_daycares = request.POST.getlist('daycare') if all_selected_daycares is not None: for data in all_selected_daycares: temporary_daycare = Daycare.objects.get(name=data) profile.daycare.add(temporary_daycare.id) profile.save() if kid.is_valid() and name_age_pairs is not None: data_dicts = [{ 'child_first_name': child_first_name, 'child_last_name': child_last_name, 'gender': gender } for child_first_name, child_last_name, gender in name_age_pairs] for data in data_dicts: if data['child_first_name'] != "" and data[ 'child_last_name'] != "": profile_kid = Kid() profile_kid.parent = profile profile_kid.child_first_name = data[ 'child_first_name'] profile_kid.child_last_name = data[ 'child_last_name'] profile_kid.gender = data['gender'] profile_kid.save() return redirect("/register/") elif request.POST['choices'] == 'manager': if form.is_valid() and address.is_valid(): name_age_pairs = zip( request.POST.getlist('child_first_name'), request.POST.getlist('child_last_name'), request.POST.getlist('gender')) profile = User() profile.email = form.cleaned_data['email'] profile.set_password(form.cleaned_data["password1"]) #profile.password = form.cleaned_data['password2'] profile.adult_first_name = form.cleaned_data[ 'adult_first_name'] profile.adult_last_name = form.cleaned_data[ 'adult_last_name'] profile.active = True profile.admin = False profile.staff = False profile.employee = False profile.manager = True profile.parent = False address_profile = Address() address_profile.address_line_1 = address.cleaned_data[ 'address_line_1'] address_profile.address_line_2 = address.cleaned_data[ 'address_line_2'] address_profile.city = address.cleaned_data['city'] address_profile.country = address.cleaned_data['country'] address_profile.province = address.cleaned_data[ 'postal_code'] address_profile.postal_code = address.cleaned_data[ 'province'] address_profile.home_phone = address.cleaned_data[ 'home_phone'] address_profile.cell_phone = address.cleaned_data[ 'cell_phone'] address_profile.save() profile.user_address = address_profile profile.save() all_selected_daycares = request.POST.getlist('daycare') if all_selected_daycares is not None: for data in all_selected_daycares: temporary_daycare = Daycare.objects.get(name=data) profile.daycare = Daycare.objects.get( id=temporary_daycare.id) profile.save() if kid.is_valid() and name_age_pairs is not None: data_dicts = [{ 'child_first_name': child_first_name, 'child_last_name': child_last_name, 'gender': gender } for child_first_name, child_last_name, gender in name_age_pairs] for data in data_dicts: if data['child_first_name'] != "" and data[ 'child_last_name'] != "": profile_kid = Kid() profile_kid.parent = profile profile_kid.child_first_name = data[ 'child_first_name'] profile_kid.child_last_name = data[ 'child_last_name'] profile_kid.gender = data['gender'] profile_kid.save() return redirect("/register/") elif request.POST['choices'] == 'employee': if form.is_valid() and address.is_valid(): name_age_pairs = zip( request.POST.getlist('child_first_name'), request.POST.getlist('child_last_name'), request.POST.getlist('gender')) profile = User() profile.email = form.cleaned_data['email'] profile.set_password(form.cleaned_data["password1"]) #profile.password = form.cleaned_data['password2'] profile.adult_first_name = form.cleaned_data[ 'adult_first_name'] profile.adult_last_name = form.cleaned_data[ 'adult_last_name'] profile.active = True profile.admin = False profile.staff = False profile.manager = False profile.employee = True profile.parent = False address_profile = Address() address_profile.address_line_1 = address.cleaned_data[ 'address_line_1'] address_profile.address_line_2 = address.cleaned_data[ 'address_line_2'] address_profile.city = address.cleaned_data['city'] address_profile.country = address.cleaned_data['country'] address_profile.province = address.cleaned_data[ 'postal_code'] address_profile.postal_code = address.cleaned_data[ 'province'] address_profile.home_phone = address.cleaned_data[ 'home_phone'] address_profile.cell_phone = address.cleaned_data[ 'cell_phone'] address_profile.save() profile.user_address = address_profile profile.save() all_selected_daycares = request.POST.getlist('daycare') if all_selected_daycares is not None: for data in all_selected_daycares: temporary_daycare = Daycare.objects.get(name=data) profile.daycare = Daycare.objects.get( id=temporary_daycare.id) profile.save() if kid.is_valid() and name_age_pairs is not None: data_dicts = [{ 'child_first_name': child_first_name, 'child_last_name': child_last_name, 'gender': gender } for child_first_name, child_last_name, gender in name_age_pairs] for data in data_dicts: if data['child_first_name'] != "" and data[ 'child_last_name'] != "": profile_kid = Kid() profile_kid.parent = profile profile_kid.child_first_name = data[ 'child_first_name'] profile_kid.child_last_name = data[ 'child_last_name'] profile_kid.gender = data['gender'] profile_kid.save() return redirect("/register/") elif request.POST['choices'] == 'parent': if form.is_valid() and address.is_valid(): name_age_pairs = zip( request.POST.getlist('child_first_name'), request.POST.getlist('child_last_name'), request.POST.getlist('gender')) profile = User() profile.email = form.cleaned_data['email'] profile.set_password(form.cleaned_data["password1"]) #profile.password = form.cleaned_data['password2'] profile.adult_first_name = form.cleaned_data[ 'adult_first_name'] profile.adult_last_name = form.cleaned_data[ 'adult_last_name'] profile.active = True profile.admin = False profile.staff = False profile.manager = False profile.employee = False profile.parent = True address_profile = Address() address_profile.address_line_1 = address.cleaned_data[ 'address_line_1'] address_profile.address_line_2 = address.cleaned_data[ 'address_line_2'] address_profile.city = address.cleaned_data['city'] address_profile.country = address.cleaned_data['country'] address_profile.province = address.cleaned_data[ 'postal_code'] address_profile.postal_code = address.cleaned_data[ 'province'] address_profile.home_phone = address.cleaned_data[ 'home_phone'] address_profile.cell_phone = address.cleaned_data[ 'cell_phone'] address_profile.save() profile.user_address = address_profile profile.save() all_selected_daycares = request.POST.getlist('daycare') if all_selected_daycares is not None: for data in all_selected_daycares: temporary_daycare = Daycare.objects.get(name=data) profile.daycare = Daycare.objects.get( id=temporary_daycare.id) profile.save() if kid.is_valid() and name_age_pairs is not None: data_dicts = [{ 'child_first_name': child_first_name, 'child_last_name': child_last_name, 'gender': gender } for child_first_name, child_last_name, gender in name_age_pairs] for data in data_dicts: if data['child_first_name'] != "" and data[ 'child_last_name'] != "": profile_kid = Kid() profile_kid.parent = profile profile_kid.child_first_name = data[ 'child_first_name'] profile_kid.child_last_name = data[ 'child_last_name'] profile_kid.gender = data['gender'] profile_kid.save() return redirect("/register/") else: pass else: return redirect("/") return render(request, "accounts/register.html", context)