def verify_email_token(token, max_age=None): data, valid = verify_data_token(token, max_age=max_age) if valid == Validity.BAD_HASH: try: data = int(data) except: return None, Validity.INVALID_FORMAT account = AbstractAgentAccount.get(data) if not account: return None, Validity.DATA_NOT_FOUND data, valid = verify_data_token(token, account.email, max_age) return account, valid # Try decoding legacy try: id, hash = token.split('f', 1) account = AbstractAgentAccount.get(int(id)) if not account: return None, Validity.DATA_NOT_FOUND if verify_password( str(account.id) + account.email + config.get('security.account_token_salt'), hash, HashEncoding.HEX): return account, Validity.VALID return account, Validity.BAD_HASH except: return None, Validity.INVALID_FORMAT
def confirm_emailid_sent(request): # TODO: How to make this not become a spambot? id = int(request.matchdict.get('email_account_id')) email = AbstractAgentAccount.get(id) if not email: raise HTTPNotFound() localizer = request.localizer slug = request.matchdict.get('discussion_slug', None) slug_prefix = "/" + slug if slug else "" if email.verified: # Your email is fine, why do you want to confirm it? # Temporary: explain, but it's a dead-end. # TODO: Unlog and redirect to login. return dict( get_default_context(request), slug_prefix=slug_prefix, profile_id=email.profile_id, email_account_id=request.matchdict.get('email_account_id'), title=localizer.translate(_('This email address is already confirmed')), description=localizer.translate(_( 'You do not need to confirm this email address, it is already confirmed.'))) send_confirmation_email(request, email) return dict( get_default_context(request), slug_prefix=slug_prefix, profile_id=email.profile_id, email_account_id=request.matchdict.get('email_account_id'), title=localizer.translate(_('Confirmation requested')), description=localizer.translate(_( 'A confirmation e-mail has been sent to your account and should be in your inbox in a few minutes. ' 'Please follow the confirmation link in order to confirm your email')))
def confirm_emailid_sent(request): # TODO: How to make this not become a spambot? id = int(request.matchdict.get('email_account_id')) email = AbstractAgentAccount.get(id) if not email: raise HTTPNotFound() localizer = request.localizer context = get_default_context(request) if email.verified: # Your email is fine, why do you want to confirm it? # Temporary: explain, but it's a dead-end. # TODO: Unlog and redirect to login. return dict( context, profile_id=email.profile_id, action = context['get_route']("confirm_emailid_sent", email_account_id=id), email_account_id=str(id), title=localizer.translate(_('This email address is already confirmed')), description=localizer.translate(_( 'You do not need to confirm this email address, it is already confirmed.'))) send_confirmation_email(request, email) return dict( get_default_context(request), action = context['get_route']("confirm_emailid_sent", email_account_id=id), profile_id=email.profile_id, email_account_id=request.matchdict.get('email_account_id'), title=localizer.translate(_('Confirmation requested')), description=localizer.translate(_( 'A confirmation e-mail has been sent to your account and should be in your inbox in a few minutes. ' 'It contains a confirmation link, please click on it in order to confirm your e-mail address. ' 'If you did not receive any confirmation e-mail (check your spams), click here.')))
def confirm_emailid_sent(request): # TODO: How to make this not become a spambot? id = int(request.matchdict.get('email_account_id')) email = AbstractAgentAccount.get(id) if not email: raise HTTPNotFound() localizer = request.localizer slug = request.matchdict.get('discussion_slug', None) slug_prefix = "/" + slug if slug else "" if email.verified: # Your email is fine, why do you want to confirm it? # Temporary: explain, but it's a dead-end. # TODO: Unlog and redirect to login. return dict( get_default_context(request), slug_prefix=slug_prefix, profile_id=email.profile_id, email_account_id=request.matchdict.get('email_account_id'), title=localizer.translate( _('This email address is already confirmed')), description=localizer.translate( _('You do not need to confirm this email address, it is already confirmed.' ))) send_confirmation_email(request, email) return dict( get_default_context(request), slug_prefix=slug_prefix, profile_id=email.profile_id, email_account_id=request.matchdict.get('email_account_id'), title=localizer.translate(_('Confirmation requested')), description=localizer.translate( _('A confirmation e-mail has been sent to your account and should be in your inbox in a few minutes. ' 'Please follow the confirmation link in order to confirm your email' )))
def verify_email_token(token, max_age=None): data, valid = verify_data_token(token, max_age=max_age) if valid == Validity.BAD_HASH: try: data = int(data) except: return None, Validity.INVALID_FORMAT account = AbstractAgentAccount.get(data) if not account: return None, Validity.DATA_NOT_FOUND data, valid = verify_data_token(token, account.email, max_age) return account, valid # Try decoding legacy try: id, hash = token.split('f', 1) account = AbstractAgentAccount.get(int(id)) if not account: return None, Validity.DATA_NOT_FOUND if verify_password(str(account.id) + account.email + config.get('security.account_token_salt'), hash, HashEncoding.HEX): return account, Validity.VALID return account, Validity.BAD_HASH except: return None, Validity.INVALID_FORMAT
def velruse_login_complete_view(request): # TODO: Write tests. Situations are a combinatorics of the folloing: # 1. User action: # A. Social login # B. Logged in, add social account # C. Logged in, add email account (does not happen here) # 2. Is there an existing account with that email? # A. No. # B. The social account already exists # C. A valid email account # D. An invalid email account, sole account of profile # E. An invalid email account, but profile has other accounts # F. A social account from a different provider # 3. When we're logged in (1B, 1C), is the existing account # on the logged in profile or another? # 4. If gmail account, is it an enterprise account? session = AgentProfile.default_db context = request.context now = datetime.utcnow() velruse_profile = context.profile discussion = None slug = request.session.get('discussion', None) if not slug: discussion = discussion_from_request(request) if discussion: slug = discussion.slug if slug and not discussion: discussion = session.query(Discussion).filter_by( slug=slug).first() next_view = handle_next_view(request, True) logged_in = authenticated_userid(request) if logged_in: logged_in = User.get(logged_in) base_profile = logged_in provider = get_identity_provider(request) # find or create IDP_Accounts idp_accounts = [] new_idp_account = None velruse_accounts = velruse_profile['accounts'] old_autoflush = session.autoflush # sqla mislikes creating accounts before profiles, so delay session.autoflush = False # Search for this social account for velruse_account in velruse_accounts: if 'userid' in velruse_account: idp_accounts.extend(session.query( IdentityProviderAccount).filter_by( provider=provider, domain=velruse_account['domain'], userid=velruse_account['userid']).all()) elif 'username' in velruse_account: idp_accounts.extend(session.query( IdentityProviderAccount).filter_by( provider=provider, domain=velruse_account['domain'], username=velruse_account['username']).all()) else: log.error("account needs username or email" + velruse_account) raise HTTPServerError("account needs username or userid") trusted_emails = set() if idp_accounts: for idp_account in idp_accounts: idp_account.profile_info_json = velruse_profile if len(idp_accounts) > 1: log.warn("multiple idp_accounts:" + ','.join((a.id for a in idp_accounts)) + " for " + velruse_accounts) # We will just the last one from the loop for now. trusted_emails.update([ a.email for a in idp_accounts if a.provider.trust_emails and a.email]) else: # Create it if not found idp_class = IdentityProviderAccount for cls in idp_class.get_subclasses(): if cls == idp_class: continue if cls.account_provider_name == provider.name: idp_class = cls break idp_account = idp_class( provider=provider, profile_info_json=velruse_profile, domain=velruse_account.get('domain'), userid=velruse_account.get('userid'), verified=True, username=velruse_account.get('username')) idp_accounts.append(idp_account) new_idp_account = base_account = idp_account session.add(idp_account) for account in idp_accounts: if account.provider.trust_emails: profile = (velruse_profile if account == new_idp_account else account.profile_info_json) email = profile.get('verifiedEmail', None) if email: if account == new_idp_account: account.email = email trusted_emails.add(email) for email in profile.get('emails', ()): if isinstance(email, dict): email = email.get('value', None) if isinstance(email, (str, unicode)) and email: trusted_emails.add(email) if account == new_idp_account and not account.email: account.email = email # else we have created an email-less account. Treat accordingly. conflicting_profiles = {a.profile for a in idp_accounts if a.profile} # Are there other accounts/profiles than the ones we know? conflicting_accounts = set() for email in trusted_emails: other_accounts = session.query(AbstractAgentAccount).filter_by( email=email) for account in other_accounts: conflicting_accounts.add(account) if account.verified or len(account.profile.accounts) == 1: conflicting_profiles.add(account.profile) # choose best known profile for base_account # prefer profiles with verified users, then users, then oldest profiles profile_list = list(conflicting_profiles) profile_list.sort(key=lambda p: ( not(isinstance(p, User) and p.verified), not isinstance(p, User), p.id)) if new_idp_account and profile_list: base_profile = profile_list[0] elif not new_idp_account: # Take first appropriate. Should be the first, somehow not. for profile in profile_list: accounts = [ a for a in idp_accounts if a.profile == profile] if accounts: base_account = accounts[0] break if not logged_in: base_profile = base_account.profile new_profile = None if new_idp_account: if not base_profile: # Create a new user base_profile = new_profile = User( name=velruse_profile.get('displayName', ''), verified=True, creation_date=now) session.add(new_profile) # Upgrade a AgentProfile if not isinstance(base_profile, User): base_profile = base_profile.change_class( User, None, verified=True) new_idp_account.profile = base_profile base_profile.last_login = now base_profile.verified = True if not base_profile.name: base_profile.name = velruse_profile.get('displayName', None) # TODO (needs parsing) # base_profile.timezone=velruse_profile['utcOffset'] # Now all accounts have a profile session.autoflush = old_autoflush session.flush() # Merge other profiles with the same (validated) email # TODO: Ask the user about doing this. conflicting_profiles.discard(base_profile) conflicting_accounts.discard(base_account) for conflicting_profile in conflicting_profiles: base_profile.merge(conflicting_profile) session.delete(conflicting_profile) # If base_profile is still an AgentProfile at this point # then it needs to be upgraded to a User if not isinstance(base_profile, User): base_profile = base_profile.change_class( User, None, verified=True, last_login=now) # Set username if not base_profile.username: username = None usernames = set((a['preferredUsername'] for a in velruse_accounts if 'preferredUsername' in a)) for u in usernames: if not session.query(Username).filter_by(username=u).count(): username = u break if username: session.add(Username(username=username, user=base_profile)) # Create AgentStatusInDiscussion if new_profile and discussion: agent_status = AgentStatusInDiscussion( agent_profile=base_profile, discussion=discussion, user_created_on_this_discussion=True) session.add(agent_status) if maybe_auto_subscribe(base_profile, discussion): next_view = "/%s/" % (slug,) # Delete other (email) accounts if base_account.provider.trust_emails: for account in conflicting_accounts: # Merge may have been confusing session.expire(account) account = AbstractAgentAccount.get(account.id) if account.profile == base_profile: if account.email == base_account.email: if isinstance(account, EmailAccount): account.delete() if account.verified and account.preferred: base_account.preferred = True elif isinstance(account, IdentityProviderAccount): if account.provider_id == base_account.provider_id: log.error("This should have been caught earlier") account.delete() else: log.warning("Two accounts with same email," + "different provider: %d, %d" % ( account.id, base_account.id)) else: # If they're verified, they should have been merged. if account.verified: log.error("account %d should not exist: " % (account.id,)) else: other_profile = account.profile account.delete() session.flush() session.expire(other_profile, ["accounts"]) if not len(other_profile.accounts): log.warning("deleting profile %d" % other_profile.id) other_profile.delete() session.expire(base_profile, ['accounts', 'email_accounts']) # create an email account for other emails. known_emails = {a.email for a in base_profile.accounts} for email in trusted_emails: if email not in known_emails: email = EmailAccount( email=email, profile=base_profile, verified=base_account.provider.trust_emails ) session.add(email) session.flush() base_profile.last_login = now headers = remember(request, base_profile.id) request.response.headerlist.extend(headers) if discussion: request.session['discussion'] = discussion.slug return HTTPFound(location=next_view)
def velruse_login_complete_view(request): # TODO: Write tests. Situations are a combinatorics of the folloing: # 1. User action: # A. Social login # B. Logged in, add social account # C. Logged in, add email account (does not happen here) # 2. Is there an existing account with that email? # A. No. # B. The social account already exists # C. A valid email account # D. An invalid email account, sole account of profile # E. An invalid email account, but profile has other accounts # F. A social account from a different provider # 3. When we're logged in (1B, 1C), is the existing account # on the logged in profile or another? # 4. If gmail account, is it an enterprise account? session = AgentProfile.default_db context = request.context now = datetime.utcnow() velruse_profile = context.profile discussion = None slug = request.session.get('discussion', None) if not slug: discussion = discussion_from_request(request) if discussion: slug = discussion.slug if slug and not discussion: discussion = session.query(Discussion).filter_by(slug=slug).first() next_view = handle_next_view(request, True) logged_in = authenticated_userid(request) if logged_in: logged_in = User.get(logged_in) base_profile = logged_in provider = get_identity_provider(request) # find or create IDP_Accounts idp_accounts = [] new_idp_account = None velruse_accounts = velruse_profile['accounts'] old_autoflush = session.autoflush # sqla mislikes creating accounts before profiles, so delay session.autoflush = False # Search for this social account for velruse_account in velruse_accounts: if 'userid' in velruse_account: idp_accounts.extend( session.query(IdentityProviderAccount).filter_by( provider=provider, domain=velruse_account['domain'], userid=velruse_account['userid']).all()) elif 'username' in velruse_account: idp_accounts.extend( session.query(IdentityProviderAccount).filter_by( provider=provider, domain=velruse_account['domain'], username=velruse_account['username']).all()) else: log.error("account needs username or email" + velruse_account) raise HTTPServerError("account needs username or userid") trusted_emails = set() if idp_accounts: for idp_account in idp_accounts: idp_account.profile_info_json = velruse_profile if len(idp_accounts) > 1: log.warn("multiple idp_accounts:" + ','.join((a.id for a in idp_accounts)) + " for " + velruse_accounts) # We will just the last one from the loop for now. trusted_emails.update([ a.email for a in idp_accounts if a.provider.trust_emails and a.email ]) else: # Create it if not found idp_class = IdentityProviderAccount for cls in idp_class.get_subclasses(): if cls == idp_class: continue if cls.account_provider_name == provider.name: idp_class = cls break idp_account = idp_class(provider=provider, profile_info_json=velruse_profile, domain=velruse_account.get('domain'), userid=velruse_account.get('userid'), verified=True, username=velruse_account.get('username')) idp_accounts.append(idp_account) new_idp_account = base_account = idp_account session.add(idp_account) for account in idp_accounts: if account.provider.trust_emails: profile = (velruse_profile if account == new_idp_account else account.profile_info_json) email = profile.get('verifiedEmail', None) if email: if account == new_idp_account: account.email = email trusted_emails.add(email) for email in profile.get('emails', ()): if isinstance(email, dict): email = email.get('value', None) if isinstance(email, (str, unicode)) and email: trusted_emails.add(email) if account == new_idp_account and not account.email: account.email = email # else we have created an email-less account. Treat accordingly. conflicting_profiles = {a.profile for a in idp_accounts if a.profile} # Are there other accounts/profiles than the ones we know? conflicting_accounts = set() for email in trusted_emails: other_accounts = session.query(AbstractAgentAccount).filter_by( email=email) for account in other_accounts: conflicting_accounts.add(account) if account.verified or len(account.profile.accounts) == 1: conflicting_profiles.add(account.profile) # choose best known profile for base_account # prefer profiles with verified users, then users, then oldest profiles profile_list = list(conflicting_profiles) profile_list.sort(key=lambda p: (not (isinstance(p, User) and p.verified), not isinstance(p, User), p.id)) if new_idp_account and profile_list: base_profile = profile_list[0] elif not new_idp_account: # Take first appropriate. Should be the first, somehow not. for profile in profile_list: accounts = [a for a in idp_accounts if a.profile == profile] if accounts: base_account = accounts[0] break if not logged_in: base_profile = base_account.profile new_profile = None if new_idp_account: if not base_profile: # Create a new user base_profile = new_profile = User(name=velruse_profile.get( 'displayName', ''), verified=True, creation_date=now) session.add(new_profile) # Upgrade a AgentProfile if not isinstance(base_profile, User): base_profile = base_profile.change_class(User, None, verified=True) new_idp_account.profile = base_profile base_profile.last_login = now base_profile.verified = True if not base_profile.name: base_profile.name = velruse_profile.get('displayName', None) # TODO (needs parsing) # base_profile.timezone=velruse_profile['utcOffset'] # Now all accounts have a profile session.autoflush = old_autoflush session.flush() # Merge other profiles with the same (validated) email # TODO: Ask the user about doing this. conflicting_profiles.discard(base_profile) conflicting_accounts.discard(base_account) for conflicting_profile in conflicting_profiles: base_profile.merge(conflicting_profile) session.delete(conflicting_profile) # If base_profile is still an AgentProfile at this point # then it needs to be upgraded to a User if not isinstance(base_profile, User): base_profile = base_profile.change_class(User, None, verified=True, last_login=now) # Set username if not base_profile.username: username = None usernames = set((a['preferredUsername'] for a in velruse_accounts if 'preferredUsername' in a)) for u in usernames: if not session.query(Username).filter_by(username=u).count(): username = u break if username: session.add(Username(username=username, user=base_profile)) # Create AgentStatusInDiscussion if new_profile and discussion: agent_status = AgentStatusInDiscussion( agent_profile=base_profile, discussion=discussion, user_created_on_this_discussion=True) session.add(agent_status) if maybe_auto_subscribe(base_profile, discussion): next_view = "/%s/" % (slug, ) # Delete other (email) accounts if base_account.provider.trust_emails: for account in conflicting_accounts: # Merge may have been confusing session.expire(account) account = AbstractAgentAccount.get(account.id) if account.profile == base_profile: if account.email == base_account.email: if isinstance(account, EmailAccount): account.delete() if account.verified and account.preferred: base_account.preferred = True elif isinstance(account, IdentityProviderAccount): if account.provider_id == base_account.provider_id: log.error("This should have been caught earlier") account.delete() else: log.warning("Two accounts with same email," + "different provider: %d, %d" % (account.id, base_account.id)) else: # If they're verified, they should have been merged. if account.verified: log.error("account %d should not exist: " % (account.id, )) else: other_profile = account.profile account.delete() session.flush() session.expire(other_profile, ["accounts"]) if not len(other_profile.accounts): log.warning("deleting profile %d" % other_profile.id) other_profile.delete() session.expire(base_profile, ['accounts', 'email_accounts']) # create an email account for other emails. known_emails = {a.email for a in base_profile.accounts} for email in trusted_emails: if email not in known_emails: email = EmailAccount(email=email, profile=base_profile, verified=base_account.provider.trust_emails) session.add(email) session.flush() base_profile.last_login = now headers = remember(request, base_profile.id) request.response.headerlist.extend(headers) if discussion: request.session['discussion'] = discussion.slug return HTTPFound(location=next_view)