def reset(self):
token = context.form.get('token')
password = context.form.get('password')
try:
principal = ResetPasswordPrincipal.load(token)
except itsdangerous.SignatureExpired:
raise HttpBadRequest()
except itsdangerous.BadData:
raise HttpBadRequest()
client = Client.query.filter(Client.email == principal.email).one_or_none()
if client is None:
raise HttpBadRequest()
client.password = password
context.application.__authenticator__.invalidate_member(client.id)
return dict(success=True)
def __verify_fixed_phone_verification(self):
client = Client.current()
if client.evidence.fixed_phone is not None:
raise HttpConflict('Already verified.', 'already-verified')
phone = context.form.get('phone')
code = context.form.get('code')
oath = Oath(seed=settings.fixed_phone_verification.seed, derivate_seed_from=client.email)
if oath.verify(challenge=phone[1:], code=code)[0] is True:
client.evidence.fixed_phone = phone
context.application.__authenticator__.invalidate_member(client.id)
return client
raise HttpBadRequest()
def edit(self, code: str):
invitation = Invitation.ensure_code(code)
invitation.update_from_request()
if invitation.total_sits < invitation.filled_sits:
raise HttpBadRequest('Total sits should not be grater than filled sits.', 'filled-sits-grater-than-total')
return invitation
def __call__(self, *args, **kwargs):
input_collections = [context.form, context.query_string]
all_input_fields = set(chain(*input_collections))
user_rules = [v for k, v in self._rules_per_role.items() if k in context.identity.roles] \
if context.identity else []
denied_fields = self.extract_rules_odd('blacklist', user_rules)
if denied_fields:
if all_input_fields & denied_fields:
raise HttpBadRequest('These fields are denied: [%s]' % ', '.join(denied_fields))
excluded_fields = self.extract_rules_odd('exclude', user_rules)
if excluded_fields:
for collection in input_collections:
for field in set(collection) & excluded_fields:
del collection[field]
filtered_fields = self.extract_rules_odd('filter_', user_rules)
if filtered_fields:
for collection in input_collections:
for field in set(collection) - filtered_fields:
del collection[field]
whitelist_fields = self.extract_rules_odd('whitelist', user_rules)
if whitelist_fields:
if all_input_fields - whitelist_fields:
raise HttpBadRequest(
'These fields are not allowed: [%s]' % ', '.join(all_input_fields - whitelist_fields)
)
required_fields = self.extract_rules_odd('requires', user_rules)
if required_fields:
if required_fields - all_input_fields:
raise HttpBadRequest('These fields are required: [%s]' % ', '.join(required_fields - all_input_fields))
exact_fields = self.extract_rules_odd('exact', user_rules)
if exact_fields:
if exact_fields != all_input_fields:
raise HttpBadRequest('Exactly these fields are allowed: [%s]' % ', '.join(whitelist_fields))
type_pairs = self.extract_rules_pair('types', user_rules)
if type_pairs:
type_keys = set(type_pairs.keys())
for collection in input_collections:
for field in set(collection) & type_keys:
desired_type = type_pairs[field]
try:
collection[field] = desired_type(collection[field])
except ValueError:
raise HttpBadRequest('The field: %s must be %s' % (field, desired_type))
pattern_pairs = self.extract_rules_pair('pattern', user_rules)
if pattern_pairs:
pattern_keys = set(pattern_pairs.keys())
for collection in input_collections:
for field in set(collection) & pattern_keys:
desired_pattern = pattern_pairs[field]
pattern = re.compile(desired_pattern) if isinstance(desired_pattern, str) else desired_pattern
if pattern.match(collection[field]) is None:
raise HttpBadRequest(
'The field %s: %s must be matched with %s pattern' %
(field, collection[field], pattern.pattern)
)
return args, kwargs
def wrapper(*args, **kwargs):
if context.form or context.query_string:
raise HttpBadRequest('No input allowed.')
return func(*args, **kwargs)
def change_password(self, current_password, new_password):
if not self.validate_password(current_password):
raise HttpBadRequest()
self.password = new_password