def waiting_for_results(session_id):
search_result = None
if not session.get('timeout_threshold'):
session['timeout_threshold'] = int(time.time()) + int(app.config["PDS_REQUEST_TIMEOUT"])
elif int(session.get('timeout_threshold')) <= int(time.time()):
search_result = constants.PDS_REQUEST_TIMEOUT
if not search_result:
search_result = check_status_of_pds_search_result(session_id)
result_redirects = {
'success': ("verification.verification_option", False),
'invalid_user': ("verification.lookup_failure_error", True),
'insufficient_data': ('verification.contact_details_not_found', False),
'age_restriction_error': ('verification.age_restriction_error', False),
constants.PDS_REQUEST_TIMEOUT: ('main.generic_error', False)
}
if search_result in result_redirects:
redirect_controller, clean_state_model = result_redirects[search_result]
if clean_state_model and not utils.clean_state_model():
return redirect_to_route('main.generic_error')
session.pop('timeout_threshold', None)
return redirect_to_route(redirect_controller)
return render_template(
"waiting-for-results.html",
waiting_message=constants.PDS_SEARCH_WAITING_MESSAGE,
routes=routes
)
def verification_option(session_id):
user_details = UserDetails()
form = VerificationOption(user_details=user_details)
if form.validate_on_submit():
# below 2 lines can be removed when session cleaning
# will be implemented
session['is_resent'] = False
session['is_resent_max_reached'] = False
request_code_ret = request_code_by_pds(session_id, otp_delivery_type=str(form.radio.data).lower())
if request_code_ret == constants.OTP_REQUEST_SUCCESS:
session['selected_option'] = form.radio.data
return redirect_to_route('verification.enter_your_code')
elif request_code_ret == constants.OTP_REQUEST_MAX_RETRIES:
# it is reached when we already exceeded /resend_code limit and
# we try to use /requestcode afterwards. Then API returns
# 'max_count_exceeded' the content of the response
app.logger.warning("max retries reached")
return redirect_to_route('verification.resend_code_error')
elif form.errors:
app.logger.info("submission contains errors", {'errors': json.dumps(form.errors)})
return render_template(
'verification-option.html',
user_details=user_details,
form=form,
routes=routes
)
def enter_your_code(session_id):
form = CodeForm()
is_reenter_code = False
def get_text_of_selected_option(sess):
selected_option = sess.get('selected_option')
user_details = UserDetails()
if selected_option == 'SMS':
return f'text to {user_details.sms}'
elif selected_option == 'Email':
return f'email to {user_details.email}'
else:
#we shouldn't be here
app.logger.error("unknown option selected")
return ''
def generate_template(form_local, sess, is_reenter):
return {
'template_name_or_list': 'enter-your-code.html',
'form': form_local,
'is_resent': sess.get('is_resent'), # set in /resendcode
'is_resent_max_reached': sess.get('is_resent_max_reached'),
'selected_option': get_text_of_selected_option(sess), # set in /verification_option
'is_reenter_code': is_reenter,
'routes': routes,
}
if not form.validate_on_submit() or not form.validate():
if form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
return render_template(**generate_template(form, session, is_reenter_code))
verification_result = is_otp_verified_by_pds(session_id, form.enterOtpInput.data)
if verification_result == constants.CORRECT_OTP:
return redirect_to_route('yourdetails.set_your_preference')
if verification_result == constants.INCORRECT_OTP_MAX_RETRIES:
app.logger.info("max otp retries reached")
return redirect_to_route('verification.incorrect_code_error')
if verification_result == constants.INCORRECT_OTP:
app.logger.info("incorrect otp")
form.add_incorrect_otp_error()
is_reenter_code = True
flash(form.errors)
return render_template(**generate_template(form, session, is_reenter_code))
if verification_result == constants.CORRECT_OTP_EXPIRED:
return redirect_to_route('verification.expired_code_error')
return redirect_to_route('main.generic_error')
def set_your_preference(session_id):
form = ChoiceOption()
is_timeout = None
if form.validate_on_submit():
session['opted_out'] = 'inactive' if form.radio.data == 'Yes' else 'active'
session['preference'] = 'optedOut' if form.radio.data == 'Yes' else 'optedIn'
session.pop('timeout_threshold', None)
user_details = UserDetails()
result = set_preference(user_details, session_id)
if result is True:
return redirect_to_route('yourdetails.review_your_choice')
return redirect_to_route('yourdetails.set_preference_error')
else:
if form.errors:
flash(form.errors)
if not session.get('timeout_threshold'):
session['timeout_threshold'] = int(time.time()) + int(app.config["PDS_REQUEST_TIMEOUT"])
elif int(session.get('timeout_threshold')) <= int(time.time()):
is_timeout = constants.PDS_REQUEST_TIMEOUT
if is_timeout:
session.pop('timeout_threshold', None)
return redirect_to_route('yourdetails.set_preference_error')
if session.get('pds_opted_out') not in ('active', 'inactive', constants.GET_PREFERENCE_EMPTY):
session['pds_opted_out'] = get_current_preference(session_id)
if session.get('pds_opted_out') == constants.GET_PREFERENCE_INCOMPLETE:
return render_template(
'waiting-for-results.html',
waiting_message=constants.PDS_SEARCH_WAITING_MESSAGE
)
if session.get('pds_opted_out') == constants.GET_PREFERENCE_FAILURE:
session.pop('timeout_threshold', None)
return redirect_to_route('yourdetails.set_preference_error')
if session.get('pds_opted_out') in ('active', 'inactive'):
form.radio.data = 'Yes' if session.get('pds_opted_out') == 'inactive' else 'No'
session.pop('timeout_threshold', None)
return render_template(
'set-your-preferences.html',
form=form,
current_preference=session.get('pds_opted_out'),
routes=routes
)
def resend_code(session_id):
result = resend_code_by_pds(session_id)
if result == constants.RESEND_CODE_MAX_EXCEEDED:
return redirect_to_route('verification.resend_code_error')
if result == constants.RESEND_CODE_SUCCESS:
session['is_resent'] = True
session['is_resent_max_reached'] = False
elif result == constants.RESEND_CODE_MAX_REACHED:
session['is_resent'] = True
session['is_resent_max_reached'] = True
return redirect_to_route('verification.enter_your_code')
def details_auth_option(session_id):
form = AuthOption()
if form.validate_on_submit():
if form.radio.data == "Yes":
return redirect_to_route("yourdetails.details_nhs_number")
return redirect_to_route("yourdetails.details_postcode")
elif form.errors:
app.logger.info("submission contains errors")
flash(form.errors)
return render_template(
"details-auth-option.html",
form=form,
routes=routes
)
def contactdetailsnotrecognised(session_id):
app.logger.info("starting controller", {'controller': "verification.contact_details_not_recognised"})
if not utils.clean_state_model():
return redirect_to_route('main.generic_error')
app.logger.info('rendering page', {'page': 'contactdetailsnotrecognised'})
return render_template('contact-details-not-recognised.html', routes=routes)
def thank_you():
if not session.get('is_successfully_stored'):
return redirect_to_route('yourdetails.choice_not_saved')
user_details = UserDetails()
session.clear()
response = make_response(render_template("thank-you.html", user_details=user_details, routes=routes))
response.set_cookie("session_id_nojs", '', max_age=0)
return response
def review_your_choice(session_id):
user_details = UserDetails()
delivery_ret = get_confirmation_delivery_details(session_id)
if not delivery_ret or delivery_ret.get('method') not in ("sms", "email"):
return redirect_to_route('main.generic_error')
if request.method == "POST":
result = confirm_preference(session_id)
if result is True:
return redirect_to_route('yourdetails.store_preference_result')
return redirect_to_route('main.generic_error')
return render_template(
"review-your-choice.html",
user_details=user_details,
confirmation_delivery_details=delivery_ret,
routes=routes
)
def store_preference_result(session_id):
if not session.get('timeout_threshold'):
session['timeout_threshold'] = int(time.time()) + int(app.config["PDS_REQUEST_TIMEOUT"])
elif int(session.get('timeout_threshold')) <= int(time.time()):
session.pop('timeout_threshold', None)
return redirect_to_route('main.generic_error')
result = get_store_preference_result(session_id)
if result == "success":
session['is_successfully_stored'] = True
session.pop('timeout_threshold', None)
return redirect_to_route('yourdetails.thank_you')
if result == "failure":
session.pop('timeout_threshold', None)
return redirect_to_route('yourdetails.choice_not_saved')
return render_template(
"waiting-for-results.html",
waiting_message=constants.PREF_WAITING_MESSAGE,
routes=routes
)
def your_details_review(session_id):
form = ReviewForm()
user_details = UserDetails()
if not session.get(FIRST_NAME) or not session.get(LAST_NAME):
return redirect_to_route("yourdetails.your_details")
if not session.get(DOB_DAY) or not session.get(DOB_MONTH) or not session.get(DOB_YEAR):
return redirect_to_route("yourdetails.details_dob")
if not session.get(NHS_NUMBER) and not session.get(POST_CODE):
return redirect_to_route("yourdetails.details_auth_option")
if form.validate_on_submit():
if session[NHS_NUMBER] and not utils.is_nhs_number_valid(session[NHS_NUMBER]):
if session.get('nhs_number_failed'):
return redirect_to_route("yourdetails.invalid_nhs_number")
else:
session['nhs_number_failed'] = True
return redirect_to_route("yourdetails.nhs_number_not_accepted")
result = do_pds_search(user_details, session_id)
if result == constants.PDS_SEARCH_SUCCESS:
session.pop('timeout_threshold', None)
return redirect_to_route("verification.waiting_for_results")
elif result == constants.PDS_RESULT_INVALID_AGE:
session.pop('timeout_threshold', None)
return redirect_to_route("verification.age_restriction_error")
else:
app.logger.warning("pds search failure")
# for PDS_REQUEST_TIMEOUT and other unknown errors
return redirect_to_route("main.generic_error")
elif form.errors:
app.logger.info("submission contains errors")
return render_template(
"your-details-review.html",
form=form,
details=user_details,
routes=routes
)
def landing_page():
if request.method == "POST":
return make_response(redirect_to_route('yourdetails.your_details'))
session.clear()
app.logger.info("session cleared")
form = LandingPageForm()
resp = make_response(
render_template("landing-page.html",
form=form,
routes=routes,
page="landing",
display_cookie_banner=request.cookies.get(
'ndop_seen_cookie_message')))
if 'ndop_seen_cookie_message' not in request.cookies:
resp.set_cookie('ndop_seen_cookie_message', 'true', max_age=2592000)
resp.set_cookie('session_id_nojs', '', max_age=0)
return resp
def handle_unexpected_error(exception):
log_safe_exception(exception)
return redirect_to_route('main.generic_error')
def index():
return redirect_to_route("main.landing_page")
