def handle(self, *args, **options):
data = requests.get(settings.OLD_SYSTEM + '/users')
users = data.json()
create_list = []
staff_group = Group.objects.filter(name='staff').first()
for user in users:
if user['user_group_id'] <= 6 and user['phone_number']:
# Find current
phone_number = format_phone(user['phone_number'])
if not User.objects.filter(phone_number=phone_number).count():
user = User.objects.create(
id=uuid.uuid4(),
name=user['name'],
id_number=user['id_number'],
id_issue_date=user['id_issue_date'],
id_issue_place=user['id_issue_place'],
phone_number=format_phone(user['phone_number']),
phone_number_2=user['phone_number_2'],
address=user['address'],
display_name=user['display_name'],
is_staff=True,
is_active=True,
old_system_id=user['id'],
)
user.groups.add(staff_group)
def step_three():
user = flask.ext.security.current_user
if user.has_role('admin'):
return flask.redirect(flask.url_for('admin.index'))
if not user.is_anonymous():
return flask.redirect(flask.url_for('manage.contact'))
if not flask.session.get('actions'):
return flask.redirect(flask.url_for('.step_one'))
if not flask.session.get('timezone'):
return flask.redirect(flask.url_for('.step_two'))
form = forms.ContactForm()
previous = False
if form.validate_on_submit():
query = models.User.query
phone = utils.format_phone(form.data)
if phone and query.filter_by(phone=phone).first():
previous = True
if form.data['email'] and not previous:
if query.filter_by(email=form.data['email']).first():
previous = True
if previous and not main.app.debug:
message = '''Hrm. Are you sure you haven't been here before?'''
flask.flash(message, 'error')
return flask.redirect(flask.url_for('login'))
flask.session.update(form.data)
return flask.redirect(flask.url_for('.confirm'))
for key in (x for x in flask.session if hasattr(form, x)):
getattr(form, key).data = flask.session[key]
return flask.render_template('step_three.html', form=form,
back=flask.url_for('.step_two'))
def contact():
user = flask.ext.security.current_user
if user.has_role('admin'):
return flask.redirect(flask.url_for('admin.index'))
form = forms.ContactForm()
if form.validate_on_submit():
redirect = '.contact'
email = form.email.data
if user.email != email:
user.email = email
if user.email:
confirmable = flask.ext.security.confirmable
link = confirmable.generate_confirmation_link(user)[0]
flask.flash('Email confirmation instructions have been sent.')
subject = 'Welcome to Love Touches!'
flask.ext.security.utils.send_mail(subject, user.email,
'welcome', user=user,
confirmation_link=link)
phone = utils.format_phone(form.data)
if user.phone != phone:
user.phone = phone
if user.phone:
utils.send_code(user)
flask.session['_user_id'] = user.id
redirect = 'verify_phone'
models.db.session.add(user)
models.db.session.commit()
flask.flash('Contact information updated', 'success')
return flask.redirect(flask.url_for(redirect))
if user.phone:
country_code, phone = user.phone[1:].split(' ', 1)
form.country_code.data = country_code
form.phone.data = phone
form.email.data = user.email
return flask.render_template('contact.html', form=form)
def contact():
user = flask_security.current_user
if user.has_role("admin"):
return flask.redirect(flask.url_for("admin.index"))
form = forms.ContactForm()
if form.validate_on_submit():
redirect = ".contact"
email = form.email.data
if user.email != email:
user.email = email
if user.email:
confirmable = flask_security.confirmable
link = confirmable.generate_confirmation_link(user)[0]
flask.flash("Email confirmation instructions have been sent.")
subject = "Welcome to Love Touches!"
flask_security.utils.send_mail(
subject, user.email, "welcome", user=user, confirmation_link=link
)
phone = utils.format_phone(form.data)
if user.phone != phone:
user.phone = phone
if user.phone:
utils.send_code(user)
flask.session["_user_id"] = user.id
redirect = "verify_phone"
models.db.session.add(user)
models.db.session.commit()
flask.flash("Contact information updated", "success")
return flask.redirect(flask.url_for(redirect))
if user.phone:
country_code, phone = user.phone[1:].split(" ", 1)
form.country_code.data = country_code
form.phone.data = phone
form.email.data = user.email
return flask.render_template("contact.html", form=form)
def step_three():
user = flask_security.current_user
if user.has_role("admin"):
return flask.redirect(flask.url_for("admin.index"))
if not user.is_anonymous:
return flask.redirect(flask.url_for("manage.contact"))
if not flask.session.get("actions"):
return flask.redirect(flask.url_for(".step_one"))
if not flask.session.get("timezone"):
return flask.redirect(flask.url_for(".step_two"))
form = forms.ContactForm()
previous = False
if form.validate_on_submit():
query = models.User.query
phone = utils.format_phone(form.data)
if phone and query.filter_by(phone=phone).first():
previous = True
if form.data["email"] and not previous:
if query.filter_by(email=form.data["email"]).first():
previous = True
if previous and not main.app.debug:
message = """Hrm. Are you sure you haven't been here before?"""
flask.flash(message, "error")
return flask.redirect(flask.url_for("login"))
flask.session.update(form.data)
return flask.redirect(flask.url_for(".confirm"))
for key in (x for x in flask.session if hasattr(form, x)):
getattr(form, key).data = flask.session[key]
return flask.render_template(
"step_three.html", form=form, back=flask.url_for(".step_two")
)
def no_message(sender, receiver):
if not receiver:
# No bot number, try to locate admin by sender
sender_info = database.companies.find_one({'admin.phone':sender})
if not sender_info:
sender_info = database.jobs.find_one({'phone':sender})
if not sender_info:
#No bot, no admin. no user. log it
return
admin = database.companies.find_one({'_id':sender_info.get('company_id', None)})
if not admin:
#Cannot find admin. log it
return
##NEED TO EMAIL ADMIN, SINCE THERE IS NO BOT RECEIVER TO TEXT FROM
return
admin = database.companies.find_one({'bot.phone':receiver})
if not admin:
#Could not locate company. log it
return
msg = "Empty message from " + sender
sent = send_sms.send_message(utils.format_phone(admin.get('admin', None).get('phone', None)), receiver, msg)
if not sent:
#Message was not sent Log it
return
def confirm(action=None):
if flask.ext.security.current_user.has_role('admin'):
return flask.redirect(flask.url_for('admin.index'))
if not flask.ext.security.current_user.is_anonymous():
return flask.redirect(flask.url_for('manage.actions'))
if not (flask.session.get('email') or flask.session.get('phone')):
return flask.redirect(flask.url_for('.step_one'))
if not flask.session.get('actions'):
return flask.redirect(flask.url_for('.step_two'))
phone = utils.format_phone(flask.session)
if action == 'submit':
user = None
query = models.User.query
email = flask.session.get('email', '')
if phone:
user = query.filter_by(phone=phone)
user = user.first()
if email and not user:
user = query.filter_by(email=email).first()
if not user:
user = models.User()
user.phone = phone
user.email = email
for action_id in flask.session['actions']:
action = models.Action.query.get(action_id)
user.actions.append(action)
name = flask.session.get('method_name')
if name:
method = models.Method.query.filter_by(name=name).first()
user.method = method
utils.add_schedule(user, flask.session)
user.secret = pyotp.random_base32()
models.db.session.add(user)
models.db.session.commit()
redirect = 'index'
if user.email and user.email_confirmed_at is None:
confirmable = flask.ext.security.confirmable
token = confirmable.generate_confirmation_token(user)
link = flask.url_for('.confirm_signup', token=token,
_external=True)
msg = flask.ext.security.utils.get_message('CONFIRM_REGISTRATION',
email=user.email)
flask.flash(*msg)
subject = 'Thank You for Signing Up for Love Touches!'
flask.ext.security.utils.send_mail(subject, user.email,
'signup', user=user,
confirmation_link=link)
redirect = 'index'
if user.phone and user.phone_confirmed_at is None:
utils.send_code(user)
flask.session['_user_id'] = user.id
redirect = 'confirm_mobile'
for key in (x for x in flask.session.keys() if not x.startswith('_')):
del flask.session[key]
return flask.redirect(flask.url_for(redirect))
actions = [models.Action.query.get(x) for x in flask.session['actions']]
return flask.render_template('confirm.html', actions=actions, phone=phone,
days_label=_days_label())
def confirm(action=None):
if flask_security.current_user.has_role("admin"):
return flask.redirect(flask.url_for("admin.index"))
if not flask_security.current_user.is_anonymous:
return flask.redirect(flask.url_for("manage.actions"))
if not (flask.session.get("email") or flask.session.get("phone")):
return flask.redirect(flask.url_for(".step_one"))
if not flask.session.get("actions"):
return flask.redirect(flask.url_for(".step_two"))
phone = utils.format_phone(flask.session)
if action == "submit":
user = None
query = models.User.query
email = flask.session.get("email", "")
if phone:
user = query.filter_by(phone=phone)
user = user.first()
if email and not user:
user = query.filter_by(email=email).first()
if not user:
user = models.User()
user.phone = phone
user.email = email
for action_id in flask.session["actions"]:
action = models.Action.query.get(action_id)
user.actions.append(action)
name = flask.session.get("method_name")
if name:
method = models.Method.query.filter_by(name=name).first()
user.method = method
utils.add_schedule(user, flask.session)
user.secret = pyotp.random_base32()
models.db.session.add(user)
models.db.session.commit()
redirect = "index"
if user.email and user.email_confirmed_at is None:
token = flask_security.confirmable.generate_confirmation_token(user)
link = flask.url_for(".confirm_signup", token=token, _external=True)
msg = flask_security.utils.get_message(
"CONFIRM_REGISTRATION", email=user.email
)
flask.flash(*msg)
subject = "Thank You for Signing Up for Love Touches!"
flask_security.utils.send_mail(
subject, user.email, "signup", user=user, confirmation_link=link
)
redirect = "index"
if user.phone and user.phone_confirmed_at is None:
utils.send_code(user)
flask.session["_user_id"] = user.id
redirect = "confirm_mobile"
for key in (x for x in list(flask.session.keys()) if not x.startswith("_")):
del flask.session[key]
return flask.redirect(flask.url_for(redirect))
actions = [models.Action.query.get(x) for x in flask.session["actions"]]
return flask.render_template(
"confirm.html", actions=actions, phone=phone, days_label=_days_label()
)
def validate(self):
if not super(ContactForm, self).validate():
return False
if not (self.email.data or utils.format_phone(self.data)):
message = "Please provide either a mobile number or email address."
self.phone.errors.append(message)
self.email.errors.append(message)
return False
return True
def __str__(self):
"""
Visually pleasing output of a print statement
"""
output = ''
for value in self.content.values():
output += '{} {}: {}\n'.format(
value['first_name'], value['last_name'],
format_phone(value['phone']))
return output
def inbound_phone():
phone = utils.format_phone(flask.request.form)
user = models.User.query.filter_by(phone=phone).one()
if utils.unsubscribe_test(flask.request.form['Body']):
user.phone_confirmed_at = None
message = 'You will no longer receive messages from Love Touches'
utils.send_sms(phone, message)
else:
message = models.Message(message=flask.request.form['Body'])
user.messages.append(message)
models.db.session.add(user)
models.db.session.commit()
return flask.jsonify({'status': 'ok'})
def validate(self):
if not super(LoginForm, self).validate():
return False
security = flask.ext.security
email = self.email.data
phone = utils.format_phone(self.data)
password = self.password.data
if not (email or phone):
message = 'Please enter either an email address or phone number.'
self.phone.errors.append(message)
self.email.errors.append(message)
return False
if password.strip() == '' or password is None:
message = security.utils.get_message('PASSWORD_NOT_PROVIDED')[0]
self.password.errors.append(message)
return False
self.user = main.user_datastore.get_user(self.email.data)
if self.user is None and phone:
query = main.user_datastore.user_model.query
self.user = query.filter_by(phone=phone).first()
if self.user is None:
message = security.utils.get_message('USER_DOES_NOT_EXIST')[0]
if phone:
self.phone.errors.append(message)
if email:
self.email.errors.append(message)
return False
if not self.user.password:
message = security.utils.get_message('PASSWORD_NOT_SET')[0]
self.password.errors.append(message)
return False
if not security.utils.verify_and_update_password(self.password.data,
self.user):
message = security.utils.get_message('INVALID_PASSWORD')[0]
self.password.errors.append(message)
return False
if security.confirmable.requires_confirmation(self.user):
message = security.utils.get_message('CONFIRMATION_REQUIRED')[0]
if phone:
self.phone.errors.append(message)
if email:
self.email.errors.append(message)
return False
if not self.user.is_active():
message = security.utils.get_message('DISABLED_ACCOUNT')[0]
if phone:
self.phone.errors.append(message)
if email:
self.email.errors.append(message)
return False
return True
def validate(self):
url_for_security = flask_security.utils.url_for_security
if not super(ConfirmRegisterForm, self).validate():
return False
email = self.email.data
phone = utils.format_phone(self.data)
if not (email or phone):
message = "Please enter either an email address or phone number."
self.phone.errors.append(message)
self.email.errors.append(message)
return False
user = main.user_datastore.get_user(self.email.data)
if user is None and phone:
query = main.user_datastore.user_model.query
user = query.filter_by(phone=phone).first()
if user and user.password and user.confirmed_at:
login_url = flask.url_for("login")
forgot_url = url_for_security("forgot_password")
message = "You have already successfully registered. You should be"
message += ' able to <a href="{}" class="alert-link">login</a>. If'
message += "you have forgotten your password, please visit the"
message += ' <a href="{}" class="alert-link">forgotten'
message += " password</a> page."
flask.flash(message.format(login_url, forgot_url), "error")
errors = self.phone.errors if phone else self.email.errors
errors.append("Already registered")
return False
if user and email and user.password and user.confirmed_at is None:
confirm_url = url_for_security("send_confirmation")
message = "You have already registered but need to confirm your"
message += " email address. If you have deleted or did not receive"
message += ' your confirmation email, you may <a href="{}"'
message += ' class="alert-link">send a new request</a>.'
flask.flash(message.format(confirm_url), "error")
self.email.errors.append("Registration pending")
return False
if user and phone and user.password and user.confirmed_at is None:
next_url = flask_security.utils.get_post_register_redirect()
confirm_url = flask.url_for(
"confirm_mobile", action="re-send", next=next_url
)
message = "You have already registered but need to confirm your"
message += " mobile number. If you have deleted or did not receive"
message += ' your confirmation SMS, you may <a href="{}"'
message += ' class="alert-link">send a new request</a>.'
flask.flash(message.format(confirm_url), "error")
self.phone.errors.append("Registration pending")
return False
return True
def no_sender(receiver, message):
if not receiver:
#Both numbers corrupt. log it
return
if not message:
#no message and no sender. ignore and log it
return
admin = find_admin_by_bot_number(receiver)
if not admin:
#No sender and No Admin. log it
return
msg = "Message: " + message + " From unknown sender "
sent = send_sms.send_message(utils.format_phone(admin.get('admin', None).get('phone', None)), receiver, msg)
if not sent:
#ignore and log it (Enable email notifications in future)
return
def register(code=None):
"""View function which handles a registration request."""
form = forms.ConfirmRegisterForm()
if form.validate_on_submit():
phone = utils.format_phone(form.data)
user = models.User.query.filter_by(email=form.email.data).first()
if not user and phone:
user = models.User.query.filter_by(phone=phone).first()
if not user:
user = models.User(email=form.email.data, phone=phone)
user.active = True
passwd = flask_security.utils.encrypt_password(form.password.data)
user.password = passwd
models.db.session.add(user)
models.db.session.commit()
if user.phone:
utils.send_code(user)
flask.session["_user_id"] = user.id
url = flask.url_for("confirm_mobile", action="login_confirm")
return flask.redirect(url)
elif user.email:
if user.secret and code:
if code == pyotp.HOTP(user.secret).at(user.email_hotp):
if user.confirmed_at is None:
user.confirmed_at = datetime.datetime.utcnow()
models.db.session.add(user)
models.db.session.commit()
flask_security.utils.login_user(user)
return flask.redirect(flask.url_for("post_login"))
url = flask_security.utils.get_post_register_redirect()
confirmable = flask_security.confirmable
link, token = confirmable.generate_confirmation_link(user)
msg = flask_security.utils.get_message(
"CONFIRM_REGISTRATION", email=user.email
)
flask.flash(*msg)
subject = "Thank You for Registering with Love Touches!"
flask_security.utils.send_mail(
subject, user.email, "welcome", user=user, confirmation_link=link
)
return flask.redirect(url)
if flask.request.args.get("email"):
form.email.data = flask.request.args.get("email")
template = flask_security.utils.config_value("REGISTER_USER_TEMPLATE")
return flask.render_template(template, register_user_form=form)
def valid_user_email(form, field):
try:
utils.format_phone(form.data)
except phonenumbers.NumberParseException:
raise wtforms.ValidationError("Invalid mobile number.")