def invite_user(): """Invites a new user to create an account and set their own password.""" form = InviteUserForm() if form.validate_on_submit(): user = User( role=form.role.data, first_name=form.first_name.data, last_name=form.last_name.data, email=form.email.data) user.save() token = user.generate_confirmation_token() invite_link = url_for( 'account.join_from_invite', user_id=user.id, token=token, _external=True) send_email.queue( recipient=user.email, subject='You Are Invited To Join', template='account/email/invite', user=user, invite_link=invite_link, ) flash('User {} successfully invited'.format(user.full_name()), 'form-success') return render_template('admin/new_user.html', form=form)
def validate_email(self, field): user = User.objects(email=field.data).first() if not user: return True if user.confirmed: raise ValidationError('Email already registered.') else: # user is invited but not confirmed from app.jobs.send_email import send_email token = user.generate_confirmation_token() invite_link = url_for( 'account.join_from_invite', user_id=user.id, token=token, _external=True) send_email.queue( recipient=user.email, subject='You Are Invited To Join', template='account/email/invite', user=user, invite_link=invite_link, ) raise ValidationError( 'Email is not confirmed, verification will resend to user.')
def confirm_request(): """Respond to new user's request to confirm their account.""" token = current_user.generate_confirmation_token() confirm_link = url_for('account.confirm', token=token, _external=True) send_email.queue( recipient=current_user.email, subject='Confirm Your Account', template='account/email/confirm', # current_user is a LocalProxy, we want the underlying user object user=current_user._get_current_object(), confirm_link=confirm_link) flash( 'A new confirmation link has been sent to {}.'.format( current_user.email), 'warning') return redirect(url_for('main.index'))
def register(): """Register a new user, and send them a confirmation email.""" form = RegistrationForm() if form.validate_on_submit(): user = User(first_name=form.first_name.data, last_name=form.last_name.data, email=form.email.data, password=form.password.data) user.save() token = user.generate_confirmation_token() confirm_link = url_for('account.confirm', token=token, _external=True) send_email.queue(recipient=user.email, subject='Confirm Your Account', template='account/email/confirm', user=user, confirm_link=confirm_link) flash(f'A confirmation link has been sent to {user.email}.', 'warning') return redirect(url_for('main.index')) return render_template('account/register.html', form=form)
def join_from_invite(user_id, token): """ Confirm new user's account with provided token and prompt them to set a password. """ if current_user is not None and current_user.is_authenticated: flash('You are already logged in.', 'error') return redirect(url_for('main.index')) new_user = User.objects.get_or_404(id=user_id) if new_user.password is not None: flash('You have already joined.', 'error') return redirect(url_for('main.index')) if new_user.confirm_account(token): form = CreatePasswordForm() if form.validate_on_submit(): new_user.password = form.password.data new_user.save() flash( 'Your password has been set. After you log in, you can ' 'go to the "Your Account" page to review your account ' 'information and settings.', 'success') return redirect(url_for('account.login')) return render_template('account/join_invite.html', form=form) else: flash( 'The confirmation link is invalid or has expired. Another ' 'invite email with a new link has been sent to you.', 'error') token = new_user.generate_confirmation_token() invite_link = url_for('account.join_from_invite', user_id=user_id, token=token, _external=True) send_email.queue(recipient=new_user.email, subject='You Are Invited To Join', template='account/email/invite', user=new_user, invite_link=invite_link) return redirect(url_for('main.index'))
def reset_password_request(): """Respond to existing user's request to reset their password.""" if current_user.is_anonymous: return redirect(url_for('main.index')) form = RequestResetPasswordForm() if form.validate_on_submit(): user = User.objects(email=form.email.data).first() if user: token = user.generate_password_reset_token() reset_link = url_for('account.reset_password', token=token, _external=True) send_email.queue(recipient=user.email, subject='Reset Your Password', template='account/email/reset_password', user=user, reset_link=reset_link, next=request.args.get('next')) flash( 'A password reset link has been sent to {}.'.format( form.email.data), 'warning') return redirect(url_for('account.login')) return render_template('account/reset_password.html', form=form)
def change_email_request(): """Respond to existing user's request to change their email.""" form = ChangeEmailForm() if form.validate_on_submit(): if current_user.verify_password(form.password.data): new_email = form.email.data token = current_user.generate_email_change_token(new_email) change_email_link = url_for('account.change_email', token=token, _external=True) send_email.queue( recipient=new_email, subject='Confirm Your New Email', template='account/email/change_email', # current_user is a LocalProxy, we want the underlying user # object user=current_user._get_current_object(), change_email_link=change_email_link) flash(f'A confirmation link has been sent to {new_email}.', 'warning') return redirect(url_for('main.index')) else: flash('Invalid email or password.', 'form-error') return render_template('account/manage.html', form=form)