def two_factor_email_sent(): if current_user.is_authenticated: return redirect_when_logged_in( user=current_user, platform_admin=current_user.platform_admin) user_id = session['user_details']['id'] # Check if a FIDO2 key exists, if yes, return template user = User.from_id(user_id) if len(user.security_keys): return render_template('views/two-factor-fido.html') def _check_code(code): return user_api_client.check_verify_code(user_id, code, "email") form = TwoFactorForm(_check_code) if form.validate_on_submit(): return log_in_user(user_id) title = _('Email re-sent') if request.args.get('email_resent') else _( 'Check your email') return render_template('views/two-factor-email.html', title=title, form=form)
def user_profile_mobile_number_confirm(): # Validate verify code for form def _check_code(cde): return user_api_client.check_verify_code(current_user.id, cde, 'sms') if NEW_MOBILE_PASSWORD_CONFIRMED not in session: return redirect(url_for('.user_profile_mobile_number')) form = TwoFactorForm(_check_code) if form.validate_on_submit(): user = user_api_client.get_user(current_user.id) # the user will have a new current_session_id set by the API - store it in the cookie for future requests session['current_session_id'] = user.current_session_id mobile_number = session[NEW_MOBILE] del session[NEW_MOBILE] del session[NEW_MOBILE_PASSWORD_CONFIRMED] user_api_client.update_user_attribute(current_user.id, mobile_number=mobile_number) return redirect(url_for('.user_profile')) return render_template( 'views/user-profile/confirm.html', form_field=form.sms_code, thing='mobile number' )
def test_check_verify_code_returns_error_when_code_was_not_found( app_, mock_check_verify_code_code_not_found, ): with app_.test_request_context(method='POST', data={'sms_code': '99999'}): form = TwoFactorForm(_check_code) assert form.validate() is False assert form.errors == {'sms_code': ['Code not found']}
def test_form_is_valid_returns_no_errors( app_, mock_check_verify_code, post_data, ): with app_.test_request_context(method="POST", data=post_data): form = TwoFactorForm(_check_code) assert form.validate() is True assert form.errors == {}
def test_check_verify_code_returns_errors( app_, post_data, expected_error, mock_check_verify_code, ): with app_.test_request_context(method='POST', data=post_data): form = TwoFactorForm(_check_code) assert form.validate() is False assert form.errors == {'sms_code': [expected_error]}
def test_form_is_valid_returns_no_errors( app_, mock_check_verify_code, post_data, ): with app_.test_request_context(method='POST', data=post_data): form = TwoFactorForm(_check_code) assert form.validate() is True assert form.errors == {} mock_check_verify_code.assert_called_once_with('1', '12345', 'sms')
def test_form_is_valid_returns_no_errors(app_, mock_check_verify_code): with app_.test_request_context(method='POST', data={'sms_code': '12345'}) as req: def _check_code(code): return user_api_client.check_verify_code('1', code, "sms") form = TwoFactorForm(_check_code) assert form.validate() is True assert len(form.errors) == 0
def test_returns_errors_when_code_is_missing(app_, mock_check_verify_code): with app_.test_request_context(method='POST', data={}) as req: def _check_code(code): return user_api_client.check_verify_code('1', code, "sms") form = TwoFactorForm(_check_code) assert form.validate() is False assert len(form.errors) == 1 assert set(form.errors) == set( {'sms_code': ['Code must not be empty']})
def two_factor(): user_id = session['user_details']['id'] def _check_code(code): return user_api_client.check_verify_code(user_id, code, "sms") form = TwoFactorForm(_check_code) if form.validate_on_submit(): return log_in_user(user_id) return render_template('views/two-factor.html', form=form)
def test_returns_errors_when_code_is_too_short(app_, mock_check_verify_code): with app_.test_request_context(method='POST', data={'sms_code': '145'}) as req: def _check_code(code): return user_api_client.check_verify_code('1', code, "sms") form = TwoFactorForm(_check_code) assert form.validate() is False assert len(form.errors) == 1 assert set(form.errors) == set( {'sms_code': ['Code must be 5 digits', 'Code does not match']})
def test_returns_errors_when_code_is_too_short( app_, mocker, mock, post_data, expected_error, ): mock(mocker) with app_.test_request_context(method="POST", data=post_data): form = TwoFactorForm(_check_code) assert form.validate() is False assert form.errors == {"two_factor_code": [expected_error]}
def test_should_return_errors_when_code_is_expired( app_, mock_check_verify_code_code_expired): with app_.test_request_context(method='POST', data={'sms_code': '23456'}) as req: def _check_code(code): return user_api_client.check_verify_code('1', code, "sms") form = TwoFactorForm(_check_code) assert form.validate() is False errors = form.errors assert len(errors) == 1 assert errors == {'sms_code': ['Code has expired']}
def test_returns_errors_when_code_contains_letters( app_, mock_check_verify_code, ): with app_.test_request_context(method='POST', data={'sms_code': 'asdfg'}): def _check_code(code): return user_api_client.check_verify_code('1', code, "sms") form = TwoFactorForm(_check_code) assert form.validate() is False assert len(form.errors) == 1 assert set(form.errors) == set( {'sms_code': ['Code not found', 'Code does not match']})
def verify(): user_id = session['user_details']['id'] def _check_code(code): return user_api_client.check_verify_code(user_id, code, 'sms') form = TwoFactorForm(_check_code) if form.validate_on_submit(): try: return activate_user(user_id) finally: session.pop('user_details', None) return render_template('views/two-factor.html', form=form)
def verify(): user_id = session["user_details"]["id"] def _check_code(code): return user_api_client.check_verify_code(user_id, code, "sms") form = TwoFactorForm(_check_code) if form.validate_on_submit(): try: return activate_user(user_id) finally: session.pop("user_details", None) return render_template("views/two-factor-sms.html", form=form)
def two_factor(): user_id = session['user_details']['id'] user = User.from_id(user_id) def _check_code(code): return user_api_client.check_verify_code(user_id, code, "sms") form = TwoFactorForm(_check_code) if form.validate_on_submit(): if is_less_than_90_days_ago(user.email_access_validated_at): return log_in_user(user_id) else: user_api_client.send_verify_code(user.id, 'email', None, request.args.get('next')) return redirect(url_for('.revalidate_email_sent')) return render_template('views/two-factor.html', form=form)
def verify(): user_id = session['user_details']['id'] def _check_code(code): return user_api_client.check_verify_code(user_id, code, 'sms') form = TwoFactorForm(_check_code) if form.validate_on_submit(): try: user = user_api_client.get_user(user_id) activated_user = user_api_client.activate_user(user) login_user(activated_user) return redirect(url_for('main.add_service', first='first')) finally: session.pop('user_details', None) return render_template('views/two-factor.html', form=form)
def two_factor_sms_sent(): if current_user.is_authenticated: return redirect_when_logged_in(user=current_user, platform_admin=current_user.platform_admin) user_id = session["user_details"]["id"] # Check if a FIDO2 key exists, if yes, return template user = User.from_id(user_id) if len(user.security_keys): return render_template("views/two-factor-fido.html") def _check_code(code): return user_api_client.check_verify_code(user_id, code, "sms") form = TwoFactorForm(_check_code) if form.validate_on_submit(): return log_in_user(user_id) return render_template("views/two-factor-sms.html", form=form)
def user_profile_mobile_number_confirm(): # Validate verify code for form def _check_code(cde): return user_api_client.check_verify_code(current_user.id, cde, 'sms') if NEW_MOBILE_PASSWORD_CONFIRMED not in session: return redirect(url_for('.user_profile_mobile_number')) form = TwoFactorForm(_check_code) if form.validate_on_submit(): current_user.refresh_session_id() mobile_number = session[NEW_MOBILE] del session[NEW_MOBILE] del session[NEW_MOBILE_PASSWORD_CONFIRMED] current_user.update(mobile_number=mobile_number) return redirect(url_for('.user_profile')) return render_template('views/user-profile/confirm.html', form_field=form.sms_code, thing='mobile number')
def two_factor(): user_id = session['user_details']['id'] def _check_code(code): return user_api_client.check_verify_code(user_id, code, "sms") form = TwoFactorForm(_check_code) if form.validate_on_submit(): try: user = user_api_client.get_user(user_id) services = service_api_client.get_services({ 'user_id': str(user_id) }).get('data', []) # Check if coming from new password page if 'password' in session['user_details']: user.set_password(session['user_details']['password']) user.reset_failed_login_count() user_api_client.update_user(user) activated_user = user_api_client.activate_user(user) login_user(activated_user, remember=True) finally: del session['user_details'] next_url = request.args.get('next') if next_url and _is_safe_redirect_url(next_url): return redirect(next_url) if current_user.platform_admin: return redirect(url_for('main.show_all_services')) if len(services) == 1: return redirect( url_for('main.service_dashboard', service_id=services[0]['id'])) else: return redirect(url_for('main.choose_service')) return render_template('views/two-factor.html', form=form)