def setUp(self):
super(TestUserAuth, self).setUp()
self.email = '*****@*****.**'
user = UserFactory.create(email=self.email)
user.save()
AcceptedEmailDomains.create(domain='foo.com')
DepartmentFactory.create(name='New User').save()
self.department1 = DepartmentFactory.create(name='Test').save()
def city_domain_email(form, field):
'''Checks that the email is a current user or a city domain
'''
if field.data:
user = User.query.filter(User.email == field.data).first()
if user is None:
domain = re.search(DOMAINS, field.data)
if domain and AcceptedEmailDomains.valid_domain(domain.group().lstrip('@')):
raise ValidationError("That's not a valid contact!")
def validate(self):
if not super(ExtendedRegisterForm, self).validate():
return False
domain = re.search(DOMAINS, self.email.data)
domain_text = domain.group().lstrip('@')
if not all([domain, AcceptedEmailDomains.valid_domain(domain_text)]):
self.email.errors.append(
"That's not a valid email domain! You must be associated with the city."
)
return False
return True
def auth():
'''Endpoint from AJAX request for authentication from persona
'''
data = urllib.urlencode({
'assertion': request.form.get('assertion'),
'audience': current_app.config.get('BROWSERID_URL')
})
req = urllib2.Request('https://verifier.login.persona.org/verify', data)
response = json.loads(urllib2.urlopen(req).read())
if response.get('status') != 'okay':
current_app.logger.debug(
'REJECTEDUSER: User login rejected from persona. Messages: {}'.
format(response))
abort(403)
next_url = request.args.get('next', None)
email = response.get('email')
user = User.query.filter(User.email == email).first()
domain = email.split('@')[1] if len(email.split('@')) > 1 else None
if user:
login_user(user)
flash('Logged in successfully!', 'alert-success')
current_app.logger.debug(
'LOGIN: User {} logged in successfully'.format(user.email))
return next_url if next_url else '/'
elif AcceptedEmailDomains.valid_domain(domain):
user = User.create(
email=email,
role=Role.query.filter(Role.name == 'staff').first(),
department=Department.query.filter(
Department.name == 'New User').first())
login_user(user)
current_app.logger.debug(
'NEWUSER: New User {} successfully created'.format(user.email))
return '/users/profile'
else:
current_app.logger.debug(
'NOTINDB: User {} not in DB -- aborting!'.format(email))
abort(403)
def auth():
'''Endpoint from AJAX request for authentication from persona
'''
data = urllib.urlencode({
'assertion': request.form.get('assertion'),
'audience': current_app.config.get('BROWSERID_URL')
})
req = urllib2.Request('https://verifier.login.persona.org/verify', data)
response = json.loads(urllib2.urlopen(req).read())
if response.get('status') != 'okay':
current_app.logger.debug('REJECTEDUSER: User login rejected from persona. Messages: {}'.format(response))
abort(403)
next_url = request.args.get('next', None)
email = response.get('email')
user = User.query.filter(User.email == email).first()
domain = email.split('@')[1] if len(email.split('@')) > 1 else None
if user:
login_user(user)
flash('Logged in successfully!', 'alert-success')
current_app.logger.debug('LOGIN: User {} logged in successfully'.format(user.email))
return next_url if next_url else '/'
elif AcceptedEmailDomains.valid_domain(domain):
user = User.create(
email=email,
role=Role.query.filter(Role.name == 'staff').first(),
department=Department.query.filter(Department.name == 'New User').first()
)
login_user(user)
current_app.logger.debug('NEWUSER: New User {} successfully created'.format(user.email))
return '/users/profile'
else:
current_app.logger.debug('NOTINDB: User {} not in DB -- aborting!'.format(email))
abort(403)
