def send_sms_verification(request):
country_code = request.POST.get("country_code")
local_phone = request.POST.get("local_phone")
test_key = request.POST.get("test_key", None)
if not local_phone:
return HttpResponseBadRequest("missing phone parameter")
country = get_object_or_404(Country, code=country_code)
phone = get_international_phone(country, local_phone)
if local_phone == settings.APPLE_TESTER_PHONE_NUMBER:
code = str(
set_session_sms_code(request,
phone,
code=settings.APPLE_TESTER_VERIFICATION))
elif test_key == SELENIUM_TEST_KEY:
code = str(
set_session_sms_code(request,
phone,
code=SELENIUM_VERIFICATION_CODE))
else:
code = str(set_session_sms_code(request, phone))
send_sms(local_phone, _("Verification code: %s") % code)
logging.info("Sending SMS verification code: %s" % code)
return HttpResponse("OK")
def validate_passenger_phone(request, local_phone, country, verification_code):
"""
Validate a passenger by phone and verification code.
Return a response and the passenger (if exists) and save the passenger to the session.
"""
response = HttpResponse("OK")
passenger = None
intl_phone_number = get_international_phone(country, local_phone)
stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY, (None, None))
if not (stored_code and stored_phone):
response = HttpResponseBadRequest(_("Error validating phone (check that your browser accepts cookies)"))
elif intl_phone_number != stored_phone or verification_code != int(stored_code):
response = HttpResponseBadRequest(_("Invalid verification code"))
else:
try:
passenger = Passenger.objects.get(phone=local_phone, country=country)
except Passenger.DoesNotExist:
pass
except Passenger.MultipleObjectsReturned:
msg = "Phone registered to multiple passengers: %s" % local_phone
logging.error(msg)
notify_by_email(msg)
response = HttpResponseBadRequest(_("We're sorry but your phone appears to used by multiple users. Please contact [email protected] to resolve this issue."))
request.session[CURRENT_PASSENGER_KEY] = passenger
return response, passenger
def validate_phone(request):
local_phone = request.POST.get('local_phone')
verification_code = int(request.POST.get('verification_code', -1))
country = get_object_or_404(Country,
code=request.POST.get('country_code', ""))
stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY,
(None, None))
intl_phone_number = get_international_phone(country, local_phone)
if not (stored_code and stored_phone):
return HttpResponseBadRequest(
_("Error validating phone (check that your browser accepts cookies)"
))
if intl_phone_number != stored_phone or verification_code != int(
stored_code):
return HttpResponseBadRequest(_("Invalid verification code"))
# there is a user
if request.user.is_authenticated():
#TODO_WB: check if user already has a passenger
try:
# has a passenger? update phone
passenger = Passenger.objects.get(user=request.user)
passenger.phone = local_phone
passenger.phone_verified = True
passenger.save()
return HttpResponse(local_phone)
except Passenger.DoesNotExist:
# create passenger
passenger = create_passenger(None, country, local_phone)
passenger.user = request.user
passenger.save()
# no user, get a passenger
else:
try:
passenger = Passenger.objects.filter(country=country).filter(
phone=local_phone).get()
except Passenger.DoesNotExist:
passenger = create_passenger(None, country, local_phone)
except Passenger.MultipleObjectsReturned:
return HttpResponseBadRequest(
_("Phone has multiple passengers"
)) # shouldn't happen to real passengers (only staff)
request.session[CURRENT_PASSENGER_KEY] = passenger
# reset login token after validation
# TODO_WB: check if login_token exists
# TODO_WB: add phone number to salt the token
passenger.login_token = hashlib.sha1(
generate_random_token(length=40)).hexdigest()
passenger.save()
return JSONResponse({PASSENGER_TOKEN: passenger.login_token})
def validate_phone(request):
local_phone = request.POST.get("local_phone")
verification_code = int(request.POST.get("verification_code", -1))
country = get_object_or_404(Country, code=request.POST.get("country_code", ""))
stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY, (None, None))
intl_phone_number = get_international_phone(country, local_phone)
if not (stored_code and stored_phone):
return HttpResponseBadRequest(_("Error validating phone (check that your browser accepts cookies)"))
if intl_phone_number != stored_phone or verification_code != int(stored_code):
return HttpResponseBadRequest(_("Invalid verification code"))
# there is a user
if request.user.is_authenticated():
# TODO_WB: check if user already has a passenger
try:
# has a passenger? update phone
passenger = Passenger.objects.get(user=request.user)
passenger.phone = local_phone
passenger.phone_verified = True
passenger.save()
return HttpResponse(local_phone)
except Passenger.DoesNotExist:
# create passenger
passenger = create_passenger(None, country, local_phone)
passenger.user = request.user
passenger.save()
# no user, get a passenger
else:
try:
passenger = Passenger.objects.filter(country=country).filter(phone=local_phone).get()
except Passenger.DoesNotExist:
passenger = create_passenger(None, country, local_phone)
except Passenger.MultipleObjectsReturned:
return HttpResponseBadRequest(
_("Phone has multiple passengers")
) # shouldn't happen to real passengers (only staff)
request.session[CURRENT_PASSENGER_KEY] = passenger
# reset login token after validation
# TODO_WB: check if login_token exists
# TODO_WB: add phone number to salt the token
passenger.login_token = hashlib.sha1(generate_random_token(length=40)).hexdigest()
passenger.save()
return JSONResponse({PASSENGER_TOKEN: passenger.login_token})
def send_sms_verification(request):
country_code = request.POST.get("country_code")
local_phone = request.POST.get("local_phone")
test_key = request.POST.get("test_key", None)
if not local_phone:
return HttpResponseBadRequest("missing phone parameter")
country = get_object_or_404(Country, code=country_code)
phone = get_international_phone(country, local_phone)
if local_phone == settings.APPLE_TESTER_PHONE_NUMBER:
code = str(set_session_sms_code(request, phone, code=settings.APPLE_TESTER_VERIFICATION))
elif test_key == SELENIUM_TEST_KEY:
code = str(set_session_sms_code(request, phone, code=SELENIUM_VERIFICATION_CODE))
else:
code = str(set_session_sms_code(request, phone))
send_sms(local_phone, _("Verification code: %s") % code)
logging.info("Sending SMS verification code: %s" % code)
return HttpResponse("OK")
def validate_passenger_phone(request, local_phone, country, verification_code):
"""
Validate a passenger by phone and verification code.
Return a response and the passenger (if exists) and save the passenger to the session.
"""
response = HttpResponse("OK")
passenger = None
intl_phone_number = get_international_phone(country, local_phone)
stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY,
(None, None))
if not (stored_code and stored_phone):
response = HttpResponseBadRequest(
_("Error validating phone (check that your browser accepts cookies)"
))
elif intl_phone_number != stored_phone or verification_code != int(
stored_code):
response = HttpResponseBadRequest(_("Invalid verification code"))
else:
try:
passenger = Passenger.objects.get(phone=local_phone,
country=country)
except Passenger.DoesNotExist:
pass
except Passenger.MultipleObjectsReturned:
msg = "Phone registered to multiple passengers: %s" % local_phone
logging.error(msg)
notify_by_email(msg)
response = HttpResponseBadRequest(
_("We're sorry but your phone appears to used by multiple users. Please contact [email protected] to resolve this issue."
))
request.session[CURRENT_PASSENGER_KEY] = passenger
return response, passenger
