def send_sms_verification(request): country_code = request.POST.get("country_code") local_phone = request.POST.get("local_phone") test_key = request.POST.get("test_key", None) if not local_phone: return HttpResponseBadRequest("missing phone parameter") country = get_object_or_404(Country, code=country_code) phone = get_international_phone(country, local_phone) if local_phone == settings.APPLE_TESTER_PHONE_NUMBER: code = str( set_session_sms_code(request, phone, code=settings.APPLE_TESTER_VERIFICATION)) elif test_key == SELENIUM_TEST_KEY: code = str( set_session_sms_code(request, phone, code=SELENIUM_VERIFICATION_CODE)) else: code = str(set_session_sms_code(request, phone)) send_sms(local_phone, _("Verification code: %s") % code) logging.info("Sending SMS verification code: %s" % code) return HttpResponse("OK")
def validate_passenger_phone(request, local_phone, country, verification_code): """ Validate a passenger by phone and verification code. Return a response and the passenger (if exists) and save the passenger to the session. """ response = HttpResponse("OK") passenger = None intl_phone_number = get_international_phone(country, local_phone) stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY, (None, None)) if not (stored_code and stored_phone): response = HttpResponseBadRequest(_("Error validating phone (check that your browser accepts cookies)")) elif intl_phone_number != stored_phone or verification_code != int(stored_code): response = HttpResponseBadRequest(_("Invalid verification code")) else: try: passenger = Passenger.objects.get(phone=local_phone, country=country) except Passenger.DoesNotExist: pass except Passenger.MultipleObjectsReturned: msg = "Phone registered to multiple passengers: %s" % local_phone logging.error(msg) notify_by_email(msg) response = HttpResponseBadRequest(_("We're sorry but your phone appears to used by multiple users. Please contact [email protected] to resolve this issue.")) request.session[CURRENT_PASSENGER_KEY] = passenger return response, passenger
def validate_phone(request): local_phone = request.POST.get('local_phone') verification_code = int(request.POST.get('verification_code', -1)) country = get_object_or_404(Country, code=request.POST.get('country_code', "")) stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY, (None, None)) intl_phone_number = get_international_phone(country, local_phone) if not (stored_code and stored_phone): return HttpResponseBadRequest( _("Error validating phone (check that your browser accepts cookies)" )) if intl_phone_number != stored_phone or verification_code != int( stored_code): return HttpResponseBadRequest(_("Invalid verification code")) # there is a user if request.user.is_authenticated(): #TODO_WB: check if user already has a passenger try: # has a passenger? update phone passenger = Passenger.objects.get(user=request.user) passenger.phone = local_phone passenger.phone_verified = True passenger.save() return HttpResponse(local_phone) except Passenger.DoesNotExist: # create passenger passenger = create_passenger(None, country, local_phone) passenger.user = request.user passenger.save() # no user, get a passenger else: try: passenger = Passenger.objects.filter(country=country).filter( phone=local_phone).get() except Passenger.DoesNotExist: passenger = create_passenger(None, country, local_phone) except Passenger.MultipleObjectsReturned: return HttpResponseBadRequest( _("Phone has multiple passengers" )) # shouldn't happen to real passengers (only staff) request.session[CURRENT_PASSENGER_KEY] = passenger # reset login token after validation # TODO_WB: check if login_token exists # TODO_WB: add phone number to salt the token passenger.login_token = hashlib.sha1( generate_random_token(length=40)).hexdigest() passenger.save() return JSONResponse({PASSENGER_TOKEN: passenger.login_token})
def validate_phone(request): local_phone = request.POST.get("local_phone") verification_code = int(request.POST.get("verification_code", -1)) country = get_object_or_404(Country, code=request.POST.get("country_code", "")) stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY, (None, None)) intl_phone_number = get_international_phone(country, local_phone) if not (stored_code and stored_phone): return HttpResponseBadRequest(_("Error validating phone (check that your browser accepts cookies)")) if intl_phone_number != stored_phone or verification_code != int(stored_code): return HttpResponseBadRequest(_("Invalid verification code")) # there is a user if request.user.is_authenticated(): # TODO_WB: check if user already has a passenger try: # has a passenger? update phone passenger = Passenger.objects.get(user=request.user) passenger.phone = local_phone passenger.phone_verified = True passenger.save() return HttpResponse(local_phone) except Passenger.DoesNotExist: # create passenger passenger = create_passenger(None, country, local_phone) passenger.user = request.user passenger.save() # no user, get a passenger else: try: passenger = Passenger.objects.filter(country=country).filter(phone=local_phone).get() except Passenger.DoesNotExist: passenger = create_passenger(None, country, local_phone) except Passenger.MultipleObjectsReturned: return HttpResponseBadRequest( _("Phone has multiple passengers") ) # shouldn't happen to real passengers (only staff) request.session[CURRENT_PASSENGER_KEY] = passenger # reset login token after validation # TODO_WB: check if login_token exists # TODO_WB: add phone number to salt the token passenger.login_token = hashlib.sha1(generate_random_token(length=40)).hexdigest() passenger.save() return JSONResponse({PASSENGER_TOKEN: passenger.login_token})
def send_sms_verification(request): country_code = request.POST.get("country_code") local_phone = request.POST.get("local_phone") test_key = request.POST.get("test_key", None) if not local_phone: return HttpResponseBadRequest("missing phone parameter") country = get_object_or_404(Country, code=country_code) phone = get_international_phone(country, local_phone) if local_phone == settings.APPLE_TESTER_PHONE_NUMBER: code = str(set_session_sms_code(request, phone, code=settings.APPLE_TESTER_VERIFICATION)) elif test_key == SELENIUM_TEST_KEY: code = str(set_session_sms_code(request, phone, code=SELENIUM_VERIFICATION_CODE)) else: code = str(set_session_sms_code(request, phone)) send_sms(local_phone, _("Verification code: %s") % code) logging.info("Sending SMS verification code: %s" % code) return HttpResponse("OK")
def validate_passenger_phone(request, local_phone, country, verification_code): """ Validate a passenger by phone and verification code. Return a response and the passenger (if exists) and save the passenger to the session. """ response = HttpResponse("OK") passenger = None intl_phone_number = get_international_phone(country, local_phone) stored_code, stored_phone = request.session.get(SESSION_VERIFICATION_KEY, (None, None)) if not (stored_code and stored_phone): response = HttpResponseBadRequest( _("Error validating phone (check that your browser accepts cookies)" )) elif intl_phone_number != stored_phone or verification_code != int( stored_code): response = HttpResponseBadRequest(_("Invalid verification code")) else: try: passenger = Passenger.objects.get(phone=local_phone, country=country) except Passenger.DoesNotExist: pass except Passenger.MultipleObjectsReturned: msg = "Phone registered to multiple passengers: %s" % local_phone logging.error(msg) notify_by_email(msg) response = HttpResponseBadRequest( _("We're sorry but your phone appears to used by multiple users. Please contact [email protected] to resolve this issue." )) request.session[CURRENT_PASSENGER_KEY] = passenger return response, passenger