def _get_verified_email(self): """Check if there is an email verification token.""" try: token = request.args['token'] except KeyError: return None, None try: return secure_serializer.loads(token, max_age=3600, salt='register-email'), False except BadSignature: return secure_serializer.loads(token, max_age=86400 * 31, salt='register-email-prevalidated'), True
def _get_verified_email(self): """Checks if there is an email verification token.""" try: token = request.args['token'] except KeyError: return None, None try: return secure_serializer.loads(token, max_age=3600, salt='register-email'), False except BadSignature: return secure_serializer.loads(token, max_age=86400 * 31, salt='register-email-prevalidated'), True
def _process(self): if self.verification_email_sent and 'token' in request.args: email = secure_serializer.loads(request.args['token'], max_age=3600, salt='link-identity-email') if email not in self.emails: raise BadData('Emails do not match') session['login_identity_info']['email_verified'] = True session.modified = True flash(_('You have successfully validated your email address and can now proceed with the login.'), 'success') return redirect(url_for('.link_account', provider=self.identity_info['provider'])) if self.must_choose_email: form = SelectEmailForm() form.email.choices = list(zip(self.emails, self.emails)) else: form = IndicoForm() if form.validate_on_submit(): if self.email_verified: return self._create_identity() elif not self.verification_email_sent: return self._send_confirmation(form.email.data if self.must_choose_email else self.emails[0]) else: flash(_('The validation email has already been sent.'), 'warning') return WPAuth.render_template('link_identity.html', identity_info=self.identity_info, user=self.user, email_sent=self.verification_email_sent, emails=' / '.join(self.emails), form=form, must_choose_email=self.must_choose_email)
def _process(self): if self.verification_email_sent and 'token' in request.args: email = secure_serializer.loads(request.args['token'], max_age=3600, salt='link-identity-email') if email not in self.emails: raise BadData('Emails do not match') session['login_identity_info']['email_verified'] = True session.modified = True flash(_('You have successfully validated your email address and can now proceed with the login.'), 'success') return redirect(url_for('.link_account', provider=self.identity_info['provider'])) if self.must_choose_email: form = SelectEmailForm() form.email.choices = zip(self.emails, self.emails) else: form = IndicoForm() if form.validate_on_submit(): if self.email_verified: return self._create_identity() elif not self.verification_email_sent: return self._send_confirmation(form.email.data if self.must_choose_email else self.emails[0]) else: flash(_('The validation email has already been sent.'), 'warning') return WPAuth.render_template('link_identity.html', identity_info=self.identity_info, user=self.user, email_sent=self.verification_email_sent, emails=' / '.join(self.emails), form=form, must_choose_email=self.must_choose_email)
def _process(self): from indico_conversion.plugin import ConversionPlugin try: payload = secure_serializer.loads(request.form['directory'], salt='pdf-conversion') except BadData: ConversionPlugin.logger.exception('Received invalid payload (%s)', request.form['directory']) return jsonify(success=False) attachment = Attachment.get(payload['attachment_id']) if not attachment or attachment.is_deleted or attachment.folder.is_deleted: ConversionPlugin.logger.info('Attachment has been deleted: %s', attachment) return jsonify(success=True) elif request.form['status'] != '1': ConversionPlugin.logger.error('Received invalid status %s for %s', request.form['status'], attachment) return jsonify(success=False) name, ext = os.path.splitext(attachment.file.filename) title = get_pdf_title(attachment) pdf_attachment = Attachment(folder=attachment.folder, user=attachment.user, title=title, description=attachment.description, type=AttachmentType.file, protection_mode=attachment.protection_mode, acl=attachment.acl) data = request.files['content'].stream.read() pdf_attachment.file = AttachmentFile(user=attachment.file.user, filename=f'{name}.pdf', content_type='application/pdf') pdf_attachment.file.save(data) db.session.add(pdf_attachment) db.session.flush() pdf_state_cache.set(str(attachment.id), 'finished', timeout=timedelta(minutes=15)) ConversionPlugin.logger.info('Added PDF attachment %s for %s', pdf_attachment, attachment) signals.attachments.attachment_created.send(pdf_attachment, user=None) return jsonify(success=True)
def _process(self): from indico_conversion.plugin import ConversionPlugin try: payload = secure_serializer.loads(request.form['directory'], salt='pdf-conversion') except BadData: ConversionPlugin.logger.exception('Received invalid payload (%s)', request.form['directory']) return jsonify(success=False) attachment = Attachment.get(payload['attachment_id']) if not attachment or attachment.is_deleted or attachment.folder.is_deleted: ConversionPlugin.logger.info('Attachment has been deleted: %s', attachment) return jsonify(success=True) elif request.form['status'] != '1': ConversionPlugin.logger.error('Received invalid status %s for %s', request.form['status'], attachment) return jsonify(success=False) name, ext = os.path.splitext(attachment.file.filename) title = get_pdf_title(attachment) pdf_attachment = Attachment(folder=attachment.folder, user=attachment.user, title=title, description=attachment.description, type=AttachmentType.file, protection_mode=attachment.protection_mode, acl=attachment.acl) # TODO: remove first case when Conversion Server is fully on new version if 'content' in request.form: # handling of legacy API data = BytesIO(base64.decodestring(request.form['content'])) else: filepdf = request.files['content'] data = filepdf.stream.read() pdf_attachment.file = AttachmentFile(user=attachment.file.user, filename='{}.pdf'.format(name), content_type='application/pdf') pdf_attachment.file.save(data) db.session.add(pdf_attachment) db.session.flush() cache.set(unicode(attachment.id), 'finished', timedelta(minutes=15)) ConversionPlugin.logger.info('Added PDF attachment %s for %s', pdf_attachment, attachment) signals.attachments.attachment_created.send(pdf_attachment, user=None) return jsonify(success=True)
def _process(self): if 'token' in request.args: identity_id = secure_serializer.loads(request.args['token'], max_age=3600, salt='reset-password') identity = Identity.get(identity_id) if not identity: raise BadData('Identity does not exist') return self._reset_password(identity) else: return self._request_token()
def _check_access(self): uuid = secure_serializer.loads(request.args['token'], salt='file-download', max_age=86400) if UUID(uuid) != self.file.uuid: raise Forbidden
def _get_verified_email(self): """Checks if there is an email verification token.""" if 'token' not in request.args: return None return secure_serializer.loads(request.args['token'], max_age=3600, salt='register-email')