示例#1
0
 def _get_verified_email(self):
     """Check if there is an email verification token."""
     try:
         token = request.args['token']
     except KeyError:
         return None, None
     try:
         return secure_serializer.loads(token, max_age=3600, salt='register-email'), False
     except BadSignature:
         return secure_serializer.loads(token, max_age=86400 * 31, salt='register-email-prevalidated'), True
示例#2
0
 def _get_verified_email(self):
     """Checks if there is an email verification token."""
     try:
         token = request.args['token']
     except KeyError:
         return None, None
     try:
         return secure_serializer.loads(token, max_age=3600, salt='register-email'), False
     except BadSignature:
         return secure_serializer.loads(token, max_age=86400 * 31, salt='register-email-prevalidated'), True
示例#3
0
    def _process(self):
        if self.verification_email_sent and 'token' in request.args:
            email = secure_serializer.loads(request.args['token'], max_age=3600, salt='link-identity-email')
            if email not in self.emails:
                raise BadData('Emails do not match')
            session['login_identity_info']['email_verified'] = True
            session.modified = True
            flash(_('You have successfully validated your email address and can now proceed with the login.'),
                  'success')
            return redirect(url_for('.link_account', provider=self.identity_info['provider']))

        if self.must_choose_email:
            form = SelectEmailForm()
            form.email.choices = list(zip(self.emails, self.emails))
        else:
            form = IndicoForm()

        if form.validate_on_submit():
            if self.email_verified:
                return self._create_identity()
            elif not self.verification_email_sent:
                return self._send_confirmation(form.email.data if self.must_choose_email else self.emails[0])
            else:
                flash(_('The validation email has already been sent.'), 'warning')

        return WPAuth.render_template('link_identity.html', identity_info=self.identity_info, user=self.user,
                                      email_sent=self.verification_email_sent, emails=' / '.join(self.emails),
                                      form=form, must_choose_email=self.must_choose_email)
示例#4
0
    def _process(self):
        if self.verification_email_sent and 'token' in request.args:
            email = secure_serializer.loads(request.args['token'], max_age=3600, salt='link-identity-email')
            if email not in self.emails:
                raise BadData('Emails do not match')
            session['login_identity_info']['email_verified'] = True
            session.modified = True
            flash(_('You have successfully validated your email address and can now proceed with the login.'),
                  'success')
            return redirect(url_for('.link_account', provider=self.identity_info['provider']))

        if self.must_choose_email:
            form = SelectEmailForm()
            form.email.choices = zip(self.emails, self.emails)
        else:
            form = IndicoForm()

        if form.validate_on_submit():
            if self.email_verified:
                return self._create_identity()
            elif not self.verification_email_sent:
                return self._send_confirmation(form.email.data if self.must_choose_email else self.emails[0])
            else:
                flash(_('The validation email has already been sent.'), 'warning')

        return WPAuth.render_template('link_identity.html', identity_info=self.identity_info, user=self.user,
                                      email_sent=self.verification_email_sent, emails=' / '.join(self.emails),
                                      form=form, must_choose_email=self.must_choose_email)
示例#5
0
 def _process(self):
     from indico_conversion.plugin import ConversionPlugin
     try:
         payload = secure_serializer.loads(request.form['directory'], salt='pdf-conversion')
     except BadData:
         ConversionPlugin.logger.exception('Received invalid payload (%s)', request.form['directory'])
         return jsonify(success=False)
     attachment = Attachment.get(payload['attachment_id'])
     if not attachment or attachment.is_deleted or attachment.folder.is_deleted:
         ConversionPlugin.logger.info('Attachment has been deleted: %s', attachment)
         return jsonify(success=True)
     elif request.form['status'] != '1':
         ConversionPlugin.logger.error('Received invalid status %s for %s', request.form['status'], attachment)
         return jsonify(success=False)
     name, ext = os.path.splitext(attachment.file.filename)
     title = get_pdf_title(attachment)
     pdf_attachment = Attachment(folder=attachment.folder, user=attachment.user, title=title,
                                 description=attachment.description, type=AttachmentType.file,
                                 protection_mode=attachment.protection_mode, acl=attachment.acl)
     data = request.files['content'].stream.read()
     pdf_attachment.file = AttachmentFile(user=attachment.file.user, filename=f'{name}.pdf',
                                          content_type='application/pdf')
     pdf_attachment.file.save(data)
     db.session.add(pdf_attachment)
     db.session.flush()
     pdf_state_cache.set(str(attachment.id), 'finished', timeout=timedelta(minutes=15))
     ConversionPlugin.logger.info('Added PDF attachment %s for %s', pdf_attachment, attachment)
     signals.attachments.attachment_created.send(pdf_attachment, user=None)
     return jsonify(success=True)
 def _process(self):
     from indico_conversion.plugin import ConversionPlugin
     try:
         payload = secure_serializer.loads(request.form['directory'], salt='pdf-conversion')
     except BadData:
         ConversionPlugin.logger.exception('Received invalid payload (%s)', request.form['directory'])
         return jsonify(success=False)
     attachment = Attachment.get(payload['attachment_id'])
     if not attachment or attachment.is_deleted or attachment.folder.is_deleted:
         ConversionPlugin.logger.info('Attachment has been deleted: %s', attachment)
         return jsonify(success=True)
     elif request.form['status'] != '1':
         ConversionPlugin.logger.error('Received invalid status %s for %s', request.form['status'], attachment)
         return jsonify(success=False)
     name, ext = os.path.splitext(attachment.file.filename)
     title = get_pdf_title(attachment)
     pdf_attachment = Attachment(folder=attachment.folder, user=attachment.user, title=title,
                                 description=attachment.description, type=AttachmentType.file,
                                 protection_mode=attachment.protection_mode, acl=attachment.acl)
     # TODO: remove first case when Conversion Server is fully on new version
     if 'content' in request.form:
         # handling of legacy API
         data = BytesIO(base64.decodestring(request.form['content']))
     else:
         filepdf = request.files['content']
         data = filepdf.stream.read()
     pdf_attachment.file = AttachmentFile(user=attachment.file.user, filename='{}.pdf'.format(name),
                                          content_type='application/pdf')
     pdf_attachment.file.save(data)
     db.session.add(pdf_attachment)
     db.session.flush()
     cache.set(unicode(attachment.id), 'finished', timedelta(minutes=15))
     ConversionPlugin.logger.info('Added PDF attachment %s for %s', pdf_attachment, attachment)
     signals.attachments.attachment_created.send(pdf_attachment, user=None)
     return jsonify(success=True)
示例#7
0
 def _process(self):
     if 'token' in request.args:
         identity_id = secure_serializer.loads(request.args['token'], max_age=3600, salt='reset-password')
         identity = Identity.get(identity_id)
         if not identity:
             raise BadData('Identity does not exist')
         return self._reset_password(identity)
     else:
         return self._request_token()
示例#8
0
 def _process(self):
     if 'token' in request.args:
         identity_id = secure_serializer.loads(request.args['token'], max_age=3600, salt='reset-password')
         identity = Identity.get(identity_id)
         if not identity:
             raise BadData('Identity does not exist')
         return self._reset_password(identity)
     else:
         return self._request_token()
示例#9
0
 def _check_access(self):
     uuid = secure_serializer.loads(request.args['token'],
                                    salt='file-download',
                                    max_age=86400)
     if UUID(uuid) != self.file.uuid:
         raise Forbidden
示例#10
0
 def _get_verified_email(self):
     """Checks if there is an email verification token."""
     if 'token' not in request.args:
         return None
     return secure_serializer.loads(request.args['token'], max_age=3600, salt='register-email')
示例#11
0
 def _get_verified_email(self):
     """Checks if there is an email verification token."""
     if 'token' not in request.args:
         return None
     return secure_serializer.loads(request.args['token'], max_age=3600, salt='register-email')