def remove_phone(number): userphone = UserPhone.get(phone=number) if userphone is None or userphone.user != current_auth.user: userphone = UserPhoneClaim.get_for(user=current_auth.user, phone=number) if not userphone: abort(404) if userphone.verification_expired: flash( _("This number has been blocked due to too many failed verification attempts" ), 'danger', ) # Block attempts to delete this number if verification failed. # It needs to be deleted in a background sweep. return render_redirect(url_for('.account'), code=303) if request.method == 'POST': # FIXME: Confirm validation success user_data_changed.send(current_auth.user, changes=['phone-delete']) return render_delete_sqla( userphone, db, title=_("Confirm removal"), message=_("Remove phone number {phone} from your account?").format( phone=userphone.phone), success=_("You have removed your number {phone}").format( phone=userphone.phone), next=url_for('.account'), delete_text=_("Remove"), )
def verify_phone(phoneclaim): if phoneclaim.verification_expired: flash(_("You provided an incorrect verification code too many times"), 'danger') # Block attempts to verify this number, but also keep the claim so that a new # claim cannot be made. A periodic sweep to delete old claims is needed. return render_redirect(url_for('.account'), code=303) form = VerifyPhoneForm() form.phoneclaim = phoneclaim if form.validate_on_submit(): if UserPhone.get(phoneclaim.phone) is None: if not current_auth.user.phones: primary = True else: primary = False userphone = UserPhone(user=current_auth.user, phone=phoneclaim.phone, gets_text=True) userphone.primary = primary db.session.add(userphone) db.session.delete(phoneclaim) db.session.commit() flash(_("Your phone number has been verified"), 'success') user_data_changed.send(current_auth.user, changes=['phone']) return render_redirect(url_for('.account'), code=303) else: db.session.delete(phoneclaim) db.session.commit() flash(_("This phone number has already been claimed by another user"), 'danger') elif request.method == 'POST': phoneclaim.verification_attempts += 1 db.session.commit() return render_form(form=form, title=_("Verify phone number"), formid='phone_verify', submit=_("Verify"), ajax=True)
def verify_phone(phoneclaim): form = VerifyPhoneForm() form.phoneclaim = phoneclaim if form.validate_on_submit(): if UserPhone.get(phoneclaim.phone) is None: if not g.user.phones: primary = True else: primary = False userphone = UserPhone(user=g.user, phone=phoneclaim.phone, gets_text=True) userphone.primary = primary db.session.add(userphone) db.session.delete(phoneclaim) db.session.commit() flash(_("Your phone number has been verified"), 'success') user_data_changed.send(g.user, changes=['phone']) return render_redirect(url_for('.profile'), code=303) else: db.session.delete(phoneclaim) db.session.commit() flash( _("This phone number has already been claimed by another user" ), 'danger') return render_form(form=form, title=_("Verify phone number"), formid='phone_verify', submit=_("Verify"), ajax=True)
def validate_phone(self, field): # Step 1: Remove punctuation in number number = strip_phone(field.data) # Step 2: Check length if len(number) > 16: raise forms.ValidationError( _("This is too long to be a valid phone number")) # Step 3: Validate number format if not valid_phone(number): raise forms.ValidationError( _("Invalid phone number (must be in international format with a leading + symbol)" )) # Step 4: Check if Indian number (startswith('+91')) if number.startswith('+91') and len(number) != 13: raise forms.ValidationError( _("This does not appear to be a valid Indian mobile number")) # Step 5: Check if number has already been claimed existing = UserPhone.get(phone=number) if existing is not None: if existing.user == current_auth.user: raise forms.ValidationError( _("You have already registered this phone number")) else: raise forms.ValidationError( _("This phone number has already been claimed")) existing = UserPhoneClaim.get(phone=number, user=current_auth.user) if existing is not None: raise forms.ValidationError( _("This phone number is pending verification")) field.data = number # Save stripped number
def validate_phone(self, field): # TODO: Use the phonenumbers library to validate this # Step 1: Remove punctuation in number number = strip_phone(field.data) # Step 2: Check length if len(number) > 16: raise forms.ValidationError(_("This is too long to be a valid phone number")) # Step 3: Validate number format if not valid_phone(number): raise forms.ValidationError(_("Invalid phone number (must be in international format with a leading + symbol)")) # Step 4: Check if Indian number (startswith('+91')) if number.startswith('+91') and len(number) != 13: raise forms.ValidationError(_("This does not appear to be a valid Indian mobile number")) # Step 5: Check if number has already been claimed existing = UserPhone.get(phone=number) if existing is not None: if existing.user == current_auth.user: raise forms.ValidationError(_("You have already registered this phone number")) else: raise forms.ValidationError(_("This phone number has already been claimed")) existing = UserPhoneClaim.get(phone=number, user=current_auth.user) if existing is not None: raise forms.ValidationError(_("This phone number is pending verification")) field.data = number # Save stripped number
def validate_phone(self, field): existing = UserPhone.get(phone=field.data) if existing is not None: if existing.user == g.user: raise wtforms.ValidationError("You have already registered this phone number.") else: raise wtforms.ValidationError("This phone number has already been claimed.") existing = UserPhoneClaim.get(phone=field.data, user=g.user) if existing is not None: raise wtforms.ValidationError("This phone number is pending verification.") # Step 1: Remove punctuation in number field.data = strip_phone(field.data) # Step 2: Validate number format if not valid_phone(field.data): raise wtforms.ValidationError("Invalid phone number (must be in international format with a leading + symbol)") # Step 3: Check if Indian number (startswith('+91')) if not field.data.startswith('+91') or len(field.data) != 13: raise wtforms.ValidationError("Only Indian mobile numbers are allowed at this time")
def verify_phone(phoneclaim): if phoneclaim.verification_expired: flash(_("You provided an incorrect verification code too many times"), 'danger') # Block attempts to verify this number, but also keep the claim so that a new # claim cannot be made. A periodic sweep to delete old claims is needed. return render_redirect(url_for('.account'), code=303) form = VerifyPhoneForm() form.phoneclaim = phoneclaim if form.validate_on_submit(): if UserPhone.get(phoneclaim.phone) is None: if not current_auth.user.phones: primary = True else: primary = False userphone = UserPhone(user=current_auth.user, phone=phoneclaim.phone, gets_text=True) userphone.primary = primary db.session.add(userphone) db.session.delete(phoneclaim) db.session.commit() flash(_("Your phone number has been verified"), 'success') user_data_changed.send(current_auth.user, changes=['phone']) return render_redirect(url_for('.account'), code=303) else: db.session.delete(phoneclaim) db.session.commit() flash( _("This phone number has already been claimed by another user" ), 'danger', ) elif request.method == 'POST': phoneclaim.verification_attempts += 1 db.session.commit() return render_form( form=form, title=_("Verify phone number"), formid='phone_verify', submit=_("Verify"), ajax=True, )
def verify_phone(phoneclaim): form = VerifyPhoneForm() form.phoneclaim = phoneclaim if form.validate_on_submit(): if UserPhone.get(phoneclaim.phone) is None: if not g.user.phones: primary = True else: primary = False userphone = UserPhone(user=g.user, phone=phoneclaim.phone, gets_text=True, primary=primary) db.session.add(userphone) db.session.delete(phoneclaim) db.session.commit() flash("Your phone number has been verified.", 'success') user_data_changed.send(g.user, changes=['phone']) return render_redirect(url_for('.profile'), code=303) else: db.session.delete(phoneclaim) db.session.commit() flash("This phone number has already been claimed by another user.", 'danger') return render_form(form=form, title="Verify phone number", formid="phone_verify", submit="Verify", ajax=True)
def validate_phone(self, field): existing = UserPhone.get(phone=field.data) if existing is not None: if existing.user == g.user: raise wtforms.ValidationError( "You have already registered this phone number.") else: raise wtforms.ValidationError( "This phone number has already been claimed.") existing = UserPhoneClaim.get(phone=field.data, user=g.user) if existing is not None: raise wtforms.ValidationError( "This phone number is pending verification.") # Step 1: Remove punctuation in number field.data = strip_phone(field.data) # Step 2: Validate number format if not valid_phone(field.data): raise wtforms.ValidationError( "Invalid phone number (must be in international format with a leading + symbol)" ) # Step 3: Check if Indian number (startswith('+91')) if not field.data.startswith('+91') or len(field.data) != 13: raise wtforms.ValidationError( "Only Indian mobile numbers are allowed at this time")