def create(self): try: first_name = request.form.get("first_name", "").strip() last_name = request.form.get("last_name", "").strip() email = request.form.get("email", "").strip() password = request.form.get("password", "").strip() password_confirm = request.form.get("password_confirm", "").strip() user_role = request.form.get("user_role") role = models.AuthUserRole.get(user_role) if not role: raise exceptions.AuthError("Invalid ROLE selected") if not first_name: raise mocha_exc.AppError("First Name is required") elif not password or password != password_confirm: raise mocha_exc.AppError("Passwords don't match") user = create_user(username=email, password=password, first_name=first_name, last_name=last_name, login_method="email", role=role.name) if user: flash_success("New account created successfully!") return redirect(self.info, id=user.id) else: raise exceptions.AuthError("Account couldn't be created") except exceptions.AuthError as ae: flash_error(ae.message) return redirect(self.index)
def reset_password(self, action_token, signed_data): """Reset the user password. It was triggered by LOST-PASSWORD """ try: action = "reset-password" user = get_user_by_action_token(action, action_token) if not user or not user.signed_data_match(signed_data, action): raise mocha_exc.AppError("Verification Invalid!") if request.method == "POST": password = request.form.get("password", "").strip() password_confirm = request.form.get("password_confirm", "").strip() if not password or password != password_confirm: raise exceptions.AuthError( "Password is missing or passwords don't match") user.change_password(password) user.set_email_verified(True) session_set_require_password_change(False) flash_success("Password updated successfully!") return redirect(__options__.get("login_view") or self.login) return {"action_token": action_token, "signed_data": signed_data} except (mocha_exc.AppError, exceptions.AuthError) as ex: flash_error(str(ex)) except Exception as e: logging.exception(e) flash_error("Unable to reset password") return redirect(self.login)
def login(self): if not __options__.get("allow_login"): abort(403, "Login is not allowed. Contact admin if it's a mistake") if request.method == "POST": username = request.form.get("username", "").strip() password = request.form.get("password", "").strip() try: if not username or not password: raise mocha_exc.AppError("Email/Username or Password is empty") user = authenticate(username=username, password=password) if not user: raise mocha_exc.AppError("Email or Password is invalid") create_session(user) # if user.require_password_change is True: # flash_info("Password change is required") # session_set_require_password_change(True) # return redirect(views.auth.Account.account_settings, edit_password=1) return redirect(request.form.get("next") or __options__.get("login_view")) except exceptions.VerifyEmailError as ve: return redirect(self.login, username=username, v="1") except (mocha_exc.AppError, exceptions.AuthError) as ae: flash_error(str(ae)) except Exception as e: logging.exception(e) flash_error("Unable to login") return redirect(self.login, next=request.form.get("next")) page_attr("Login") return { "username": request.args.get("username"), "login_url_next": request.args.get("next", ""), "allow_registration": __options__.get("allow_registration"), "show_verification_message": True if request.args.get("v") == "1" else False }
def verify_email(self, action_token, signed_data): """ Verify email account, in which a link was sent to """ try: action = "verify-email" user = get_user_by_action_token(action, action_token) if not user or not user.signed_data_match(signed_data, action): raise mocha_exc.AppError("Verification Invalid!") else: user.set_email_verified(True) flash_success("Account verified. You can now login") username = user.username if user.login_method == "email": username = user.email return redirect(self.login, username=username) except Exception as e: logging.exception(e) flash_error("Verification Failed!") return redirect(self.login)
def page(self): recipients = app_data.get(APP_DATA_KEY, "recipients") \ or __options__.get("recipients") \ or config("CONTACT_EMAIL") if not recipients: abort(500, "ContactPage missing email recipient") success_message = app_data.get(APP_DATA_KEY, "success_message", __options__.get("success_message")) return_to = __options__.get("return_to", None) if return_to: if "/" not in return_to: return_to = url_for(return_to) else: return_to = url_for(self) if request.method == "POST": email = request.form.get("email") subject = request.form.get("subject") message = request.form.get("message") name = request.form.get("name") try: if recaptcha.verify(): if not email or not subject or not message: raise exceptions.AppError("All fields are required") elif not utils.is_email_valid(email): raise exceptions.AppError("Invalid email address") else: try: send_mail(to=recipients, reply_to=email, mail_from=email, mail_subject=subject, mail_message=message, mail_name=name, template=__options__.get("template", "contact-us.txt") ) flash_data("ContactPage:EmailSent") except Exception as ex: logging.exception(ex) raise exceptions.AppError("Unable to send email") else: raise exceptions.AppError("Security code is invalid") except exceptions.AppError as e: flash_error(e.message) return redirect(self) title = __options__.get("title", _("Contact Us")) page_attr(title) fd = get_flash_data() return { "title": title, "email_sent": True if fd and "ContactPage:EmailSent" in fd else False, "success_message": success_message, "return_to": return_to }
def register(self): """ Registration """ if not __options__.get("allow_registration"): abort(403, "Registration is not allowed. Contact admin if it's a mistake") page_attr("Register") if request.method == "POST": try: if not recaptcha.verify(): raise mocha_exc.AppError("Invalid Security code") email = request.form.get("email", "").strip() username = request.form.get("username", "").strip() password = request.form.get("password", "").strip() password_confirm = request.form.get("password_confirm", "").strip() first_name = request.form.get("first_name", "").strip() last_name = request.form.get("last_name", "").strip() with_oauth = request.form.get("with_oauth") == "1" oauth_provider = request.form.get("oauth_provider") oauth_user_id = request.form.get("oauth_user_id") login_method = None # Require username and email if __options__.get("registration_username"): if "@" in username: raise exceptions.AuthError(_("Username can't be an email")) if not utils.is_email_valid(email): raise exceptions.AuthError(_("Invalid email address")) login_method = "username" # Require only email. Email will be used as username and email elif __options__.get("registration_email"): if not utils.is_email_valid(username): raise exceptions.AuthError(_("Invalid email address")) email = username login_method = "email" if not first_name: raise mocha_exc.AppError( _("First Name or Name is required")) elif not password or password != password_confirm: raise mocha_exc.AppError(_("Passwords don't match")) if not login_method: raise exceptions.AuthError(_("Registration is disabled")) user = create_user(username=username, password=password, email=email, first_name=first_name, last_name=last_name, login_method=login_method) # WITH OAUTH, we can straight up login user if with_oauth and oauth_provider and oauth_user_id: user.add_federation(oauth_provider, oauth_user_id) create_session(user) return redirect(request.form.get( "next") or views.auth.Account.account_settings) if __options__.get("require_email_verification"): user.send_welcome_email(view_class=self) flash_success(_("Please check your email. We've sent you a message")) return redirect( request.form.get("next") or __options__.get("login_view")) except (mocha_exc.AppError, exceptions.AuthError) as ex: flash_error(str(ex)) except Exception as e: logging.exception(e) flash_error("Unable to register") return redirect(self.register, next=request.form.get("next")) return { "reg_email": __options__.get("registration_email"), "reg_username": __options__.get("registration_username"), "reg_social": __options__.get("registration_social"), "reg_full_name": __options__.get("registration_full_name"), "login_url_next": request.args.get("next", ""), "with_oauth": has_oauth_request(), "oauth_provider": get_oauth_session().get("provider"), "oauth_user_id": get_oauth_session().get("user_id"), "email": get_oauth_session().get("email") or "", "name": get_oauth_session().get("name") or "", }