def setup_login(self):
"""
Allows to setup a email password if it's not provided specially
coming from oauth-login
:return:
"""
self._login_enabled()
self.meta_tags(title="Setup Login")
# Only user without email can set email
if current_user.is_authenticated() and current_user.email:
return redirect(url_for(endpoint_namespace % "account_settings"))
if self.tmp_data:
if request.method == "POST":
if not self.tmp_data["is_oauth"]:
return redirect(endpoint_namespace % "login")
try:
email = request.form.get("email")
password = request.form.get("password")
password2 = request.form.get("password2")
if not utils.is_valid_email(email):
raise UserError("Invalid email address '%s'" % email)
elif User.get_by_email(email):
raise UserError("An account exists already with this email address '%s' " % email)
elif not password.strip() or password.strip() != password2.strip():
raise UserError("Passwords don't match")
elif not utils.is_valid_password(password):
raise UserError("Invalid password")
else:
user = User.new(email=email,
password=password.strip(),
name=self.tmp_data["name"],
profile_image_url=self.tmp_data["picture"],
signup_method=self.tmp_data["provider"])
user.add_oauth(self.tmp_data["provider"],
self.tmp_data["id"],
name=self.tmp_data["name"],
email=email,
profile_image_url=self.tmp_data["picture"],
link=self.tmp_data["link"])
self.login_user(user)
self.tmp_data = None
return redirect(request.form.get("next") or url_for(on_signin_view))
except ApplicationError as ex:
flash(ex.message, "error")
return redirect(url_for(endpoint_namespace % "login"))
return dict(provider=self.tmp_data)
else:
return redirect(url_for(endpoint_namespace % "login"))
def change_login_handler(cls, user_context=None, email=None):
if not user_context:
user_context = current_user
if not email:
email = request.form.get("email").strip()
if not utils.is_valid_email(email):
raise UserWarning("Invalid email address '%s'" % email)
else:
if email != user_context.email and User.get_by_email(email):
raise UserWarning("Email exists already '%s'" % email)
elif email != user_context.email:
user_context.update(email=email)
return True
return False
def contact_page(self):
# Email to
email_to = kwargs.pop("email_to", self.get_config("APPLICATION_CONTACT_EMAIL", None))
if mailer.validated is not True:
abort("MailerMisconfiguredError")
elif not email_to:
abort("ContactPageMissingEmailToError")
if request.method == "POST":
email = request.form.get("email")
subject = request.form.get("subject")
message = request.form.get("message")
name = request.form.get("name")
flash_message = "Message sent. Thank you!"
flash_type = "success"
if recaptcha.verify():
if not email or not subject or not message:
flash_message = "All fields are required"
flash_type = "error"
elif not utils.is_valid_email(email):
flash_message = "Invalid email address"
flash_type = "error"
else:
try:
mailer.send_template("contact-us.txt",
to=email_to,
reply_to=email,
mail_from=email,
mail_subject=subject,
mail_message=message,
mail_name=name)
except Exception as ex:
abort("MailerMisconfiguredError")
else:
flash_message = "Security code is invalid"
flash_type = "error"
flash(flash_message, flash_type)
return redirect(url_for(return_to))
self.meta_tags(title="Contact Us")
return {}
def signup(self):
"""
For Email Signup
:return:
"""
self._login_enabled()
self._signup_enabled()
self.meta_tags(title="Signup")
if request.method == "POST":
# reCaptcha
if not recaptcha.verify():
flash("Invalid Security code", "error")
return redirect(url_for(endpoint_namespace % "signup",
next=request.form.get("next")))
try:
name = request.form.get("name")
email = request.form.get("email")
password = request.form.get("password")
password2 = request.form.get("password2")
profile_image_url = request.form.get("profile_image_url", None)
if not name:
raise UserError("Name is required")
elif not utils.is_valid_email(email):
raise UserError("Invalid email address '%s'" % email)
elif not password.strip() or password.strip() != password2.strip():
raise UserError("Passwords don't match")
elif not utils.is_valid_password(password):
raise UserError("Invalid password")
else:
new_account = User.new(email=email,
password=password.strip(),
first_name=name,
profile_image_url=profile_image_url,
signup_method="email")
self.login_user(new_account)
return redirect(request.form.get("next") or url_for(on_signin_view))
except ApplicationError as ex:
flash(ex.message, "error")
return redirect(url_for(endpoint_namespace % "signup",
next=request.form.get("next")))
logout_user()
return dict(login_url_next=request.args.get("next", ""))
def user_admin_create(self):
try:
email = request.form.get("email")
first_name = request.form.get("first_name")
last_name = request.form.get("last_name")
user_role = request.form.get("user_role")
_role = Role.get(user_role)
if not _role:
raise UserError("Invalid role")
if current_user.role.level < _role.level:
raise UserError("Can't be assigned a greater user role")
if not first_name:
raise UserError("First Name is required")
elif not email:
raise UserError("Email is required")
elif not utils.is_valid_email(email):
raise UserError("Invalid email address")
if User.get_by_email(email):
raise UserError("Email '%s' exists already" % email)
else:
user = User.new(email=email,
first_name=first_name,
last_name=last_name,
signup_method="email-from-admin",
role_id=_role.id)
if user:
flash("User created successfully!", "success")
return redirect(url_for("UserAdmin:get", id=user.id))
else:
raise UserError("Couldn't create new user")
except ApplicationError as ex:
flash("Error: %s" % ex.message, "error")
return redirect(url_for("UserAdmin:index"))
def test_is_valid_email():
assert utils.is_valid_email("youder.com") is False
assert utils.is_valid_email("*****@*****.**") is True
assert utils.is_valid_email("*****@*****.**") is True
assert utils.is_valid_email("*****@*****.**") is True
assert utils.is_valid_email("*****@*****.**") is True
def user_admin_post(self):
try:
id = request.form.get("id")
user = User.get(id, include_deleted=True)
if not user:
flash("Can't change user info. Invalid user", "error")
return redirect(url_for("UserAdmin:index"))
if current_user.role.level < user.role.level:
abort(403, "Not enough rights to update this user info")
email = request.form.get("email", "").strip()
first_name = request.form.get("first_name")
last_name = request.form.get("last_name")
user_role = request.form.get("user_role")
action = request.form.get("action")
if user.id != current_user.id:
_role = Role.get(user_role)
if not _role:
raise UserError("Invalid role")
if current_user.role.name.lower() not in PRIVILEDGED_ROLES:
raise UserError("Not Enough right to change user's info")
if action == "activate":
user.update(active=True)
flash("User has been ACTIVATED", "success")
elif action == "deactivate":
user.update(active=False)
flash("User is now DEACTIVATED", "success")
elif action == "delete":
user.delete()
flash("User has been deleted", "success")
elif action == "undelete":
user.delete(False)
flash("User is now active", "success")
else:
if email and email != user.email:
if not utils.is_valid_email(email):
raise UserError("Invalid email address '%s'" % email)
else:
if User.get_by_email(email):
raise UserError("Email exists already '%s'" % email)
user.update(email=email)
user.update(first_name=first_name,
last_name=last_name,
role_id=_role.id)
else:
if email and email != user.email:
if not utils.is_valid_email(email):
raise UserError("Invalid email address '%s'" % email)
else:
if User.get_by_email(email):
raise UserError("Email exists already '%s'" % email)
user.update(email=email)
user.update(first_name=first_name,
last_name=last_name)
flash("User's Info updated successfully!", "success")
except ApplicationError as ex:
flash("Error: %s " % ex.message, "error")
return redirect(url_for("UserAdmin:get", id=id))