2016-03-17 13:07:52 +00:00
|
|
|
import json
|
|
|
|
|
|
2016-01-05 17:08:50 +00:00
|
|
|
from flask import (
|
2018-02-20 11:22:17 +00:00
|
|
|
abort,
|
|
|
|
|
current_app,
|
|
|
|
|
flash,
|
2016-01-19 22:47:42 +00:00
|
|
|
redirect,
|
2018-02-20 11:22:17 +00:00
|
|
|
render_template,
|
2016-01-19 22:47:42 +00:00
|
|
|
session,
|
2016-03-17 13:07:52 +00:00
|
|
|
url_for,
|
2016-01-19 22:47:42 +00:00
|
|
|
)
|
2015-12-07 16:08:30 +00:00
|
|
|
from flask_login import login_user
|
2018-02-20 11:22:17 +00:00
|
|
|
from itsdangerous import SignatureExpired
|
2016-04-14 12:00:55 +01:00
|
|
|
from notifications_utils.url_safe_token import check_token
|
2016-03-17 13:07:52 +00:00
|
|
|
|
2018-02-20 11:22:17 +00:00
|
|
|
from app import user_api_client
|
2015-12-07 16:08:30 +00:00
|
|
|
from app.main import main
|
2016-03-17 13:07:52 +00:00
|
|
|
from app.main.forms import TwoFactorForm
|
2019-01-18 16:13:29 +00:00
|
|
|
from app.models.user import InvitedUser
|
2016-06-17 11:36:30 +01:00
|
|
|
from app.utils import redirect_to_sign_in
|
2016-03-17 13:07:52 +00:00
|
|
|
|
2015-12-04 16:21:01 +00:00
|
|
|
|
2016-01-05 17:08:50 +00:00
|
|
|
@main.route('/verify', methods=['GET', 'POST'])
|
2016-06-17 11:36:30 +01:00
|
|
|
@redirect_to_sign_in
|
2016-01-05 17:08:50 +00:00
|
|
|
def verify():
|
2016-01-19 22:47:42 +00:00
|
|
|
user_id = session['user_details']['id']
|
|
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
def _check_code(code):
|
|
|
|
|
return user_api_client.check_verify_code(user_id, code, 'sms')
|
2016-03-10 14:48:33 +00:00
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
form = TwoFactorForm(_check_code)
|
2016-03-11 16:36:15 +00:00
|
|
|
|
2016-01-27 12:22:32 +00:00
|
|
|
if form.validate_on_submit():
|
2016-01-20 15:13:15 +00:00
|
|
|
try:
|
2017-11-10 12:35:21 +00:00
|
|
|
return activate_user(user_id)
|
2016-01-28 11:34:15 +00:00
|
|
|
finally:
|
2016-03-10 14:48:33 +00:00
|
|
|
session.pop('user_details', None)
|
2016-01-19 22:47:42 +00:00
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
return render_template('views/two-factor.html', form=form)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@main.route('/verify-email/<token>')
|
|
|
|
|
def verify_email(token):
|
|
|
|
|
try:
|
2017-11-01 14:39:14 +00:00
|
|
|
token_data = check_token(
|
|
|
|
|
token,
|
|
|
|
|
current_app.config['SECRET_KEY'],
|
|
|
|
|
current_app.config['DANGEROUS_SALT'],
|
|
|
|
|
current_app.config['EMAIL_EXPIRY_SECONDS']
|
|
|
|
|
)
|
2016-03-17 13:07:52 +00:00
|
|
|
except SignatureExpired:
|
2017-11-01 14:39:14 +00:00
|
|
|
flash("The link in the email we sent you has expired. We've sent you a new one.")
|
2016-03-17 13:07:52 +00:00
|
|
|
return redirect(url_for('main.resend_email_verification'))
|
2017-11-01 14:39:14 +00:00
|
|
|
|
|
|
|
|
# token contains json blob of format: {'user_id': '...', 'secret_code': '...'} (secret_code is unused)
|
|
|
|
|
token_data = json.loads(token_data)
|
|
|
|
|
user = user_api_client.get_user(token_data['user_id'])
|
|
|
|
|
if not user:
|
|
|
|
|
abort(404)
|
|
|
|
|
|
|
|
|
|
if user.is_active:
|
|
|
|
|
flash("That verification link has expired.")
|
|
|
|
|
return redirect(url_for('main.sign_in'))
|
|
|
|
|
|
|
|
|
|
session['user_details'] = {"email": user.email_address, "id": user.id}
|
|
|
|
|
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
|
|
|
|
|
return redirect('verify')
|
2017-11-10 12:35:21 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def activate_user(user_id):
|
|
|
|
|
user = user_api_client.get_user(user_id)
|
|
|
|
|
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
|
|
|
|
|
session['current_session_id'] = user.current_session_id
|
2019-01-18 16:13:29 +00:00
|
|
|
organisation_id = session.get('organisation_id')
|
2017-11-10 12:35:21 +00:00
|
|
|
activated_user = user_api_client.activate_user(user)
|
|
|
|
|
login_user(activated_user)
|
2019-01-18 16:13:29 +00:00
|
|
|
|
|
|
|
|
invited_user = session.get('invited_user')
|
|
|
|
|
if invited_user:
|
|
|
|
|
service_id = _add_invited_user_to_service(invited_user)
|
|
|
|
|
return redirect(url_for('main.service_dashboard', service_id=service_id))
|
|
|
|
|
|
|
|
|
|
invited_org_user = session.get('invited_org_user')
|
|
|
|
|
if invited_org_user:
|
|
|
|
|
user_api_client.add_user_to_organisation(invited_org_user['organisation'], session['user_details']['id'])
|
|
|
|
|
|
2018-02-19 16:53:29 +00:00
|
|
|
if organisation_id:
|
|
|
|
|
return redirect(url_for('main.organisation_dashboard', org_id=organisation_id))
|
|
|
|
|
else:
|
|
|
|
|
return redirect(url_for('main.add_service', first='first'))
|
2019-01-18 16:13:29 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def _add_invited_user_to_service(invited_user):
|
|
|
|
|
invitation = InvitedUser(**invited_user)
|
|
|
|
|
user = user_api_client.get_user(session['user_id'])
|
|
|
|
|
service_id = invited_user['service']
|
|
|
|
|
user_api_client.add_user_to_service(service_id, user.id, invitation.permissions)
|
|
|
|
|
return service_id
|
