Updated invite email auth user flow

This commit is contained in:
chrisw
2017-11-10 12:35:21 +00:00
committed by Leo Hemsted
parent 694a92e92a
commit 79393c97ef
3 changed files with 34 additions and 13 deletions

View File

@@ -109,7 +109,8 @@ class UKMobileNumber(TelField):
class InternationalPhoneNumber(TelField):
def pre_validate(self, form):
try:
validate_phone_number(self.data, international=True)
if self.data:
validate_phone_number(self.data, international=True)
except InvalidPhoneError as e:
raise ValidationError(str(e))
@@ -173,13 +174,23 @@ class RegisterUserForm(Form):
class RegisterUserFromInviteForm(Form):
name = StringField('Full name',
validators=[DataRequired(message='Cant be empty')])
mobile_number = international_phone_number()
def __init__(self, auth_type, *args, **kwargs):
self.auth_type = auth_type
super().__init__(*args, **kwargs)
name = StringField(
'Full name',
validators=[DataRequired(message='Cant be empty')]
)
mobile_number = InternationalPhoneNumber('Mobile number', validators=[])
password = password()
service = HiddenField('service')
email_address = HiddenField('email_address')
def validate_mobile_number(self, field):
if self.auth_type == 'sms_auth' and not field.data:
raise ValidationError('Cant be empty')
class PermissionsForm(Form):
send_messages = BooleanField("Send messages from existing templates")

View File

@@ -19,6 +19,7 @@ from app.main.forms import (
RegisterUserForm,
RegisterUserFromInviteForm
)
from app.main.views.verify import activate_user
from app import (
user_api_client,
@@ -41,17 +42,22 @@ def register():
@main.route('/register-from-invite', methods=['GET', 'POST'])
def register_from_invite():
form = RegisterUserFromInviteForm()
invited_user = session.get('invited_user')
form = RegisterUserFromInviteForm(invited_user['auth_type'])
if not invited_user:
abort(404)
if form.validate_on_submit():
if form.service.data != invited_user['service'] or form.email_address.data != invited_user['email_address']:
abort(400)
_do_registration(form, send_email=False)
_do_registration(form, send_email=False, send_sms=invited_user['auth_type'] == 'sms_auth')
invite_api_client.accept_invite(invited_user['service'], invited_user['id'])
return redirect(url_for('main.verify'))
if invited_user['auth_type'] == 'sms_auth':
return redirect(url_for('main.verify'))
else:
# we've already proven this user has email because they clicked the invite link,
# so just activate them straight away
return activate_user(session['user_details']['id'])
form.service.data = invited_user['service']
form.email_address.data = invited_user['email_address']

View File

@@ -35,12 +35,7 @@ def verify():
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
return redirect(url_for('main.add_service', first='first'))
return activate_user(user_id)
finally:
session.pop('user_details', None)
@@ -73,3 +68,12 @@ def verify_email(token):
session['user_details'] = {"email": user.email_address, "id": user.id}
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
return redirect('verify')
def activate_user(user_id):
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
return redirect(url_for('main.add_service', first='first'))