mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-07-03 16:09:06 -04:00
Updated invite email auth user flow
This commit is contained in:
@@ -109,7 +109,8 @@ class UKMobileNumber(TelField):
|
||||
class InternationalPhoneNumber(TelField):
|
||||
def pre_validate(self, form):
|
||||
try:
|
||||
validate_phone_number(self.data, international=True)
|
||||
if self.data:
|
||||
validate_phone_number(self.data, international=True)
|
||||
except InvalidPhoneError as e:
|
||||
raise ValidationError(str(e))
|
||||
|
||||
@@ -173,13 +174,23 @@ class RegisterUserForm(Form):
|
||||
|
||||
|
||||
class RegisterUserFromInviteForm(Form):
|
||||
name = StringField('Full name',
|
||||
validators=[DataRequired(message='Can’t be empty')])
|
||||
mobile_number = international_phone_number()
|
||||
def __init__(self, auth_type, *args, **kwargs):
|
||||
self.auth_type = auth_type
|
||||
super().__init__(*args, **kwargs)
|
||||
|
||||
name = StringField(
|
||||
'Full name',
|
||||
validators=[DataRequired(message='Can’t be empty')]
|
||||
)
|
||||
mobile_number = InternationalPhoneNumber('Mobile number', validators=[])
|
||||
password = password()
|
||||
service = HiddenField('service')
|
||||
email_address = HiddenField('email_address')
|
||||
|
||||
def validate_mobile_number(self, field):
|
||||
if self.auth_type == 'sms_auth' and not field.data:
|
||||
raise ValidationError('Can’t be empty')
|
||||
|
||||
|
||||
class PermissionsForm(Form):
|
||||
send_messages = BooleanField("Send messages from existing templates")
|
||||
|
||||
@@ -19,6 +19,7 @@ from app.main.forms import (
|
||||
RegisterUserForm,
|
||||
RegisterUserFromInviteForm
|
||||
)
|
||||
from app.main.views.verify import activate_user
|
||||
|
||||
from app import (
|
||||
user_api_client,
|
||||
@@ -41,17 +42,22 @@ def register():
|
||||
|
||||
@main.route('/register-from-invite', methods=['GET', 'POST'])
|
||||
def register_from_invite():
|
||||
form = RegisterUserFromInviteForm()
|
||||
invited_user = session.get('invited_user')
|
||||
form = RegisterUserFromInviteForm(invited_user['auth_type'])
|
||||
if not invited_user:
|
||||
abort(404)
|
||||
|
||||
if form.validate_on_submit():
|
||||
if form.service.data != invited_user['service'] or form.email_address.data != invited_user['email_address']:
|
||||
abort(400)
|
||||
_do_registration(form, send_email=False)
|
||||
_do_registration(form, send_email=False, send_sms=invited_user['auth_type'] == 'sms_auth')
|
||||
invite_api_client.accept_invite(invited_user['service'], invited_user['id'])
|
||||
return redirect(url_for('main.verify'))
|
||||
if invited_user['auth_type'] == 'sms_auth':
|
||||
return redirect(url_for('main.verify'))
|
||||
else:
|
||||
# we've already proven this user has email because they clicked the invite link,
|
||||
# so just activate them straight away
|
||||
return activate_user(session['user_details']['id'])
|
||||
|
||||
form.service.data = invited_user['service']
|
||||
form.email_address.data = invited_user['email_address']
|
||||
|
||||
@@ -35,12 +35,7 @@ def verify():
|
||||
|
||||
if form.validate_on_submit():
|
||||
try:
|
||||
user = user_api_client.get_user(user_id)
|
||||
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
|
||||
session['current_session_id'] = user.current_session_id
|
||||
activated_user = user_api_client.activate_user(user)
|
||||
login_user(activated_user)
|
||||
return redirect(url_for('main.add_service', first='first'))
|
||||
return activate_user(user_id)
|
||||
finally:
|
||||
session.pop('user_details', None)
|
||||
|
||||
@@ -73,3 +68,12 @@ def verify_email(token):
|
||||
session['user_details'] = {"email": user.email_address, "id": user.id}
|
||||
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
|
||||
return redirect('verify')
|
||||
|
||||
|
||||
def activate_user(user_id):
|
||||
user = user_api_client.get_user(user_id)
|
||||
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
|
||||
session['current_session_id'] = user.current_session_id
|
||||
activated_user = user_api_client.activate_user(user)
|
||||
login_user(activated_user)
|
||||
return redirect(url_for('main.add_service', first='first'))
|
||||
|
||||
Reference in New Issue
Block a user