darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-09 04:43:54 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
b3cb3a761a0ae9fa0b7fda060f7df9da2c8a0607
notifications-admin/app/main/views/two_factor.py
Leo Hemsted 08881e5bd1 add get_active_services method 
* all current invocations of get_services now call get_active_services
  EXCEPT for platform admin page (where we want to see inactive services
* cleaned up parameter names and unpacking (since *params is unhelpful)
* fixed incorrect kwarg name in conftest
2016-11-16 11:08:20 +00:00

61 lines
2.0 KiB
Python
Raw Blame History

from flask import (
render_template,
redirect,
session,
url_for,
request
)
from flask_login import login_user, current_user
from app.main import main
from app.main.forms import TwoFactorForm
from app import service_api_client, user_api_client
from app.utils import redirect_to_sign_in
@main.route('/two-factor', methods=['GET', 'POST'])
@redirect_to_sign_in
def two_factor():
user_id = session['user_details']['id']
def _check_code(code):
return user_api_client.check_verify_code(user_id, code, "sms")
form = TwoFactorForm(_check_code)
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
services = service_api_client.get_active_services({'user_id': str(user_id)}).get('data', [])
# Check if coming from new password page
if 'password' in session['user_details']:
user.set_password(session['user_details']['password'])
user.reset_failed_login_count()
user_api_client.update_user(user)
activated_user = user_api_client.activate_user(user)
login_user(activated_user, remember=True)
finally:
del session['user_details']
next_url = request.args.get('next')
if next_url and _is_safe_redirect_url(next_url):
return redirect(next_url)
if current_user.platform_admin:
return redirect(url_for('main.platform_admin'))
if len(services) == 1:
return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
return render_template('views/two-factor.html', form=form)
# see http://flask.pocoo.org/snippets/62/
def _is_safe_redirect_url(target):
from urllib.parse import urlparse, urljoin
host_url = urlparse(request.host_url)
redirect_url = urlparse(urljoin(request.host_url, target))
return redirect_url.scheme in ('http', 'https') and \
host_url.netloc == redirect_url.netloc
Reference in New Issue View Git Blame Copy Permalink