Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

fix(users): Register: validate `mail`, handle duplicated `userid`, only send password mail if `mail` was set
continuous-integration/woodpecker the build was successful Details

This commit is contained in:
Ferdinand Thiessen 2021-12-18 01:56:52 +01:00
parent 9f6aa38925
commit bd371dfcf2
1 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
flaschengeist/controller/userController.py
View File

@ -1,4 +1,5 @@
import secrets import secrets
import re
from io import BytesIO from io import BytesIO
from sqlalchemy import exc from sqlalchemy import exc
from flask import current_app from flask import current_app
@ -214,29 +215,40 @@ def delete_user(user: User):
db.session.commit() db.session.commit()
def register(data): def register(data, passwd=None):
"""Register a new user
Args:
data: dictionary containing valid user properties
passwd: optional a password, default: 16byte random
"""
allowed_keys = User().serialize().keys() allowed_keys = User().serialize().keys()
values = {key: value for key, value in data.items() if key in allowed_keys} values = {key: value for key, value in data.items() if key in allowed_keys}
roles = values.pop("roles", []) roles = values.pop("roles", [])
if "birthday" in data: if "birthday" in data:
values["birthday"] = from_iso_format(data["birthday"]).date() values["birthday"] = from_iso_format(data["birthday"]).date()
if "mail" in data and not re.match(r"[^@]+@[^@]+\.[^@]+", data["mail"]):
raise BadRequest("Invalid mail given")
user = User(**values) user = User(**values)
set_roles(user, roles) set_roles(user, roles)
password = secrets.token_urlsafe(16) password = passwd if passwd else secrets.token_urlsafe(16)
current_app.config["FG_AUTH_BACKEND"].create_user(user, password) current_app.config["FG_AUTH_BACKEND"].create_user(user, password)
db.session.add(user) try:
db.session.commit() db.session.add(user)
db.session.commit()
except exc.IntegrityError:
raise BadRequest("userid already in use")
reset = _generate_password_reset(user) if user.mail:
reset = _generate_password_reset(user)
subject = str(config["MESSAGES"]["welcome_subject"]).format(name=user.display_name, username=user.userid) subject = str(config["MESSAGES"]["welcome_subject"]).format(name=user.display_name, username=user.userid)
text = str(config["MESSAGES"]["welcome_text"]).format( text = str(config["MESSAGES"]["welcome_text"]).format(
name=user.display_name, name=user.display_name,
username=user.userid, username=user.userid,
password_link=f'https://{config["FLASCHENGEIST"]["domain"]}/reset?token={reset.token}', password_link=f'https://{config["FLASCHENGEIST"]["domain"]}/reset?token={reset.token}',
) )
messageController.send_message(messageController.Message(user, text, subject)) messageController.send_message(messageController.Message(user, text, subject))
find_user(user.userid) find_user(user.userid)