Correct functions for creating new users, confirming email, resetting password and forgot password.

2024-08-21 14:59:56 +02:00
parent 6219d11e56
commit 9757830bc4
20 changed files with 291 additions and 43 deletions
--- a/eveai_app/views/user_views.py
+++ b/eveai_app/views/user_views.py
@@ -154,30 +154,20 @@ def user():
    form.tenant_id.data = session.get('tenant').get('id')  # It is only possible to create users for the session tenant
    if form.validate_on_submit():
        current_app.logger.info(f"Adding User for tenant {session['tenant']['id']} ")
-        if form.password.data != form.confirm_password.data:
-            flash('Passwords do not match.', 'danger')
-            return render_template('user/user.html', form=form)

-        # Handle the required attributes
-        hashed_password = hash_password(form.password.data)
        new_user = User(user_name=form.user_name.data,
                        email=form.email.data,
-                        password=hashed_password,
                        first_name=form.first_name.data,
                        last_name=form.last_name.data,
                        valid_to=form.valid_to.data,
-                        tenant_id=form.tenant_id.data
+                        tenant_id=form.tenant_id.data,
+                        fs_uniquifier=uuid.uuid4().hex,
                        )

        timestamp = dt.now(tz.utc)
        new_user.created_at = timestamp
        new_user.updated_at = timestamp

-        # Handle the relations
-        tenant_id = request.form.get('tenant_id')
-        # the_tenant = Tenant.query.get(tenant_id)
-        # new_user.tenant = the_tenant
-
        # Add roles
        for role_id in form.roles.data:
            the_role = Role.query.get(role_id)
@@ -188,11 +178,17 @@ def user():
        try:
            db.session.add(new_user)
            db.session.commit()
-            security.datastore.set_uniquifier()
-            send_confirmation_email(new_user)
-            current_app.logger.debug(f'User {new_user.id} with name {new_user.user_name} added to database'
-                                     f'Confirmation email sent to {new_user.email}')
-            flash('User added successfully and confirmation email sent.', 'success')
+            # security.datastore.set_uniquifier(new_user)
+            try:
+                send_confirmation_email(new_user)
+                current_app.logger.debug(f'User {new_user.id} with name {new_user.user_name} added to database'
+                                         f'Confirmation email sent to {new_user.email}')
+                flash('User added successfully and confirmation email sent.', 'success')
+            except Exception as e:
+                current_app.logger.error(f'Failed to send confirmation email to {new_user.email}. Error: {str(e)}')
+                flash('User added successfully, but failed to send confirmation email. '
+                      'Please contact the administrator.', 'warning')
+
            return redirect(prefixed_url_for('user_bp.view_users'))
        except Exception as e:
            current_app.logger.error(f'Failed to add user with name {new_user.user_name}. Error: {str(e)}')
@@ -315,6 +311,9 @@ def handle_user_action():
    elif action == 'resend_confirmation_email':
        send_confirmation_email(user)
        flash(f'Confirmation email sent to {user.email}.', 'success')
+    elif action == 'send_password_reset_email':
+        send_reset_email(user)
+        flash(f'Password reset email sent to {user.email}.', 'success')
    elif action == 'reset_uniquifier':
        reset_uniquifier(user)
        flash(f'Uniquifier reset for {user.user_name}.', 'success')