From 1ff4c6cc40f882837c56f9247e1656f322227f08 Mon Sep 17 00:00:00 2001
From: Hana Pearlman <hanap@sas.upenn.edu>
Date: Fri, 27 Apr 2018 11:59:26 -0400
Subject: [PATCH 1/5] send new admin a link to reset their password when they
 create a new instance

---
 app/instances/views.py                        | 28 +++++++++++++++++--
 .../instances/email/admin_login_info.html     | 21 ++++++++++++++
 .../instances/email/admin_login_info.txt      | 14 ++++++++++
 app/templates/instances/launch_status.html    | 10 +++++--
 4 files changed, 68 insertions(+), 5 deletions(-)
 create mode 100644 app/templates/instances/email/admin_login_info.html
 create mode 100644 app/templates/instances/email/admin_login_info.txt

diff --git a/app/instances/views.py b/app/instances/views.py
index b9e1b7a..8c661b9 100644
--- a/app/instances/views.py
+++ b/app/instances/views.py
@@ -1,7 +1,9 @@
 from flask import flash, redirect, render_template, current_app, url_for
 from flask_wtf.csrf import generate_csrf
+from flask_rq import get_queue
 from flask_login import current_user, login_required
 from urllib.parse import quote
+from app import csrf
 
 from . import instances
 from ..utils import get_heroku_token, register_subdomain, update_subdomain
@@ -9,6 +11,7 @@
 from ..models import Instance
 from ..decorators import heroku_auth_required
 from .. import db
+from ..email import send_email
 
 import string
 import random
@@ -99,9 +102,14 @@ def launch():
 
             register_subdomain(instance)
 
-            return render_template('instances/launch_status.html',
-                                   app_setup_id=app_setup_id, auth=auth,
-                                   instance=instance)
+            return render_template(
+                'instances/launch_status.html',
+                app_setup_id=app_setup_id,
+                auth=auth,
+                instance=instance,
+                email=username_in_app,
+                password=password_in_app,
+                name=url_name)
 
     return render_template('instances/launch_form.html', form=form)
 
@@ -120,6 +128,20 @@ def get_status(app_setup_id, auth):
 
     return resp.text
 
+@csrf.exempt
+@instances.route('/send-admin-email/<email>/<password>/<name>', methods=['GET', 'POST'])
+def send_admin_email(email, password, name):
+    print("HANA GETTING TO SEND ADMIN EMAIL")
+    get_queue().enqueue(
+        send_email,
+        recipient=current_user.email,
+        subject='Admin Login Information',
+        template='instances/email/admin_login_info',
+        full_name=current_user.full_name(),
+        url_name=name,
+        email=current_user.email,
+        default_password=password)
+
 
 @instances.route('/')
 @login_required
diff --git a/app/templates/instances/email/admin_login_info.html b/app/templates/instances/email/admin_login_info.html
new file mode 100644
index 0000000..e5a18a7
--- /dev/null
+++ b/app/templates/instances/email/admin_login_info.html
@@ -0,0 +1,21 @@
+Dear {{ full_name }},
+
+<p> 
+You have succesfully created an instance of Maps4All!
+</p>
+
+<p> Your app is available at 
+
+<a href="{{'https://' + url_name + '.maps4all.org'}}">
+{{'https://' + url_name + '.maps4all.org'}}
+</a>. </p>
+
+<p> The admin email will be: {{ email }}. We have randomized a password for your administrator account. Click here to reset the password for your account: <a href="{{'https://' + url_name + '.maps4all.org/account/reset-password'}}">
+{{'https://' + url_name + '.maps4all.org/account/reset-password'}}
+</a>. You will be prompted to enter your email again.
+
+<p>Sincerely,</p>
+
+<p>The {{ config.APP_NAME }} Team</p>
+
+<p><small>Note: replies to this email address are not monitored.</small></p>
\ No newline at end of file
diff --git a/app/templates/instances/email/admin_login_info.txt b/app/templates/instances/email/admin_login_info.txt
new file mode 100644
index 0000000..ac096ce
--- /dev/null
+++ b/app/templates/instances/email/admin_login_info.txt
@@ -0,0 +1,14 @@
+Dear {{ full_name }},
+
+You have succesfully created an instance of Maps4All!
+
+Your app is available at 
+{{'https://' + url_name + '.maps4all.org'}}.
+
+The admin email will be {{ email }}. We have randomized a password for your administrator account. Click here to reset the password for your account: {{'https://' + url_name + '.maps4all.org/account/reset-password'}}. You will be prompted to enter your email again.
+
+Sincerely,
+
+The {{ config.APP_NAME }} Team
+
+Note: replies to this email address are not monitored.
\ No newline at end of file
diff --git a/app/templates/instances/launch_status.html b/app/templates/instances/launch_status.html
index f1f5bb8..06b62d8 100644
--- a/app/templates/instances/launch_status.html
+++ b/app/templates/instances/launch_status.html
@@ -24,8 +24,7 @@ <h2 class="ui header">Please wait...</h2>
             </div>
             <p>Your app is available at <a href="{{'https://' + instance.url_name + '.maps4all.org'}}">
               {{'https://' + instance.url_name + '.maps4all.org'}}</a>. 
-              The admin email will be {{ instance.email }} and the admin password will be {{ instance.default_password }}.
-              Feel free to change this password after logging in.
+              The admin email will be {{ instance.email }}. A link to set your password will be sent to this email.
             </p>
             <p>Please write down this information!</p>
           </div>          
@@ -48,6 +47,13 @@ <h2 class="ui header">Please wait...</h2>
                  donePolling();
                  if (res.status === 'succeeded') {
                   $('#deployed-info').show();
+                  $.ajax({
+                    type: 'POST',
+                    url: "{{ url_for('instances.send_admin_email', email=email, password=password, name=name)}}",
+                    success: function(res) {
+                      //todo: if email did not send, should tell user to go to instance and manually "reset password"
+                    }
+                    })
                  }
                  else {
                    alert("Something went wrong. Please share this with the developer: " + JSON.stringify(res));

From 077e034a6a24350cd37e99649c70a7bd836138de Mon Sep 17 00:00:00 2001
From: Hana Pearlman <hanap@sas.upenn.edu>
Date: Fri, 8 Jun 2018 22:20:02 -0700
Subject: [PATCH 2/5] fix style, remove prints

---
 app/instances/views.py                     | 4 ++--
 app/templates/instances/launch_status.html | 5 +----
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/app/instances/views.py b/app/instances/views.py
index 8c661b9..2063754 100644
--- a/app/instances/views.py
+++ b/app/instances/views.py
@@ -128,10 +128,10 @@ def get_status(app_setup_id, auth):
 
     return resp.text
 
+
 @csrf.exempt
-@instances.route('/send-admin-email/<email>/<password>/<name>', methods=['GET', 'POST'])
+@instances.route('/send-admin-email/<email>/<password>/<name>', methods=['POST'])
 def send_admin_email(email, password, name):
-    print("HANA GETTING TO SEND ADMIN EMAIL")
     get_queue().enqueue(
         send_email,
         recipient=current_user.email,
diff --git a/app/templates/instances/launch_status.html b/app/templates/instances/launch_status.html
index 06b62d8..b2ce207 100644
--- a/app/templates/instances/launch_status.html
+++ b/app/templates/instances/launch_status.html
@@ -49,10 +49,7 @@ <h2 class="ui header">Please wait...</h2>
                   $('#deployed-info').show();
                   $.ajax({
                     type: 'POST',
-                    url: "{{ url_for('instances.send_admin_email', email=email, password=password, name=name)}}",
-                    success: function(res) {
-                      //todo: if email did not send, should tell user to go to instance and manually "reset password"
-                    }
+                    url: "{{ url_for('instances.send_admin_email', email=email, password=password, name=name)}}"
                     })
                  }
                  else {

From c43956175fcb6fff6b599e64156987e7014fc50d Mon Sep 17 00:00:00 2001
From: Hana Pearlman <hanap@sas.upenn.edu>
Date: Fri, 8 Jun 2018 22:36:24 -0700
Subject: [PATCH 3/5] fix line length

---
 app/instances/views.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/instances/views.py b/app/instances/views.py
index 2063754..d85f26b 100644
--- a/app/instances/views.py
+++ b/app/instances/views.py
@@ -130,7 +130,8 @@ def get_status(app_setup_id, auth):
 
 
 @csrf.exempt
-@instances.route('/send-admin-email/<email>/<password>/<name>', methods=['POST'])
+@instances.route('/send-admin-email/<email>/<password>/<name>', 
+    methods=['POST'])
 def send_admin_email(email, password, name):
     get_queue().enqueue(
         send_email,

From 73931477103ee9a246599bf5a90f5cb4d10ec004 Mon Sep 17 00:00:00 2001
From: Hana Pearlman <hanap@sas.upenn.edu>
Date: Fri, 8 Jun 2018 22:46:15 -0700
Subject: [PATCH 4/5] trying to fix the style again

---
 app/instances/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/instances/views.py b/app/instances/views.py
index d85f26b..363eda1 100644
--- a/app/instances/views.py
+++ b/app/instances/views.py
@@ -130,8 +130,8 @@ def get_status(app_setup_id, auth):
 
 
 @csrf.exempt
-@instances.route('/send-admin-email/<email>/<password>/<name>', 
-    methods=['POST'])
+@instances.route('/send-admin-email/<email>/<password>/<name>',
+                methods=['POST'])
 def send_admin_email(email, password, name):
     get_queue().enqueue(
         send_email,

From 235328c8c36d2f94f066b0b75ab1e30f78ebcfe2 Mon Sep 17 00:00:00 2001
From: Hana Pearlman <hanap@sas.upenn.edu>
Date: Fri, 8 Jun 2018 22:53:06 -0700
Subject: [PATCH 5/5] send new admin a link to reset their password when they
 create a new instance with fixed style

---
 app/instances/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/instances/views.py b/app/instances/views.py
index 363eda1..3ae1f89 100644
--- a/app/instances/views.py
+++ b/app/instances/views.py
@@ -131,7 +131,7 @@ def get_status(app_setup_id, auth):
 
 @csrf.exempt
 @instances.route('/send-admin-email/<email>/<password>/<name>',
-                methods=['POST'])
+                 methods=['POST'])
 def send_admin_email(email, password, name):
     get_queue().enqueue(
         send_email,