From 685ddeff0038d463959763e85f2f5d017e4781fe Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Thu, 21 Jul 2022 10:47:08 +0200
Subject: [PATCH] send out a recovery email after a new user is created.

---
 areas/users/user_service.py | 37 ++++++++++++++++++++++++++++++++++++-
 web/static/base.js          |  7 -------
 2 files changed, 36 insertions(+), 8 deletions(-)

diff --git a/areas/users/user_service.py b/areas/users/user_service.py
index cfec282..bd59f27 100644
--- a/areas/users/user_service.py
+++ b/areas/users/user_service.py
@@ -1,8 +1,17 @@
+import ory_kratos_client
+from ory_kratos_client.model.submit_self_service_recovery_flow_body \
+    import SubmitSelfServiceRecoveryFlowBody
+from ory_kratos_client.api import v0alpha2_api as kratos_api
+from config import KRATOS_ADMIN_URL
+
 from database import db
 from areas.apps.models import App, AppRole
 from areas.roles.role_service import RoleService
 from helpers import KratosApi
 
+tmp = ory_kratos_client.Configuration(host=KRATOS_ADMIN_URL, discard_unknown_keys=True)
+KRATOS_ADMIN = kratos_api.V0alpha2Api(ory_kratos_client.ApiClient(tmp))
+
 class UserService:
     @staticmethod
     def get_users():
@@ -22,7 +31,10 @@ class UserService:
     def post_user(data):
         kratos_data = {
             "schema_id": "default",
-            "traits": {"email": data["email"], "name": data["name"]},
+            "traits": {
+                "name": data["name"],
+                "email": data["email"],
+            },
         }
         res = KratosApi.post("/admin/identities", kratos_data).json()
 
@@ -39,8 +51,31 @@ class UserService:
                 db.session.add(app_role)
             db.session.commit()
 
+        UserService.__start_user_recovery_flow(data["email"])
+
         return UserService.get_user(res["id"])
 
+
+    @staticmethod
+    def __start_user_recovery_flow(email):
+        """
+        Start a Kratos recovery flow for the user's email address.
+
+        This sends out an email to the user that explains to them how they can
+        set their password.
+
+        :param email: Email to send recovery link to
+        :type email: str
+        """
+        api_response = KRATOS_ADMIN.initialize_self_service_recovery_flow_without_browser()
+        flow = api_response['id']
+        # Submit the recovery flow to send an email to the new user.
+        submit_self_service_recovery_flow_body = \
+            SubmitSelfServiceRecoveryFlowBody(method="link", email=email)
+        api_response = KRATOS_ADMIN.submit_self_service_recovery_flow(flow,
+                submit_self_service_recovery_flow_body=
+                    submit_self_service_recovery_flow_body)
+
     @staticmethod
     def put_user(id, user_editing_id, data):
         kratos_data = {
diff --git a/web/static/base.js b/web/static/base.js
index 6d94cea..4424760 100644
--- a/web/static/base.js
+++ b/web/static/base.js
@@ -1,5 +1,3 @@
-
-
 /* base.js
    This is the base JS file to render the user interfaces of kratos and provide
    the end user with flows for login, recovery etc. 
@@ -433,8 +431,3 @@ $.urlParam = function(name) {
     }
     return decodeURI(results[1]) || 0;
 };
-
-
-
-
-