justin/new-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
new-site/scripts/workers/services/dot_esign.py
justin 02112facf5 capture client signature before filing signed DOT forms 
Forms that legally require the client's signature were not being captured
correctly:

- MCS-150 handler created a perjury e-sign record but then submitted to FMCSA
  anyway, before the client signed. Now it gates submission: request the
  signature, hold, and only file when handle_esign_completed re-dispatches with
  client_approved=True.
- MCS-150 e-sign links were signed with JWT_SECRET/ADMIN_JWT_SECRET, but the
  portal verifies with CUSTOMER_JWT_SECRET, so every link returned "Invalid
  portal link." New shared dot_esign helper signs with CUSTOMER_JWT_SECRET.
- carrier-closeout (final MCS-150 Out of Business) and entity-dissolution
  (Articles of Dissolution + no-lawsuits/liens/judgments attestation) captured
  no signature at all. Both now request a signed attestation before the
  workflow proceeds.
- mc-authority / emergency-temporary-authority now get a correctly labeled
  OP-1 applicant certification instead of an "MCS-150" record.

Also fixes a latent dispatcher bug: order["service_slug"] was never set, so
handlers sharing a class fell back to their default SERVICE_SLUG. This made
entity-dissolution run the carrier-closeout branch and mc-authority/etc. look
like mcs150-update. Now the resolved slug is injected into order_data.

Portal e-sign page now renders the document-specific certification text from
metadata.perjury_text (so the dissolution no-liabilities attestation and OP-1
cert are actually shown to the signer), not just a generic perjury line.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-05-31 20:30:09 -05:00

255 lines
9.8 KiB
Python
Raw Blame History

"""DOT/FMCSA e-signature helper.
Creates an `esign_records` row and emails the client a signing link, using the
local Postfix relay (localhost:25) like the other DOT status emails. This is the
DOT-side counterpart to telecom/esign_helper.py, but without the external
SMTP-auth dependency.
CRITICAL: portal links are signed with CUSTOMER_JWT_SECRET — the same secret the
API portal middleware (api/src/middleware/portalAuth.ts) verifies with. Signing
with any other secret yields an "Invalid portal link." error for the client.
Which DOT forms legally require the client's signature BEFORE we file:
- mcs150 forms (MCS-150 biennial / new USDOT / reactivation) — perjury cert
- operating authority (OP-1 / MC / emergency temporary authority) — applicant cert
- carrier close-out (final MCS-150 "Out of Business") — perjury cert
- entity dissolution (Articles of Dissolution) — no-liabilities attestation
UCR, drug-&-alcohol consortium enrollment, audit prep, and BOC-3 (signed by the
process agent, not the carrier) do NOT file a client-signed federal form, so they
skip signature capture entirely.
"""
from __future__ import annotations
import logging
import os
LOG = logging.getLogger("workers.services.dot_esign")
_MCS150_PERJURY = (
"I certify under penalty of perjury that the information in this MCS-150 is "
"true and correct to the best of my knowledge and belief, and that I am "
"authorized to file it on behalf of the motor carrier. I understand that "
"making a false statement is punishable under 18 U.S.C. § 1001."
)
_OP1_CERT = (
"I certify that I am authorized to apply for operating authority on behalf of "
"the applicant, that the information provided is true and correct, and that the "
"applicant will comply with all applicable FMCSA safety and insurance "
"requirements. I understand that a false statement is punishable under "
"18 U.S.C. § 1001."
)
_CLOSEOUT_CERT = (
"I authorize Performance West Inc. to file a final MCS-150 marking this carrier "
"OUT OF BUSINESS and to deactivate the USDOT number and operating authority "
"listed above. I certify under penalty of perjury that the information is true "
"and correct and that I am authorized to wind down this motor carrier."
)
_DISSOLUTION_ATTEST = (
"I attest that, to the best of my knowledge, this entity has NO outstanding "
"lawsuits, liens, judgments, or unsatisfied creditor claims. I authorize "
"Performance West Inc. to file Articles of Dissolution and final returns on the "
"entity's behalf, and I certify that I am authorized to dissolve this entity. I "
"understand that dissolving an entity with unresolved liabilities may expose its "
"members or officers to personal liability."
)
# slug -> signing config. A slug absent from this map requires NO signature.
DOT_SIGNING: dict[str, dict] = {
"mcs150-update": {
"document_type": "mcs150",
"document_title": "MCS-150 Biennial Update — Certification Under Penalty of Perjury",
"perjury_text": _MCS150_PERJURY,
},
"dot-registration": {
"document_type": "mcs150",
"document_title": "New USDOT Registration (MCS-150) — Certification Under Penalty of Perjury",
"perjury_text": _MCS150_PERJURY,
},
"usdot-reactivation": {
"document_type": "mcs150",
"document_title": "USDOT Reactivation (MCS-150) — Certification Under Penalty of Perjury",
"perjury_text": _MCS150_PERJURY,
},
"dot-full-compliance": {
"document_type": "mcs150",
"document_title": "DOT Full Compliance (MCS-150) — Certification Under Penalty of Perjury",
"perjury_text": _MCS150_PERJURY,
},
"mc-authority": {
"document_type": "operating-authority",
"document_title": "Operating Authority Application (OP-1) — Applicant Certification",
"perjury_text": _OP1_CERT,
},
"emergency-temporary-authority": {
"document_type": "operating-authority",
"document_title": "Emergency Temporary Authority Request — Applicant Certification",
"perjury_text": _OP1_CERT,
},
"carrier-closeout": {
"document_type": "carrier-closeout",
"document_title": "Carrier Close-Out Authorization & Final MCS-150 (Out of Business)",
"perjury_text": _CLOSEOUT_CERT,
},
"entity-dissolution": {
"document_type": "entity-dissolution",
"document_title": "Entity Dissolution Authorization & No-Liabilities Attestation",
"perjury_text": _DISSOLUTION_ATTEST,
},
}
def requires_signature(slug: str) -> bool:
"""True if the DOT service files a form that needs the client's signature."""
return slug in DOT_SIGNING
def request_dot_esign(
order_number: str,
slug: str,
entity_name: str,
customer_email: str,
dot_number: str = "",
document_minio_key: str = "",
extra_metadata: dict | None = None,
expires_days: int = 7,
) -> int | None:
"""Create a pending esign record for a DOT form and email the signing link.
Idempotent per (order_number, document_type): re-running will not duplicate a
pending/signed record. Returns the esign_records.id, or None on failure.
"""
cfg = DOT_SIGNING.get(slug)
if not cfg:
return None # this service does not require a signature
if not customer_email:
LOG.warning("[%s] No customer email — cannot request signature", order_number)
return None
import json
document_type = cfg["document_type"]
document_title = cfg["document_title"]
perjury_text = cfg["perjury_text"]
metadata = {
"dot_number": dot_number,
"service_slug": slug,
"perjury_text": perjury_text,
}
if extra_metadata:
metadata.update(extra_metadata)
# 1. Upsert the pending record
esign_id = None
try:
import psycopg2
conn = psycopg2.connect(os.environ.get("DATABASE_URL", ""))
with conn.cursor() as cur:
cur.execute(
"""
INSERT INTO esign_records (
order_number, document_type, document_title, entity_name,
document_minio_key, document_metadata,
requires_perjury, status, expires_at
) VALUES (%s, %s, %s, %s, %s, %s, TRUE, 'pending',
NOW() + (%s || ' days')::interval)
ON CONFLICT (order_number, document_type)
WHERE status IN ('pending', 'signed')
DO UPDATE SET
document_title = EXCLUDED.document_title,
entity_name = EXCLUDED.entity_name,
document_minio_key = EXCLUDED.document_minio_key,
document_metadata = EXCLUDED.document_metadata,
expires_at = EXCLUDED.expires_at,
updated_at = NOW()
RETURNING id
""",
(
order_number, document_type, document_title, entity_name,
document_minio_key, json.dumps(metadata), str(expires_days),
),
)
row = cur.fetchone()
esign_id = row[0] if row else None
conn.commit()
conn.close()
except Exception as exc:
LOG.error("[%s] Failed to create esign record (%s): %s", order_number, document_type, exc)
return None
# 2. Email the signing link (signed with CUSTOMER_JWT_SECRET to match the portal)
try:
_send_signing_email(
order_number=order_number,
document_type=document_type,
document_title=document_title,
entity_name=entity_name,
dot_number=dot_number,
customer_email=customer_email,
expires_days=expires_days,
)
LOG.info("[%s] Signing link sent to %s (%s)", order_number, customer_email, document_type)
except Exception as exc:
LOG.warning("[%s] Could not send signing email (record exists): %s", order_number, exc)
return esign_id
def _send_signing_email(
order_number: str,
document_type: str,
document_title: str,
entity_name: str,
dot_number: str,
customer_email: str,
expires_days: int,
) -> None:
import smtplib
from email.mime.text import MIMEText
try:
import jwt as pyjwt
except ImportError: # pragma: no cover
import PyJWT as pyjwt # type: ignore
secret = os.environ.get("CUSTOMER_JWT_SECRET", "changeme_long_random_string")
domain = os.environ.get("DOMAIN", "performancewest.net")
from datetime import datetime, timedelta, timezone
token = pyjwt.encode(
{
"order_id": order_number,
"order_type": document_type,
"email": customer_email,
"exp": datetime.now(timezone.utc) + timedelta(days=expires_days),
},
secret,
algorithm="HS256",
)
sign_url = f"https://{domain}/portal/esign?token={token}"
dot_line = f" (DOT# {dot_number})" if dot_number else ""
body = (
f"Hi,\n\n"
f"Your {document_title} for {entity_name}{dot_line} has been prepared and "
f"is ready for your signature.\n\n"
f"Federal law requires your certification before we can submit this filing. "
f"Please review and sign here:\n{sign_url}\n\n"
f"This link expires in {expires_days} days.\n\n"
f"Once you sign, we file with the appropriate agency and send you "
f"confirmation.\n\n"
f"Order: {order_number}\n"
f"Questions? Call (888) 411-0383.\n\n"
f"Performance West Inc.\n"
)
msg = MIMEText(body)
msg["Subject"] = f"Action Required: Sign Your {document_title}{entity_name}"
msg["From"] = "noreply@performancewest.net"
msg["To"] = customer_email
with smtplib.SMTP("localhost", 25, timeout=30) as s:
s.sendmail(msg["From"], [customer_email], msg.as_string())
Reference in a new issue View git blame Copy permalink