diff options
author | Alexander Sulfrian <alexander@sulfrian.net> | 2016-01-25 00:15:12 +0100 |
---|---|---|
committer | Alexander Sulfrian <alexander@sulfrian.net> | 2016-02-02 04:22:16 +0100 |
commit | 7619809115e6fdc3d7df8705abb20f228863e7c2 (patch) | |
tree | 5afaeeb9020d418143b7cea3e1e2540efcc2140e /accounts/views | |
parent | 753c03b3477071279299ca47ce76f5fcd346d5bd (diff) | |
download | web-7619809115e6fdc3d7df8705abb20f228863e7c2.tar.gz web-7619809115e6fdc3d7df8705abb20f228863e7c2.tar.bz2 web-7619809115e6fdc3d7df8705abb20f228863e7c2.zip |
Use Flask-Login for login handling
Diffstat (limited to 'accounts/views')
-rw-r--r-- | accounts/views/admin/__init__.py | 5 | ||||
-rw-r--r-- | accounts/views/default/__init__.py | 61 |
2 files changed, 34 insertions, 32 deletions
diff --git a/accounts/views/admin/__init__.py b/accounts/views/admin/__init__.py index 5564f93..be7f3d7 100644 --- a/accounts/views/admin/__init__.py +++ b/accounts/views/admin/__init__.py @@ -3,6 +3,7 @@ from __future__ import absolute_import from flask import Blueprint from flask import current_app, redirect, request, g, flash, url_for +from flask.ext.login import current_user from uuid import uuid4 from werkzeug.exceptions import Forbidden @@ -15,9 +16,9 @@ bp = Blueprint('admin', __name__) @bp.before_request def restrict_bp_to_admins(): - if not g.user: + if not current_user.is_authenticated: raise Forbidden(u'Bitte einloggen!') - if g.user.uid not in current_app.config.get('ADMIN_USERS', []): + if current_user.uid not in current_app.config.get('ADMIN_USERS', []): raise Forbidden(u'Du bist kein Admin.') diff --git a/accounts/views/default/__init__.py b/accounts/views/default/__init__.py index 64c855f..37f71f6 100644 --- a/accounts/views/default/__init__.py +++ b/accounts/views/default/__init__.py @@ -4,11 +4,13 @@ from __future__ import absolute_import from copy import deepcopy from flask import Blueprint from flask import current_app, redirect, request, g, flash, url_for +from flask.ext.login import login_required, login_user, logout_user, current_user from accounts.forms import LoginForm, RegisterForm, RegisterCompleteForm, \ LostPasswordForm, SettingsForm from accounts.utils import * from accounts.utils.confirmation import Confirmation +from accounts.utils.login import logout_required from accounts.models import Account @@ -18,17 +20,21 @@ bp = Blueprint('default', __name__) @bp.route('/', methods=['GET', 'POST']) @templated('index.html') def index(): - if not g.user: - form = LoginForm(request.form) - if form.validate_on_submit(): - if login_user(form.username.data, form.password.data): - flash(u'Erfolgreich eingeloggt', 'success') - return redirect(url_for('.settings')) - else: - flash(u'Ungültiger Benutzername und/oder Passwort', 'error') - else: + if current_user.is_authenticated: return redirect(url_for('.settings')) + form = LoginForm(request.form) + if form.validate_on_submit(): + try: + user = current_app.user_backend.auth(form.username.data, + form.password.data) + login_user(user) + flash(u'Erfolgreich eingeloggt', 'success') + return redirect(url_for('.settings')) + except (current_app.user_backend.NoSuchUserError, + current_app.user_backend.InvalidPasswordError): + flash(u'Ungültiger Benutzername und/oder Passwort', 'error') + return {'form': form} @@ -71,9 +77,7 @@ def register_complete(token): user = Account(username, mail, password=form.password.data) current_app.user_backend.register(user) - - # populate request context and session - assert login_user(user.uid, user.password) + login_user(user) if current_app.config.get('MAIL_REGISTER_NOTIFY'): current_app.mail_backend.send( @@ -132,11 +136,9 @@ def lost_password_complete(token): user = current_app.user_backend.get_by_uid(username) user.change_password(form.password.data) current_app.user_backend.update(user, as_admin=True) + login_user(user) - session['username'] = username - session['password'] = form.password.data flash(u'Passwort geändert.', 'success') - return redirect(url_for('.settings')) return { @@ -150,7 +152,7 @@ def lost_password_complete(token): @templated('settings.html') @login_required def settings(): - form = SettingsForm(request.form, mail=g.user.attributes['mail']) + form = SettingsForm(request.form, mail=current_user.attributes['mail']) if form.validate_on_submit(): changed = False @@ -158,15 +160,15 @@ def settings(): for service in current_app.all_services: field = form.get_servicedelete(service.id) if(field.data): - g.user.reset_password(service.id) + current_user.reset_password(service.id) changed = True elif request.form.get('submit_main'): - if form.mail.data and form.mail.data != g.user.attributes['mail']: - confirm_token = Confirmation('change_mail').dumps((g.user.uid, form.mail.data)) + if form.mail.data and form.mail.data != current_user.attributes['mail']: + confirm_token = Confirmation('change_mail').dumps((current_user.uid, form.mail.data)) confirm_link = url_for('.change_mail', token=confirm_token, _external=True) - body = render_template('mail/change_mail.txt', username=g.user.uid, + body = render_template('mail/change_mail.txt', username=current_user.uid, mail=form.mail.data, link=confirm_link) current_app.mail_backend.send( @@ -179,9 +181,7 @@ def settings(): changed = True if form.password.data: - g.user.change_password(form.password.data, form.old_password.data) - session['password'] = form.password.data - + current_user.change_password(form.password.data, form.old_password.data) flash(u'Passwort geändert', 'success') changed = True @@ -189,10 +189,11 @@ def settings(): field = form.get_servicepassword(service.id) if field.data: changed = True - g.user.change_password(field.data, None, service.id) + current_user.change_password(field.data, None, service.id) if changed: - current_app.user_backend.update(g.user, as_admin=True) #XXX: as_admin wieder wegmachen sobald ACLs richtig gesetzt sind + current_app.user_backend.update(current_user, as_admin=True) #XXX: as_admin wieder wegmachen sobald ACLs richtig gesetzt sind + login_user(current_user) return redirect(url_for('.settings')) else: flash(u'Nichts geändert.') @@ -200,7 +201,7 @@ def settings(): services = deepcopy(current_app.all_services) for s in services: - s.changed = s.id in g.user.services + s.changed = s.id in current_user.services return { 'form': form, @@ -213,16 +214,16 @@ def settings(): def change_mail(token): username, mail = Confirmation('change_mail').loads_http(token, max_age=3*24*60*60) - if g.user.uid != username: + if current_user.uid != username: raise Forbidden(u'Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.') results = current_app.user_backend.find_by_mail(mail) for user in results: - if user.uid != g.user.uid: + if user.uid != current_user.uid: raise Forbidden(u'Diese E-Mail-Adresse wird schon von einem anderen account benutzt!') - g.user.change_email(mail) - current_app.user_backend.update(g.user) + current_user.change_email(mail) + current_app.user_backend.update(current_user) flash(u'E-Mail-Adresse geändert.', 'success') return redirect(url_for('.settings')) |