diff options
Diffstat (limited to 'accounts/views')
-rw-r--r-- | accounts/views/admin/__init__.py | 72 | ||||
-rw-r--r-- | accounts/views/default/__init__.py | 175 | ||||
-rw-r--r-- | accounts/views/login/__init__.py | 46 | ||||
-rw-r--r-- | accounts/views/login/forms.py | 4 |
4 files changed, 173 insertions, 124 deletions
diff --git a/accounts/views/admin/__init__.py b/accounts/views/admin/__init__.py index 938033b..92dbf22 100644 --- a/accounts/views/admin/__init__.py +++ b/accounts/views/admin/__init__.py @@ -12,40 +12,41 @@ from accounts.forms import AdminCreateAccountForm, AdminDisableAccountForm from accounts.app import accounts_app -bp = Blueprint('admin', __name__) +bp = Blueprint("admin", __name__) @bp.before_request def restrict_bp_to_admins(): if not current_user.is_authenticated: return accounts_app.login_manager.unauthorized() - if current_user.uid not in accounts_app.config.get('ADMIN_USERS', []): - raise Forbidden('Du bist kein Admin.') + if current_user.uid not in accounts_app.config.get("ADMIN_USERS", []): + raise Forbidden("Du bist kein Admin.") -@bp.route('/') -@templated('admin/index.html') +@bp.route("/") +@templated("admin/index.html") def index(): return {} -@bp.route('/create_account', methods=['GET', 'POST']) -@templated('admin/create_account.html') +@bp.route("/create_account", methods=["GET", "POST"]) +@templated("admin/create_account.html") def create_account(): form = AdminCreateAccountForm() if form.validate_on_submit(): - accounts_app.mail_backend.send(form.mail.data, 'mail/register.txt', - username=form.username.data) + accounts_app.mail_backend.send( + form.mail.data, "mail/register.txt", username=form.username.data + ) - flash('Mail versandt.', 'success') - return redirect(url_for('admin.index')) - return {'form': form} + flash("Mail versandt.", "success") + return redirect(url_for("admin.index")) + return {"form": form} -@bp.route('/view_blacklist') -@bp.route('/view_blacklist/<start>') -@templated('admin/view_blacklist.html') -def view_blacklist(start=''): +@bp.route("/view_blacklist") +@bp.route("/view_blacklist/<start>") +@templated("admin/view_blacklist.html") +def view_blacklist(start=""): entries = accounts_app.username_blacklist if start: entries = [e for e in entries if e.startswith(start)] @@ -53,18 +54,18 @@ def view_blacklist(start=''): next_letters = set(e[len(start)] for e in entries if len(e) > len(start)) return { - 'entries': entries, - 'start': start, - 'next_letters': next_letters, + "entries": entries, + "start": start, + "next_letters": next_letters, } -@bp.route('/disable_account', methods=['GET', 'POST']) -@templated('admin/disable_account.html') +@bp.route("/disable_account", methods=["GET", "POST"]) +@templated("admin/disable_account.html") def disable_account(): form = AdminDisableAccountForm() - if 'uid' in request.args: - form = AdminDisableAccountForm(username=request.args['uid']) + if "uid" in request.args: + form = AdminDisableAccountForm(username=request.args["uid"]) if form.validate_on_submit() and form.user: random_pw = str(uuid4()) @@ -73,19 +74,28 @@ def disable_account(): form.user.reset_password(service.id) oldmail = form.user.mail - mail = accounts_app.config['DISABLED_ACCOUNT_MAILADDRESS_TEMPLATE'] % form.user.uid + mail = ( + accounts_app.config["DISABLED_ACCOUNT_MAILADDRESS_TEMPLATE"] + % form.user.uid + ) form.user.change_email(mail) accounts_app.user_backend.update(form.user, as_admin=True) - flash('Passwort auf ein zufälliges und Mailadresse auf %s ' - 'gesetzt.' % mail, 'success') + flash( + "Passwort auf ein zufälliges und Mailadresse auf %s " + "gesetzt." % mail, + "success", + ) accounts_app.mail_backend.send( - accounts_app.config['MAIL_REGISTER_NOTIFY'], - 'mail/disable_notify.txt', - username=form.user.uid, mail=oldmail, admin=current_user.uid) + accounts_app.config["MAIL_REGISTER_NOTIFY"], + "mail/disable_notify.txt", + username=form.user.uid, + mail=oldmail, + admin=current_user.uid, + ) - return redirect(url_for('admin.index')) + return redirect(url_for("admin.index")) - return {'form': form} + return {"form": form} diff --git a/accounts/views/default/__init__.py b/accounts/views/default/__init__.py index bba20fd..1639182 100644 --- a/accounts/views/default/__init__.py +++ b/accounts/views/default/__init__.py @@ -3,14 +3,17 @@ from copy import deepcopy from flask import Blueprint -from flask import redirect, render_template, request, \ - flash, url_for +from flask import redirect, render_template, request, flash, url_for from flask_login import login_required, login_user, current_user from werkzeug.exceptions import Forbidden from werkzeug import Response -from accounts.forms import RegisterForm, RegisterCompleteForm, \ - LostPasswordForm, SettingsForm +from accounts.forms import ( + RegisterForm, + RegisterCompleteForm, + LostPasswordForm, + SettingsForm, +) from accounts.utils import templated from accounts.utils.confirmation import Confirmation from accounts.utils.login import logout_required @@ -20,33 +23,39 @@ from accounts.app import accounts_app from typing import Union -bp = Blueprint('default', __name__) +bp = Blueprint("default", __name__) -@bp.route('/register', methods=['GET', 'POST']) -@templated('register.html') +@bp.route("/register", methods=["GET", "POST"]) +@templated("register.html") @logout_required def register() -> Union[dict, Response]: form = RegisterForm() if form.validate_on_submit(): - accounts_app.mail_backend.send(form.mail.data, 'mail/register.txt', - username=form.username.data) + accounts_app.mail_backend.send( + form.mail.data, "mail/register.txt", username=form.username.data + ) - flash('Es wurde eine E-Mail an die angegebene Adresse geschickt, ' - 'um diese zu überprüfen. Bitte folge den Anweisungen in der ' - 'E-Mail.', 'success') + flash( + "Es wurde eine E-Mail an die angegebene Adresse geschickt, " + "um diese zu überprüfen. Bitte folge den Anweisungen in der " + "E-Mail.", + "success", + ) - return redirect(url_for('.index')) + return redirect(url_for(".index")) - return {'form': form} + return {"form": form} -@bp.route('/register/<token>', methods=['GET', 'POST']) -@templated('register_complete.html') +@bp.route("/register/<token>", methods=["GET", "POST"]) +@templated("register_complete.html") @logout_required def register_complete(token: str): - #TODO: check for double uids and mail - username, mail = Confirmation('register').loads_http(token, max_age=3*24*60*60) + # TODO: check for double uids and mail + username, mail = Confirmation("register").loads_http( + token, max_age=3 * 24 * 60 * 60 + ) try: accounts_app.user_backend.get_by_uid(username) @@ -54,8 +63,10 @@ def register_complete(token: str): except accounts_app.user_backend.NoSuchUserError: pass else: - flash('Du hast den Benutzer bereits angelegt! Du kannst dich jetzt einfach einloggen:') - return redirect(url_for('.index')) + flash( + "Du hast den Benutzer bereits angelegt! Du kannst dich jetzt einfach einloggen:" + ) + return redirect(url_for(".index")) form = RegisterCompleteForm() if form.validate_on_submit(): @@ -64,45 +75,53 @@ def register_complete(token: str): login_user(user) accounts_app.mail_backend.send( - accounts_app.config['MAIL_REGISTER_NOTIFY'], - 'mail/register_notify.txt', - username=username, mail=mail) + accounts_app.config["MAIL_REGISTER_NOTIFY"], + "mail/register_notify.txt", + username=username, + mail=mail, + ) - flash('Benutzer erfolgreich angelegt.', 'success') - return redirect(url_for('.index')) + flash("Benutzer erfolgreich angelegt.", "success") + return redirect(url_for(".index")) return { - 'form': form, - 'token': token, - 'username': username, - 'mail': mail, + "form": form, + "token": token, + "username": username, + "mail": mail, } -@bp.route('/lost_password', methods=['GET', 'POST']) -@templated('lost_password.html') +@bp.route("/lost_password", methods=["GET", "POST"]) +@templated("lost_password.html") @logout_required def lost_password(): form = LostPasswordForm() if form.validate_on_submit() and form.user: - #TODO: make the link only usable once (e.g include a hash of the old pw) + # TODO: make the link only usable once (e.g include a hash of the old pw) # atm the only thing we do is make the link valid for only little time accounts_app.mail_backend.send( - form.user.mail, 'mail/lost_password.txt', username=form.user.uid) + form.user.mail, "mail/lost_password.txt", username=form.user.uid + ) - flash('Wir haben dir eine E-Mail mit einem Link zum Passwort ändern ' - 'geschickt. Bitte folge den Anweisungen in der E-Mail.', 'success') + flash( + "Wir haben dir eine E-Mail mit einem Link zum Passwort ändern " + "geschickt. Bitte folge den Anweisungen in der E-Mail.", + "success", + ) - return redirect(url_for('.index')) + return redirect(url_for(".index")) - return {'form': form} + return {"form": form} -@bp.route('/lost_password/<token>', methods=['GET', 'POST']) -@templated('lost_password_complete.html') +@bp.route("/lost_password/<token>", methods=["GET", "POST"]) +@templated("lost_password_complete.html") @logout_required def lost_password_complete(token: str): - (username,) = Confirmation('lost_password').loads_http(token, max_age=4*60*60) + (username,) = Confirmation("lost_password").loads_http( + token, max_age=4 * 60 * 60 + ) form = RegisterCompleteForm() if form.validate_on_submit(): @@ -111,45 +130,52 @@ def lost_password_complete(token: str): accounts_app.user_backend.update(user, as_admin=True) login_user(user) - flash('Passwort geändert.', 'success') - return redirect(url_for('.index')) + flash("Passwort geändert.", "success") + return redirect(url_for(".index")) return { - 'form': form, - 'token': token, - 'username': username, + "form": form, + "token": token, + "username": username, } -@bp.route('/', methods=['GET', 'POST']) -@templated('index.html') +@bp.route("/", methods=["GET", "POST"]) +@templated("index.html") @login_required def index() -> Union[Response, dict]: form = SettingsForm(mail=current_user.mail) if form.validate_on_submit(): changed = False - if request.form.get('submit_services'): + if request.form.get("submit_services"): for service in accounts_app.all_services: field = form.get_servicedelete(service.id) if field.data: current_user.reset_password(service.id) changed = True - elif request.form.get('submit_main'): + elif request.form.get("submit_main"): if form.mail.data and form.mail.data != current_user.mail: accounts_app.mail_backend.send( - form.mail.data, 'mail/change_mail.txt', - username=current_user.uid) - - flash('Es wurde eine E-Mail an die angegebene Adresse geschickt, ' - 'um diese zu überprüfen. Bitte folge den Anweisungen in der ' - 'E-Mail.', 'success') + form.mail.data, + "mail/change_mail.txt", + username=current_user.uid, + ) + + flash( + "Es wurde eine E-Mail an die angegebene Adresse geschickt, " + "um diese zu überprüfen. Bitte folge den Anweisungen in der " + "E-Mail.", + "success", + ) changed = True if form.password.data: - current_user.change_password(form.password.data, form.old_password.data) - flash('Passwort geändert', 'success') + current_user.change_password( + form.password.data, form.old_password.data + ) + flash("Passwort geändert", "success") changed = True for service in accounts_app.all_services: @@ -161,46 +187,51 @@ def index() -> Union[Response, dict]: if changed: accounts_app.user_backend.update(current_user) login_user(current_user) - return redirect(url_for('.index')) + return redirect(url_for(".index")) else: - flash('Nichts geändert.') - + flash("Nichts geändert.") services = deepcopy(accounts_app.all_services) for s in services: s.changed = s.id in current_user.services return { - 'form': form, - 'services': services, + "form": form, + "services": services, } -@bp.route('/change_mail/<token>') +@bp.route("/change_mail/<token>") @login_required def change_mail(token: str): - username, mail = Confirmation('change_mail').loads_http(token, max_age=3*24*60*60) + username, mail = Confirmation("change_mail").loads_http( + token, max_age=3 * 24 * 60 * 60 + ) if current_user.uid != username: - raise Forbidden('Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.') + raise Forbidden( + "Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst." + ) results = accounts_app.user_backend.find_by_mail(mail) for user in results: if user.uid != current_user.uid: - raise Forbidden('Diese E-Mail-Adresse wird schon von einem anderen account benutzt!') + raise Forbidden( + "Diese E-Mail-Adresse wird schon von einem anderen account benutzt!" + ) current_user.change_email(mail) accounts_app.user_backend.update(current_user) - flash('E-Mail-Adresse geändert.', 'success') - return redirect(url_for('.index')) + flash("E-Mail-Adresse geändert.", "success") + return redirect(url_for(".index")) -@bp.route('/about') -@templated('about.html') +@bp.route("/about") +@templated("about.html") def about(): return { - 'app': accounts_app, + "app": accounts_app, } @@ -213,4 +244,4 @@ def errorhandler(e): except AttributeError: code = 500 - return render_template('error.html', error=e), code + return render_template("error.html", error=e), code diff --git a/accounts/views/login/__init__.py b/accounts/views/login/__init__.py index ee049bf..1285605 100644 --- a/accounts/views/login/__init__.py +++ b/accounts/views/login/__init__.py @@ -13,7 +13,7 @@ from typing import Union from .forms import LoginForm -bp = Blueprint('login', __name__) +bp = Blueprint("login", __name__) def is_safe_url(target: str): @@ -21,36 +21,44 @@ def is_safe_url(target: str): test_url = urlparse(urljoin(request.host_url, target)) print(target) print(test_url) - return test_url.scheme in ('http', 'https') and \ - ref_url.netloc == test_url.netloc and \ - test_url.path == target + return ( + test_url.scheme in ("http", "https") + and ref_url.netloc == test_url.netloc + and test_url.path == target + ) -@bp.route('/login', methods=['GET', 'POST']) +@bp.route("/login", methods=["GET", "POST"]) def login() -> Union[str, Response]: if current_user.is_authenticated: - return redirect(url_for('default.index')) + return redirect(url_for("default.index")) form = LoginForm(request.form) if form.validate_on_submit(): try: - user = accounts_app.user_backend.auth(form.username.data, - form.password.data) + user = accounts_app.user_backend.auth( + form.username.data, form.password.data + ) login_user(user) - flash('Erfolgreich eingeloggt', 'success') + flash("Erfolgreich eingeloggt", "success") - next = request.form['next'] - return redirect(next if is_safe_url(next) else url_for('default.index')) - except (accounts_app.user_backend.NoSuchUserError, - accounts_app.user_backend.InvalidPasswordError): - flash('Ungültiger Benutzername und/oder Passwort', 'error') + next = request.form["next"] + return redirect( + next if is_safe_url(next) else url_for("default.index") + ) + except ( + accounts_app.user_backend.NoSuchUserError, + accounts_app.user_backend.InvalidPasswordError, + ): + flash("Ungültiger Benutzername und/oder Passwort", "error") - return render_template("login/login.html", form=form, - next=request.values.get('next')) + return render_template( + "login/login.html", form=form, next=request.values.get("next") + ) -@bp.route('/logout') +@bp.route("/logout") def logout() -> Response: logout_user() - flash('Erfolgreich ausgeloggt.', 'success') - return redirect(url_for('.login')) + flash("Erfolgreich ausgeloggt.", "success") + return redirect(url_for(".login")) diff --git a/accounts/views/login/forms.py b/accounts/views/login/forms.py index e4155b4..b9774a3 100644 --- a/accounts/views/login/forms.py +++ b/accounts/views/login/forms.py @@ -4,5 +4,5 @@ from wtforms import StringField, PasswordField, validators class LoginForm(Form): - username = StringField('Benutzername') - password = PasswordField('Passwort', [validators.DataRequired()]) + username = StringField("Benutzername") + password = PasswordField("Passwort", [validators.DataRequired()]) |