summaryrefslogtreecommitdiffstats
path: root/accounts/views
diff options
context:
space:
mode:
Diffstat (limited to 'accounts/views')
-rw-r--r--accounts/views/admin/__init__.py23
-rw-r--r--accounts/views/default/__init__.py56
-rw-r--r--accounts/views/login/__init__.py26
3 files changed, 56 insertions, 49 deletions
diff --git a/accounts/views/admin/__init__.py b/accounts/views/admin/__init__.py
index 35fda58..7378e38 100644
--- a/accounts/views/admin/__init__.py
+++ b/accounts/views/admin/__init__.py
@@ -2,13 +2,14 @@
from flask import Blueprint
-from flask import current_app, redirect, request, g, flash, url_for
+from flask import redirect, request, flash, url_for
from flask_login import current_user
from uuid import uuid4
from werkzeug.exceptions import Forbidden
from accounts.utils import templated
from accounts.forms import AdminCreateAccountForm, AdminDisableAccountForm
+from accounts.app import accounts_app
bp = Blueprint('admin', __name__)
@@ -17,8 +18,8 @@ bp = Blueprint('admin', __name__)
@bp.before_request
def restrict_bp_to_admins():
if not current_user.is_authenticated:
- return current_app.login_manager.unauthorized()
- if current_user.uid not in current_app.config.get('ADMIN_USERS', []):
+ return accounts_app.login_manager.unauthorized()
+ if current_user.uid not in accounts_app.config.get('ADMIN_USERS', []):
raise Forbidden('Du bist kein Admin.')
@@ -33,8 +34,8 @@ def index():
def create_account():
form = AdminCreateAccountForm()
if form.validate_on_submit():
- current_app.mail_backend.send(form.mail.data, 'mail/register.txt',
- username=form.username.data)
+ accounts_app.mail_backend.send(form.mail.data, 'mail/register.txt',
+ username=form.username.data)
flash('Mail versandt.', 'success')
return redirect(url_for('admin.index'))
@@ -45,7 +46,7 @@ def create_account():
@bp.route('/view_blacklist/<start>')
@templated('admin/view_blacklist.html')
def view_blacklist(start=''):
- entries = current_app.username_blacklist
+ entries = accounts_app.username_blacklist
if start:
entries = [e for e in entries if e.startswith(start)]
@@ -68,20 +69,20 @@ def disable_account():
if form.validate_on_submit():
random_pw = str(uuid4())
form.user.change_password(random_pw)
- for service in current_app.all_services:
+ for service in accounts_app.all_services:
form.user.reset_password(service.id)
oldmail = form.user.mail
- mail = current_app.config['DISABLED_ACCOUNT_MAILADDRESS_TEMPLATE'] % form.user.uid
+ mail = accounts_app.config['DISABLED_ACCOUNT_MAILADDRESS_TEMPLATE'] % form.user.uid
form.user.change_email(mail)
- current_app.user_backend.update(form.user, as_admin=True)
+ accounts_app.user_backend.update(form.user, as_admin=True)
flash('Passwort auf ein zufälliges und Mailadresse auf %s '
'gesetzt.' % mail, 'success')
- current_app.mail_backend.send(
- current_app.config['MAIL_REGISTER_NOTIFY'],
+ accounts_app.mail_backend.send(
+ accounts_app.config['MAIL_REGISTER_NOTIFY'],
'mail/disable_notify.txt',
username=form.user.uid, mail=oldmail, admin=current_user.uid)
diff --git a/accounts/views/default/__init__.py b/accounts/views/default/__init__.py
index 1854c46..0b7065d 100644
--- a/accounts/views/default/__init__.py
+++ b/accounts/views/default/__init__.py
@@ -3,10 +3,11 @@
from copy import deepcopy
from flask import Blueprint
-from flask import current_app, redirect, render_template, request, g, \
+from flask import redirect, render_template, request, \
flash, url_for
-from flask_login import login_required, login_user, logout_user, current_user
+from flask_login import login_required, login_user, current_user
from werkzeug.exceptions import Forbidden
+from werkzeug import Response
from accounts.forms import RegisterForm, RegisterCompleteForm, \
LostPasswordForm, SettingsForm
@@ -14,6 +15,9 @@ from accounts.utils import templated
from accounts.utils.confirmation import Confirmation
from accounts.utils.login import logout_required
from accounts.models import Account
+from accounts.app import accounts_app
+
+from typing import Union
bp = Blueprint('default', __name__)
@@ -22,11 +26,11 @@ bp = Blueprint('default', __name__)
@bp.route('/register', methods=['GET', 'POST'])
@templated('register.html')
@logout_required
-def register():
+def register() -> Union[dict, Response]:
form = RegisterForm()
if form.validate_on_submit():
- current_app.mail_backend.send(form.mail.data, 'mail/register.txt',
- username=form.username.data)
+ accounts_app.mail_backend.send(form.mail.data, 'mail/register.txt',
+ username=form.username.data)
flash('Es wurde eine E-Mail an die angegebene Adresse geschickt, '
'um diese zu überprüfen. Bitte folge den Anweisungen in der '
@@ -40,14 +44,14 @@ def register():
@bp.route('/register/<token>', methods=['GET', 'POST'])
@templated('register_complete.html')
@logout_required
-def register_complete(token):
+def register_complete(token: str):
#TODO: check for double uids and mail
username, mail = Confirmation('register').loads_http(token, max_age=3*24*60*60)
try:
- current_app.user_backend.get_by_uid(username)
- current_app.user_backend.get_by_mail(mail)
- except current_app.user_backend.NoSuchUserError:
+ accounts_app.user_backend.get_by_uid(username)
+ accounts_app.user_backend.get_by_mail(mail)
+ except accounts_app.user_backend.NoSuchUserError:
pass
else:
flash('Du hast den Benutzer bereits angelegt! Du kannst dich jetzt einfach einloggen:')
@@ -56,11 +60,11 @@ def register_complete(token):
form = RegisterCompleteForm()
if form.validate_on_submit():
user = Account(username, mail, password=form.password.data)
- current_app.user_backend.register(user)
+ accounts_app.user_backend.register(user)
login_user(user)
- current_app.mail_backend.send(
- current_app.config['MAIL_REGISTER_NOTIFY'],
+ accounts_app.mail_backend.send(
+ accounts_app.config['MAIL_REGISTER_NOTIFY'],
'mail/register_notify.txt',
username=username, mail=mail)
@@ -83,7 +87,7 @@ def lost_password():
if form.validate_on_submit():
#TODO: make the link only usable once (e.g include a hash of the old pw)
# atm the only thing we do is make the link valid for only little time
- current_app.mail_backend.send(
+ accounts_app.mail_backend.send(
form.user.mail, 'mail/lost_password.txt', username=form.user.uid)
flash('Wir haben dir eine E-Mail mit einem Link zum Passwort ändern '
@@ -97,14 +101,14 @@ def lost_password():
@bp.route('/lost_password/<token>', methods=['GET', 'POST'])
@templated('lost_password_complete.html')
@logout_required
-def lost_password_complete(token):
+def lost_password_complete(token: str):
(username,) = Confirmation('lost_password').loads_http(token, max_age=4*60*60)
form = RegisterCompleteForm()
if form.validate_on_submit():
- user = current_app.user_backend.get_by_uid(username)
+ user = accounts_app.user_backend.get_by_uid(username)
user.change_password(form.password.data)
- current_app.user_backend.update(user, as_admin=True)
+ accounts_app.user_backend.update(user, as_admin=True)
login_user(user)
flash('Passwort geändert.', 'success')
@@ -120,13 +124,13 @@ def lost_password_complete(token):
@bp.route('/', methods=['GET', 'POST'])
@templated('index.html')
@login_required
-def index():
+def index() -> Union[Response, dict]:
form = SettingsForm(mail=current_user.mail)
if form.validate_on_submit():
changed = False
if request.form.get('submit_services'):
- for service in current_app.all_services:
+ for service in accounts_app.all_services:
field = form.get_servicedelete(service.id)
if field.data:
current_user.reset_password(service.id)
@@ -134,7 +138,7 @@ def index():
elif request.form.get('submit_main'):
if form.mail.data and form.mail.data != current_user.mail:
- current_app.mail_backend.send(
+ accounts_app.mail_backend.send(
form.mail.data, 'mail/change_mail.txt',
username=current_user.uid)
@@ -148,21 +152,21 @@ def index():
flash('Passwort geändert', 'success')
changed = True
- for service in current_app.all_services:
+ for service in accounts_app.all_services:
field = form.get_servicepassword(service.id)
if field.data:
changed = True
current_user.change_password(field.data, None, service.id)
if changed:
- current_app.user_backend.update(current_user)
+ accounts_app.user_backend.update(current_user)
login_user(current_user)
return redirect(url_for('.index'))
else:
flash('Nichts geändert.')
- services = deepcopy(current_app.all_services)
+ services = deepcopy(accounts_app.all_services)
for s in services:
s.changed = s.id in current_user.services
@@ -174,19 +178,19 @@ def index():
@bp.route('/change_mail/<token>')
@login_required
-def change_mail(token):
+def change_mail(token: str):
username, mail = Confirmation('change_mail').loads_http(token, max_age=3*24*60*60)
if current_user.uid != username:
raise Forbidden('Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.')
- results = current_app.user_backend.find_by_mail(mail)
+ results = accounts_app.user_backend.find_by_mail(mail)
for user in results:
if user.uid != current_user.uid:
raise Forbidden('Diese E-Mail-Adresse wird schon von einem anderen account benutzt!')
current_user.change_email(mail)
- current_app.user_backend.update(current_user)
+ accounts_app.user_backend.update(current_user)
flash('E-Mail-Adresse geändert.', 'success')
return redirect(url_for('.index'))
@@ -196,7 +200,7 @@ def change_mail(token):
@templated('about.html')
def about():
return {
- 'app': current_app,
+ 'app': accounts_app,
}
diff --git a/accounts/views/login/__init__.py b/accounts/views/login/__init__.py
index 730b3ed..ee049bf 100644
--- a/accounts/views/login/__init__.py
+++ b/accounts/views/login/__init__.py
@@ -2,17 +2,21 @@
from flask import Blueprint
-from flask import current_app, redirect, request, g, flash, render_template, url_for
+from flask import redirect, request, flash, render_template, url_for
from flask_login import login_user, logout_user, current_user
from urllib.parse import urljoin, urlparse
+from werkzeug import Response
-from .forms import LoginForm
+from accounts.app import accounts_app
+
+from typing import Union
+from .forms import LoginForm
bp = Blueprint('login', __name__)
-def is_safe_url(target):
+def is_safe_url(target: str):
ref_url = urlparse(request.host_url)
test_url = urlparse(urljoin(request.host_url, target))
print(target)
@@ -23,24 +27,22 @@ def is_safe_url(target):
@bp.route('/login', methods=['GET', 'POST'])
-def login():
+def login() -> Union[str, Response]:
if current_user.is_authenticated:
return redirect(url_for('default.index'))
form = LoginForm(request.form)
if form.validate_on_submit():
try:
- user = current_app.user_backend.auth(form.username.data,
- form.password.data)
+ user = accounts_app.user_backend.auth(form.username.data,
+ form.password.data)
login_user(user)
flash('Erfolgreich eingeloggt', 'success')
next = request.form['next']
- if not is_safe_url(next):
- next = None
- return redirect(next or url_for('default.index'))
- except (current_app.user_backend.NoSuchUserError,
- current_app.user_backend.InvalidPasswordError):
+ return redirect(next if is_safe_url(next) else url_for('default.index'))
+ except (accounts_app.user_backend.NoSuchUserError,
+ accounts_app.user_backend.InvalidPasswordError):
flash('Ungültiger Benutzername und/oder Passwort', 'error')
return render_template("login/login.html", form=form,
@@ -48,7 +50,7 @@ def login():
@bp.route('/logout')
-def logout():
+def logout() -> Response:
logout_user()
flash('Erfolgreich ausgeloggt.', 'success')
return redirect(url_for('.login'))