def user():
"""
exposes:
http://..../[app]/default/user/login
http://..../[app]/default/user/logout
http://..../[app]/default/user/register
http://..../[app]/default/user/profile
http://..../[app]/default/user/retrieve_password
http://..../[app]/default/user/change_password
http://..../[app]/default/user/bulk_register
use @auth.requires_login()
@auth.requires_membership('group name')
@auth.requires_permission('read','table name',record_id)
to decorate functions that need access control
also notice there is http://..../[app]/appadmin/manage/auth to allow administrator to manage users
"""
#Adds captcha to pages
auth.settings.captcha = Recaptcha2(
request, '6LdnExsUAAAAABtu-GE-rZ56VtOZRx0xnuNSqjwu',
'6LdnExsUAAAAAH7I5JDfZCg55h0PWrWYJkDuVFHA')
auth.settings.login_captcha = None
auth.settings.register_captcha = None
auth.settings.retrieve_username_captcha = None
auth.settings.retrieve_password_captcha = None
#When a user signs up, they join normalUsers group. Seperate user groups are not created.
auth.settings.everybody_group_id = 1
auth.settings.create_user_groups = None
return dict(form=auth())
def captcha_field(request=request):
from gluon.tools import Recaptcha2
w = lambda x, y: Recaptcha2(request,
'6LeBjrcUAAAAABPDnsWu-2qxvAwgRnS4PfYDjBbu',
'6LeBjrcUAAAAAD29Ae0vf4Y9YDaNlTfMB1Sk7dMt',
error_message='Invalid, please try again.')
return Field('captcha',
'string',
label=T('Verify'),
widget=w,
default='ok')
# -------------------------------------------------------------
# configure email
# -------------------------------------------------------------
mail = auth.settings.mailer
mail.settings.server = keydata['email_server'] # 'logging' # SMTP server
print mail.settings.server
mail.settings.sender = keydata['email_address'] # email
mail.settings.login = '******'.format(keydata['email_user'], keydata['email_pass']) # credentials or None
mail.settings.tls = True
current.mail = mail
# -------------------------------------------------------------
# enable recaptcha (keys for ianwscott.fluxflex.com)
# -------------------------------------------------------------
auth.settings.register_captcha = Recaptcha2(request,
keydata['captcha_public_key'], keydata['captcha_private_key'])
auth.settings.retrieve_username_captcha = Recaptcha2(request,
keydata['captcha_public_key'], keydata['captcha_private_key'])
auth.settings.retrieve_password_captcha = Recaptcha2(request,
keydata['captcha_public_key'], keydata['captcha_private_key'])
# -------------------------------------------------------------
# configure auth policy
# -------------------------------------------------------------
auth.settings.registration_requires_verification = False
auth.settings.registration_requires_approval = False
auth.settings.reset_password_requires_verification = True
auth.messages.verify_email = 'Click on the link http://' \
+ request.env.http_host + URL('default', 'user', args=['verify_email']) \
+ '/%(key)s to verify your email'
auth.settings.reset_password_requires_verification = True
'defend_log_summary',
Field('app_name', 'string'),
Field('id_rand', 'string', length=50, requires=IS_NOT_EMPTY()),
Field('critical', 'integer'),
Field('warning', 'integer'),
Field('alert', 'integer'),
Field('notice', 'integer'),
Field('error', 'integer'),
Field('requests', 'integer'),
)
from gluon.tools import Auth
from gluon.tools import Recaptcha2
auth = Auth(db)
auth.settings.captcha = Recaptcha2(request,
public_key='xxxx',
private_key='xxxx')
auth.define_tables(
username=True,
signature=True,
)
#auth.settings.login_next=URL('Websites')
auth.settings.logout_next = URL()
#Comment the following line to allow registration
auth.settings.actions_disabled.append('register')
auth.settings.everybody_group_id = False
#Comment the following line if you want to use captcha in the login form
auth.settings.login_captcha = False
def user():
"""
exposes:
http://..../[app]/default/user/login
http://..../[app]/default/user/logout
http://..../[app]/default/user/register
http://..../[app]/default/user/profile
http://..../[app]/default/user/retrieve_password
http://..../[app]/default/user/change_password
http://..../[app]/default/user/manage_users (requires membership in
use @auth.requires_login()
@auth.requires_membership('group name')
@auth.requires_permission('read','table name',record_id)
to decorate functions that need access control
"""
# If saml2 is enabled, use that one
if configuration.get('auth.saml2_auth'):
return saml_user()
# check if someone is looking for profile
if 'profile' in request.args:
redirect(URL('profile', 'index'))
# Send styles email messages from auth
osmail = OsMail()
auth.messages.verify_email = osmail.render_email_template(
'sys_verify_email', return_html=True)['html_message']
# auth.messages.reset_password = '******'
auth.messages.reset_password = osmail.render_email_template(
'sys_reset_password', return_html=True)['html_message']
# Log registration accepted terms (if any)
auth.settings.register_onaccept.append(user_register_log_acceptance)
auth.settings.login_onaccept.append(user_set_last_login)
# Fetch reCAPTCHA settings
recaptcha_enabled = get_sys_property('recaptcha_enabled')
recaptcha_site_key = get_sys_property('recaptcha_site_key')
recaptcha_secret_key = get_sys_property('recaptcha_secret_key')
use_recaptcha = False
if recaptcha_enabled == "on" and recaptcha_site_key and recaptcha_secret_key:
use_recaptcha = True
## Create auth form
if session.show_location: # check if we need a requirement for the school_locations_id field for customers
loc_query = (db.school_locations.AllowAPI == True)
db.auth_user.school_locations_id.requires = IS_IN_DB(
db(loc_query),
'school_locations.id',
'%(Name)s',
error_message=T('Please select a location'),
zero=T('Please select a location...'))
if get_sys_property('registration_requires_mobile') == "on":
db.auth_user.mobile.requires = IS_LENGTH(
minsize=8, error_message=T("Please enter a valid phone number"))
# actually create auth form
# Set nicer error messages for name fields
db.auth_user.first_name.requires = IS_NOT_EMPTY(
error_message=T("Please enter your first name"))
db.auth_user.last_name.requires = IS_NOT_EMPTY(
error_message=T("Please enter your last name"))
form = ''
form_login = ''
login_link = ''
login_title = ''
login_message = ''
form_register = ''
register_link = ''
register_title = ''
reset_passwd = ''
_next = request.vars['_next'] or ""
self_checkin = ''
error_msg = ''
try:
organization = ORGANIZATIONS[ORGANIZATIONS['default']]
company_name = B(organization['Name'])
has_terms = True if organization['TermsConditionsURL'] else False
has_privacy_notice = True if organization['PrivacyNoticeURL'] else False
except:
company_name = ''
organization = False
has_terms = False
has_privacy_notice = False
if 'register' in request.args:
# Enforce strong passwords
db.auth_user.password.requires.insert(0, IS_STRONG())
recaptcha2 = ""
if use_recaptcha:
auth.settings.captcha = Recaptcha2(
request,
recaptcha_site_key,
recaptcha_secret_key,
error_message=T("Please verify you're not a robot"))
form = auth()
recaptcha2 = DIV(
BR(),
Recaptcha2(
request,
recaptcha_site_key,
recaptcha_secret_key,
error_message=T("Please verify you're not a robot")),
DIV(
DIV(form.errors.get('captcha', ''), _class="error"),
_class="error-wrapper",
),
)
else:
form = auth()
register_title = T("Create your account")
login_title = T("Already have an account?")
login_link = A(T("Click here to log in"),
_href=URL(args='login', vars=request.vars))
login_message = DIV(
B("Can't register?"),
BR(),
T("In case you can't register because your email address already has an account, click"
),
' ',
A(T("here"), _href=URL(args='request_reset_password')),
' ',
T("to request a new password."),
BR(),
BR(),
)
response.view = 'default/user_login.html'
user_registration_set_visible_fields()
first_name = form.element('#auth_user_first_name')
first_name['_placeholder'] = T("First name...")
last_name = form.element('#auth_user_last_name')
last_name['_placeholder'] = T("Last name...")
email = form.element('#auth_user_email')
email['_placeholder'] = T("Email...")
password = form.element('#auth_user_password')
password['_placeholder'] = T("Password...")
password2 = form.element('#auth_user_password_two')
password2['_placeholder'] = T("Repeat Password...")
submit = form.element('input[type=submit]')
submit['_value'] = T('Create account')
location = ''
if session.show_location:
location = DIV(LABEL(form.custom.label.school_locations_id),
form.custom.widget.school_locations_id,
_class='form-group')
phone = ''
if get_sys_property('registration_requires_mobile') == "on":
mobile = form.element('#auth_user_mobile')
mobile['_placeholder'] = T("Phone...")
phone = DIV(LABEL(T("Phone")),
form.custom.widget.mobile,
_class='form-group')
accept_ul = UL(_id='accept_ul')
accept_ul.append(
LI(T('Confirm that the data above is true and complete')))
if organization:
if organization['TermsConditionsURL']:
accept_ul.append(
SPAN(
T('Agree to the'), ' ',
A(T('Terms and conditions'),
_href=organization['TermsConditionsURL'],
_target="_blank")))
if organization['PrivacyNoticeURL']:
accept_ul.append(
SPAN(
T('Accept the'), ' ',
A(T('Privacy notice'),
_href=organization['PrivacyNoticeURL'],
_target="_blank")))
form = DIV(
form.custom.begin,
DIV(LABEL(form.custom.label.first_name),
form.custom.widget.first_name,
_class='form-group'),
DIV(LABEL(form.custom.label.last_name),
form.custom.widget.last_name,
_class='form-group'),
DIV(LABEL(form.custom.label.email),
form.custom.widget.email,
_class='form-group'), phone,
DIV(LABEL(form.custom.label.password),
form.custom.widget.password,
_class='form-group'),
DIV(LABEL(form.custom.label.password_two),
form.custom.widget.password_two,
_class='form-group'), location,
SPAN(T('By creating an account I'), _class='bold'), accept_ul,
recaptcha2, BR(),
A(T('Cancel'),
_href=URL(args='login'),
_class='btn btn-default',
_title=T('Back to login')),
DIV(form.custom.submit, _class='pull-right'), form.custom.end)
form_register = form
# set logo
logo_login = user_get_logo_login()
if 'logout' in request.args or 'not_authorized' in request.args or 'verify_email' in request.args:
form = auth()
if 'login' in request.args:
form = auth()
response.view = 'default/user_login.html'
login_title = T("Log in")
register_title = T("Create your account")
auth.messages.login_button = T('Sign In')
email = form.element('#auth_user_email')
email['_placeholder'] = T("Email...")
password = form.element('#auth_user_password')
password['_placeholder'] = T("Password...")
submit = form.element('input[type=submit]')
submit['_value'] = T('Sign In')
form = DIV(
form.custom.begin,
DIV(form.custom.widget.email,
SPAN(
_class='glyphicon glyphicon-envelope form-control-feedback'
),
_class='form-group has-feedback'),
DIV(form.custom.widget.password,
SPAN(_class='glyphicon glyphicon-lock form-control-feedback'),
_class='form-group has-feedback'),
LABEL(form.custom.widget.remember_me,
' ',
form.custom.label.remember_me,
_id='label_remember'),
DIV(form.custom.submit, _class='pull-right'),
form.custom.end,
)
if not 'request_reset_password' in auth.settings.actions_disabled:
reset_passwd = A(T('Lost password?'),
_href=URL(args='request_reset_password'))
if not 'register' in auth.settings.actions_disabled:
form_register = SPAN(
T("Are you new here and would you like to create an account?"),
BR(),
T("Please click the button below to get started."),
BR(),
)
register_link = A(T("Create your account"),
_href=URL(args='register', vars=request.vars),
_class='btn btn-primary btn-create_your_account')
form_login = form
if 'request_reset_password' in request.args:
recaptcha2 = ""
if use_recaptcha:
auth.settings.captcha = Recaptcha2(
request,
recaptcha_site_key,
recaptcha_secret_key,
error_message=T("Please verify you're not a robot"))
form = auth()
recaptcha2 = DIV(
BR(),
Recaptcha2(
request,
recaptcha_site_key,
recaptcha_secret_key,
error_message=T("Please verify you're not a robot")),
DIV(
DIV(form.errors.get('captcha', ''), _class="error"),
_class="error-wrapper",
),
)
else:
form = auth()
response.view = 'default/user_login.html'
cancel = A(T("Cancel"),
_href=URL('/user', args='login'),
_class='btn btn-default')
form = DIV(form.custom.begin,
DIV(form.custom.widget.email,
_class='form-group'), recaptcha2, BR(),
DIV(form.custom.submit, _class='pull-right'), cancel,
form.custom.end)
form_login = form
login_title = T("Reset password")
register_title = T("Info")
register_link = SPAN(
T("After entering your email address and clicking the Reset password button"
), ' ',
T("you should receive an email with a link to reset your password within a few minutes."
), ' ',
T("In case you don't receive an email, please check your spam folder."
), BR(), BR(),
A(T("Click here to log in"), _href=URL(args="login")))
# set email placeholder
if 'login' in request.args or 'request_reset_password' in request.args:
email = form.element('#auth_user_email')
email['_placeholder'] = T("Email...")
if 'reset_password' in request.args:
# Enforce strong passwords
db.auth_user.password.requires.insert(0, IS_STRONG())
recaptcha2 = ""
if use_recaptcha:
auth.settings.captcha = Recaptcha2(
request,
recaptcha_site_key,
recaptcha_secret_key,
error_message=T("Please verify you're not a robot"))
form = auth()
recaptcha2 = DIV(
BR(),
Recaptcha2(
request,
recaptcha_site_key,
recaptcha_secret_key,
error_message=T("Please verify you're not a robot")),
DIV(
DIV(form.errors.get('captcha', ''), _class="error"),
_class="error-wrapper",
),
)
else:
form = auth()
response.view = 'default/user_login.html'
passwd = form.element('#no_table_new_password')
passwd['_placeholder'] = T("New password...")
passwd2 = form.element('#no_table_new_password2')
passwd2['_placeholder'] = T("Repeat new password...")
form = DIV(
form.custom.begin,
os_gui.get_form_group(form.custom.label.new_password,
form.custom.widget.new_password),
os_gui.get_form_group(form.custom.label.new_password2,
form.custom.widget.new_password2),
recaptcha2, BR(), form.custom.submit, form.custom.end)
form_login = form
login_title = T("Reset password")
register_title = T("Info")
register_link = SPAN(
T("After setting a new password, you will be logged in automatically."
), ' ', T("Please use your new password for future logins."),
BR(), BR(), A(T("Click here to log in"), _href=URL(args="login")))
if 'request_reset_password' in request.args or \
'reset_password' in request.args:
submit = form.element('input[type=submit]')
submit['_value'] = T('Reset password')
if 'change_password' in request.args:
# Enforce strong passwords
db.auth_user.password.requires.insert(0, IS_STRONG())
form = auth()
response.view = 'default/user_login.html'
response.title = T('Change password')
oldpwd = form.element('#no_table_old_password')
oldpwd['_placeholder'] = T('Old password...')
passwd = form.element('#no_table_new_password')
passwd['_placeholder'] = T("New password...")
passwd2 = form.element('#no_table_new_password2')
passwd2['_placeholder'] = T("Repeat password...")
cancel = A(T('Cancel'),
_href=URL('profile', 'index'),
_class='btn btn-default')
form = DIV(
form.custom.begin,
os_gui.get_form_group(form.custom.label.old_password,
form.custom.widget.old_password),
os_gui.get_form_group(form.custom.label.new_password,
form.custom.widget.new_password),
os_gui.get_form_group(form.custom.label.new_password2,
form.custom.widget.new_password2),
DIV(form.custom.submit, _class='pull-right'), cancel,
form.custom.end)
form_login = form
login_title = T("Change password")
if "/shop/subscription" in _next:
os_tools = OsTools()
login_message_subscription = os_tools.get_sys_property(
"shop_login_message_subscription") or ""
if login_message_subscription:
company_name = SPAN(company_name,
BR(),
BR(),
XML(login_message_subscription),
_class='center')
if "/shop/classcard" in _next:
os_tools = OsTools()
login_message_classcard = os_tools.get_sys_property(
"shop_login_message_classcard") or ""
if login_message_classcard:
company_name = SPAN(company_name,
BR(),
BR(),
XML(login_message_classcard),
_class='center')
return dict(form=form,
form_login=form_login,
form_register=form_register,
content=form,
error_msg=error_msg,
reset_passwd=reset_passwd,
register_link=register_link,
register_title=register_title,
login_link=login_link,
login_title=login_title,
login_message=login_message,
self_checkin=self_checkin,
company_name=company_name,
has_organization=True if organization else False,
has_terms=has_terms,
has_privacy_notice=has_privacy_notice,
logo_login=logo_login)
enable_captcha = True
if general_conf.two_factor_authentication == 'enabled':
two_factor_authentication = True
if general_conf.smtp_user:
smtp_user = general_conf.smtp_user
if general_conf.smtp_pass:
smtp_pass = general_conf.smtp_pass
if general_conf.smtp_host:
smtp_host = general_conf.smtp_host
if general_conf.smtp_port:
smtp_port = str(general_conf.smtp_port)
if general_conf.smtp_sender:
smtp_sender = general_conf.smtp_sender
auth.settings.captcha = Recaptcha2(request,
public_key=captcha_public_key,
private_key=captcha_private_key,
label='Please validate the captcha')
auth.define_tables(
username=True,
signature=True,
)
auth.settings.logout_next = URL()
# Comment the following line to allow registration
auth.settings.actions_disabled.append('register')
if enable_captcha:
auth.settings.login_captcha = auth.settings.captcha
else:
auth.settings.login_captcha = False
auth.settings.two_factor_authentication_group = "auth2step"
auth.settings.register_onaccept.append(
lambda form: mail.send(to='*****@*****.**',
subject='New website registration',
message='A new user has registered '
'at the website and needs '
'approval.'))
# by default, web2py creates a group for each user - we don't want that
auth.settings.create_user_groups = False
# auth.settings.on_failed_authentication = lambda url: redirect(url)
# Turn on captcha for registration
if int(myconf.take('recaptcha.use')):
auth.settings.captcha = Recaptcha2(request,
myconf.take('recaptcha.site_key'),
myconf.take('recaptcha.secret_key'))
# -----------------------------------------------------------------------------
# IMPORT the CKEDITOR PLUGIN TO GIVE A WYSIWYG EDITOR FOR BLOGS AND NEWS
# -- OK, so this editor is neat but one issue is that it dumps files into the
# root of uploads, which is messy
# -- Ordinarily, this would be controlled by the upload_folder setting but
# this is hardcoded in the module. Could edit it there but you can also use
# a fs object to provide a folder
# -- You'd think it might be possible to have multiple upload folders but
# it turns out to be quite hard to switch the settings
# -----------------------------------------------------------------------------
ckeditor = CKEditor(db)