def change_password():
""" Method to change the password for local auth users.
"""
form = forms.ChangePasswordForm()
user_obj = pagure.lib.query.search_user(
flask.g.session, username=flask.g.fas_user.username
)
if not user_obj:
flask.abort(404, description="User not found")
if form.validate_on_submit():
try:
password_checks = check_password(
form.old_password.data,
user_obj.password,
seed=pagure.config.config.get("PASSWORD_SEED", None),
)
except pagure.exceptions.PagureException as err:
_log.exception(err)
flask.flash(
"Could not update your password, either user or password "
"could not be checked",
"error",
)
return flask.redirect(flask.url_for("auth_login"))
if password_checks:
user_obj.password = generate_hashed_value(form.password.data)
flask.g.session.add(user_obj)
else:
flask.flash(
"Could not update your password, either user or password "
"could not be checked",
"error",
)
return flask.redirect(flask.url_for("auth_login"))
try:
flask.g.session.commit()
flask.flash("Password changed")
except SQLAlchemyError: # pragma: no cover
flask.g.session.rollback()
flask.flash("Could not set the new password.", "error")
_log.exception("Password change - Error setting new password.")
return flask.redirect(flask.url_for("auth_login"))
return flask.render_template("login/password_recover.html", form=form)
def change_password():
""" Method to change the password for local auth users.
"""
form = forms.ChangePasswordForm()
user_obj = pagure.lib.query.search_user(
flask.g.session, username=flask.g.fas_user.username
)
if not user_obj:
flask.abort(404, "User not found")
if form.validate_on_submit():
try:
password_checks = check_password(
form.old_password.data,
user_obj.password,
seed=pagure.config.config.get("PASSWORD_SEED", None),
)
except pagure.exceptions.PagureException as err:
_log.exception(err)
flask.flash(
"Could not update your password, either user or password "
"could not be checked",
"error",
)
return flask.redirect(flask.url_for("auth_login"))
if password_checks:
user_obj.password = generate_hashed_value(form.password.data)
flask.g.session.add(user_obj)
else:
flask.flash(
"Could not update your password, either user or password "
"could not be checked",
"error",
)
return flask.redirect(flask.url_for("auth_login"))
try:
flask.g.session.commit()
flask.flash("Password changed")
except SQLAlchemyError: # pragma: no cover
flask.g.session.rollback()
flask.flash("Could not set the new password.", "error")
_log.exception("Password change - Error setting new password.")
return flask.redirect(flask.url_for("auth_login"))
return flask.render_template("login/password_recover.html", form=form)
def change_password():
""" Method to change the password for local auth users.
"""
form = forms.ChangePasswordForm()
user_obj = pagure.lib.search_user(
SESSION, username=flask.g.fas_user.username)
if not user_obj:
flask.abort(404, 'User not found')
if form.validate_on_submit():
try:
password_checks = check_password(
form.old_password.data, user_obj.password,
seed=APP.config.get('PASSWORD_SEED', None))
except pagure.exceptions.PagureException as err:
APP.logger.exception(err)
flask.flash(
'Could not update your password, either user or password '
'could not be checked', 'error')
return flask.redirect(flask.url_for('auth_login'))
if password_checks:
user_obj.password = generate_hashed_value(form.password.data)
SESSION.add(user_obj)
else:
flask.flash(
'Could not update your password, either user or password '
'could not be checked', 'error')
return flask.redirect(flask.url_for('auth_login'))
try:
SESSION.commit()
flask.flash(
'Password changed')
except SQLAlchemyError as err: # pragma: no cover
SESSION.rollback()
flask.flash('Could not set the new password.', 'error')
APP.logger.debug(
'Password change - Error setting new password.')
APP.logger.exception(err)
return flask.redirect(flask.url_for('auth_login'))
return flask.render_template(
'login/password_recover.html',
form=form,
)
def change_password():
""" Method to change the password for local auth users.
"""
form = forms.ChangePasswordForm()
user_obj = pagure.lib.search_user(
SESSION, username=flask.g.fas_user.username)
if not user_obj:
flask.abort(404, 'User not found')
if form.validate_on_submit():
try:
password_checks = check_password(
form.old_password.data, user_obj.password,
seed=APP.config.get('PASSWORD_SEED', None))
except pagure.exceptions.PagureException as err:
APP.logger.exception(err)
flask.flash(
'Could not update your password, either user or password '
'could not be checked', 'error')
return flask.redirect(flask.url_for('auth_login'))
if password_checks:
user_obj.password = generate_hashed_value(form.password.data)
SESSION.add(user_obj)
else:
flask.flash(
'Could not update your password, either user or password '
'could not be checked', 'error')
return flask.redirect(flask.url_for('auth_login'))
try:
SESSION.commit()
flask.flash(
'Password changed')
except SQLAlchemyError as err: # pragma: no cover
SESSION.rollback()
flask.flash('Could not set the new password.', 'error')
APP.logger.debug(
'Password change - Error setting new password.')
APP.logger.exception(err)
return flask.redirect(flask.url_for('auth_login'))
return flask.render_template(
'login/password_recover.html',
form=form,
)
def do_login():
""" Log the user in user.
"""
form = forms.LoginForm()
next_url = flask.request.args.get('next_url')
if not next_url or next_url == 'None':
next_url = flask.url_for('index')
if form.validate_on_submit():
username = form.username.data
user_obj = pagure.lib.search_user(SESSION, username=username)
if not user_obj:
flask.flash('Username or password invalid.', 'error')
return flask.redirect(flask.url_for('auth_login'))
try:
password_checks = check_password(
form.password.data, user_obj.password,
seed=APP.config.get('PASSWORD_SEED', None))
except pagure.exceptions.PagureException as err:
APP.logger.exception(err)
flask.flash('Username or password of invalid format.', 'error')
return flask.redirect(flask.url_for('auth_login'))
if not password_checks:
flask.flash('Username or password invalid.', 'error')
return flask.redirect(flask.url_for('auth_login'))
elif user_obj.token:
flask.flash(
'Invalid user, did you confirm the creation with the url '
'provided by email?', 'error')
return flask.redirect(flask.url_for('auth_login'))
else:
if not user_obj.password.startswith('$2$'):
user_obj.password = generate_hashed_value(form.password.data)
SESSION.add(user_obj)
visit_key = pagure.lib.login.id_generator(40)
now = datetime.datetime.utcnow()
expiry = now + datetime.timedelta(days=30)
session = model.PagureUserVisit(
user_id=user_obj.id,
user_ip=flask.request.remote_addr,
visit_key=visit_key,
expiry=expiry,
)
SESSION.add(session)
try:
SESSION.commit()
flask.g.fas_user = user_obj
flask.g.fas_session_id = visit_key
flask.g.fas_user.login_time = now
flask.flash('Welcome %s' % user_obj.username)
except SQLAlchemyError as err: # pragma: no cover
flask.flash(
'Could not set the session in the db, '
'please report this error to an admin', 'error')
APP.logger.exception(err)
return flask.redirect(next_url)
else:
flask.flash('Insufficient information provided', 'error')
return flask.redirect(flask.url_for('auth_login'))
def do_login():
""" Log in the user.
"""
logout()
form = forms.LoginForm()
next_url = flask.request.form.get("next_url")
if not next_url or next_url == "None":
next_url = flask.url_for("ui_ns.index")
if form.validate_on_submit():
username = form.username.data
user_obj = pagure.lib.query.search_user(flask.g.session,
username=username)
if not user_obj:
flask.flash("Username or password invalid.", "error")
return flask.redirect(flask.url_for("auth_login"))
try:
password_checks = check_password(
form.password.data,
user_obj.password,
seed=pagure.config.config.get("PASSWORD_SEED", None),
)
except pagure.exceptions.PagureException as err:
_log.exception(err)
flask.flash("Username or password of invalid format.", "error")
return flask.redirect(flask.url_for("auth_login"))
if not password_checks:
flask.flash("Username or password invalid.", "error")
return flask.redirect(flask.url_for("auth_login"))
elif user_obj.token:
flask.flash(
"Invalid user, did you confirm the creation with the url "
"provided by email?",
"error",
)
return flask.redirect(flask.url_for("auth_login"))
else:
password = user_obj.password
if not isinstance(password, six.text_type):
password = password.decode("utf-8")
if not password.startswith("$2$"):
user_obj.password = generate_hashed_value(form.password.data)
flask.g.session.add(user_obj)
flask.g.session.flush()
visit_key = pagure.lib.login.id_generator(40)
now = datetime.datetime.utcnow()
expiry = now + datetime.timedelta(days=30)
session = model.PagureUserVisit(
user_id=user_obj.id,
user_ip=flask.request.remote_addr,
visit_key=visit_key,
expiry=expiry,
)
flask.g.session.add(session)
try:
flask.g.session.commit()
flask.g.fas_user = user_obj
flask.g.fas_session_id = visit_key
flask.g.fas_user.login_time = now
flask.flash("Welcome %s" % user_obj.username)
except SQLAlchemyError as err: # pragma: no cover
flask.flash(
"Could not set the session in the db, "
"please report this error to an admin",
"error",
)
_log.exception(err)
return flask.redirect(next_url)
else:
flask.flash("Insufficient information provided", "error")
return flask.redirect(flask.url_for("auth_login"))
def do_login():
""" Log in the user.
"""
form = forms.LoginForm()
next_url = flask.request.form.get('next_url')
if not next_url or next_url == 'None':
next_url = flask.url_for('index')
if form.validate_on_submit():
username = form.username.data
user_obj = pagure.lib.search_user(SESSION, username=username)
if not user_obj:
flask.flash('Username or password invalid.', 'error')
return flask.redirect(flask.url_for('auth_login'))
try:
password_checks = check_password(form.password.data,
user_obj.password,
seed=APP.config.get(
'PASSWORD_SEED', None))
except pagure.exceptions.PagureException as err:
_log.exception(err)
flask.flash('Username or password of invalid format.', 'error')
return flask.redirect(flask.url_for('auth_login'))
if not password_checks:
flask.flash('Username or password invalid.', 'error')
return flask.redirect(flask.url_for('auth_login'))
elif user_obj.token:
flask.flash(
'Invalid user, did you confirm the creation with the url '
'provided by email?', 'error')
return flask.redirect(flask.url_for('auth_login'))
else:
if not user_obj.password.startswith('$2$'):
user_obj.password = generate_hashed_value(form.password.data)
SESSION.add(user_obj)
visit_key = pagure.lib.login.id_generator(40)
now = datetime.datetime.utcnow()
expiry = now + datetime.timedelta(days=30)
session = model.PagureUserVisit(
user_id=user_obj.id,
user_ip=flask.request.remote_addr,
visit_key=visit_key,
expiry=expiry,
)
SESSION.add(session)
try:
SESSION.commit()
flask.g.fas_user = user_obj
flask.g.fas_session_id = visit_key
flask.g.fas_user.login_time = now
flask.flash('Welcome %s' % user_obj.username)
except SQLAlchemyError as err: # pragma: no cover
flask.flash(
'Could not set the session in the db, '
'please report this error to an admin', 'error')
_log.exception(err)
return flask.redirect(next_url)
else:
flask.flash('Insufficient information provided', 'error')
return flask.redirect(flask.url_for('auth_login'))
def do_login():
""" Log in the user.
"""
logout()
form = forms.LoginForm()
next_url = flask.request.form.get("next_url")
if not next_url or next_url == "None":
next_url = flask.url_for("ui_ns.index")
if form.validate_on_submit():
username = form.username.data
user_obj = pagure.lib.query.search_user(
flask.g.session, username=username
)
if not user_obj:
flask.flash("Username or password invalid.", "error")
return flask.redirect(flask.url_for("auth_login"))
try:
password_checks = check_password(
form.password.data,
user_obj.password,
seed=pagure.config.config.get("PASSWORD_SEED", None),
)
except pagure.exceptions.PagureException as err:
_log.exception(err)
flask.flash("Username or password of invalid format.", "error")
return flask.redirect(flask.url_for("auth_login"))
if not password_checks:
flask.flash("Username or password invalid.", "error")
return flask.redirect(flask.url_for("auth_login"))
elif user_obj.token:
flask.flash(
"Invalid user, did you confirm the creation with the url "
"provided by email?",
"error",
)
return flask.redirect(flask.url_for("auth_login"))
else:
password = user_obj.password
if not isinstance(password, six.text_type):
password = password.decode("utf-8")
if not password.startswith("$2$"):
user_obj.password = generate_hashed_value(form.password.data)
flask.g.session.add(user_obj)
flask.g.session.flush()
visit_key = pagure.lib.login.id_generator(40)
now = datetime.datetime.utcnow()
expiry = now + datetime.timedelta(days=30)
session = model.PagureUserVisit(
user_id=user_obj.id,
user_ip=flask.request.remote_addr,
visit_key=visit_key,
expiry=expiry,
)
flask.g.session.add(session)
try:
flask.g.session.commit()
flask.g.fas_user = user_obj
flask.g.fas_session_id = visit_key
flask.g.fas_user.login_time = now
flask.flash("Welcome %s" % user_obj.username)
except SQLAlchemyError as err: # pragma: no cover
flask.flash(
"Could not set the session in the db, "
"please report this error to an admin",
"error",
)
_log.exception(err)
return flask.redirect(next_url)
else:
flask.flash("Insufficient information provided", "error")
return flask.redirect(flask.url_for("auth_login"))
