Beispiel #1
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data.get('email'))
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for_app_type('account.forgot_password'))
            else:
                return redirect(url_for_app_type('account.signin'))
        else:
            return redirect(url_for_app_type('account.signin'))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        request_email = (user.email_addr == user.name)
        if request_email:
            flash("Please update your e-mail address in your profile page")
            return redirect(url_for_app_type('account.update_profile',
                                             name=user.name))
        if (not request_email and user.newsletter_prompted is False
                and newsletter.is_initialized()):
            return redirect(url_for_app_type('account.newsletter_subscribe',
                                             next=next_url))
        return redirect(next_url)
Beispiel #2
0
def signin():
    """
    Signin method for PYBOSSA users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.body)
    if request.method == 'POST' and form.validate():
        password = form.password.data
        email_addr = form.email.data.lower()
        user = user_repo.search_by_email(email_addr=email_addr)
        if user and not user.enabled:
            flash(gettext('Your account is disabled. '
                          'Please contact your GIGwork administrator.'),
                  'error')
            return redirect(url_for('home.home'))
        if user and user.check_password(password):
            if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
                msg_1 = gettext('Welcome back') + ' ' + user.fullname
                flash(msg_1, 'success')
                return _sign_in_user(user)
            else:
                _email_two_factor_auth(user)
                url_token = otp.generate_url_token(user.email_addr)
                return redirect_content_type(url_for('account.otpvalidation',
                                             token=url_token,
                                             next=request.args.get('next')))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext('Ooops, Incorrect email/password')
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign up?")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if ('twitter' in current_app.blueprints):  # pragma: no cover
            auth['twitter'] = True
        if ('facebook' in current_app.blueprints):  # pragma: no cover
            auth['facebook'] = True
        if ('google' in current_app.blueprints):  # pragma: no cover
            auth['google'] = True
        response = dict(template='account/signin.html',
                        title="Sign in",
                        form=form,
                        auth=auth,
                        next=request.args.get('next'))
        return handle_content_type(response)
    else:
        # User already signed in, so redirect to home page
        return redirect_content_type(url_for("home.home"))
Beispiel #3
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data['email'])
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for('account.forgot_password'))
            else:
                return redirect(url_for('account.signin'))
        else:
            return redirect(url_for('account.signin'))
    else:
        first_login = False
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        request_email = False
        if (user.email_addr == "None"):
            request_email = True
        if request_email:
            if first_login:  # pragma: no cover
                flash("This is your first login, please add a valid e-mail")
            else:
                flash("Please update your e-mail address in your profile page")
            return redirect(url_for('account.update_profile', name=user.name))
        if (user.email_addr != "None" and user.newsletter_prompted is False
                and newsletter.app):
            return redirect(url_for('account.newsletter_subscribe', next=next_url))
        return redirect(next_url)
Beispiel #4
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data.get('email'))
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for_app_type('account.forgot_password',
                                                 _hash_last_flash=True))
            else:
                return redirect(url_for_app_type('account.signin',
                                                 _hash_last_flash=True))
        else:
            return redirect(url_for_app_type('account.signin',
                                             _hash_last_flash=True))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        if ((user.email_addr != user.name) and user.newsletter_prompted is False
                and newsletter.is_initialized()):
            return redirect(url_for_app_type('account.newsletter_subscribe',
                                             next=next_url,
                                             _hash_last_flash=True))
        return redirect(next_url)
Beispiel #5
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data['email'])
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for('account.forgot_password'))
            else:
                return redirect(url_for('account.signin'))
        else:
            return redirect(url_for('account.signin'))
    else:
        first_login = False
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        request_email = False
        if (user.email_addr == "None"):
            request_email = True
        if request_email:
            if first_login:  # pragma: no cover
                flash("This is your first login, please add a valid e-mail")
            else:
                flash("Please update your e-mail address in your profile page")
            return redirect(url_for('account.update_profile', name=user.name))
        if (user.email_addr != "None" and user.newsletter_prompted is False
                and newsletter.app):
            return redirect(
                url_for('account.newsletter_subscribe', next=next_url))
        return redirect(next_url)
Beispiel #6
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data.get('email'))
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for('account.forgot_password'))
            else:
                return redirect(url_for('account.signin'))
        else:
            return redirect(url_for('account.signin'))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        request_email = (user.email_addr == user.name)
        if request_email:
            flash("Please update your e-mail address in your profile page")
            return redirect(url_for('account.update_profile', name=user.name))
        if (not request_email and user.newsletter_prompted is False
                and newsletter.is_initialized()):
            return redirect(url_for('account.newsletter_subscribe', next=next_url))
        return redirect(next_url)
Beispiel #7
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data.get('email'))
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for_app_type('account.forgot_password',
                                                 _hash_last_flash=True))
            else:
                return redirect(url_for_app_type('account.signin',
                                                 _hash_last_flash=True))
        else:
            return redirect(url_for_app_type('account.signin',
                                             _hash_last_flash=True))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        if ((user.email_addr != user.name) and user.newsletter_prompted is False
                and newsletter.is_initialized()):
            return redirect(url_for_app_type('account.newsletter_subscribe',
                                             next=next_url,
                                             _hash_last_flash=True))
        return redirect(next_url)
Beispiel #8
0
def signin():
    """
    Signin method for PyBossa users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
        password = form.password.data
        email = form.email.data
        user = user_repo.get_by(email_addr=email)
        if user and user.check_password(password):
            if twofactor_auth == False:
                msg_1 = gettext("Welcome back") + " " + user.fullname
                flash(msg_1, 'success')
                return _sign_in_user(user)
            else:
                _email_two_factor_auth(user)
                otpform = OTPForm(request.form)
                return render_template('/account/otpvalidation.html',
                                       title="Verify OTP",
                                       form=otpform,
                                       user=user)
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext("Ooops, Incorrect email/password")
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign up?")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if ('twitter' in current_app.blueprints):  # pragma: no cover
            auth['twitter'] = True
        if ('facebook' in current_app.blueprints):  # pragma: no cover
            auth['facebook'] = True
        if ('google' in current_app.blueprints):  # pragma: no cover
            auth['google'] = True
        return render_template('account/signin.html',
                               title="Sign in",
                               form=form,
                               auth=auth,
                               next=request.args.get('next'))
    else:
        # User already signed in, so redirect to home page
        return redirect(url_for("home.home"))
Beispiel #9
0
def signin():
    """
    Signin method for PYBOSSA users.

    Returns a Jinja2 template with the result of signing process.

    """
    return abort(404)
    #identificador = request.args.get('i')
    #if identificador != "admin":
    #    return redirect_content_type(url_for("home.home"))

    form = LoginForm(request.body)
    if request.method == 'POST' and form.validate():
        password = form.password.data
        email = form.email.data
        user = user_repo.get_by(email_addr=email)
        if user and user.check_password(password):
            msg_1 = gettext(u"Bienvenido") + " " + user.fullname
            flash(msg_1, 'success')
            return _sign_in_user(user)
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext(u"Usuario y contraseña incorrecto.")
                flash(msg, 'error')
            else:

                flash(msg, 'error')
        else:
            msg = gettext("El usuario no existe en el sistema.")
            flash(msg, 'error')

    if request.method == 'POST' and not form.validate():
        flash(gettext(u'Por favor corrige los errores'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if ('twitter' in current_app.blueprints):  # pragma: no cover
            auth['twitter'] = True
        if ('facebook' in current_app.blueprints):  # pragma: no cover
            auth['facebook'] = True
        if ('google' in current_app.blueprints):  # pragma: no cover
            auth['google'] = True
        response = dict(template='account/signin.html',
                        title="Sign in",
                        form=form,
                        auth=auth,
                        next=request.args.get('next'))
        return handle_content_type(response)
    else:
        # User already signed in, so redirect to home page
        return redirect_content_type(url_for("home.home"))
Beispiel #10
0
def oauth_authorized(resp):
    """Called after authorization. After this function finished handling,
    the OAuth information is removed from the session again. When this
    happened, the tokengetter from above is used to retrieve the oauth
    token and secret.

    Because the remote application could have re-authorized the application
    it is necessary to update the values in the database.

    If the application redirected back after denying, the response passed
    to the function will be `None`. Otherwise a dictionary with the values
    the application submitted. Note that Twitter itself does not really
    redirect back unless the user clicks on the application name.
    """
    next_url = request.args.get('next') or url_for('home')
    if resp is None:
        flash(u'You denied the request to sign in.', 'error')
        return redirect(next_url)

    access_token = dict(oauth_token=resp['oauth_token'],
                        oauth_token_secret=resp['oauth_token_secret'])

    user_data = dict(screen_name=resp['screen_name'],
                     user_id=resp['user_id'])

    user = manage_user(access_token, user_data, next_url)

    if user is None:
        user = db.session.query(model.User)\
                 .filter_by(name=user_data['screen_name'])\
                 .first()
        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))
    else:
        first_login = False
        request_email = False
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        if (user.email_addr == user.name):
            request_email = True
        if request_email:
            if first_login:
                flash("This is your first login, please add a valid e-mail")
            else:
                flash("Please update your e-mail address in your profile page")
            return redirect(url_for('account.update_profile'))
        return redirect(next_url)
Beispiel #11
0
def signin():
    """
    Signin method for PyBossa users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
        password = form.password.data
        email = form.email.data
        user = user_repo.get_by(email_addr=email)
        if user and user.check_password(password):
            login_user(user, remember=True)
            msg_1 = gettext("Welcome back") + " " + user.fullname
            flash(msg_1, 'success')
            if user.newsletter_prompted is False and newsletter.app:
                return redirect(url_for('account.newsletter_subscribe',
                                        next=request.args.get('next')))
            return redirect(request.args.get("next") or url_for("home.home"))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext("Ooops, Incorrect email/password")
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign in?")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if ('twitter' in current_app.blueprints): # pragma: no cover
            auth['twitter'] = True
        if ('facebook' in current_app.blueprints): # pragma: no cover
            auth['facebook'] = True
        if ('google' in current_app.blueprints): # pragma: no cover
            auth['google'] = True
        return render_template('account/signin.html',
                               title="Sign in",
                               form=form, auth=auth,
                               next=request.args.get('next'))
    else:
        # User already signed in, so redirect to home page
        return redirect(url_for("home.home"))
Beispiel #12
0
def signin():
    """
    Signin method for PyBossa users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.form)
    if request.method == "POST" and form.validate():
        password = form.password.data
        email = form.email.data
        user = model.User.query.filter_by(email_addr=email).first()
        if user and user.check_password(password):
            login_user(user, remember=True)
            msg_1 = gettext("Welcome back") + " " + user.fullname
            flash(msg_1, "success")
            return redirect(request.args.get("next") or url_for("home"))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == "local":
                msg = gettext("Ooops, Incorrect email/password")
                flash(msg, "error")
            else:
                flash(msg, "info")
        else:
            msg = gettext(
                "Ooops, we didn't find you in the system, \
                          did you sign in?"
            )
            flash(msg, "info")

    if request.method == "POST" and not form.validate():
        flash(gettext("Please correct the errors"), "error")
    auth = {"twitter": False, "facebook": False, "google": False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if "twitter" in current_app.blueprints:
            auth["twitter"] = True
        if "facebook" in current_app.blueprints:
            auth["facebook"] = True
        if "google" in current_app.blueprints:
            auth["google"] = True
        return render_template(
            "account/signin.html", title="Sign in", form=form, auth=auth, next=request.args.get("next")
        )
    else:
        # User already signed in, so redirect to home page
        return redirect(url_for("home"))
Beispiel #13
0
def oauth_authorized(resp):  # pragma: no cover
    """Called after authorization. After this function finished handling,
    the OAuth information is removed from the session again. When this
    happened, the tokengetter from above is used to retrieve the oauth
    token and secret.

    Because the remote application could have re-authorized the application
    it is necessary to update the values in the database.

    If the application redirected back after denying, the response passed
    to the function will be `None`. Otherwise a dictionary with the values
    the application submitted. Note that Twitter itself does not really
    redirect back unless the user clicks on the application name.
    """
    next_url = request.args.get('next') or url_for('home.home')
    if resp is None:
        flash(u'You denied the request to sign in.', 'error')
        return redirect(next_url)

    access_token = dict(oauth_token=resp['oauth_token'],
                        oauth_token_secret=resp['oauth_token_secret'])

    user_data = dict(screen_name=resp['screen_name'],
                     user_id=resp['user_id'])

    user = manage_user(access_token, user_data, next_url)

    if user is None:
        user = db.session.query(User)\
                 .filter_by(name=user_data['screen_name'])\
                 .first()
        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))

    first_login = False
    login_user(user, remember=True)
    flash("Welcome back %s" % user.fullname, 'success')
    if user.email_addr != user.name:
        return redirect(next_url)
    if first_login:
        flash("This is your first login, please add a valid e-mail")
    else:
        flash("Please update your e-mail address in your profile page")
    return redirect(url_for('account.update_profile', name=user.name))
Beispiel #14
0
def oauth_authorized(resp):  # pragma: no cover
    #print "OAUTH authorized method called"
    next_url = url_for('home.home')

    if resp is None or request.args.get('error'):
        flash(u'You denied the request to sign in.', 'error')
        flash(u'Reason: ' + request.args['error'], 'error')
        if request.args.get('error'):
            return redirect(url_for('account.signin'))
        return redirect(next_url)

    headers = {'Authorization': ' '.join(['OAuth', resp['access_token']])}
    url = 'https://www.googleapis.com/oauth2/v1/userinfo'
    try:
        r = requests.get(url, headers=headers)
    except requests.exceptions.http_error:
        # Unauthorized - bad token
        if r.status_code == 401:
            return redirect(url_for('account.signin'))
        return r.content

    access_token = resp['access_token']
    session['oauth_token'] = access_token
    import json
    user_data = json.loads(r.content)
    user = manage_user(access_token, user_data, next_url)
    if user is None:
        # Give a hint for the user
        user = db.session.query(User)\
                 .filter_by(email_addr=user_data['email'])\
                 .first()
        if user is None:
            user = db.session.query(User)\
                     .filter_by(name=user_data['name'].encode('ascii', 'ignore')
                                                      .lower().replace(' ', ''))\
                     .first()

        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        return redirect(next_url)
Beispiel #15
0
def oauth_authorized(resp):  # pragma: no cover
    #print "OAUTH authorized method called"
    next_url = url_for('home')

    if resp is None or request.args.get('error'):
        flash(u'You denied the request to sign in.', 'error')
        flash(u'Reason: ' + request.args['error'], 'error')
        if request.args.get('error'):
                return redirect(url_for('account.signin'))
        return redirect(next_url)

    headers = {'Authorization': ' '.join(['OAuth', resp['access_token']])}
    url = 'https://www.googleapis.com/oauth2/v1/userinfo'
    try:
        r = requests.get(url, headers=headers)
    except requests.exceptions.http_error:
        # Unauthorized - bad token
        if r.status_code == 401:
            return redirect(url_for('account.signin'))
        return r.content

    access_token = resp['access_token']
    session['oauth_token'] = access_token
    import json
    user_data = json.loads(r.content)
    user = manage_user(access_token, user_data, next_url)
    if user is None:
        # Give a hint for the user
        user = db.session.query(model.User)\
                 .filter_by(email_addr=user_data['email'])\
                 .first()
        if user is None:
            user = db.session.query(model.User)\
                     .filter_by(name=user_data['name'].encode('ascii', 'ignore')
                                                      .lower().replace(' ', ''))\
                     .first()

        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        return redirect(next_url)
Beispiel #16
0
def oauth_authorized(resp):  # pragma: no cover
    next_url = request.args.get('next') or url_for('home.home')
    if resp is None:
        flash(u'You denied the request to sign in.', 'error')
        flash(
            u'Reason: ' + request.args['error_reason'] + ' ' +
            request.args['error_description'], 'error')
        return redirect(next_url)

    # We have to store the oauth_token in the session to get the USER fields
    access_token = resp['access_token']
    session['oauth_token'] = (resp['access_token'], '')
    user_data = facebook.oauth.get('/me').data

    user = manage_user(access_token, user_data, next_url)
    if user is None:
        # Give a hint for the user
        user = db.session.query(User)\
                 .filter_by(email_addr=user_data['email'])\
                 .first()
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for('account.forgot_password'))
            else:
                return redirect(url_for('account.signin'))
        else:
            return redirect(url_for('account.signin'))
    else:
        first_login = False
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        request_email = False
        if (user.email_addr == "None"):
            request_email = True
        if request_email:
            if first_login:
                flash("This is your first login, please add a valid e-mail")
            else:
                flash("Please update your e-mail address in your profile page")
            return redirect(url_for('account.update_profile', name=user.name))
        return redirect(next_url)
Beispiel #17
0
def oauth_authorized(resp):  # pragma: no cover
    next_url = request.args.get('next') or url_for('home.home')
    if resp is None:
        flash(u'You denied the request to sign in.', 'error')
        flash(u'Reason: ' + request.args['error_reason'] +
              ' ' + request.args['error_description'], 'error')
        return redirect(next_url)

    # We have to store the oauth_token in the session to get the USER fields
    access_token = resp['access_token']
    session['oauth_token'] = (resp['access_token'], '')
    user_data = facebook.oauth.get('/me').data

    user = manage_user(access_token, user_data, next_url)
    if user is None:
        # Give a hint for the user
        user = db.session.query(User)\
                 .filter_by(email_addr=user_data['email'])\
                 .first()
        if user is not None:
            msg, method = get_user_signup_method(user)
            flash(msg, 'info')
            if method == 'local':
                return redirect(url_for('account.forgot_password'))
            else:
                return redirect(url_for('account.signin'))
        else:
            return redirect(url_for('account.signin'))
    else:
        first_login = False
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        request_email = False
        if (user.email_addr == "None"):
            request_email = True
        if request_email:
            if first_login:
                flash("This is your first login, please add a valid e-mail")
            else:
                flash("Please update your e-mail address in your profile page")
            return redirect(url_for('account.update_profile'))
        return redirect(next_url)
Beispiel #18
0
def signin():
    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
        password = form.password.data
        email = form.email.data
        user = model.User.query.filter_by(email_addr=email).first()
        if user and user.check_password(password):
            login_user(user, remember=True)
            msg_1 = gettext("Welcome back") + " " + user.fullname
            flash(msg_1, 'success')
            return redirect(request.args.get("next") or url_for("home"))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext("Ooops, Incorrect email/password")
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign in?")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if ('twitter' in current_app.blueprints):
            auth['twitter'] = True
        if ('facebook' in current_app.blueprints):
            auth['facebook'] = True
        if ('google' in current_app.blueprints):
            auth['google'] = True
        return render_template('account/signin.html',
                               title="Sign in",
                               form=form,
                               auth=auth,
                               next=request.args.get('next'))
    else:
        # User already signed in, so redirect to home page
        return redirect(url_for("home"))
Beispiel #19
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        user = user_repo.get_by_name(user_data["screen_name"])
        msg, method = get_user_signup_method(user)
        flash(msg, "info")
        if method == "local":
            return redirect(url_for("account.forgot_password"))
        else:
            return redirect(url_for("account.signin"))

    login_user(user, remember=True)
    flash("Welcome back %s" % user.fullname, "success")
    if (user.email_addr != user.name) and user.newsletter_prompted is False and newsletter.is_initialized():
        return redirect(url_for("account.newsletter_subscribe", next=next_url))
    if user.email_addr != user.name:
        return redirect(next_url)
    else:
        flash("Please update your e-mail address in your profile page")
        return redirect(url_for("account.update_profile", name=user.name))
Beispiel #20
0
def signin():
    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
        password = form.password.data
        email = form.email.data
        user = model.User.query.filter_by(email_addr=email).first()
        if user and user.check_password(password):
            login_user(user, remember=True)
            msg_1 = lazy_gettext("Welcome back") + " " + user.fullname
            flash(msg_1, 'success')
            return redirect(request.args.get("next") or url_for("home"))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = lazy_gettext("Ooops, Incorrect email/password")
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = lazy_gettext("Ooops, we didn't find you in the system, \
                               did you sign in?")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(lazy_gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if ('twitter' in current_app.blueprints):
            auth['twitter'] = True
        if ('facebook' in current_app.blueprints):
            auth['facebook'] = True
        if ('google' in current_app.blueprints):
            auth['google'] = True
        return render_template('account/signin.html',
                               title="Sign in",
                               form=form, auth=auth,
                               next=request.args.get('next'))
    else:
        # User already signed in, so redirect to home page
        return redirect(url_for("home"))
Beispiel #21
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        user = user_repo.get_by_name(user_data['screen_name'])
        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))

    login_user(user, remember=True)
    flash("Welcome back %s" % user.fullname, 'success')
    if ((user.email_addr != user.name) and user.newsletter_prompted is False
            and newsletter.is_initialized()):
        return redirect(url_for('account.newsletter_subscribe', next=next_url))
    if user.email_addr != user.name:
        return redirect(next_url)
    else:
        flash("Please update your e-mail address in your profile page")
        return redirect(url_for('account.update_profile', name=user.name))
Beispiel #22
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data["email"])
        if user is None:
            name = username_from_full_name(user_data["name"])
            user = user_repo.get_by_name(name)

        msg, method = get_user_signup_method(user)
        flash(msg, "info")
        if method == "local":
            return redirect(url_for("account.forgot_password"))
        else:
            return redirect(url_for("account.signin"))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, "success")
        if user.newsletter_prompted is False and newsletter.is_initialized():
            return redirect(url_for("account.newsletter_subscribe", next=next_url))
        return redirect(next_url)
Beispiel #23
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data['email'])
        if user is None:
            name = username_from_full_name(user_data['name'])
            user = user_repo.get_by_name(name)

        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        if user.newsletter_prompted is False and newsletter.is_initialized():
            return redirect(
                url_for('account.newsletter_subscribe', next=next_url))
        return redirect(next_url)
Beispiel #24
0
def manage_user_login(user, user_data, next_url):
    """Manage user login."""
    if user is None:
        # Give a hint for the user
        user = user_repo.get_by(email_addr=user_data['email'])
        if user is None:
            name = user_data['name'].encode('ascii', 'ignore').lower().replace(' ', '')
            user = user_repo.get_by_name(name)

        msg, method = get_user_signup_method(user)
        flash(msg, 'info')
        if method == 'local':
            return redirect(url_for('account.forgot_password'))
        else:
            return redirect(url_for('account.signin'))
    else:
        login_user(user, remember=True)
        flash("Welcome back %s" % user.fullname, 'success')
        if user.newsletter_prompted is False and newsletter.app:
            return redirect(url_for('account.newsletter_subscribe',
                                    next=next_url))
        return redirect(next_url)
Beispiel #25
0
def signin():
    """
    Signin method for PYBOSSA users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.body)
    isLdap = current_app.config.get('LDAP_HOST', False)
    if (request.method == 'POST' and form.validate() and isLdap is False):
        password = form.password.data
        email_addr = form.email.data.lower()
        user = user_repo.search_by_email(email_addr=email_addr)
        if user and not user.enabled:
            brand = current_app.config['BRAND']
            flash(
                gettext('Your account is disabled. '
                        'Please contact your {} administrator.'.format(brand)),
                'error')
            return redirect(url_for('home.home'))
        if user and user.check_password(password):
            if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
                msg_1 = gettext('Welcome back') + ' ' + user.fullname
                flash(msg_1, 'success')
                return _sign_in_user(user)
            else:
                _email_two_factor_auth(user)
                url_token = otp.generate_url_token(user.email_addr)
                next_url = is_own_url_or_else(request.args.get('next'),
                                              url_for('home.home'))
                return redirect_content_type(
                    url_for('account.otpvalidation',
                            token=url_token,
                            next=next_url))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext('Ooops, Incorrect email/password')
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign up?")
            flash(msg, 'info')

    if (request.method == 'POST' and form.validate() and isLdap):
        password = form.password.data
        cn = form.email.data
        ldap_user = None
        if ldap.bind_user(cn, password):
            ldap_user = ldap.get_object_details(cn)
            key = current_app.config.get('LDAP_USER_FILTER_FIELD')
            value = ldap_user[key][0]
            user_db = user_repo.get_by(ldap=value)
            if (user_db is None):
                keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS')
                user_data = dict(
                    fullname=ldap_user[keyfields['fullname']][0],
                    name=ldap_user[keyfields['name']][0],
                    email_addr=ldap_user[keyfields['email_addr']][0],
                    valid_email=True,
                    ldap=value,
                    consent=True)
                create_account(user_data, ldap_disabled=False)
            else:
                login_user(user_db, remember=True)
        else:
            msg = gettext("User LDAP credentials are wrong.")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if (isLdap is False):
            if ('twitter' in current_app.blueprints):  # pragma: no cover
                auth['twitter'] = True
            if ('facebook' in current_app.blueprints):  # pragma: no cover
                auth['facebook'] = True
            if ('google' in current_app.blueprints):  # pragma: no cover
                auth['google'] = True
        next_url = is_own_url_or_else(request.args.get('next'),
                                      url_for('home.home'))
        response = dict(template='account/signin.html',
                        title="Sign in",
                        form=form,
                        auth=auth,
                        next=next_url)
        return handle_content_type(response)
    else:
        # User already signed in, so redirect to home page
        return redirect_content_type(url_for("home.home"))
Beispiel #26
0
def signin():
    """
    Signin method for PYBOSSA users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.body)
    isLdap = current_app.config.get('LDAP_HOST', False)
    if (request.method == 'POST' and form.validate()
            and isLdap is False):
        password = form.password.data
        email = form.email.data
        user = user_repo.get_by(email_addr=email)
        if user and user.check_password(password):
            if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
                msg_1 = gettext("Welcome back") + " " + user.fullname
                flash(msg_1, 'success')
                return _sign_in_user(user)
            else:
                _email_two_factor_auth(user)
                url_token = otp.generate_url_token(user.email_addr)
                return redirect_content_type(url_for('account.otpvalidation',
                                             token=url_token,
                                             next=request.args.get('next')))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext("Ooops, Incorrect email/password")
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign up?")
            flash(msg, 'info')

    if (request.method == 'POST' and form.validate()
            and isLdap):
        password = form.password.data
        cn = form.email.data
        ldap_user = None
        if ldap.bind_user(cn, password):
            ldap_user = ldap.get_object_details(cn)
            key = current_app.config.get('LDAP_USER_FILTER_FIELD')
            value = ldap_user[key][0]
            user_db = user_repo.get_by(ldap=value)
            if (user_db is None):
                keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS')
                user_data = dict(fullname=ldap_user[keyfields['fullname']][0],
                                 name=ldap_user[keyfields['name']][0],
                                 email_addr=ldap_user[keyfields['email_addr']][0],
                                 valid_email=True,
                                 ldap=value,
                                 consent=False)
                _create_account(user_data, ldap_disabled=False)
            else:
                login_user(user_db, remember=True)
        else:
            msg = gettext("User LDAP credentials are wrong.")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False, 'wechat': False, 'weibo' : False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if (isLdap is False):
            for isp in OAuthProviders:
                if (isp in current_app.blueprints):  # pragma: no cover
                    auth[isp] = True
        response = dict(template='account/signin.html',
                        title="Sign in",
                        form=form,
                        auth=auth,
                        next=request.args.get('next'))
        return handle_content_type(response)
    else:
        # User already signed in, so redirect to home page
        return redirect_content_type(url_for("home.home"))
Beispiel #27
0
def signin():
    """
    Signin method for PYBOSSA users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.body)
    isLdap = current_app.config.get('LDAP_HOST', False)
    if (request.method == 'POST' and form.validate()
            and isLdap is False):
        password = form.password.data
        email = form.email.data
        user = user_repo.get_by(email_addr=email)
        if user and user.check_password(password):
            if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
                msg_1 = gettext("Welcome back") + " " + user.fullname
                flash(msg_1, 'success')
                return _sign_in_user(user)
            else:
                _email_two_factor_auth(user)
                url_token = otp.generate_url_token(user.email_addr)
                return redirect_content_type(url_for('account.otpvalidation',
                                             token=url_token,
                                             next=request.args.get('next')))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext("Ooops, Incorrect email/password")
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign up?")
            flash(msg, 'info')

    if (request.method == 'POST' and form.validate()
            and isLdap):
        password = form.password.data
        cn = form.email.data
        ldap_user = None
        if ldap.bind_user(cn, password):
            ldap_user = ldap.get_object_details(cn)
            user_db = user_repo.get_by(name=ldap_user['cn'][0])
            if (user_db is None):
                user_data = dict(fullname=ldap_user['givenName'][0],
                                 name=cn,
                                 email_addr=cn,
                                 valid_email=True,
                                 consent=False)
                _create_account(user_data, ldap_disabled=False)
            else:
                login_user(user_db, remember=True)
        else:
            msg = gettext("User LDAP credentials are wrong.")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if (isLdap is False):
            if ('twitter' in current_app.blueprints):  # pragma: no cover
                auth['twitter'] = True
            if ('facebook' in current_app.blueprints):  # pragma: no cover
                auth['facebook'] = True
            if ('google' in current_app.blueprints):  # pragma: no cover
                auth['google'] = True
        response = dict(template='account/signin.html',
                        title="Sign in",
                        form=form,
                        auth=auth,
                        next=request.args.get('next'))
        return handle_content_type(response)
    else:
        # User already signed in, so redirect to home page
        return redirect_content_type(url_for("home.home"))