class GetSetForm(forms.Form):
firstname = forms.StringField("First name")
lastname = forms.StringField("Last name")
company = forms.StringField("Company") # Test for NOT having get_/set_company
password = forms.PasswordField("Password")
confirm_password = forms.PasswordField("Confirm password")
def get_firstname(self, obj):
return obj.fullname.split(' ', 1)[0]
def get_lastname(self, obj):
parts = obj.fullname.split(' ', 1)
if len(parts) > 1:
return parts[-1]
return ''
def get_password(self, obj):
return ''
def get_confirm_password(self, obj):
return ''
def set_firstname(self, obj):
pass
def set_lastname(self, obj):
obj.fullname = self.firstname.data + " " + self.lastname.data
def set_password(self, obj):
obj.password = self.password.data
def set_confirm_password(self, obj):
pass
class PasswordChangeForm(forms.Form):
__returns__ = ('password_strength', )
__expects__ = ('edit_user', )
old_password = forms.PasswordField(
__("Current password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(max=40)
],
)
password = forms.PasswordField(
__("New password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
PasswordStrengthValidator(),
],
)
confirm_password = forms.PasswordField(
__("Confirm password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
forms.validators.EqualTo('password'),
],
)
def validate_old_password(self, field):
if self.edit_user is None:
raise forms.ValidationError(_("Not logged in"))
if not self.edit_user.password_is(field.data):
raise forms.ValidationError(_("Incorrect password"))
class PasswordChangeForm(forms.Form):
old_password = forms.PasswordField(__("Current password"), validators=[forms.validators.DataRequired()])
password = forms.PasswordField(__("New password"), validators=[forms.validators.DataRequired()])
confirm_password = forms.PasswordField(__("Confirm password"),
validators=[forms.validators.DataRequired(), forms.validators.EqualTo('password')])
def validate_old_password(self, field):
if self.edit_user is None:
raise forms.ValidationError(_("Not logged in"))
if not self.edit_user.password_is(field.data):
raise forms.ValidationError(_("Incorrect password"))
class RegisterForm(forms.Form):
fullname = forms.StringField(__("Full name"),
validators=[forms.validators.DataRequired()])
email = forms.EmailField(__("Email address"),
validators=[
forms.validators.DataRequired(),
forms.validators.ValidEmail()
],
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
})
username = forms.StringField(
__("Username"),
validators=[forms.validators.DataRequired()],
description=__(
"Single word that can contain letters, numbers and dashes"),
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
})
password = forms.PasswordField(
__("Password"), validators=[forms.validators.DataRequired()])
confirm_password = forms.PasswordField(
__("Confirm password"),
validators=[
forms.validators.DataRequired(),
forms.validators.EqualTo('password')
])
recaptcha = wtf.RecaptchaField(
__("Are you human?"),
description=__(
"Type both words into the text box to prove that you are a human and not a computer program"
))
def validate_username(self, field):
if field.data in current_app.config['RESERVED_USERNAMES']:
raise forms.ValidationError, _("This name is reserved")
if not valid_username(field.data):
raise forms.ValidationError(
_(u"Invalid characters in name. Names must be made of ‘a-z’, ‘0-9’ and ‘-’, without trailing dashes"
))
existing = User.get(username=field.data)
if existing is not None:
raise forms.ValidationError(_("This username is taken"))
def validate_email(self, field):
field.data = field.data.lower() # Convert to lowercase
existing = UserEmail.get(email=field.data)
if existing is not None:
raise forms.ValidationError(
Markup(
_(u"This email address is already registered. Do you want to <a href=\"{loginurl}\">login</a> instead?"
).format(loginurl=escape(url_for('.login')))))
class PasswordResetForm(forms.Form):
username = forms.StringField(__("Username or Email"), validators=[forms.validators.DataRequired()],
description=__("Please reconfirm your username or email address"),
widget_attrs={'autocorrect': 'none', 'autocapitalize': 'none'})
password = forms.PasswordField(__("New password"), validators=[forms.validators.DataRequired()])
confirm_password = forms.PasswordField(__("Confirm password"),
validators=[forms.validators.DataRequired(), forms.validators.EqualTo('password')])
def validate_username(self, field):
user = getuser(field.data)
if user is None or user != self.edit_user:
raise forms.ValidationError(
_("This username or email does not match the user the reset code is for"))
class LoginForm(forms.Form):
username = forms.StringField(
__("Username or Email"),
validators=[forms.validators.DataRequired()],
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
},
)
password = forms.PasswordField(
__("Password"), validators=[forms.validators.DataRequired()])
def validate_username(self, field):
existing = getuser(field.data)
if existing is None:
raise forms.ValidationError(_("User does not exist"))
def validate_password(self, field):
if not self.username.data:
# Can't validate password without a user
return
user = getuser(self.username.data)
if user and not user.pw_hash:
raise LoginPasswordResetException()
if user is None or not user.password_is(field.data):
if not self.username.errors:
raise forms.ValidationError(_("Incorrect password"))
self.user = user
class PasswordPolicyForm(forms.Form):
password = forms.PasswordField(
__("Password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(max=40)
],
)
class PasswordCreateForm(forms.Form):
__returns__ = ('password_strength', )
__expects__ = ('edit_user', )
password = forms.PasswordField(
__("New password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
PasswordStrengthValidator(),
],
)
confirm_password = forms.PasswordField(
__("Confirm password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
forms.validators.EqualTo('password'),
],
)
class RegisterForm(forms.RecaptchaForm):
__returns__ = ('password_strength', ) # Set by PasswordStrengthValidator
fullname = forms.StringField(
__("Full name"),
description=__(
"This account is for you as an individual. We’ll make one for your organization later"
),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(max=80)
],
)
email = forms.EmailField(
__("Email address"),
validators=[
forms.validators.DataRequired(),
EmailAddressAvailable(purpose='register'),
],
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
},
)
password = forms.PasswordField(
__("Password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
PasswordStrengthValidator(user_input_fields=['fullname', 'email']),
],
)
confirm_password = forms.PasswordField(
__("Confirm password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
forms.validators.EqualTo('password'),
],
)
class LoginForm(forms.Form):
__returns__ = ('user', 'weak_password')
username = forms.StringField(
__("Username or Email"),
validators=[forms.validators.DataRequired()],
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
},
)
password = forms.PasswordField(
__("Password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(max=40)
],
)
# These two validators depend on being called in sequence
def validate_username(self, field):
self.user = getuser(field.data)
if self.user is None:
raise forms.ValidationError(_("User does not exist"))
def validate_password(self, field):
if not self.user:
# Can't validate password without a user
return
if not self.user.pw_hash:
raise LoginPasswordResetException()
if not self.user.password_is(field.data, upgrade_hash=True):
if not self.username.errors:
raise forms.ValidationError(_("Incorrect password"))
# Test for weak password. This gives us two options:
#
# 1. Flag it but allow login to proceed. Let the view ask the user nicely.
# The user may ignore it or may comply and change their password.
#
# 2. Block the login and force the user to reset their password. Makes for
# stronger policy, with the risk the user will (a) abandon the login, or
# (b) not have a valid email address on file (for example, an expired
# employer-owned email address they can no longer access).
#
# We're using option 1 here, but can switch to option 2 by raising
# LoginPasswordWeakException after the test. The calling code in views/login.py
# supports both outcomes.
# password_policy.test_password(<password>)['is_weak'] returns True/False
self.weak_password = password_policy.test_password(
field.data)['is_weak']
class PasswordForm(forms.Form):
__expects__ = ('edit_user', )
password = forms.PasswordField(
__("Password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(max=40)
],
)
def validate_password(self, field):
if not self.edit_user.password_is(field.data):
raise forms.ValidationError(_("Incorrect password"))
class RegisterForm(forms.RecaptchaForm):
fullname = forms.StringField(
__("Full name"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(max=80)
],
)
email = forms.EmailField(
__("Email address"),
validators=[
forms.validators.DataRequired(),
forms.validators.ValidEmail()
],
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
},
)
password = forms.PasswordField(
__("Password"), validators=[forms.validators.DataRequired()])
confirm_password = forms.PasswordField(
__("Confirm password"),
validators=[
forms.validators.DataRequired(),
forms.validators.EqualTo('password'),
],
)
def validate_email(self, field):
field.data = field.data.lower() # Convert to lowercase
existing = UserEmail.get(email=field.data)
if existing is not None:
raise forms.ValidationError(
Markup(
_("This email address is already registered. Do you want to <a href=\"{loginurl}\">login</a> instead?"
).format(loginurl=escape(url_for('.login')))))
class PasswordResetForm(forms.RecaptchaForm):
__returns__ = ('password_strength', )
username = forms.StringField(
__("Username or Email"),
validators=[forms.validators.DataRequired()],
description=__("Please reconfirm your username or email address"),
widget_attrs={
'autocorrect': 'none',
'autocapitalize': 'none'
},
)
password = forms.PasswordField(
__("New password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
PasswordStrengthValidator(user_input_fields=['username']),
],
)
confirm_password = forms.PasswordField(
__("Confirm password"),
validators=[
forms.validators.DataRequired(),
forms.validators.Length(min=8, max=40),
forms.validators.EqualTo('password'),
],
)
def validate_username(self, field):
user = getuser(field.data)
if user is None or user != self.edit_user:
raise forms.ValidationError(
_("This username or email does not match the user the reset code is "
"for"))
