Ejemplo n.º 1
0
def authenticate(project_id=None):
    """Authentication form"""
    form = AuthenticationForm()
    # Try to get project_id from token first
    token = request.args.get("token")
    if token:
        project_id = Project.verify_token(token, token_type="non_timed_token")
        token_auth = True
    else:
        if not form.id.data and request.args.get("project_id"):
            form.id.data = request.args["project_id"]
        project_id = form.id.data
        token_auth = False
    if project_id is None:
        # User doesn't provide project identifier or a valid token
        # return to authenticate form
        msg = _("You either provided a bad token or no project identifier.")
        form.errors["id"] = [msg]
        return render_template("authenticate.html", form=form)

    project = Project.query.get(project_id)
    if not project:
        # If the user tries to connect to an unexisting project, we will
        # provide them with a link to the creation form.
        return render_template(
            "authenticate.html", form=form, create_project=project_id
        )

    # if credentials are already in session, redirect
    if session.get(project_id):
        setattr(g, "project", project)
        return redirect(url_for(".list_bills"))

    # else do form authentication or token authentication
    is_post_auth = request.method == "POST" and form.validate()
    if (
        is_post_auth
        and check_password_hash(project.password, form.password.data)
        or token_auth
    ):
        # maintain a list of visited projects
        if "projects" not in session:
            session["projects"] = []
        # add the project on the top of the list
        session["projects"].insert(0, (project_id, project.name))
        session[project_id] = True
        # Set session to permanent to make language choice persist
        session.permanent = True
        session.update()
        setattr(g, "project", project)
        return redirect(url_for(".list_bills"))
    if is_post_auth and not check_password_hash(project.password, form.password.data):
        msg = _("This private code is not the right one")
        form.errors["password"] = [msg]

    return render_template("authenticate.html", form=form)
Ejemplo n.º 2
0
def authenticate(project_id=None):
    """Authentication form"""
    form = AuthenticationForm()
    # Try to get project_id from token first
    token = request.args.get('token')
    if token:
        project_id = Project.verify_token(token, token_type='non_timed_token')
        token_auth = True
    else:
        if not form.id.data and request.args.get('project_id'):
            form.id.data = request.args['project_id']
        project_id = form.id.data
        token_auth = False
    if project_id is None:
        # User doesn't provide project identifier or a valid token
        # return to authenticate form
        msg = _("You either provided a bad token or no project identifier.")
        form.errors["id"] = [msg]
        return render_template("authenticate.html", form=form)

    project = Project.query.get(project_id)
    if not project:
        # If the user try to connect to an unexisting project, we will
        # propose him a link to the creation form.
        return render_template("authenticate.html", form=form, create_project=project_id)

    # if credentials are already in session, redirect
    if session.get(project_id):
        setattr(g, 'project', project)
        return redirect(url_for(".list_bills"))

    # else do form authentication or token authentication
    is_post_auth = request.method == "POST" and form.validate()
    if is_post_auth and check_password_hash(project.password, form.password.data) or token_auth:
        # maintain a list of visited projects
        if "projects" not in session:
            session["projects"] = []
        # add the project on the top of the list
        session["projects"].insert(0, (project_id, project.name))
        session[project_id] = True
        session.update()
        setattr(g, 'project', project)
        return redirect(url_for(".list_bills"))
    if is_post_auth and not check_password_hash(project.password, form.password.data):
        msg = _("This private code is not the right one")
        form.errors['password'] = [msg]

    return render_template("authenticate.html", form=form)
Ejemplo n.º 3
0
def home():
    project_form = ProjectForm()
    auth_form = AuthenticationForm()
    is_demo_project_activated = current_app.config['ACTIVATE_DEMO_PROJECT']
    is_public_project_creation_allowed = current_app.config['ALLOW_PUBLIC_PROJECT_CREATION']

    return render_template("home.html", project_form=project_form,
                           is_demo_project_activated=is_demo_project_activated,
                           is_public_project_creation_allowed=is_public_project_creation_allowed,
                           auth_form=auth_form, session=session)
Ejemplo n.º 4
0
def authenticate(project_id=None):
    """Authentication form"""
    form = AuthenticationForm()
    if not form.id.data and request.args.get('project_id'):
        form.id.data = request.args['project_id']
    project_id = form.id.data
    if project_id is None:
        # User doesn't provide project identifier, return to authenticate form
        msg = _("You need to enter a project identifier")
        form.errors["id"] = [msg]
        return render_template("authenticate.html", form=form)

    project = Project.query.get(project_id)
    if not project:
        # If the user try to connect to an unexisting project, we will
        # propose him a link to the creation form.
        return render_template("authenticate.html", form=form, create_project=project_id)

    # if credentials are already in session, redirect
    if session.get(project_id):
        setattr(g, 'project', project)
        return redirect(url_for(".list_bills"))

    if request.method == "POST" and form.validate():
        if not form.password.data == project.password:
            msg = _("This private code is not the right one")
            form.errors['password'] = [msg]
            return render_template("authenticate.html", form=form)
        # maintain a list of visited projects
        if "projects" not in session:
            session["projects"] = []
        # add the project on the top of the list
        session["projects"].insert(0, (project_id, project.name))
        session[project_id] = True
        session.update()
        setattr(g, 'project', project)
        return redirect(url_for(".list_bills"))

    return render_template("authenticate.html", form=form)
Ejemplo n.º 5
0
def authenticate(project_id=None):
    """Authentication form"""
    form = AuthenticationForm()
    if not form.id.data and request.args.get('project_id'):
        form.id.data = request.args['project_id']
    project_id = form.id.data
    if project_id is None:
        # User doesn't provide project identifier, return to authenticate form
        msg = _("You need to enter a project identifier")
        form.errors["id"] = [msg]
        return render_template("authenticate.html", form=form)
    else:
        project = Project.query.get(project_id)

    create_project = False  # We don't want to create the project by default
    if not project:
        # But if the user try to connect to an unexisting project, we will
        # propose him a link to the creation form.
        if request.method == "POST":
            form.validate()
        else:
            create_project = project_id

    else:
        # if credentials are already in session, redirect
        if project_id in session and project.password == session[project_id]:
            setattr(g, 'project', project)
            return redirect(url_for(".list_bills"))

        # else process the form
        if request.method == "POST":
            if form.validate():
                if not form.password.data == project.password:
                    msg = _("This private code is not the right one")
                    form.errors['password'] = [msg]
                else:
                    # maintain a list of visited projects
                    if "projects" not in session:
                        session["projects"] = []
                    # add the project on the top of the list
                    session["projects"].insert(0, (project_id, project.name))
                    session[project_id] = form.password.data
                    session.update()
                    setattr(g, 'project', project)
                    return redirect(url_for(".list_bills"))

    return render_template("authenticate.html", form=form,
                           create_project=create_project)