def validate(self):
if self.name.data.strip() == '':
self.name.errors.append(get_message('NAME_NOT_PROVIDED')[0])
return False
if self.password.data.strip() == '':
self.password.errors.append(
get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = User.first(name=self.name.data)
if self.user is None:
self.user = User.create(name=self.name.data,
active=True,
password=encrypt_password(
self.password.data))
return True
if self.user is None:
self.name.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
if not self.user.password:
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
return True
def validate(self):
if not super(ExtendedChangePasswordForm, self).validate():
return False
if not verify_and_update_password(self.password.data, current_user):
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
if self.password.data.strip() == self.new_password.data.strip():
self.password.errors.append(get_message('PASSWORD_IS_THE_SAME')[0])
return False
return True
def validate(self):
if not super(DeploymentLoginForm, self).validate():
return False
if self.email.data.strip() == '':
self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0])
return False
if self.password.data.strip() == '':
self.password.errors.append(
get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = _datastore.find_user(email=self.email.data,
deployment=g.deployment)
if self.user is None:
self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
if not self.user.password:
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
if requires_confirmation(self.user):
self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0])
return False
if not self.user.is_active():
self.email.errors.append(get_message('DISABLED_ACCOUNT')[0])
return False
return True
def test_invalid_password(self):
self.extendedLoginForm.email.data = '*****@*****.**'
self.extendedLoginForm.password.data = 'incorrect password'
self.extendedLoginForm.validate()
self.log(self.extendedLoginForm)
assert get_message('INVALID_PASSWORD')[0] not in self.extendedLoginForm.password.errors
assert ExtendedLoginForm.MSG_INVALID_USERNAME_OR_PASSWORD in self.extendedLoginForm.form_errors
def test_user_does_not_exist_message(self):
self.extendedLoginForm.email.data = '*****@*****.**'
self.extendedLoginForm.password.data = 'does not matter'
self.extendedLoginForm.validate()
self.log(self.extendedLoginForm)
assert get_message('USER_DOES_NOT_EXIST')[0] not in self.extendedLoginForm.email.errors
assert ExtendedLoginForm.MSG_INVALID_USERNAME_OR_PASSWORD in self.extendedLoginForm.form_errors
def change_password():
form = ResetPasswordForm()
if form.validate_on_submit():
update_password(current_user, form.password.data)
flash(*get_message('PASSWORD_RESET'))
db.session.commit()
return redirect(url_for('general.profile'))
return render_template('general/change_password.html',
form=form)
def confirm_email(token):
"""View function which handles a email confirmation request."""
expired, invalid, user = confirm_email_token_status(token)
if not user or invalid:
invalid = True
do_flash(*get_message('INVALID_CONFIRMATION_TOKEN'))
if expired:
send_confirmation_instructions(user)
do_flash(*get_message('CONFIRMATION_EXPIRED', email=user.email,
within=_security.confirm_email_within))
if invalid or expired:
return redirect(get_url(_security.confirm_error_view) or
url_for_security('send_confirmation'))
if user.confirmed_at is not None:
do_flash(*get_message('ALREADY_CONFIRMED'))
return redirect(get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
if request.json:
form_data = MultiDict(request.json)
else:
form_data = request.form
form = forms.ConfirmEmailForm(form_data)
if form.validate_on_submit():
user.password = form.password.data
confirm_user(user) # this saves 'user'
if user != current_user:
logout_user()
login_user(user)
do_flash(*get_message('EMAIL_CONFIRMED'))
return redirect(get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
return render_template('security/confirm.html',
token=token,
confirm_form=form,
**_ctx('change_password')
)
def validate(self):
if not super(ExtendedLoginForm, self).validate():
return False
if self.login_name.data.strip() == '':
self.login_name.errors.append(get_message('EMAIL_NOT_PROVIDED')[0])
return False
if self.password.data.strip() == '':
self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = _datastore.get_user(self.login_name.data)
if self.user is None:
self.login_name.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
if not self.user.password:
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
if not self.user.is_active:
self.login_name.errors.append(get_message('DISABLED_ACCOUNT')[0])
return False
return True
def validate(self):
if not super(LoginForm, self).validate():
return False
self.user = m.User.query.filter_by(username=self.username.data).first()
if self.user is None:
self.user.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
if not self.user.password:
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
if requires_confirmation(self.user):
self.user.errors.append(get_message('CONFIRMATION_REQUIRED')[0])
return False
if not self.user.is_active():
self.user.errors.append(get_message('DISABLED_ACCOUNT')[0])
return False
return True
def validate(self):
print "in validate"
# if not super(LoginForm, self).validate():
# print "False1"
# return False
if self.name.data.strip() == '':
print "False2"
self.name.errors.append(get_message('NAME_NOT_PROVIDED')[0])
return False
if self.password.data.strip() == '':
self.password.errors.append(
get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = User.first(name=self.name.data)
if self.user is None:
self.user = User.create(name=self.name.data,
active=True,
password=encrypt_password(
self.password.data))
return True
print "got user as %s" % self.user
if self.user is None:
self.name.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
if not self.user.password:
print self.password.errors
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
print self.password.errors
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
return True
def validate(self):
print "in validate"
# if not super(LoginForm, self).validate():
# print "False1"
# return False
if self.name.data.strip() == '':
print "False2"
self.name.errors.append(get_message('NAME_NOT_PROVIDED')[0])
return False
if self.password.data.strip() == '':
self.password.errors.append(
get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = User.first(name=self.name.data)
if self.user is None:
self.user = User.create(
name=self.name.data, active=True,
password=encrypt_password(self.password.data))
return True
print "got user as %s" % self.user
if self.user is None:
self.name.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
if not self.user.password:
print self.password.errors
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
print self.password.errors
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
return True
def can_create_user(email, password, password_confirm, deployment):
data = MultiDict(dict(email=email, password=password,
password_confirm=password_confirm))
form = RegisterForm(data, csrf_enabled=False)
if form.validate():
return True, {}
email_errors = form.errors.get('email', [])
if (len(email_errors) == 1) and \
(email_errors[0] ==
get_message('EMAIL_ALREADY_ASSOCIATED', email=email)[0]):
accounts = users.find(email=email, deployment=deployment)
if not accounts:
return True, {}
return False, form.errors
def validate(self):
# this is a temporary fix to allow login to accounts with empty
# passwords; this should not be permitted generally.
if self.password.data.strip() == '':
self.password.data = '_empty_'
# skip calling parent's validate, but do call parent's parent
if not super(SecurityLoginForm, self).validate():
return False
if self.email.data.strip() == '':
self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0])
return False
# TODO: this will become functional once empty passwords are disallowed
if self.password.data.strip() == '':
self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0])
return False
self.user = _datastore.get_user(self.email.data)
if self.user is None:
self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0])
return False
# this is changed from upstream, to make non-PasswordUsers fail early
# and reliably
if not isinstance(self.user, models.PasswordUser):
self.password.errors.append(get_message('PASSWORD_NOT_SET')[0])
return False
# this is changed from upstream, to fail due to unconfirmed before
# checking for wrong password, to ensure a better error message
if self.user.confirmed_at is None:
self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0])
return False
if not verify_and_update_password(self.password.data, self.user):
self.password.errors.append(get_message('INVALID_PASSWORD')[0])
return False
if not self.user.is_active():
self.email.errors.append(get_message('DISABLED_ACCOUNT')[0])
return False
return True
def unique_user_subdomain(form, field):
if User.query.filter_by(subdomain=field.data).first():
msg = get_message('SUBDOMAIN_ALREADY_ASSOCIATED',
subdomain=field.data)[0]
raise ValidationError(msg)
