def login(self, request): _message, _code = _(u'Please log in.'), 401 # Try to get an already logged in user if request.session.get('user_id', None): return redirect_to('portal/index') if request.authorization: auth = request.authorization try: user = User.query.get(auth.username) if user.check_password(request.authorization.password): self.set_user(request, user) request.flash(_(u'You are now logged in.'), True) return redirect_to('portal/index') else: _message, _code = _(u'Invalid login.'), 403 except db.NoResultFound: _message, _code = _(u'Invalid login'), 403 # ask for login response = Response( _message, _code, {'WWW-Authenticate': 'Basic realm="%s' % self.realm}) abort(response)
def confirm(self, request, key): try: ret = call_confirm(key) except KeyError: ret = _(u'Key not found. Maybe it has already been used?'), False except Expired: ret = _(u'The supplied key is not valid anymore.'), False if isinstance(ret, tuple) and len(ret) == 2: return Response(u'%s: %s' % (['success', 'fail'][not ret[1]], ret[0]), mimetype='text/plain') return ret
def login(self, request): """Like `register` just for login.""" form = self.get_login_form(request) # some login systems require an external login URL. try: rv = self.before_login(request) if rv is not None: return rv except LoginUnsucessful as err: request.flash(lazy_gettext(unicode(err)), False) # only validate if the before_login handler did not already cause # an error. In that case there is not much win in validating # twice, it would clear the error added. if form.validate_on_submit(): try: fd = form.data rv = self.perform_login( request, username=fd["username"], password=fd["password"], permanent=fd["permanent"] ) except LoginUnsucessful as err: request.flash(lazy_gettext(unicode(err)), False) else: if rv is not None: return rv request.flash(_(u"You are now logged in."), True) return form.redirect("portal/index") return self.render_login_template(request, form)
def login(self, request): """Like `register` just for login.""" form = self.get_login_form(request) # some login systems require an external login URL. try: rv = self.before_login(request) if rv is not None: return rv except LoginUnsucessful as err: request.flash(lazy_gettext(unicode(err)), False) # only validate if the before_login handler did not already cause # an error. In that case there is not much win in validating # twice, it would clear the error added. if form.validate_on_submit(): try: fd = form.data rv = self.perform_login(request, username=fd['username'], password=fd['password'], permanent=fd['permanent']) except LoginUnsucessful as err: request.flash(lazy_gettext(unicode(err)), False) else: if rv is not None: return rv request.flash(_(u'You are now logged in.'), True) return form.redirect('portal/index') return self.render_login_template(request, form)
def deactivate(self, request): form = DeactivateProfileForm(request.form) if form.validate_on_submit(): if not request.user.check_password(form.password.data): form.password.errors = [_(u'The password was not correct.')] else: user = request.user get_auth_system().logout(request) user.deactivate() db.session.commit() request.flash(_(u'Your profile was deactivated successfully'), success=True) return redirect(href('portal/index')) return { 'form': form }
def password(self, request): form = get_change_password_form(request)(request.form) if form.validate_on_submit(): if not request.user.check_password(form.old_password.data): form.old_password.errors = [_(u'The password you entered ' u'doesn\'t match your old one.')] else: request.user.set_password(form.new_password.data) db.session.commit() request.flash(_(u'Your password was changed successfully'), success=True) return redirect(href('usercp/index')) return { 'random_pw': form.new_password.data, 'form': form, }
def activate_user(data): try: u = User.query.get(data["user"]) except db.NoResultFound: return redirect_to("portal/index") u.status = "normal" db.session.commit() ctx.current_request.flash(_(u"Activation successful, you can now login with your credentials")) return redirect_to("portal/login")
def activate_user(data): try: u = User.query.get(data['user']) except db.NoResultFound: return redirect_to('portal/index') u.status = 'normal' db.session.commit() ctx.current_request.flash( _(u'Activation successful, you can now login with your credentials')) return redirect_to('portal/login')
def __init__(self, formdata=None, expand_all=False, *args, **kwargs): self.expand_all = expand_all if not expand_all: choices = [(x,x) for x in self.dynamic_fields] self._unbound_fields += [ ('new_field', fields.SelectField(choices=choices)), ('add_field', fields.SubmitField(_(u'Add filter')))] Form.__init__(self, formdata=formdata, *args, **kwargs)
class QuestionsContentProvider(ITaggableContentProvider): type = 'forum_questions' name = _('Questions') def get_taggable_content(self, tag): return Question.query.order_by(Question.score, Question.view_count) \ .filter(db.and_( question_tag.c.tag_id == tag.id, question_tag.c.question_id == Question.id )).options(db.noload('votes'), db.noload('author'))
def __init__(self, formdata=None, expand_all=False, *args, **kwargs): self.expand_all = expand_all if not expand_all: choices = [(x, x) for x in self.dynamic_fields] self._unbound_fields += [ ('new_field', fields.SelectField(choices=choices)), ('add_field', fields.SubmitField(_(u'Add filter'))) ] Form.__init__(self, formdata=formdata, *args, **kwargs)
def profile(self, request): profile = UserProfile.query.filter_by(user_id=request.user.id).first() form = ProfileForm(request.form, profile=profile) if request.method == 'POST' and form.validate(): form.save() request.flash(_(u'Your profile was saved successfully'), True) return { 'form': form }
def logout(self, request): """This has to logout the user again. This method must not fail. If the logout requires the redirect to an external resource it might return a redirect response. That resource then should not redirect back to the logout page, but instead directly to the **current** `request.next_url`. Most auth systems do not have to implement this method. The default one calls `set_user(request, None)`. """ self.set_user(request, None) request.flash(_(u"You have been logged out successfully."), True)
def logout(self, request): """This has to logout the user again. This method must not fail. If the logout requires the redirect to an external resource it might return a redirect response. That resource then should not redirect back to the logout page, but instead directly to the **current** `request.next_url`. Most auth systems do not have to implement this method. The default one calls `set_user(request, None)`. """ self.set_user(request, None) request.flash(_(u'You have been logged out successfully.'), True)
def perform_login(self, request, username, password, permanent=False): try: user = User.query.get(username) except db.NoResultFound: raise LoginUnsucessful(self.login_failed_message) if user.check_password(password): self.set_user(request, user) if permanent: request.session.permanent = True request.flash(_(u"You are now logged in.")) return redirect_to("portal/index") else: raise LoginUnsucessful(self.login_failed_message)
def perform_login(self, request, username, password, permanent=False): try: user = User.query.get(username) except db.NoResultFound: raise LoginUnsucessful(self.login_failed_message) if user.check_password(password): self.set_user(request, user) if permanent: request.session.permanent = True request.flash(_(u'You are now logged in.')) return redirect_to('portal/index') else: raise LoginUnsucessful(self.login_failed_message)
def tags(self, request): cloud, more = Tag.query.public().get_cloud() if request.method in ('POST', 'PUT'): # the user choosed a tag by manually entered name name = request.form.get('tag') tag = Tag.query.filter_by(name=name).first() if tag is not None: return redirect_to('portal/tag', slug=tag.slug) request.flash(_(u'The tag ā%sā does not exist' % name), False) return { 'tag_cloud': cloud, 'tag_names': [t['name'] for t in cloud] }
def login(self, request): _message, _code = _(u"Please log in."), 401 # Try to get an already logged in user if request.session.get("user_id", None): return redirect_to("portal/index") if request.authorization: auth = request.authorization try: user = User.query.get(auth.username) if user.check_password(request.authorization.password): self.set_user(request, user) request.flash(_(u"You are now logged in."), True) return redirect_to("portal/index") else: _message, _code = _(u"Invalid login."), 403 except db.NoResultFound: _message, _code = _(u"Invalid login"), 403 # ask for login response = Response(_message, _code, {"WWW-Authenticate": 'Basic realm="%s' % self.realm}) abort(response)
class EasyAuth(IAuthSystem): """Auth system that uses the user model for authentication. It also supports permanent sessions using the `_permanent_session` key in the current session. """ #: This message is occured if the login fails. login_failed_message = _( u'User is unknown or the password is not correct.') def get_login_form(self, request, default=None): """Returns the login form.""" default = {} if default is None else default return LoginForm(self, request.form, **default) @templated('portal/register.html') def register(self, request): """Called like a view function with only the request. Has to do the register heavy-lifting. Auth systems that only use the internal database do not have to override this method. Implementers that override this function *have* to call `after_register` to finish the registration of the new user. If `before_register` is unnused it does not have to be called, otherwise as documented. """ rv = self.before_register(request) if rv is not None: return rv form = get_registration_form(request)(request.form) if form.validate_on_submit(): user = User(username=form.username.data, email=form.email.data, password=form.password.data) db.session.commit() r = self.after_register(request, user) if isinstance(r, Response): return r return redirect_to('portal/index') return {'form': form, 'random_pw': form.password.data} def after_register(self, request, user): """ Tasks to be performed after the registration. Per default this sends an activation email. """ # send the activation email. c = Confirm('activate_user', {'user': user.id}, 3) db.session.commit() tasks.send_activation_mail.delay(user.id, c.url) def login(self, request): """Like `register` just for login.""" form = self.get_login_form(request) # some login systems require an external login URL. try: rv = self.before_login(request) if rv is not None: return rv except LoginUnsucessful as err: request.flash(lazy_gettext(unicode(err)), False) # only validate if the before_login handler did not already cause # an error. In that case there is not much win in validating # twice, it would clear the error added. if form.validate_on_submit(): try: fd = form.data rv = self.perform_login(request, username=fd['username'], password=fd['password'], permanent=fd['permanent']) except LoginUnsucessful as err: request.flash(lazy_gettext(unicode(err)), False) else: if rv is not None: return rv request.flash(_(u'You are now logged in.'), True) return form.redirect('portal/index') return self.render_login_template(request, form) @templated('portal/login.html') def render_login_template(self, request, form): """Renders the login template""" return {'login_form': form} def logout(self, request): """This has to logout the user again. This method must not fail. If the logout requires the redirect to an external resource it might return a redirect response. That resource then should not redirect back to the logout page, but instead directly to the **current** `request.next_url`. Most auth systems do not have to implement this method. The default one calls `set_user(request, None)`. """ self.set_user(request, None) request.flash(_(u'You have been logged out successfully.'), True) def perform_login(self, request, username, password, permanent=False): try: user = User.query.get(username) except db.NoResultFound: raise LoginUnsucessful(self.login_failed_message) if user.check_password(password): self.set_user(request, user) if permanent: request.session.permanent = True request.flash(_(u'You are now logged in.')) return redirect_to('portal/index') else: raise LoginUnsucessful(self.login_failed_message) def get_user(self, request): if request.session.get('user_id'): return User.query.get(request.session.get('user_id')) else: return User.query.get_anonymous() def set_user(self, request, user): if user is None: user = User.query.get_anonymous() request.session.permanent = False request.session['user_id'] = user.id
def display_title(self): if self.title: return self.title return _(u'Paste #%d') % self.id
def __unicode__(self): return _(u'Comment by %s on %s') % ( self.author.display_name, self.article.title )
def __unicode__(self): return _(u'Comment by %s on %s') % (self.author.display_name, self.article.title)
class ArticlesContentProvider(ITaggableContentProvider): type = 'news_articles' name = _('Articles') def get_taggable_content(self, tag): return tag.articles.order_by('view_count')