def render_template(template_name, **context):
"""Renders a template into a string."""
template = jinja_env.get_template(template_name)
context['request'] = Request.current
context['theme'] = get_theme()
context['auth_system'] = get_auth_system()
return template.render(context)
def render_template(template_name, **context):
"""Renders a template into a string."""
template = jinja_env.get_template(template_name)
context['request'] = Request.current
context['theme'] = get_theme()
context['auth_system'] = get_auth_system()
return template.render(context)
def logout(request):
"""Logs the user out."""
if request.is_logged_in:
rv = get_auth_system().logout(request)
if rv is not None:
return rv
request.flash(_(u'You were logged out.'))
return redirect(request.next_url or url_for('kb.overview'))
def logout(request):
"""Logs the user out."""
if request.is_logged_in:
rv = get_auth_system().logout(request)
if rv is not None:
return rv
request.flash(_(u'You were logged out.'))
return redirect(request.next_url or url_for('kb.overview'))
def __init__(self, user, initial=None, action=None, request=None):
self.user = user
self.auth_system = get_auth_system()
if user is not None:
initial = forms.fill_dict(initial, real_name=user.real_name)
if not self.auth_system.email_managed_external:
initial['email'] = user.email
forms.Form.__init__(self, initial, action, request)
if self.auth_system.email_managed_external:
del self.fields['email']
def __init__(self, user, initial=None, action=None, request=None):
self.user = user
self.auth_system = get_auth_system()
if user is not None:
initial = forms.fill_dict(initial, real_name=user.real_name)
if not self.auth_system.email_managed_external:
initial['email'] = user.email
forms.Form.__init__(self, initial, action, request)
if self.auth_system.email_managed_external:
del self.fields['email']
def reset_password(request, email=None, key=None):
"""Resets the password if possible."""
auth = get_auth_system()
if not auth.can_reset_password:
raise NotFound()
form = ResetPasswordForm()
new_password = None
# if the user is logged in, he goes straight back to the overview
# page. Why would a user that is logged in (and does not anywhere
# see a link to that page) reset the password? Of course that does
# not give us anything security wise because he just has to logout.
if request.is_logged_in:
return redirect(url_for('kb.overview'))
# we came back from the link in the mail, try to reset the password
if email is not None:
for user in User.query.filter_by(email=email).all():
if user.password_reset_key == key:
break
else:
request.flash(_(u'The password-reset key expired or the link '
u'was invalid.'),
error=True)
return redirect(url_for('core.reset_password'))
new_password = user.set_random_password()
session.commit()
# otherwise validate the form
elif request.method == 'POST' and form.validate(request.form):
user = form.user
reset_url = url_for('core.reset_password',
email=user.email,
key=user.password_reset_key,
_external=True)
send_email(
_(u'Reset Password'),
render_template('mails/reset_password.txt',
user=user,
reset_url=reset_url), user.email)
request.flash(
_(u'A mail with a link to reset the password '
u'was sent to ā%sā') % user.email)
return redirect(url_for('kb.overview'))
return render_template('core/reset_password.html',
form=form.as_widget(),
new_password=new_password)
def reset_password(request, email=None, key=None):
"""Resets the password if possible."""
auth = get_auth_system()
if not auth.can_reset_password:
raise NotFound()
form = ResetPasswordForm()
new_password = None
# if the user is logged in, he goes straight back to the overview
# page. Why would a user that is logged in (and does not anywhere
# see a link to that page) reset the password? Of course that does
# not give us anything security wise because he just has to logout.
if request.is_logged_in:
return redirect(url_for('kb.overview'))
# we came back from the link in the mail, try to reset the password
if email is not None:
for user in User.query.filter_by(email=email).all():
if user.password_reset_key == key:
break
else:
request.flash(_(u'The password-reset key expired or the link '
u'was invalid.'), error=True)
return redirect(url_for('core.reset_password'))
new_password = user.set_random_password()
session.commit()
# otherwise validate the form
elif request.method == 'POST' and form.validate(request.form):
user = form.user
reset_url = url_for('core.reset_password', email=user.email,
key=user.password_reset_key, _external=True)
send_email(_(u'Reset Password'),
render_template('mails/reset_password.txt', user=user,
reset_url=reset_url), user.email)
request.flash(_(u'A mail with a link to reset the password '
u'was sent to ā%sā') % user.email)
return redirect(url_for('kb.overview'))
return render_template('core/reset_password.html', form=form.as_widget(),
new_password=new_password)
def user(self):
"""The current user."""
return get_auth_system().get_user(self)
def __init__(self, initial=None, action=None, request=None):
forms.Form.__init__(self, initial, action, request)
self.auth_system = get_auth_system()
if self.auth_system.passwordless:
del self.fields['password']
def edit_profile(request):
"""Allows the user to change profile information."""
return get_auth_system().edit_profile(request)
def user(self):
"""The current user."""
return get_auth_system().get_user(self)
def register(request):
"""Register a new user."""
if request.is_logged_in:
return redirect(request.next_url or url_for('kb.overview'))
return get_auth_system().register(request)
def register(request):
"""Register a new user."""
if request.is_logged_in:
return redirect(request.next_url or url_for('kb.overview'))
return get_auth_system().register(request)
def login(request):
"""Shows the login page."""
next_url = request.next_url or url_for('kb.overview')
if request.is_logged_in:
return redirect(next_url)
return get_auth_system().login(request)
def login(request):
"""Shows the login page."""
next_url = request.next_url or url_for('kb.overview')
if request.is_logged_in:
return redirect(next_url)
return get_auth_system().login(request)
def edit_profile(request):
"""Allows the user to change profile information."""
return get_auth_system().edit_profile(request)
def __init__(self, initial=None, action=None, request=None):
forms.Form.__init__(self, initial, action, request)
self.auth_system = get_auth_system()
if self.auth_system.passwordless:
del self.fields['password']
