def register():
# access to registration may not be for the public
if current_user.is_anonymous() and not app.config.get(
"ACCOUNT_ALLOW_REGISTER", False):
abort(404)
if request.method == "GET":
fc = AccountFactory.get_register_formcontext()
return fc.render_template()
elif request.method == "POST":
fc = AccountFactory.get_register_formcontext(request.form)
if not fc.validate():
flash("There was a problem with your form", "error")
return fc.render_template()
# if the form validates, then check the legality of the submission
try:
fc.legal()
except exceptions.AccountException as e:
flash(e.message, "error")
return fc.render_template()
# if we get to here, then create the user record
fc.finalise()
# tell the user that everything is good
flash("Account created - activation token sent", "success")
# redirect to the appropriate next page
return redirect(
url_for(app.config.get("ACCOUNT_REGISTER_REDIECT_ROUTE")))
def reset(reset_token):
Account = AccountFactory.get_model()
acc = Account.get_by_reset_token(reset_token)
if acc is None:
abort(404)
if not acc.can_log_in():
abort(404)
if request.method == "GET":
fc = AccountFactory.get_reset_formcontext(acc)
return fc.render_template()
elif request.method == "POST":
fc = AccountFactory.get_reset_formcontext(acc, request.form)
if not fc.validate():
flash("There was a problem with your form", "error")
return fc.render_template()
# if the form is good, finalise the user's password change
fc.finalise()
# log the user in
_do_login(acc)
flash("Password has been reset and you have been logged in", "success")
return redirect(url_for(app.config.get("ACCOUNT_LOGIN_REDIRECT_ROUTE", "index")))
def username(username):
Account = AccountFactory.get_model()
acc = Account.pull(username)
if acc is None:
try:
acc = Account.pull_by_email(username)
except exceptions.NonUniqueAccountException:
flash("Permanent Error: these user credentials are invalid - please contact an administrator", "error")
return redirect(url_for(("logut")))
if acc is None:
abort(404)
# actions on this page are only availble to the actual user, or a user with the edit-users role
if current_user.id != acc.id or not current_user.has_role(app.config.get("ACCOUNT_EDIT_USERS_ROLE")):
abort(401)
# if this is a request for the user page, just render it
if request.method == "GET":
fc = AccountFactory.get_user_formcontext(acc)
return fc.render_template()
is_delete = request.method == "DELETE" or (request.method == "POST" and request.values.get("submit", False) == "Delete")
if is_delete:
# validate the delete
if not current_user.check_password(request.values.get("password")):
flash("Incorrect password", "error")
fc = AccountFactory.get_user_formcontext(acc=acc)
return fc.render_template()
# if the password validates, go ahead and do it
acc.remove() # Note we don't use the DAO's delete method - this allows the model to decide the delete behaviour
_do_logout()
flash('Account {x} deleted'.format(x=username), "success")
return redirect(url_for(app.config.get("ACCOUNT_LOGOUT_REDIRECT_ROUTE", "index")))
if request.method == "POST":
fc = AccountFactory.get_user_formcontext(acc=acc, form_data=request.form)
# attempt to validate the form
if not fc.validate():
flash("There was a problem when submitting the form", "error")
return fc.render_template()
# if the form validates, then check the legality of the submission
try:
fc.legal()
except exceptions.AccountException as e:
flash(e.message, "error")
return fc.render_template()
# if we get to here, then update the user record
fc.finalise()
# tell the user that everything is good
flash("Account updated", "success")
# end with a redirect because some details have changed
return redirect(url_for("account.username", username=fc.target.email))
def register():
# access to registration may not be for the public
if current_user.is_anonymous() and not app.config.get("ACCOUNT_ALLOW_REGISTER", False):
abort(404)
if request.method == "GET":
fc = AccountFactory.get_register_formcontext()
return fc.render_template()
elif request.method == "POST":
fc = AccountFactory.get_register_formcontext(request.form)
if not fc.validate():
flash("There was a problem with your form", "error")
return fc.render_template()
# if the form validates, then check the legality of the submission
try:
fc.legal()
except exceptions.AccountException as e:
flash(e.message, "error")
return fc.render_template()
# if we get to here, then create the user record
fc.finalise()
# tell the user that everything is good
flash("Account created - activation token sent", "success")
# redirect to the appropriate next page
return redirect(url_for(app.config.get("ACCOUNT_REGISTER_REDIECT_ROUTE")))
def activate(activation_token):
account = AccountFactory.get_model().get_by_activation_token(
activation_token)
if account is None:
abort(404)
if not account.can_log_in():
abort(404)
if request.method == "GET":
fc = AccountFactory.get_activate_formcontext(account)
return fc.render_template()
elif request.method == "POST":
fc = AccountFactory.get_activate_formcontext(account, request.form)
if not fc.validate():
flash("There was a problem with your form", "error")
return fc.render_template()
# if the form is good, finalise the user's password change
fc.finalise()
# log the user in
_do_login(account)
flash("Your account has been activated and you have been logged in",
"success")
return redirect(
url_for(app.config.get("ACCOUNT_LOGIN_REDIRECT_ROUTE", "index")))
def forgot():
if request.method == "GET":
fc = AccountFactory.get_forgot_formcontext()
return fc.render_template()
if request.method == 'POST':
fc = AccountFactory.get_forgot_formcontext(form_data=request.form)
# attempt to validate the form
if not fc.validate():
flash("There was a problem when submitting the form", "error")
return fc.render_template()
# call finalise on the context, to trigger the reset process
try:
fc.finalise()
except exceptions.NonUniqueAccountException:
flash("Permanent Error: cannot reset password for this account - please contact an administrator", "error")
return fc.render_template()
except exceptions.AccountNotFoundException:
flash('Your account email address is not recognised.', 'error')
return fc.render_template()
except exceptions.AccountException:
flash("Unable to reset the password for this account", "error")
return fc.render_template()
# if we get to here, reset was successful, so we should redirect the user
return redirect(url_for(app.config.get("ACCOUNT_FORGOT_REDIRECT_ROUTE", "account.forgot_pending")))
def forgot():
if request.method == "GET":
fc = AccountFactory.get_forgot_formcontext()
return fc.render_template()
if request.method == 'POST':
fc = AccountFactory.get_forgot_formcontext(form_data=request.form)
# attempt to validate the form
if not fc.validate():
flash("There was a problem when submitting the form", "error")
return fc.render_template()
# call finalise on the context, to trigger the reset process
try:
fc.finalise()
except exceptions.NonUniqueAccountException:
flash(
"Permanent Error: cannot reset password for this account - please contact an administrator",
"error")
return fc.render_template()
except exceptions.AccountNotFoundException:
flash('Your account email address is not recognised.', 'error')
return fc.render_template()
except exceptions.AccountException:
flash("Unable to reset the password for this account", "error")
return fc.render_template()
# if we get to here, reset was successful, so we should redirect the user
return redirect(
url_for(
app.config.get("ACCOUNT_FORGOT_REDIRECT_ROUTE",
"account.forgot_pending")))
def _check_email(self):
suggested = self.form.email.data
try:
existing = AccountFactory.get_model().pull_by_email(suggested)
return existing is None
except exceptions.NonUniqueAccountException:
return False
def run(self, argv):
parser = argparse.ArgumentParser()
parser.add_argument("-e", "--email", help="email address of user")
parser.add_argument("-p", "--password", help="password for the new or existing user. If omitted, you will be prompted for one on the next line")
parser.add_argument("-r", "--role", help="comma separated list of roles to be held by this account")
args = parser.parse_args(argv)
if not args.email:
print "Please specify an email with the -e option"
parser.print_help()
exit()
if not args.role:
print "WARNING: no role specified, so this user won't be able to do anything"
email = args.email
password = None
roles = [r.strip() for r in args.role.split(",")] if args.role is not None else []
if args.password:
password = args.password
else:
password = self._input_password()
Account = AccountFactory.get_model()
acc = Account.pull_by_email(email)
if not acc:
acc = Account()
acc.email = email
acc.role = roles
acc.set_password(password)
acc.save()
def finalise(self):
super(BasicRegisterFormContext, self).finalise()
# handle the possibility that the account already exists
existing = AccountFactory.get_model().pull_by_email(self.form.email.data)
if existing is not None:
if not existing.can_log_in():
raise exceptions.CannotLoginException("This email address is currently not allowed to log in to the system")
else:
existing = AccountFactory.get_model()()
# populate the account with the email address, and set the activation mode
existing.email = self.form.email.data
existing.role = app.config.get("ACCOUNT_DEFAULT_ROLES", [])
existing.activate_activation_mode()
existing.save(blocking=True)
self._send_activation_email(existing)
def login():
# current_info = {'next': request.args.get('next', '')}
fc = AccountFactory.get_login_formcontext(request.form)
if request.method == 'POST':
if fc.validate():
password = fc.form.password.data
email = fc.form.email.data
Account = AccountFactory.get_model()
try:
user = Account.pull_by_email(email)
except exceptions.NonUniqueAccountException:
flash(
"Permanent Error: unable to log you in with these credentials - please contact an administrator",
"error")
return fc.render_template()
if user is not None:
if not user.can_log_in():
flash('Invalid credentials', 'error')
return fc.render_template()
if user.check_password(password):
inlog = _do_login(user)
if not inlog:
flash("Problem logging in", "error")
return fc.render_template()
else:
flash('Welcome back.', 'success')
return redirect(get_redirect_target(form=fc.form))
else:
flash('Incorrect username/password', 'error')
return fc.render_template()
else:
flash('Incorrect username/password', 'error')
return fc.render_template()
else:
flash('Invalid credentials', 'error')
return fc.render_template()
def finalise(self):
super(ForgotFormContext, self).finalise()
Account = AccountFactory.get_model()
acc = Account.pull_by_email(self.form.email.data)
if acc is None:
raise exceptions.AccountNotFoundException("There is no user account with that email address")
acc.activate_reset_mode()
acc.save()
self._send_reset_email(acc)
def login():
# current_info = {'next': request.args.get('next', '')}
fc = AccountFactory.get_login_formcontext(request.form)
if request.method == 'POST':
if fc.validate():
password = fc.form.password.data
email = fc.form.email.data
Account = AccountFactory.get_model()
try:
user = Account.pull_by_email(email)
except exceptions.NonUniqueAccountException:
flash("Permanent Error: unable to log you in with these credentials - please contact an administrator", "error")
return fc.render_template()
if user is not None:
if not user.can_log_in():
flash('Invalid credentials', 'error')
return fc.render_template()
if user.check_password(password):
inlog = _do_login(user)
if not inlog:
flash("Problem logging in", "error")
return fc.render_template()
else:
flash('Welcome back.', 'success')
return redirect(get_redirect_target(form=fc.form))
else:
flash('Incorrect username/password', 'error')
return fc.render_template()
else:
flash('Incorrect username/password', 'error')
return fc.render_template()
else:
flash('Invalid credentials', 'error')
return fc.render_template()
def _check_email(self):
suggested = self.form.email.data
provided = self.source.email
# if they have not changed their email, no need to look any further
if suggested == provided:
return True
# otherwise we need to see if there's an email of this type already
try:
existing = AccountFactory.get_model().pull_by_email(suggested)
return existing is None
except exceptions.NonUniqueAccountException:
return False
def form2obj(cls, form, acc=None):
if acc is None:
klazz = AccountFactory.get_model()
acc = klazz()
else:
acc = acc.clone()
# update the email address
if form.email.data:
acc.email = form.email.data
# if a new password has been provided, update it
if form.new_password.data:
acc.set_password(form.new_password.data)
return acc
def username(username):
Account = AccountFactory.get_model()
acc = Account.pull(username)
if acc is None:
try:
acc = Account.pull_by_email(username)
except exceptions.NonUniqueAccountException:
flash(
"Permanent Error: these user credentials are invalid - please contact an administrator",
"error")
return redirect(url_for(("logut")))
if acc is None:
abort(404)
# actions on this page are only availble to the actual user, or a user with the edit-users role
if current_user.id != acc.id or not current_user.has_role(
app.config.get("ACCOUNT_EDIT_USERS_ROLE")):
abort(401)
# if this is a request for the user page, just render it
if request.method == "GET":
fc = AccountFactory.get_user_formcontext(acc)
return fc.render_template()
is_delete = request.method == "DELETE" or (
request.method == "POST"
and request.values.get("submit", False) == "Delete")
if is_delete:
# validate the delete
if not current_user.check_password(request.values.get("password")):
flash("Incorrect password", "error")
fc = AccountFactory.get_user_formcontext(acc=acc)
return fc.render_template()
# if the password validates, go ahead and do it
acc.remove(
) # Note we don't use the DAO's delete method - this allows the model to decide the delete behaviour
_do_logout()
flash('Account {x} deleted'.format(x=username), "success")
return redirect(
url_for(app.config.get("ACCOUNT_LOGOUT_REDIRECT_ROUTE", "index")))
if request.method == "POST":
fc = AccountFactory.get_user_formcontext(acc=acc,
form_data=request.form)
# attempt to validate the form
if not fc.validate():
flash("There was a problem when submitting the form", "error")
return fc.render_template()
# if the form validates, then check the legality of the submission
try:
fc.legal()
except exceptions.AccountException as e:
flash(e.message, "error")
return fc.render_template()
# if we get to here, then update the user record
fc.finalise()
# tell the user that everything is good
flash("Account updated", "success")
# end with a redirect because some details have changed
return redirect(url_for("account.username", username=fc.target.email))
def load_account_for_login_manager(userid):
from octopus.modules.account.factory import AccountFactory
acc = AccountFactory.get_model().pull(userid)
return acc
def load_account_for_login_manager(userid):
from octopus.modules.account.factory import AccountFactory
acc = AccountFactory.get_model().pull(userid)
return acc
