def login(client, faker, user=None): if user is None: user = faker.user_details() db.session.add(user) db.session.commit() with client.session_transaction() as sess: sess['user_id'] = user.id sess['_fresh'] = True # https://flask-login.readthedocs.org/en/latest/#fresh-logins # Some stuff is created on first request, so do that client.get("/") # Login for access to functions directly login_user(user) resp = client.get("/login") soup = BeautifulSoup(resp.data, "html.parser") crf_token = soup.find( "input", {"name": "csrf_token"}, type="hidden", id="csrf_token" ) data = dict(email=user.email, password=user.password) if crf_token: data["csrf_token"] = crf_token.get("value") resp = client.post("/login", data=data, follow_redirects=True) return _datastore.find_user(email=user.email)
def init_users(): if not get_system_user(): user = _datastore.create_user( email='hal@discovery_one.uss', username=SYSTEM_USER_NAME, ) admin_email = current_app.config["ADMIN_EMAIL_ADDRESS"] admin_username = current_app.config["ADMIN_USERNAME"] if not _datastore.find_user( email=admin_email) and not _datastore.find_user( username=admin_username): print('Creating administrator "{}"'.format(admin_email)) user = _datastore.create_user( email=admin_email, username=admin_username, ) _datastore.add_role_to_user(user, get_admin_role()) db.session.commit()
def get_or_create_ldap_user(username): ldap = Ldap() if ldap.is_enabled(): username = standardize_username(username) ldap.login_nonpriv() ldap_user = ldap.search_username(username) if ldap_user is not None: user = _datastore.find_user( email=ldap_user['email']) or _datastore.find_user( username=ldap_user['username']) if not user: print('A') if current_app.config.get('LDAP_REQUIRE_EXISTING_USER', False): print('B') return None print('A') user = _datastore.create_user( email=ldap_user['email'], password=random_password(), ) user.email = ldap_user['email'] user.username = ldap_user['username'] user.first_name = ldap_user['given_name'] user.last_name = ldap_user['surname'] user.ldap_user = True db.session.add(user) db.session.commit() return _datastore.get_user(ldap_user['email'])
def validate(self): user_ip = request.headers.get('X-Forwarded-For', request.remote_addr) time_now = datetime.datetime.now() # Use super of LoginForm, not super of CustomLoginForm, since I # want to skip the LoginForm validate logic if not super(LoginForm, self).validate(): audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}]" ) return False self.email.data = remove_null_caracters(self.email.data) self.user = _datastore.find_user(username=self.email.data) if self.user is None: audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Invalid Username]") self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False self.user.password = remove_null_caracters(self.user.password) if not self.user.password: audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Invalid Password]") self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False self.password.data = remove_null_caracters(self.password.data) if not verify_and_update_password(self.password.data, self.user): audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Invalid Password]") self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False # if requires_confirmation(self.user): # self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) # return False if not self.user.is_active: audit_logger.warning( f"Invalid Login - User [{self.email.data}] from IP [{user_ip}] at [{time_now}] - " f"Reason: [Disabled Account]") self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def get_admin_user(): result = _datastore.find_user( email=current_app.config["ADMIN_EMAIL_ADDRESS"] ) or _datastore.find_user(username=current_app.config["ADMIN_USERNAME"]) return result
def get_system_user(): return _datastore.find_user(username=SYSTEM_USER_NAME)