def register(): # access to registration may not be for the public if current_user.is_anonymous() and not app.config.get( "ACCOUNT_ALLOW_REGISTER", False): abort(404) if request.method == "GET": fc = AccountFactory.get_register_formcontext() return fc.render_template() elif request.method == "POST": fc = AccountFactory.get_register_formcontext(request.form) if not fc.validate(): flash("There was a problem with your form", "error") return fc.render_template() # if the form validates, then check the legality of the submission try: fc.legal() except exceptions.AccountException as e: flash(e.message, "error") return fc.render_template() # if we get to here, then create the user record fc.finalise() # tell the user that everything is good flash("Account created - activation token sent", "success") # redirect to the appropriate next page return redirect( url_for(app.config.get("ACCOUNT_REGISTER_REDIECT_ROUTE")))
def reset(reset_token): Account = AccountFactory.get_model() acc = Account.get_by_reset_token(reset_token) if acc is None: abort(404) if not acc.can_log_in(): abort(404) if request.method == "GET": fc = AccountFactory.get_reset_formcontext(acc) return fc.render_template() elif request.method == "POST": fc = AccountFactory.get_reset_formcontext(acc, request.form) if not fc.validate(): flash("There was a problem with your form", "error") return fc.render_template() # if the form is good, finalise the user's password change fc.finalise() # log the user in _do_login(acc) flash("Password has been reset and you have been logged in", "success") return redirect(url_for(app.config.get("ACCOUNT_LOGIN_REDIRECT_ROUTE", "index")))
def username(username): Account = AccountFactory.get_model() acc = Account.pull(username) if acc is None: try: acc = Account.pull_by_email(username) except exceptions.NonUniqueAccountException: flash("Permanent Error: these user credentials are invalid - please contact an administrator", "error") return redirect(url_for(("logut"))) if acc is None: abort(404) # actions on this page are only availble to the actual user, or a user with the edit-users role if current_user.id != acc.id or not current_user.has_role(app.config.get("ACCOUNT_EDIT_USERS_ROLE")): abort(401) # if this is a request for the user page, just render it if request.method == "GET": fc = AccountFactory.get_user_formcontext(acc) return fc.render_template() is_delete = request.method == "DELETE" or (request.method == "POST" and request.values.get("submit", False) == "Delete") if is_delete: # validate the delete if not current_user.check_password(request.values.get("password")): flash("Incorrect password", "error") fc = AccountFactory.get_user_formcontext(acc=acc) return fc.render_template() # if the password validates, go ahead and do it acc.remove() # Note we don't use the DAO's delete method - this allows the model to decide the delete behaviour _do_logout() flash('Account {x} deleted'.format(x=username), "success") return redirect(url_for(app.config.get("ACCOUNT_LOGOUT_REDIRECT_ROUTE", "index"))) if request.method == "POST": fc = AccountFactory.get_user_formcontext(acc=acc, form_data=request.form) # attempt to validate the form if not fc.validate(): flash("There was a problem when submitting the form", "error") return fc.render_template() # if the form validates, then check the legality of the submission try: fc.legal() except exceptions.AccountException as e: flash(e.message, "error") return fc.render_template() # if we get to here, then update the user record fc.finalise() # tell the user that everything is good flash("Account updated", "success") # end with a redirect because some details have changed return redirect(url_for("account.username", username=fc.target.email))
def register(): # access to registration may not be for the public if current_user.is_anonymous() and not app.config.get("ACCOUNT_ALLOW_REGISTER", False): abort(404) if request.method == "GET": fc = AccountFactory.get_register_formcontext() return fc.render_template() elif request.method == "POST": fc = AccountFactory.get_register_formcontext(request.form) if not fc.validate(): flash("There was a problem with your form", "error") return fc.render_template() # if the form validates, then check the legality of the submission try: fc.legal() except exceptions.AccountException as e: flash(e.message, "error") return fc.render_template() # if we get to here, then create the user record fc.finalise() # tell the user that everything is good flash("Account created - activation token sent", "success") # redirect to the appropriate next page return redirect(url_for(app.config.get("ACCOUNT_REGISTER_REDIECT_ROUTE")))
def activate(activation_token): account = AccountFactory.get_model().get_by_activation_token( activation_token) if account is None: abort(404) if not account.can_log_in(): abort(404) if request.method == "GET": fc = AccountFactory.get_activate_formcontext(account) return fc.render_template() elif request.method == "POST": fc = AccountFactory.get_activate_formcontext(account, request.form) if not fc.validate(): flash("There was a problem with your form", "error") return fc.render_template() # if the form is good, finalise the user's password change fc.finalise() # log the user in _do_login(account) flash("Your account has been activated and you have been logged in", "success") return redirect( url_for(app.config.get("ACCOUNT_LOGIN_REDIRECT_ROUTE", "index")))
def forgot(): if request.method == "GET": fc = AccountFactory.get_forgot_formcontext() return fc.render_template() if request.method == 'POST': fc = AccountFactory.get_forgot_formcontext(form_data=request.form) # attempt to validate the form if not fc.validate(): flash("There was a problem when submitting the form", "error") return fc.render_template() # call finalise on the context, to trigger the reset process try: fc.finalise() except exceptions.NonUniqueAccountException: flash("Permanent Error: cannot reset password for this account - please contact an administrator", "error") return fc.render_template() except exceptions.AccountNotFoundException: flash('Your account email address is not recognised.', 'error') return fc.render_template() except exceptions.AccountException: flash("Unable to reset the password for this account", "error") return fc.render_template() # if we get to here, reset was successful, so we should redirect the user return redirect(url_for(app.config.get("ACCOUNT_FORGOT_REDIRECT_ROUTE", "account.forgot_pending")))
def forgot(): if request.method == "GET": fc = AccountFactory.get_forgot_formcontext() return fc.render_template() if request.method == 'POST': fc = AccountFactory.get_forgot_formcontext(form_data=request.form) # attempt to validate the form if not fc.validate(): flash("There was a problem when submitting the form", "error") return fc.render_template() # call finalise on the context, to trigger the reset process try: fc.finalise() except exceptions.NonUniqueAccountException: flash( "Permanent Error: cannot reset password for this account - please contact an administrator", "error") return fc.render_template() except exceptions.AccountNotFoundException: flash('Your account email address is not recognised.', 'error') return fc.render_template() except exceptions.AccountException: flash("Unable to reset the password for this account", "error") return fc.render_template() # if we get to here, reset was successful, so we should redirect the user return redirect( url_for( app.config.get("ACCOUNT_FORGOT_REDIRECT_ROUTE", "account.forgot_pending")))
def _check_email(self): suggested = self.form.email.data try: existing = AccountFactory.get_model().pull_by_email(suggested) return existing is None except exceptions.NonUniqueAccountException: return False
def run(self, argv): parser = argparse.ArgumentParser() parser.add_argument("-e", "--email", help="email address of user") parser.add_argument("-p", "--password", help="password for the new or existing user. If omitted, you will be prompted for one on the next line") parser.add_argument("-r", "--role", help="comma separated list of roles to be held by this account") args = parser.parse_args(argv) if not args.email: print "Please specify an email with the -e option" parser.print_help() exit() if not args.role: print "WARNING: no role specified, so this user won't be able to do anything" email = args.email password = None roles = [r.strip() for r in args.role.split(",")] if args.role is not None else [] if args.password: password = args.password else: password = self._input_password() Account = AccountFactory.get_model() acc = Account.pull_by_email(email) if not acc: acc = Account() acc.email = email acc.role = roles acc.set_password(password) acc.save()
def finalise(self): super(BasicRegisterFormContext, self).finalise() # handle the possibility that the account already exists existing = AccountFactory.get_model().pull_by_email(self.form.email.data) if existing is not None: if not existing.can_log_in(): raise exceptions.CannotLoginException("This email address is currently not allowed to log in to the system") else: existing = AccountFactory.get_model()() # populate the account with the email address, and set the activation mode existing.email = self.form.email.data existing.role = app.config.get("ACCOUNT_DEFAULT_ROLES", []) existing.activate_activation_mode() existing.save(blocking=True) self._send_activation_email(existing)
def login(): # current_info = {'next': request.args.get('next', '')} fc = AccountFactory.get_login_formcontext(request.form) if request.method == 'POST': if fc.validate(): password = fc.form.password.data email = fc.form.email.data Account = AccountFactory.get_model() try: user = Account.pull_by_email(email) except exceptions.NonUniqueAccountException: flash( "Permanent Error: unable to log you in with these credentials - please contact an administrator", "error") return fc.render_template() if user is not None: if not user.can_log_in(): flash('Invalid credentials', 'error') return fc.render_template() if user.check_password(password): inlog = _do_login(user) if not inlog: flash("Problem logging in", "error") return fc.render_template() else: flash('Welcome back.', 'success') return redirect(get_redirect_target(form=fc.form)) else: flash('Incorrect username/password', 'error') return fc.render_template() else: flash('Incorrect username/password', 'error') return fc.render_template() else: flash('Invalid credentials', 'error') return fc.render_template()
def finalise(self): super(ForgotFormContext, self).finalise() Account = AccountFactory.get_model() acc = Account.pull_by_email(self.form.email.data) if acc is None: raise exceptions.AccountNotFoundException("There is no user account with that email address") acc.activate_reset_mode() acc.save() self._send_reset_email(acc)
def login(): # current_info = {'next': request.args.get('next', '')} fc = AccountFactory.get_login_formcontext(request.form) if request.method == 'POST': if fc.validate(): password = fc.form.password.data email = fc.form.email.data Account = AccountFactory.get_model() try: user = Account.pull_by_email(email) except exceptions.NonUniqueAccountException: flash("Permanent Error: unable to log you in with these credentials - please contact an administrator", "error") return fc.render_template() if user is not None: if not user.can_log_in(): flash('Invalid credentials', 'error') return fc.render_template() if user.check_password(password): inlog = _do_login(user) if not inlog: flash("Problem logging in", "error") return fc.render_template() else: flash('Welcome back.', 'success') return redirect(get_redirect_target(form=fc.form)) else: flash('Incorrect username/password', 'error') return fc.render_template() else: flash('Incorrect username/password', 'error') return fc.render_template() else: flash('Invalid credentials', 'error') return fc.render_template()
def _check_email(self): suggested = self.form.email.data provided = self.source.email # if they have not changed their email, no need to look any further if suggested == provided: return True # otherwise we need to see if there's an email of this type already try: existing = AccountFactory.get_model().pull_by_email(suggested) return existing is None except exceptions.NonUniqueAccountException: return False
def form2obj(cls, form, acc=None): if acc is None: klazz = AccountFactory.get_model() acc = klazz() else: acc = acc.clone() # update the email address if form.email.data: acc.email = form.email.data # if a new password has been provided, update it if form.new_password.data: acc.set_password(form.new_password.data) return acc
def username(username): Account = AccountFactory.get_model() acc = Account.pull(username) if acc is None: try: acc = Account.pull_by_email(username) except exceptions.NonUniqueAccountException: flash( "Permanent Error: these user credentials are invalid - please contact an administrator", "error") return redirect(url_for(("logut"))) if acc is None: abort(404) # actions on this page are only availble to the actual user, or a user with the edit-users role if current_user.id != acc.id or not current_user.has_role( app.config.get("ACCOUNT_EDIT_USERS_ROLE")): abort(401) # if this is a request for the user page, just render it if request.method == "GET": fc = AccountFactory.get_user_formcontext(acc) return fc.render_template() is_delete = request.method == "DELETE" or ( request.method == "POST" and request.values.get("submit", False) == "Delete") if is_delete: # validate the delete if not current_user.check_password(request.values.get("password")): flash("Incorrect password", "error") fc = AccountFactory.get_user_formcontext(acc=acc) return fc.render_template() # if the password validates, go ahead and do it acc.remove( ) # Note we don't use the DAO's delete method - this allows the model to decide the delete behaviour _do_logout() flash('Account {x} deleted'.format(x=username), "success") return redirect( url_for(app.config.get("ACCOUNT_LOGOUT_REDIRECT_ROUTE", "index"))) if request.method == "POST": fc = AccountFactory.get_user_formcontext(acc=acc, form_data=request.form) # attempt to validate the form if not fc.validate(): flash("There was a problem when submitting the form", "error") return fc.render_template() # if the form validates, then check the legality of the submission try: fc.legal() except exceptions.AccountException as e: flash(e.message, "error") return fc.render_template() # if we get to here, then update the user record fc.finalise() # tell the user that everything is good flash("Account updated", "success") # end with a redirect because some details have changed return redirect(url_for("account.username", username=fc.target.email))
def load_account_for_login_manager(userid): from octopus.modules.account.factory import AccountFactory acc = AccountFactory.get_model().pull(userid) return acc