def signin(): """ Signin method for PYBOSSA users. Returns a Jinja2 template with the result of signing process. """ form = LoginForm(request.body) if request.method == 'POST' and form.validate(): password = form.password.data email_addr = form.email.data.lower() user = user_repo.search_by_email(email_addr=email_addr) if user and not user.enabled: flash(gettext('Your account is disabled. ' 'Please contact your GIGwork administrator.'), 'error') return redirect(url_for('home.home')) if user and user.check_password(password): if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'): msg_1 = gettext('Welcome back') + ' ' + user.fullname flash(msg_1, 'success') return _sign_in_user(user) else: _email_two_factor_auth(user) url_token = otp.generate_url_token(user.email_addr) return redirect_content_type(url_for('account.otpvalidation', token=url_token, next=request.args.get('next'))) elif user: msg, method = get_user_signup_method(user) if method == 'local': msg = gettext('Ooops, Incorrect email/password') flash(msg, 'error') else: flash(msg, 'info') else: msg = gettext("Ooops, we didn't find you in the system, \ did you sign up?") flash(msg, 'info') if request.method == 'POST' and not form.validate(): flash(gettext('Please correct the errors'), 'error') auth = {'twitter': False, 'facebook': False, 'google': False} if current_user.is_anonymous(): # If Twitter is enabled in config, show the Twitter Sign in button if ('twitter' in current_app.blueprints): # pragma: no cover auth['twitter'] = True if ('facebook' in current_app.blueprints): # pragma: no cover auth['facebook'] = True if ('google' in current_app.blueprints): # pragma: no cover auth['google'] = True response = dict(template='account/signin.html', title="Sign in", form=form, auth=auth, next=request.args.get('next')) return handle_content_type(response) else: # User already signed in, so redirect to home page return redirect_content_type(url_for("home.home"))
def signin(): """ Signin method for PYBOSSA users. Returns a Jinja2 template with the result of signing process. """ form = LoginForm(request.body) isLdap = current_app.config.get('LDAP_HOST', False) if (request.method == 'POST' and form.validate() and isLdap is False): password = form.password.data email_addr = form.email.data.lower() user = user_repo.search_by_email(email_addr=email_addr) if user and not user.enabled: brand = current_app.config['BRAND'] flash( gettext('Your account is disabled. ' 'Please contact your {} administrator.'.format(brand)), 'error') return redirect(url_for('home.home')) if user and user.check_password(password): if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'): msg_1 = gettext('Welcome back') + ' ' + user.fullname flash(msg_1, 'success') return _sign_in_user(user) else: _email_two_factor_auth(user) url_token = otp.generate_url_token(user.email_addr) next_url = is_own_url_or_else(request.args.get('next'), url_for('home.home')) return redirect_content_type( url_for('account.otpvalidation', token=url_token, next=next_url)) elif user: msg, method = get_user_signup_method(user) if method == 'local': msg = gettext('Ooops, Incorrect email/password') flash(msg, 'error') else: flash(msg, 'info') else: msg = gettext("Ooops, we didn't find you in the system, \ did you sign up?") flash(msg, 'info') if (request.method == 'POST' and form.validate() and isLdap): password = form.password.data cn = form.email.data ldap_user = None if ldap.bind_user(cn, password): ldap_user = ldap.get_object_details(cn) key = current_app.config.get('LDAP_USER_FILTER_FIELD') value = ldap_user[key][0] user_db = user_repo.get_by(ldap=value) if (user_db is None): keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS') user_data = dict( fullname=ldap_user[keyfields['fullname']][0], name=ldap_user[keyfields['name']][0], email_addr=ldap_user[keyfields['email_addr']][0], valid_email=True, ldap=value, consent=True) create_account(user_data, ldap_disabled=False) else: login_user(user_db, remember=True) else: msg = gettext("User LDAP credentials are wrong.") flash(msg, 'info') if request.method == 'POST' and not form.validate(): flash(gettext('Please correct the errors'), 'error') auth = {'twitter': False, 'facebook': False, 'google': False} if current_user.is_anonymous(): # If Twitter is enabled in config, show the Twitter Sign in button if (isLdap is False): if ('twitter' in current_app.blueprints): # pragma: no cover auth['twitter'] = True if ('facebook' in current_app.blueprints): # pragma: no cover auth['facebook'] = True if ('google' in current_app.blueprints): # pragma: no cover auth['google'] = True next_url = is_own_url_or_else(request.args.get('next'), url_for('home.home')) response = dict(template='account/signin.html', title="Sign in", form=form, auth=auth, next=next_url) return handle_content_type(response) else: # User already signed in, so redirect to home page return redirect_content_type(url_for("home.home"))