def signin():
"""
Signin method for PYBOSSA users.
Returns a Jinja2 template with the result of signing process.
"""
form = LoginForm(request.body)
if request.method == 'POST' and form.validate():
password = form.password.data
email_addr = form.email.data.lower()
user = user_repo.search_by_email(email_addr=email_addr)
if user and not user.enabled:
flash(gettext('Your account is disabled. '
'Please contact your GIGwork administrator.'),
'error')
return redirect(url_for('home.home'))
if user and user.check_password(password):
if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
msg_1 = gettext('Welcome back') + ' ' + user.fullname
flash(msg_1, 'success')
return _sign_in_user(user)
else:
_email_two_factor_auth(user)
url_token = otp.generate_url_token(user.email_addr)
return redirect_content_type(url_for('account.otpvalidation',
token=url_token,
next=request.args.get('next')))
elif user:
msg, method = get_user_signup_method(user)
if method == 'local':
msg = gettext('Ooops, Incorrect email/password')
flash(msg, 'error')
else:
flash(msg, 'info')
else:
msg = gettext("Ooops, we didn't find you in the system, \
did you sign up?")
flash(msg, 'info')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
auth = {'twitter': False, 'facebook': False, 'google': False}
if current_user.is_anonymous():
# If Twitter is enabled in config, show the Twitter Sign in button
if ('twitter' in current_app.blueprints): # pragma: no cover
auth['twitter'] = True
if ('facebook' in current_app.blueprints): # pragma: no cover
auth['facebook'] = True
if ('google' in current_app.blueprints): # pragma: no cover
auth['google'] = True
response = dict(template='account/signin.html',
title="Sign in",
form=form,
auth=auth,
next=request.args.get('next'))
return handle_content_type(response)
else:
# User already signed in, so redirect to home page
return redirect_content_type(url_for("home.home"))
def signin():
"""
Signin method for PYBOSSA users.
Returns a Jinja2 template with the result of signing process.
"""
form = LoginForm(request.body)
isLdap = current_app.config.get('LDAP_HOST', False)
if (request.method == 'POST' and form.validate() and isLdap is False):
password = form.password.data
email_addr = form.email.data.lower()
user = user_repo.search_by_email(email_addr=email_addr)
if user and not user.enabled:
brand = current_app.config['BRAND']
flash(
gettext('Your account is disabled. '
'Please contact your {} administrator.'.format(brand)),
'error')
return redirect(url_for('home.home'))
if user and user.check_password(password):
if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
msg_1 = gettext('Welcome back') + ' ' + user.fullname
flash(msg_1, 'success')
return _sign_in_user(user)
else:
_email_two_factor_auth(user)
url_token = otp.generate_url_token(user.email_addr)
next_url = is_own_url_or_else(request.args.get('next'),
url_for('home.home'))
return redirect_content_type(
url_for('account.otpvalidation',
token=url_token,
next=next_url))
elif user:
msg, method = get_user_signup_method(user)
if method == 'local':
msg = gettext('Ooops, Incorrect email/password')
flash(msg, 'error')
else:
flash(msg, 'info')
else:
msg = gettext("Ooops, we didn't find you in the system, \
did you sign up?")
flash(msg, 'info')
if (request.method == 'POST' and form.validate() and isLdap):
password = form.password.data
cn = form.email.data
ldap_user = None
if ldap.bind_user(cn, password):
ldap_user = ldap.get_object_details(cn)
key = current_app.config.get('LDAP_USER_FILTER_FIELD')
value = ldap_user[key][0]
user_db = user_repo.get_by(ldap=value)
if (user_db is None):
keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS')
user_data = dict(
fullname=ldap_user[keyfields['fullname']][0],
name=ldap_user[keyfields['name']][0],
email_addr=ldap_user[keyfields['email_addr']][0],
valid_email=True,
ldap=value,
consent=True)
create_account(user_data, ldap_disabled=False)
else:
login_user(user_db, remember=True)
else:
msg = gettext("User LDAP credentials are wrong.")
flash(msg, 'info')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
auth = {'twitter': False, 'facebook': False, 'google': False}
if current_user.is_anonymous():
# If Twitter is enabled in config, show the Twitter Sign in button
if (isLdap is False):
if ('twitter' in current_app.blueprints): # pragma: no cover
auth['twitter'] = True
if ('facebook' in current_app.blueprints): # pragma: no cover
auth['facebook'] = True
if ('google' in current_app.blueprints): # pragma: no cover
auth['google'] = True
next_url = is_own_url_or_else(request.args.get('next'),
url_for('home.home'))
response = dict(template='account/signin.html',
title="Sign in",
form=form,
auth=auth,
next=next_url)
return handle_content_type(response)
else:
# User already signed in, so redirect to home page
return redirect_content_type(url_for("home.home"))
def signin():
"""
Signin method for PYBOSSA users.
Returns a Jinja2 template with the result of signing process.
"""
form = LoginForm(request.body)
isLdap = current_app.config.get('LDAP_HOST', False)
if (request.method == 'POST' and form.validate()
and isLdap is False):
password = form.password.data
email = form.email.data
user = user_repo.get_by(email_addr=email)
if user and user.check_password(password):
if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
msg_1 = gettext("Welcome back") + " " + user.fullname
flash(msg_1, 'success')
return _sign_in_user(user)
else:
_email_two_factor_auth(user)
url_token = otp.generate_url_token(user.email_addr)
return redirect_content_type(url_for('account.otpvalidation',
token=url_token,
next=request.args.get('next')))
elif user:
msg, method = get_user_signup_method(user)
if method == 'local':
msg = gettext("Ooops, Incorrect email/password")
flash(msg, 'error')
else:
flash(msg, 'info')
else:
msg = gettext("Ooops, we didn't find you in the system, \
did you sign up?")
flash(msg, 'info')
if (request.method == 'POST' and form.validate()
and isLdap):
password = form.password.data
cn = form.email.data
ldap_user = None
if ldap.bind_user(cn, password):
ldap_user = ldap.get_object_details(cn)
key = current_app.config.get('LDAP_USER_FILTER_FIELD')
value = ldap_user[key][0]
user_db = user_repo.get_by(ldap=value)
if (user_db is None):
keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS')
user_data = dict(fullname=ldap_user[keyfields['fullname']][0],
name=ldap_user[keyfields['name']][0],
email_addr=ldap_user[keyfields['email_addr']][0],
valid_email=True,
ldap=value,
consent=False)
_create_account(user_data, ldap_disabled=False)
else:
login_user(user_db, remember=True)
else:
msg = gettext("User LDAP credentials are wrong.")
flash(msg, 'info')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
auth = {'twitter': False, 'facebook': False, 'google': False, 'wechat': False, 'weibo' : False}
if current_user.is_anonymous():
# If Twitter is enabled in config, show the Twitter Sign in button
if (isLdap is False):
for isp in OAuthProviders:
if (isp in current_app.blueprints): # pragma: no cover
auth[isp] = True
response = dict(template='account/signin.html',
title="Sign in",
form=form,
auth=auth,
next=request.args.get('next'))
return handle_content_type(response)
else:
# User already signed in, so redirect to home page
return redirect_content_type(url_for("home.home"))
def test_expire_token():
user_email = '*****@*****.**'
token = otp.generate_url_token(user_email)
otp.expire_token(token)
assert otp.retrieve_email_for_token(token) is None
def test_create_token():
user_email = '*****@*****.**'
token = otp.generate_url_token(user_email)
assert otp.retrieve_email_for_token(token) == user_email
def signin():
"""
Signin method for PYBOSSA users.
Returns a Jinja2 template with the result of signing process.
"""
form = LoginForm(request.body)
isLdap = current_app.config.get('LDAP_HOST', False)
if (request.method == 'POST' and form.validate()
and isLdap is False):
password = form.password.data
email = form.email.data
user = user_repo.get_by(email_addr=email)
if user and user.check_password(password):
if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
msg_1 = gettext("Welcome back") + " " + user.fullname
flash(msg_1, 'success')
return _sign_in_user(user)
else:
_email_two_factor_auth(user)
url_token = otp.generate_url_token(user.email_addr)
return redirect_content_type(url_for('account.otpvalidation',
token=url_token,
next=request.args.get('next')))
elif user:
msg, method = get_user_signup_method(user)
if method == 'local':
msg = gettext("Ooops, Incorrect email/password")
flash(msg, 'error')
else:
flash(msg, 'info')
else:
msg = gettext("Ooops, we didn't find you in the system, \
did you sign up?")
flash(msg, 'info')
if (request.method == 'POST' and form.validate()
and isLdap):
password = form.password.data
cn = form.email.data
ldap_user = None
if ldap.bind_user(cn, password):
ldap_user = ldap.get_object_details(cn)
user_db = user_repo.get_by(name=ldap_user['cn'][0])
if (user_db is None):
user_data = dict(fullname=ldap_user['givenName'][0],
name=cn,
email_addr=cn,
valid_email=True,
consent=False)
_create_account(user_data, ldap_disabled=False)
else:
login_user(user_db, remember=True)
else:
msg = gettext("User LDAP credentials are wrong.")
flash(msg, 'info')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
auth = {'twitter': False, 'facebook': False, 'google': False}
if current_user.is_anonymous():
# If Twitter is enabled in config, show the Twitter Sign in button
if (isLdap is False):
if ('twitter' in current_app.blueprints): # pragma: no cover
auth['twitter'] = True
if ('facebook' in current_app.blueprints): # pragma: no cover
auth['facebook'] = True
if ('google' in current_app.blueprints): # pragma: no cover
auth['google'] = True
response = dict(template='account/signin.html',
title="Sign in",
form=form,
auth=auth,
next=request.args.get('next'))
return handle_content_type(response)
else:
# User already signed in, so redirect to home page
return redirect_content_type(url_for("home.home"))
def test_expire_token():
user_email = '*****@*****.**'
token = otp.generate_url_token(user_email)
otp.expire_token(token)
assert otp.retrieve_email_for_token(token) is None
def test_create_token():
user_email = '*****@*****.**'
token = otp.generate_url_token(user_email)
assert otp.retrieve_email_for_token(token) == user_email
