def init_user_manager(app):
from flask_user import SQLAlchemyAdapter, UserManager
from ..core import db
from ..model import User
from ..service import userService
from .. import signals
db_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adapter)
user_manager.init_app(app)
import hashlib
def hash_password(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def generate_password_hash(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def verify_password(self, password, user):
return self.hash_password(password) == user.password
def login_manager_usercallback(user_id):
user_id = int(user_id) if isinstance(user_id,
basestring) else int(user_id)
user_dict = userService.user_by_id(user_id)
return User(**user_dict)
user_manager.hash_password = hash_password.__get__(user_manager,
UserManager)
user_manager.generate_password_hash = generate_password_hash.__get__(
user_manager, UserManager)
user_manager.verify_password = verify_password.__get__(
user_manager, UserManager)
user_manager.login_manager.user_callback = login_manager_usercallback
def init_user_manager(app):
from flask_user import SQLAlchemyAdapter, UserManager
from ..core import db, FromCache
from ..models import Account
from .user_login import login
from .user_register import register
from .user_forgot_password import forgot_password
from ..tasks import send_email
import hashlib
from flask.ext.wtf import Form
from wtforms import BooleanField, HiddenField, PasswordField, SubmitField, StringField
from wtforms import validators, ValidationError
def hash_password(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def generate_password_hash(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def verify_password(self, password, user):
return self.hash_password(password) == user.password
def login_manager_usercallback(account_id):
account_id = int(account_id) if isinstance(account_id, basestring) else account_id
account = db.session.query(Account). \
options(FromCache('model', 'account:%d' % account_id)). \
filter(Account.id == account_id).first()
return account
def password_validator(form, field):
""" Password must have one lowercase letter, one uppercase letter and one digit."""
# Convert string to list of characters
password = list(field.data)
password_length = len(password)
# Count lowercase, uppercase and numbers
lowers = uppers = digits = 0
for ch in password:
if ch.islower(): lowers += 1
if ch.isupper(): uppers += 1
if ch.isdigit(): digits += 1
# Password must have one lowercase letter, one uppercase letter and one digit
is_valid = password_length >= 6 and lowers and uppers and digits
if not is_valid:
raise ValidationError(u'密码至少超过6位,其中要求包含一个大写字母,一个小写字母和一个数字')
class ResetPasswordForm(Form):
new_password = PasswordField(u'新密码', validators=[validators.Required(u'新密码不能为空')])
retype_password = PasswordField(u'再次输入新密码', validators=[
validators.EqualTo('new_password', message=u'两次输入的新密码匹配')])
next = HiddenField()
submit = SubmitField(u'修改密码')
def validate(self):
# Use feature config to remove unused form fields
user_manager = current_app.user_manager
if not user_manager.enable_retype_password:
delattr(self, 'retype_password')
# Add custom password validator if needed
has_been_added = False
for v in self.new_password.validators:
if v == user_manager.password_validator:
has_been_added = True
if not has_been_added:
self.new_password.validators.append(user_manager.password_validator)
# Validate field-validators
if not super(ResetPasswordForm, self).validate():
return False
# All is well
return True
def async_send_email(recipient, subject, html_message, text_message):
send_email.delay(recipient, subject, html_message, text_message)
db_adapter = SQLAlchemyAdapter(db, Account)
user_manager = UserManager(db_adapter, login_view_function=login, register_view_function=register,
forgot_password_view_function=forgot_password,
reset_password_form=ResetPasswordForm, password_validator=password_validator,
send_email_function=async_send_email)
user_manager.init_app(app)
user_manager.hash_password = hash_password.__get__(user_manager, UserManager)
user_manager.generate_password_hash = generate_password_hash.__get__(user_manager, UserManager)
user_manager.verify_password = verify_password.__get__(user_manager, UserManager)
user_manager.login_manager.user_callback = login_manager_usercallback
orig_unauthenticated_view_function = user_manager.unauthenticated_view_function
def unauthenticated_view_function():
if request.is_xhr:
return jsonify({'success': False, 'error_code': errors.user_unauthenticated})
else:
return orig_unauthenticated_view_function()
setattr(user_manager, 'unauthenticated_view_function', unauthenticated_view_function)
orig_unauthorized_view_function = user_manager.unauthorized_view_function
def unauthorized_view_function():
if request.is_xhr:
return jsonify({'success': False, 'error_code': errors.operation_unauthorized})
else:
return orig_unauthorized_view_function()
setattr(user_manager, 'unauthorized_view_function', unauthorized_view_function)
def init_user_manager(app, login_view, forgot_password_view=None):
if forgot_password_view is None:
forgot_password_view = forgot_password
def hash_password(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def generate_password_hash(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def verify_password(self, password, user):
auth_method = getattr(request, 'auth_method', None)
if auth_method == 'basic':
return self.hash_password(password) == user.password
else:
return False
def login_manager_usercallback(account_id):
account_id = int(account_id) if isinstance(account_id,
basestring) else account_id
return Account.from_cache_by_id(account_id)
def password_validator(form, field):
""" Password must have one lowercase letter, one uppercase letter and one digit."""
# Convert string to list of characters
password = list(field.data)
password_length = len(password)
# Count lowercase, uppercase and numbers
lowers = uppers = digits = 0
for ch in password:
if ch.islower(): lowers += 1
if ch.isupper(): uppers += 1
if ch.isdigit(): digits += 1
# Password must have one lowercase letter, one uppercase letter and one digit
is_valid = password_length >= 6 and lowers and uppers and digits
if not is_valid:
raise ValidationError(u'密码至少超过6位,其中要求包含一个大写字母,一个小写字母和一个数字')
class ResetPasswordForm(Form):
new_password = PasswordField(
u'新密码', validators=[validators.DataRequired(u'新密码不能为空')])
retype_password = PasswordField(u'再次输入新密码',
validators=[
validators.EqualTo(
'new_password',
message=u'两次输入的新密码匹配')
])
next = HiddenField()
submit = SubmitField(u'修改密码')
def validate(self):
# Use feature config to remove unused form fields
user_manager = current_app.user_manager
if not user_manager.enable_retype_password:
delattr(self, 'retype_password')
# Add custom password validator if needed
has_been_added = False
for v in self.new_password.validators:
if v == user_manager.password_validator:
has_been_added = True
if not has_been_added:
self.new_password.validators.append(
user_manager.password_validator)
# Validate field-validators
if not super(ResetPasswordForm, self).validate():
return False
# All is well
return True
from .tasks import send_email
def async_send_email(recipient, subject, html_message, text_message):
send_email.delay(recipient, subject, html_message, text_message)
db_adapter = SQLAlchemyAdapter(db, Account, UserAuthClass=AccountBasicAuth)
user_manager = UserManager(
db_adapter,
login_view_function=login_view,
forgot_password_view_function=forgot_password_view,
reset_password_form=ResetPasswordForm,
password_validator=password_validator,
send_email_function=async_send_email)
user_manager.init_app(app)
user_manager.hash_password = hash_password.__get__(user_manager,
UserManager)
user_manager.generate_password_hash = generate_password_hash.__get__(
user_manager, UserManager)
user_manager.verify_password = verify_password.__get__(
user_manager, UserManager)
user_manager.login_manager.user_callback = login_manager_usercallback
orig_unauthenticated_view_function = user_manager.unauthenticated_view_function
def unauthenticated_view_function():
if request.is_xhr:
return jsonify({
'success': False,
'error_code': errors.user_unauthenticated
})
else:
return orig_unauthenticated_view_function()
setattr(user_manager, 'unauthenticated_view_function',
unauthenticated_view_function)
orig_unauthorized_view_function = user_manager.unauthorized_view_function
def unauthorized_view_function():
if request.is_xhr:
return jsonify({
'success': False,
'error_code': errors.operation_unauthorized
})
else:
return orig_unauthorized_view_function()
setattr(user_manager, 'unauthorized_view_function',
unauthorized_view_function)
