This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
devicehub-teal/ereuse_devicehub/forms.py

212 lines
6.6 KiB
Python
Raw Normal View History

2022-10-19 11:35:53 +00:00
from flask import current_app as app
2022-10-20 10:51:20 +00:00
from flask import g, render_template
from flask_wtf import FlaskForm
from werkzeug.security import generate_password_hash
2022-10-27 16:22:54 +00:00
from wtforms import BooleanField, EmailField, PasswordField, StringField, validators
2022-04-11 15:16:20 +00:00
from ereuse_devicehub.db import db
2022-10-19 11:35:53 +00:00
from ereuse_devicehub.mail.sender import send_email
2022-09-28 15:51:31 +00:00
from ereuse_devicehub.resources.agent.models import Person
2022-09-30 15:54:26 +00:00
from ereuse_devicehub.resources.user.models import User, UserValidation
class LoginForm(FlaskForm):
email = EmailField('Email Address', [validators.Length(min=6, max=35)])
2021-12-29 07:10:26 +00:00
password = PasswordField('Password', [validators.DataRequired()])
remember = BooleanField('Remember me')
error_messages = {
'invalid_login': (
"Please enter a correct email and password. Note that both "
"fields may be case-sensitive."
),
'inactive': "This account is inactive.",
}
def validate(self, extra_validators=None):
is_valid = super().validate(extra_validators)
if not is_valid:
return False
email = self.email.data
password = self.password.data
self.user_cache = self.authenticate(email, password)
if self.user_cache is None:
self.form_errors.append(self.error_messages['invalid_login'])
return False
return self.confirm_login_allowed(self.user_cache)
def authenticate(self, email, password):
if email is None or password is None:
return
user = User.query.filter_by(email=email).first()
if user is None:
# Run the default password hasher once to reduce the timing
# difference between an existing and a nonexistent user (#20760).
generate_password_hash(password)
else:
if user.check_password(password):
return user
def confirm_login_allowed(self, user):
"""
Controls whether the given User may log in. This is a policy setting,
independent of end-user authentication. This default behavior is to
allow login by active users, and reject login by inactive users.
If the given user cannot log in, this method should raise a
``ValidationError``.
If the given user may log in, this method should return None.
"""
if not user.is_active:
self.form_errors.append(self.error_messages['inactive'])
return user.is_active
2022-04-06 11:50:08 +00:00
2022-04-11 17:48:59 +00:00
class PasswordForm(FlaskForm):
password = PasswordField(
'Current Password',
[validators.DataRequired()],
render_kw={'class': "form-control"},
)
newpassword = PasswordField(
'New Password',
[validators.DataRequired()],
render_kw={'class': "form-control"},
)
renewpassword = PasswordField(
'Re-enter New Password',
[validators.DataRequired()],
render_kw={'class': "form-control"},
)
def validate(self, extra_validators=None):
is_valid = super().validate(extra_validators)
if not is_valid:
return False
if not g.user.check_password(self.password.data):
return False
if self.newpassword.data != self.renewpassword.data:
return False
return True
def save(self, commit=True):
g.user.password = self.newpassword.data
2022-04-11 17:48:59 +00:00
db.session.add(g.user)
if commit:
db.session.commit()
return
2022-09-28 08:48:41 +00:00
class UserNewRegisterForm(FlaskForm):
2022-09-28 15:51:31 +00:00
email = EmailField(
'Email Address', [validators.DataRequired(), validators.Length(min=6, max=35)]
2022-09-28 15:51:31 +00:00
)
2022-10-27 16:22:54 +00:00
password = PasswordField(
'Password', [validators.DataRequired(), validators.Length(min=6, max=35)]
)
password2 = PasswordField(
'Password', [validators.DataRequired(), validators.Length(min=6, max=35)]
)
2022-09-28 15:51:31 +00:00
name = StringField(
'Name', [validators.DataRequired(), validators.Length(min=3, max=35)]
)
2022-09-28 08:48:41 +00:00
error_messages = {
'invalid_login': (
"Please enter a correct email and password. Note that both "
"fields may be case-sensitive."
),
'inactive': "This account is inactive.",
}
def validate(self, extra_validators=None):
is_valid = super().validate(extra_validators)
if not is_valid:
return False
email = self.email.data
password = self.password.data
password2 = self.password2.data
if password != password2:
self.form_errors.append('The passwords are not equal.')
2022-09-28 15:51:31 +00:00
return False
2022-09-28 08:48:41 +00:00
txt = 'This email are in use.'
email = self.email.data
if User.query.filter_by(email=email).first():
self.form_errors.append(txt)
2022-09-28 15:51:31 +00:00
return False
2022-09-28 08:48:41 +00:00
2022-10-19 11:35:53 +00:00
self.email.data = self.email.data.strip()
self.password.data = self.password.data.strip()
2022-09-28 15:51:31 +00:00
return True
2022-09-28 08:48:41 +00:00
2022-09-28 15:51:31 +00:00
def save(self, commit=True):
user_validation = self.new_user()
if commit:
db.session.commit()
self._token = user_validation.token
self.send_mail()
self.send_mail_admin(user_validation.user)
def new_user(self):
user = User(email=self.email.data, password=self.password.data, active=False)
2022-09-30 15:54:26 +00:00
2022-09-28 15:51:31 +00:00
person = Person(
2022-10-27 16:22:54 +00:00
email=self.email.data,
name=self.name.data,
2022-09-28 15:51:31 +00:00
)
2022-09-30 15:54:26 +00:00
2022-09-28 15:51:31 +00:00
user.individuals.add(person)
db.session.add(user)
2022-09-30 15:54:26 +00:00
user_validation = UserValidation(
user=user,
)
db.session.add(user_validation)
return user_validation
2022-10-19 11:35:53 +00:00
def send_mail(self):
host = app.config.get('HOST')
token = self._token
url = f'https://{ host }/validate_user/{ token }'
2022-10-20 10:51:20 +00:00
template = 'ereuse_devicehub/email_validation.txt'
2022-10-27 16:22:54 +00:00
template_html = 'ereuse_devicehub/email_validation.html'
context = {
'name': self.name.data,
'host': host,
'url': url,
}
subject = "Please activate your Usody account"
message = render_template(template, **context)
message_html = render_template(template_html, **context)
2022-10-19 11:35:53 +00:00
2022-10-27 16:22:54 +00:00
send_email(subject, [self.email.data], message, html_body=message_html)
def send_mail_admin(self, user):
person = next(iter(user.individuals))
2022-10-20 10:51:20 +00:00
context = {
'email': person.email,
'name': person.name,
}
template = 'ereuse_devicehub/email_admin_new_user.txt'
message = render_template(template, **context)
subject = "New Register"
email_admin = app.config.get("EMAIL_ADMIN")
if email_admin:
send_email(subject, [email_admin], message)