2023-02-14 11:15:21 +00:00
|
|
|
from boltons.urlutils import URL
|
2022-11-22 18:12:11 +00:00
|
|
|
from flask import current_app as app
|
|
|
|
from flask import g, session
|
2021-12-28 08:39:12 +00:00
|
|
|
from flask_wtf import FlaskForm
|
|
|
|
from werkzeug.security import generate_password_hash
|
2023-02-14 11:15:21 +00:00
|
|
|
from wtforms import (
|
|
|
|
BooleanField,
|
|
|
|
EmailField,
|
|
|
|
PasswordField,
|
|
|
|
StringField,
|
|
|
|
URLField,
|
|
|
|
validators,
|
|
|
|
)
|
2021-12-28 08:39:12 +00:00
|
|
|
|
2022-04-11 15:16:20 +00:00
|
|
|
from ereuse_devicehub.db import db
|
2023-02-13 19:35:31 +00:00
|
|
|
from ereuse_devicehub.resources.user.models import SanitizationEntity, User
|
2021-12-28 08:39:12 +00:00
|
|
|
|
|
|
|
|
|
|
|
class LoginForm(FlaskForm):
|
|
|
|
email = EmailField('Email Address', [validators.Length(min=6, max=35)])
|
2021-12-29 07:10:26 +00:00
|
|
|
password = PasswordField('Password', [validators.DataRequired()])
|
|
|
|
remember = BooleanField('Remember me')
|
2021-12-28 08:39:12 +00:00
|
|
|
|
|
|
|
error_messages = {
|
|
|
|
'invalid_login': (
|
|
|
|
"Please enter a correct email and password. Note that both "
|
|
|
|
"fields may be case-sensitive."
|
|
|
|
),
|
|
|
|
'inactive': "This account is inactive.",
|
|
|
|
}
|
|
|
|
|
|
|
|
def validate(self, extra_validators=None):
|
|
|
|
is_valid = super().validate(extra_validators)
|
|
|
|
|
|
|
|
if not is_valid:
|
|
|
|
return False
|
|
|
|
|
|
|
|
email = self.email.data
|
|
|
|
password = self.password.data
|
|
|
|
self.user_cache = self.authenticate(email, password)
|
|
|
|
|
|
|
|
if self.user_cache is None:
|
|
|
|
self.form_errors.append(self.error_messages['invalid_login'])
|
|
|
|
return False
|
|
|
|
|
|
|
|
return self.confirm_login_allowed(self.user_cache)
|
|
|
|
|
|
|
|
def authenticate(self, email, password):
|
|
|
|
if email is None or password is None:
|
|
|
|
return
|
|
|
|
user = User.query.filter_by(email=email).first()
|
|
|
|
if user is None:
|
|
|
|
# Run the default password hasher once to reduce the timing
|
|
|
|
# difference between an existing and a nonexistent user (#20760).
|
|
|
|
generate_password_hash(password)
|
|
|
|
else:
|
|
|
|
if user.check_password(password):
|
|
|
|
return user
|
|
|
|
|
|
|
|
def confirm_login_allowed(self, user):
|
|
|
|
"""
|
|
|
|
Controls whether the given User may log in. This is a policy setting,
|
|
|
|
independent of end-user authentication. This default behavior is to
|
|
|
|
allow login by active users, and reject login by inactive users.
|
|
|
|
If the given user cannot log in, this method should raise a
|
|
|
|
``ValidationError``.
|
|
|
|
If the given user may log in, this method should return None.
|
|
|
|
"""
|
|
|
|
if not user.is_active:
|
|
|
|
self.form_errors.append(self.error_messages['inactive'])
|
|
|
|
|
2022-11-25 12:27:14 +00:00
|
|
|
if 'trublo' in app.blueprints.keys():
|
2022-11-22 18:12:11 +00:00
|
|
|
token_dlt = (
|
|
|
|
user.get_dlt_keys(self.password.data).get('data', {}).get('api_token')
|
|
|
|
)
|
|
|
|
session['token_dlt'] = token_dlt
|
|
|
|
|
2021-12-28 08:39:12 +00:00
|
|
|
return user.is_active
|
2022-04-06 11:50:08 +00:00
|
|
|
|
|
|
|
|
2022-04-11 17:48:59 +00:00
|
|
|
class PasswordForm(FlaskForm):
|
|
|
|
password = PasswordField(
|
|
|
|
'Current Password',
|
|
|
|
[validators.DataRequired()],
|
|
|
|
render_kw={'class': "form-control"},
|
|
|
|
)
|
|
|
|
newpassword = PasswordField(
|
|
|
|
'New Password',
|
|
|
|
[validators.DataRequired()],
|
|
|
|
render_kw={'class': "form-control"},
|
|
|
|
)
|
|
|
|
renewpassword = PasswordField(
|
|
|
|
'Re-enter New Password',
|
|
|
|
[validators.DataRequired()],
|
|
|
|
render_kw={'class': "form-control"},
|
|
|
|
)
|
|
|
|
|
|
|
|
def validate(self, extra_validators=None):
|
|
|
|
is_valid = super().validate(extra_validators)
|
|
|
|
|
|
|
|
if not is_valid:
|
|
|
|
return False
|
|
|
|
|
|
|
|
if not g.user.check_password(self.password.data):
|
|
|
|
return False
|
|
|
|
|
|
|
|
if self.newpassword.data != self.renewpassword.data:
|
|
|
|
return False
|
|
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
def save(self, commit=True):
|
2022-11-22 18:12:11 +00:00
|
|
|
if 'trublo' not in app.blueprints.keys():
|
|
|
|
keys_dlt = g.user.get_dlt_keys(self.password.data)
|
|
|
|
g.user.reset_dlt_keys(self.newpassword.data, keys_dlt)
|
|
|
|
|
|
|
|
token_dlt = (
|
2023-03-03 16:45:41 +00:00
|
|
|
g.user.get_dlt_keys(self.password.data).get('data', {}).get('api_token')
|
2022-11-22 18:12:11 +00:00
|
|
|
)
|
|
|
|
session['token_dlt'] = token_dlt
|
|
|
|
|
2022-04-12 14:59:13 +00:00
|
|
|
g.user.password = self.newpassword.data
|
2022-04-11 17:48:59 +00:00
|
|
|
|
|
|
|
db.session.add(g.user)
|
|
|
|
if commit:
|
|
|
|
db.session.commit()
|
|
|
|
return
|
2023-02-13 19:35:31 +00:00
|
|
|
|
|
|
|
|
|
|
|
class SanitizationEntityForm(FlaskForm):
|
|
|
|
|
2023-02-14 11:15:21 +00:00
|
|
|
logo = URLField(
|
|
|
|
'Logo',
|
|
|
|
[validators.Optional(), validators.URL()],
|
2023-03-08 11:43:37 +00:00
|
|
|
render_kw={
|
|
|
|
'class': "form-control",
|
|
|
|
"placeholder": "Url where is the logo - acceptd only .png, .jpg, .gif, svg",
|
|
|
|
},
|
2023-02-14 11:15:21 +00:00
|
|
|
)
|
2023-02-13 19:35:31 +00:00
|
|
|
company_name = StringField('Company Name', render_kw={'class': "form-control"})
|
|
|
|
location = StringField('Location', render_kw={'class': "form-control"})
|
|
|
|
responsable_person = StringField(
|
|
|
|
'Responsable person', render_kw={'class': "form-control"}
|
|
|
|
)
|
2023-02-14 11:15:21 +00:00
|
|
|
supervisor_person = StringField(
|
|
|
|
'Supervisor person', render_kw={'class': "form-control"}
|
|
|
|
)
|
|
|
|
|
|
|
|
def __init__(self, *args, **kwargs):
|
|
|
|
super().__init__(*args, **kwargs)
|
|
|
|
if isinstance(self.logo.data, URL):
|
|
|
|
self.logo.data = self.logo.data.to_text()
|
2023-02-13 19:35:31 +00:00
|
|
|
|
|
|
|
def validate(self, extra_validators=None):
|
|
|
|
is_valid = super().validate(extra_validators)
|
|
|
|
|
|
|
|
if not is_valid:
|
|
|
|
return False
|
|
|
|
|
2023-03-13 16:04:57 +00:00
|
|
|
if not self.logo.data:
|
|
|
|
return True
|
|
|
|
|
2023-03-09 17:07:16 +00:00
|
|
|
extensions = ["jpg", "jpeg", "png", "gif", "svg"]
|
|
|
|
if self.logo.data.lower().split(".")[-1] not in extensions:
|
|
|
|
txt = "Error in Url field - accepted only .PNG, .JPG and .GIF. extensions"
|
|
|
|
self.logo.errors = [txt]
|
|
|
|
return False
|
|
|
|
|
2023-02-13 19:35:31 +00:00
|
|
|
return True
|
|
|
|
|
|
|
|
def save(self, commit=True):
|
2023-03-07 15:39:52 +00:00
|
|
|
if isinstance(self.logo.data, str):
|
|
|
|
self.logo.data = URL(self.logo.data)
|
|
|
|
|
|
|
|
sanitation_data = SanitizationEntity.query.filter_by(user_id=g.user.id).first()
|
|
|
|
|
|
|
|
if not sanitation_data:
|
|
|
|
sanitation_data = SanitizationEntity(user_id=g.user.id)
|
|
|
|
self.populate_obj(sanitation_data)
|
|
|
|
db.session.add(sanitation_data)
|
|
|
|
else:
|
|
|
|
self.populate_obj(sanitation_data)
|
2023-02-13 19:35:31 +00:00
|
|
|
|
|
|
|
if commit:
|
|
|
|
db.session.commit()
|
|
|
|
return
|