Merge pull request #393 from eReuse/features/3969-improvements-login

Features/3969 improvements login
This commit is contained in:
cayop 2022-10-28 10:40:44 +02:00 committed by GitHub
commit 2252fe93cd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 390 additions and 292 deletions

View file

@ -1,20 +1,10 @@
from flask import current_app as app
from flask import g, render_template
from flask import g
from flask_wtf import FlaskForm
from werkzeug.security import generate_password_hash
from wtforms import (
BooleanField,
EmailField,
PasswordField,
StringField,
TelField,
validators,
)
from wtforms import BooleanField, EmailField, PasswordField, validators
from ereuse_devicehub.db import db
from ereuse_devicehub.mail.sender import send_email
from ereuse_devicehub.resources.agent.models import Person
from ereuse_devicehub.resources.user.models import User, UserValidation
from ereuse_devicehub.resources.user.models import User
class LoginForm(FlaskForm):
@ -111,100 +101,3 @@ class PasswordForm(FlaskForm):
if commit:
db.session.commit()
return
class UserNewRegisterForm(FlaskForm):
email = EmailField(
'Email Address', [validators.DataRequired(), validators.Length(min=6, max=35)]
)
password = PasswordField('Password', [validators.DataRequired()])
password2 = PasswordField('Password', [validators.DataRequired()])
name = StringField(
'Name', [validators.DataRequired(), validators.Length(min=3, max=35)]
)
telephone = TelField(
'Telephone', [validators.DataRequired(), validators.Length(min=9, max=35)]
)
error_messages = {
'invalid_login': (
"Please enter a correct email and password. Note that both "
"fields may be case-sensitive."
),
'inactive': "This account is inactive.",
}
def validate(self, extra_validators=None):
is_valid = super().validate(extra_validators)
if not is_valid:
return False
email = self.email.data
password = self.password.data
password2 = self.password2.data
if password != password2:
self.form_errors.append('The passwords are not equal.')
return False
txt = 'This email are in use.'
email = self.email.data
if User.query.filter_by(email=email).first():
self.form_errors.append(txt)
return False
self.email.data = self.email.data.strip()
self.password.data = self.password.data.strip()
return True
def save(self, commit=True):
user_validation = self.new_user()
if commit:
db.session.commit()
self._token = user_validation.token
self.send_mail()
self.send_mail_admin(user_validation.user)
def new_user(self):
user = User(email=self.email.data, password=self.password.data, active=False)
person = Person(
email=self.email.data, name=self.name.data, telephone=self.telephone.data
)
user.individuals.add(person)
db.session.add(user)
user_validation = UserValidation(
user=user,
)
db.session.add(user_validation)
return user_validation
def send_mail(self):
host = app.config.get('HOST')
token = self._token
url = f'https://{ host }/validate_user/{ token }'
template = 'ereuse_devicehub/email_validation.txt'
message = render_template(template, url=url)
subject = "Validate email for register in Usody.com"
send_email(subject, [self.email.data], message)
def send_mail_admin(self, user):
person = next(iter(user.individuals))
context = {
'email': person.email,
'name': person.name,
'telephone': person.telephone,
}
template = 'ereuse_devicehub/email_admin_new_user.txt'
message = render_template(template, **context)
subject = "New Register"
email_admin = app.config.get("EMAIL_ADMIN")
if email_admin:
send_email(subject, [email_admin], message)

View file

View file

@ -0,0 +1,114 @@
from flask import current_app as app
from flask import render_template
from flask_wtf import FlaskForm
from wtforms import EmailField, PasswordField, StringField, validators
from ereuse_devicehub.db import db
from ereuse_devicehub.mail.sender import send_email
from ereuse_devicehub.resources.agent.models import Person
from ereuse_devicehub.resources.user.models import User, UserValidation
class UserNewRegisterForm(FlaskForm):
email = EmailField(
'Email Address', [validators.DataRequired(), validators.Length(min=6, max=35)]
)
password = PasswordField(
'Password', [validators.DataRequired(), validators.Length(min=6, max=35)]
)
password2 = PasswordField(
'Password', [validators.DataRequired(), validators.Length(min=6, max=35)]
)
name = StringField(
'Name', [validators.DataRequired(), validators.Length(min=3, max=35)]
)
error_messages = {
'invalid_login': (
"Please enter a correct email and password. Note that both "
"fields may be case-sensitive."
),
'inactive': "This account is inactive.",
}
def validate(self, extra_validators=None):
is_valid = super().validate(extra_validators)
if not is_valid:
return False
email = self.email.data
password = self.password.data
password2 = self.password2.data
if password != password2:
self.form_errors.append('The passwords are not equal.')
return False
txt = 'This email are in use.'
email = self.email.data
if User.query.filter_by(email=email).first():
self.form_errors.append(txt)
return False
self.email.data = self.email.data.strip()
self.password.data = self.password.data.strip()
return True
def save(self, commit=True):
user_validation = self.new_user()
if commit:
db.session.commit()
self._token = user_validation.token
self.send_mail()
self.send_mail_admin(user_validation.user)
def new_user(self):
user = User(email=self.email.data, password=self.password.data, active=False)
person = Person(
email=self.email.data,
name=self.name.data,
)
user.individuals.add(person)
db.session.add(user)
user_validation = UserValidation(
user=user,
)
db.session.add(user_validation)
return user_validation
def send_mail(self):
host = app.config.get('HOST')
token = self._token
url = f'https://{ host }/validate_user/{ token }'
template = 'registration/email_validation.txt'
template_html = 'registration/email_validation.html'
context = {
'name': self.name.data,
'host': host,
'url': url,
}
subject = "Please activate your Usody account"
message = render_template(template, **context)
message_html = render_template(template_html, **context)
send_email(subject, [self.email.data], message, html_body=message_html)
def send_mail_admin(self, user):
person = next(iter(user.individuals))
context = {
'email': person.email,
'name': person.name,
}
template = 'registration/email_admin_new_user.txt'
message = render_template(template, **context)
subject = "New Register"
email_admin = app.config.get("EMAIL_ADMIN")
if email_admin:
send_email(subject, [email_admin], message)

View file

@ -0,0 +1,4 @@
A new user has been registered:
Name: {{ name }}
Email: {{ email }}

View file

@ -0,0 +1,9 @@
Welcome to Usody.com, {{ name }}!<br />
<br />
Please confirm your account by clicking on the following link:<br />
<a href="{{ url }}">{{ url }}</a><br />
<br />
<img src="https://{{ host }}{{ url_for('static', filename='img/usody_logo_transparent_noicon-y-purple-120x41.png') }}" alt="">
<br />
Plaça Eusebi Güell 6-7, Edifici Vèrtex (UPC), planta 0, Barcelona 08034, Spain<br />
Associació Pangea Coordinadora Comunicació per a la Cooperació - NIF: G-60437761

View file

@ -0,0 +1,7 @@
Welcome to Usody.com, {{ name }}!
Please confirm your account by clicking on the following link: {{ url }}
--
Plaça Eusebi Güell 6-7, Edifici Vèrtex (UPC), planta 0, Barcelona 08034, Spain
Associació Pangea Coordinadora Comunicació per a la Cooperació - NIF: G-60437761

View file

@ -0,0 +1,172 @@
{% extends "ereuse_devicehub/base.html" %}
{% block page_title %}Create your account{% endblock %}
{% block body %}
<main>
<div class="container">
<section class="section register min-vh-100 d-flex flex-column align-items-center justify-content-center py-4">
<div class="container">
<div class="row justify-content-center">
<div class="col-lg-4 col-md-6 d-flex flex-column align-items-center justify-content-center">
<div class="d-flex justify-content-center py-4">
<a href="{{ url_for('core.login') }}" class="d-flex align-items-center w-auto">
<img src="{{ url_for('static', filename='img/usody_logo_transparent_noicon-y-purple-120x41.png') }}" alt="">
</a>
</div><!-- End Logo -->
<div class="card mb-3">
<div class="card-body">
<div class="pt-4 pb-2">
<h5 class="card-title text-center pb-0 fs-4 help">Create your account</h5>
{% if not form._token %}
{% if form.form_errors %}
<p class="text-danger">
{% for error in form.form_errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<form method="post" class="row g-3 needs-validation" novalidate>
{{ form.csrf_token }}
<div class="col-12">
<input name="name" class="form-control" placeholder="Name *" id="name" required>
{% if form.name.errors %}
<p class="text-danger">
{% for error in form.name.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<input type="email" name="email" placeholder="Email *" class="form-control" id="email" required value="{{ form.email.data|default('', true) }}">
<div class="invalid-feedback">Please enter your email.</div>
{% if form.email.errors %}
<p class="text-danger">
{% for error in form.email.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<div class="input-group">
<input type="password" name="password" placeholder="Password *" class="form-control" id="password" required>
<i class="input-group-text bi bi-eye" id="togglePassword" style="cursor: pointer"></i>
</div>
<div class="invalid-feedback">Please enter a password!</div>
{% if form.password.errors %}
<p class="text-danger">
{% for error in form.password.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<div class="input-group">
<input type="password" name="password2" placeholder="Password *" class="form-control" id="password2" required>
<i class="input-group-text bi bi-eye" id="togglePassword2" style="cursor: pointer"></i>
</div>
<div class="invalid-feedback">Please enter a password again!</div>
{% if form.password2.errors %}
<p class="text-danger">
{% for error in form.password2.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<small><i class="bi bi-info-circle"></i> Password must be at least 6 characters.</small>
</div>
<div class="col-12">
<input type="checkbox" name="policy" class="form-check-input" id="policy" required>
<span>I accept the
<a href="https://pangea.org/aviso-legal/" target="_blank">terms</a> and
<a href="https://pangea.org/es/politica-de-privacidad/" target="_blank">privacy policy</a>
</span>
</div>
<div class="col-12">
<button class="btn btn-primary w-100" type="submit">Next</button>
</div>
<div class="col-12">
<p class="small mb-0">
Already have an account? <a href="{{ url_for('core.login') }}">Sign in</a>
</p>
</div>
</form>
{% else %}
</div>
<div class="col-12 p-4 text-center">
We have sent you a validation email.<br />
Please check your email.
</div>
{% endif %}
</div>
</div>
<div class="credits">
<a href="https://help.usody.com/en/getting-started/introduction/" target="_blank">Help</a> |
<a href="https://pangea.org/es/politica-de-privacidad/" target="_blank">Privacy</a> |
<a href="https://pangea.org/aviso-legal/" target="_blank">Terms</a>
</div>
</div>
</div>
</div>
</section>
</div>
</main><!-- End #main -->
<script>
const togglePassword = document.querySelector('#togglePassword');
const password = document.querySelector('#password');
togglePassword.addEventListener('click', function (e) {
// toggle the type attribute
const type = password.getAttribute('type') === 'password' ? 'text' : 'password';
// toggle the eye slash icon
if(type == "password"){
this.classList.remove('bi-eye-slash');
this.classList.add('bi-eye');
} else if(type == "text"){
this.classList.remove('bi-eye');
this.classList.add('bi-eye-slash');
}
password.setAttribute('type', type);
});
const togglePassword2 = document.querySelector('#togglePassword2');
const password2 = document.querySelector('#password2');
togglePassword2.addEventListener('click', function (e) {
// toggle the type attribute
const type = password2.getAttribute('type') === 'password' ? 'text' : 'password';
// toggle the eye slash icon
if(type == "password"){
this.classList.remove('bi-eye-slash');
this.classList.add('bi-eye');
} else if(type == "text"){
this.classList.remove('bi-eye');
this.classList.add('bi-eye-slash');
}
password2.setAttribute('type', type);
});
</script>{% endblock body %}

View file

@ -12,8 +12,8 @@
<div class="col-lg-4 col-md-6 d-flex flex-column align-items-center justify-content-center">
<div class="d-flex justify-content-center py-4">
<a href="{{ url_for('core.login') }}" class="logo d-flex align-items-center w-auto">
<img src="{{ url_for('static', filename='img/logo_usody_clock.png') }}" alt="">
<a href="{{ url_for('core.login') }}" class="d-flex align-items-center w-auto">
<img src="{{ url_for('static', filename='img/usody_logo_transparent_noicon-y-purple-120x41.png') }}" alt="">
</a>
</div><!-- End Logo -->
@ -25,9 +25,9 @@
<div class="pt-4 pb-2">
<h5 class="card-title text-center pb-0 fs-4">User is valid</h5>
<div class="col-12">
Your new user is activate.</br />
Now you can do <a style="color: #cc0066;" href="{{ url_for('core.login') }}">Login</a> and entry.
<div class="col-12 text-center">
You have successfully activated your account!<br />
<a style="color: #cc0066;" href="{{ url_for('core.login') }}">Sign in</a>.
</div>
</div>
{% else %}
@ -51,7 +51,9 @@
</div>
<div class="credits">
Designed by <a href="https://bootstrapmade.com/">BootstrapMade</a>
<a href="https://help.usody.com/en/getting-started/introduction/" target="_blank">Help</a> |
<a href="https://pangea.org/es/politica-de-privacidad/" target="_blank">Privacy</a> |
<a href="https://pangea.org/aviso-legal/" target="_blank">Terms</a>
</div>
</div>

View file

@ -0,0 +1,50 @@
import flask
from flask import Blueprint
from flask.views import View
from ereuse_devicehub import __version__
from ereuse_devicehub.db import db
from ereuse_devicehub.register.forms import UserNewRegisterForm
from ereuse_devicehub.resources.user.models import UserValidation
register = Blueprint('register', __name__, template_folder='templates')
class UserRegistrationView(View):
methods = ['GET', 'POST']
template_name = 'registration/user_registration.html'
def dispatch_request(self):
form = UserNewRegisterForm()
if form.validate_on_submit():
form.save()
context = {'form': form, 'version': __version__}
return flask.render_template(self.template_name, **context)
class UserValidationView(View):
methods = ['GET']
template_name = 'registration/user_validation.html'
def dispatch_request(self, token):
context = {'is_valid': self.is_valid(token), 'version': __version__}
return flask.render_template(self.template_name, **context)
def is_valid(self, token):
user_valid = UserValidation.query.filter_by(token=token).first()
if not user_valid:
return False
user = user_valid.user
user.active = True
db.session.commit()
return True
register.add_url_rule(
'/new_register/',
view_func=UserRegistrationView.as_view('user-registration'),
)
register.add_url_rule(
'/validate_user/<uuid:token>',
view_func=UserValidationView.as_view('user-validation'),
)

View file

@ -1,4 +0,0 @@
A new user has been registered. These are your data
Name: {{ name }}
Telephone: {{ telephone }}
Email: {{ email }}

View file

@ -1,2 +0,0 @@
Hello, you are register in Usody.com
Please for activate your account click in the next address: {{ url }}

View file

@ -61,7 +61,7 @@
<button class="btn btn-primary w-100" type="submit">Next</button>
</div>
<div class="col-12">
<p class="small mb-0">Don't have account? <a href="{{ url_for('core.user-registration') }}">Create an account</a></p>
<p class="small mb-0">Don't have account? <a href="{{ url_register }}">Create an account</a></p>
</div>
</form>

View file

@ -1,121 +0,0 @@
{% extends "ereuse_devicehub/base.html" %}
{% block page_title %}Login{% endblock %}
{% block body %}
<main>
<div class="container">
<section class="section register min-vh-100 d-flex flex-column align-items-center justify-content-center py-4">
<div class="container">
<div class="row justify-content-center">
<div class="col-lg-4 col-md-6 d-flex flex-column align-items-center justify-content-center">
<div class="d-flex justify-content-center py-4">
<a href="{{ url_for('core.login') }}" class="logo d-flex align-items-center w-auto">
<img src="{{ url_for('static', filename='img/logo_usody_clock.png') }}" alt="">
</a>
</div><!-- End Logo -->
<div class="card mb-3">
<div class="card-body">
<div class="pt-4 pb-2">
<h5 class="card-title text-center pb-0 fs-4">Register as a new User</h5>
{% if not form._token %}
<p class="text-center small">Enter an Email & password for to do a new register.</p>
{% if form.form_errors %}
<p class="text-danger">
{% for error in form.form_errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<form method="post" class="row g-3 needs-validation" novalidate>
{{ form.csrf_token }}
<div class="col-12">
<label for="yourEmail" class="form-label">Email</label>
<input type="email" name="email" class="form-control" id="yourEmail" required value="{{ form.email.data|default('', true) }}">
<div class="invalid-feedback">Please enter your email.</div>
{% if form.email.errors %}
<p class="text-danger">
{% for error in form.email.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<label for="password" class="form-label">Password</label>
<input type="password" name="password" class="form-control" id="password" required>
<div class="invalid-feedback">Please enter a password!</div>
</div>
<div class="col-12">
<label for="password2" class="form-label">Password</label>
<input type="password" name="password2" class="form-control" id="password2" required>
<div class="invalid-feedback">Please enter a password again!</div>
</div>
<div class="col-12">
<label for="name" class="form-label">Name</label>
<input name="name" class="form-control" id="name" required>
{% if form.name.errors %}
<p class="text-danger">
{% for error in form.name.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<label for="telephone" class="form-label">Telephone</label>
<input type="tel" name="telephone" class="form-control" id="telephone" required>
{% if form.telephone.errors %}
<p class="text-danger">
{% for error in form.telephone.errors %}
{{ error }}<br/>
{% endfor %}
</p>
{% endif %}
</div>
<div class="col-12">
<button class="btn btn-primary w-100" type="submit">Register</button>
</div>
<div class="col-12">
<p class="small mb-0">
You have account? <a href="{{ url_for('core.login') }}">do Login</a>
</p>
</div>
</form>
{% else %}
</div>
<div class="col-12 p-4">
We have sent you a validation email.<br />
Please check your email.
</div>
{% endif %}
</div>
</div>
<div class="credits">
Designed by <a href="https://bootstrapmade.com/">BootstrapMade</a>
</div>
</div>
</div>
</div>
</section>
</div>
</main><!-- End #main -->
{% endblock body %}

View file

@ -1,15 +1,17 @@
import flask
from flask import Blueprint, g
from flask import Blueprint
from flask import current_app as app
from flask import g
from flask.views import View
from flask_login import current_user, login_required, login_user, logout_user
from sqlalchemy import or_
from ereuse_devicehub import __version__, messages
from ereuse_devicehub.db import db
from ereuse_devicehub.forms import LoginForm, PasswordForm, UserNewRegisterForm
from ereuse_devicehub.forms import LoginForm, PasswordForm
from ereuse_devicehub.resources.action.models import Trade
from ereuse_devicehub.resources.lot.models import Lot
from ereuse_devicehub.resources.user.models import User, UserValidation
from ereuse_devicehub.resources.user.models import User
from ereuse_devicehub.utils import is_safe_url
core = Blueprint('core', __name__)
@ -39,8 +41,14 @@ class LoginView(View):
return flask.abort(400)
return flask.redirect(next_url or flask.url_for('inventory.devicelist'))
context = {'form': form, 'version': __version__}
return flask.render_template('ereuse_devicehub/user_login.html', **context)
url_register = "#"
if 'register' in app.blueprints.keys():
url_register = flask.url_for('register.user-registration')
context = {'form': form, 'version': __version__, 'url_register': url_register}
return flask.render_template(self.template_name, **context)
class LogoutView(View):
@ -108,44 +116,7 @@ class UserPasswordView(View):
return flask.redirect(flask.url_for('core.user-profile'))
class UserRegistrationView(View):
methods = ['GET', 'POST']
template_name = 'ereuse_devicehub/user_registration.html'
def dispatch_request(self):
form = UserNewRegisterForm()
if form.validate_on_submit():
form.save()
context = {'form': form, 'version': __version__}
return flask.render_template(self.template_name, **context)
class UserValidationView(View):
methods = ['GET']
template_name = 'ereuse_devicehub/user_validation.html'
def dispatch_request(self, token):
context = {'is_valid': self.is_valid(token), 'version': __version__}
return flask.render_template(self.template_name, **context)
def is_valid(self, token):
user_valid = UserValidation.query.filter_by(token=token).first()
if not user_valid:
return False
user = user_valid.user
user.active = True
db.session.commit()
return True
core.add_url_rule('/login/', view_func=LoginView.as_view('login'))
core.add_url_rule('/logout/', view_func=LogoutView.as_view('logout'))
core.add_url_rule('/profile/', view_func=UserProfileView.as_view('user-profile'))
core.add_url_rule(
'/new_register/', view_func=UserRegistrationView.as_view('user-registration')
)
core.add_url_rule(
'/validate_user/<uuid:token>',
view_func=UserValidationView.as_view('user-validation'),
)
core.add_url_rule('/set_password/', view_func=UserPasswordView.as_view('set-password'))

View file

@ -22,6 +22,7 @@ from ereuse_devicehub.devicehub import Devicehub
from ereuse_devicehub.inventory.views import devices
from ereuse_devicehub.labels.views import labels
from ereuse_devicehub.mail.flask_mail import Mail
from ereuse_devicehub.register.views import register
from ereuse_devicehub.resources.agent.models import Person
from ereuse_devicehub.resources.enums import SessionType
from ereuse_devicehub.resources.tag import Tag
@ -65,6 +66,7 @@ def _app(config: TestConfig) -> Devicehub:
app.register_blueprint(labels)
app.register_blueprint(api)
app.register_blueprint(workbench)
app.register_blueprint(register)
app.config["SQLALCHEMY_RECORD_QUERIES"] = True
app.config['PROFILE'] = True
# app.wsgi_app = ProfilerMiddleware(app.wsgi_app, restrictions=[30])

View file

@ -46,7 +46,7 @@ def test_login(user: UserClient, app: Devicehub):
body, status, headers = client.get('/login/')
body = next(body).decode("utf-8")
assert status == '200 OK'
assert "Login to Your Account" in body
assert "Sign in" in body
data = {
'email': user.email,
@ -2586,14 +2586,15 @@ def test_snapshot_is_server_erase(user3: UserClientFlask):
@pytest.mark.usefixtures(conftest.app_context.__name__)
def test_new_register(user3: UserClientFlask, app: Devicehub):
uri = '/new_register/'
user3.get(uri)
body, status = user3.get(uri)
assert "Create your account" in body
data = {
'csrf_token': generate_csrf(),
'email': "foo@bar.cxm",
'password': "1234",
'password2': "1234",
'password': "123456",
'password2': "123456",
'name': "booBar",
'telephone': "555555555",
}
body, status = user3.post(uri, data=data)
assert status == '200 OK'
@ -2605,7 +2606,7 @@ def test_new_register(user3: UserClientFlask, app: Devicehub):
uri = '/validate_user/' + str(user_valid.token)
body, status = user3.get(uri)
assert status == '200 OK'
assert "Your new user is activate" in body
assert "You have successfully activated your account!" in body
assert user_valid.user.active