kallithea: rhodecode/controllers/login.py annotate

annotate rhodecode/controllers/login.py @ 4095:b59568e929ef

fixed password refill in login form when wrong password was given It's better to not refill the passwords on wrong credentials given. Standard behaviour on all pages are making the password blank

author	Marcin Kuzminski <marcin@python-works.com>
date	Mon, 22 Jul 2013 16:01:07 +0200
parents	3b136af34329
children	360f31856657 ffd45b185016

rev	line source
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	1 # -- coding: utf-8 --
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	2 """
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	3 rhodecode.controllers.login
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	5
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	6 Login controller for rhodeocode
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1121 diff changeset	7
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	8 :created_on: Apr 22, 2010
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	9 :author: marcink
1824 89efedac4e6c 2012 copyrights Marcin Kuzminski <marcin@python-works.com> parents: 1818 diff changeset	10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	11 :license: GPLv3, see COPYING for more details.
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	12 """
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	13 # This program is free software: you can redistribute it and/or modify
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	14 # it under the terms of the GNU General Public License as published by
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	15 # the Free Software Foundation, either version 3 of the License, or
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	16 # (at your option) any later version.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1121 diff changeset	17 #
252 3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 202 diff changeset	18 # This program is distributed in the hope that it will be useful,
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 202 diff changeset	19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 202 diff changeset	20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 202 diff changeset	21 # GNU General Public License for more details.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1121 diff changeset	22 #
252 3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 202 diff changeset	23 # You should have received a copy of the GNU General Public License
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	25
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	26 import logging
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	27 import formencode
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	28 import datetime
2678 04d2bcfbe7a6 security fix, inspired by django security Marcin Kuzminski <marcin@python-works.com> parents: 2623 diff changeset	29 import urlparse
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	30
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	31 from formencode import htmlfill
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	32 from webob.exc import HTTPFound
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	33 from pylons.i18n.translation import _
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	34 from pylons.controllers.util import abort, redirect
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	35 from pylons import request, response, session, tmpl_context as c, url
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	36
fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	37 import rhodecode.lib.helpers as h
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 474 diff changeset	38 from rhodecode.lib.auth import AuthUser, HasPermissionAnyDecorator
1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 474 diff changeset	39 from rhodecode.lib.base import BaseController, render
4074 3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	40 from rhodecode.lib.exceptions import UserCreationError
1400 0d7b56b97953 Simplified last_login call on user, and changed login to use User model directly Marcin Kuzminski <marcin@python-works.com> parents: 1212 diff changeset	41 from rhodecode.model.db import User
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 474 diff changeset	42 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	43 from rhodecode.model.user import UserModel
1731 31e6eb2fb4b2 implements #222 registration feedback Marcin Kuzminski <marcin@python-works.com> parents: 1718 diff changeset	44 from rhodecode.model.meta import Session
861 fd2ea6ceadc8 updated docs on every controller Marcin Kuzminski <marcin@python-works.com> parents: 761 diff changeset	45
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	46
556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	47 log = logging.getLogger(__name__)
556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	48
1212 50e41777675d pep8ify Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	49
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	50 class LoginController(BaseController):
556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	51
202 3fd2af1ba5ea updated logging in logout. Added before, on login page. Marcin Kuzminski <marcin@python-works.com> parents: 195 diff changeset	52 def __before__(self):
3fd2af1ba5ea updated logging in logout. Added before, on login page. Marcin Kuzminski <marcin@python-works.com> parents: 195 diff changeset	53 super(LoginController, self).__before__()
3fd2af1ba5ea updated logging in logout. Added before, on login page. Marcin Kuzminski <marcin@python-works.com> parents: 195 diff changeset	54
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	55 def index(self):
1628 de71a4bde097 Some code cleanups and fixes Marcin Kuzminski <marcin@python-works.com> parents: 1530 diff changeset	56 # redirect if already logged in
2679 dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	57 c.came_from = request.GET.get('came_from')
3146 c5169e445fb8 Full IP restrictions enabled Marcin Kuzminski <marcin@python-works.com> parents: 2679 diff changeset	58 not_default = self.rhodecode_user.username != 'default'
c5169e445fb8 Full IP restrictions enabled Marcin Kuzminski <marcin@python-works.com> parents: 2679 diff changeset	59 ip_allowed = self.rhodecode_user.ip_allowed
c5169e445fb8 Full IP restrictions enabled Marcin Kuzminski <marcin@python-works.com> parents: 2679 diff changeset	60 if self.rhodecode_user.is_authenticated and not_default and ip_allowed:
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	61 return redirect(url('home'))
ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	62
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	63 if request.POST:
1718 f78bee8eec78 reduce cookie size for better support of client side sessions Marcin Kuzminski <marcin@python-works.com> parents: 1628 diff changeset	64 # import Login Form validator class
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	65 login_form = LoginForm()
556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	66 try:
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	67 session.invalidate()
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	68 c.form_result = login_form.to_python(dict(request.POST))
1628 de71a4bde097 Some code cleanups and fixes Marcin Kuzminski <marcin@python-works.com> parents: 1530 diff changeset	69 # form checks for username/password, now we're authenticated
442 d66a7fa7689b moved loged in user propagation out of forms, Marcin Kuzminski <marcin@python-works.com> parents: 437 diff changeset	70 username = c.form_result['username']
1530 04027bdb876c Refactoring of model get functions Marcin Kuzminski <marcin@python-works.com> parents: 1417 diff changeset	71 user = User.get_by_username(username, case_insensitive=True)
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	72 auth_user = AuthUser(user.user_id)
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	73 auth_user.set_authenticated()
1718 f78bee8eec78 reduce cookie size for better support of client side sessions Marcin Kuzminski <marcin@python-works.com> parents: 1628 diff changeset	74 cs = auth_user.get_cookie_store()
f78bee8eec78 reduce cookie size for better support of client side sessions Marcin Kuzminski <marcin@python-works.com> parents: 1628 diff changeset	75 session['rhodecode_user'] = cs
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	76 user.update_lastlogin()
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	77 Session().commit()
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	78
1802 145677a36675 Remember Me option on login Matt Zuba <matt.zuba@goodwillaz.org> parents: 1749 diff changeset	79 # If they want to be remembered, update the cookie
3625 260a7a01b054 follow Python conventions for boolean values Mads Kiilerich <madski@unity3d.com> parents: 3370 diff changeset	80 if c.form_result['remember']:
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	81 _year = (datetime.datetime.now() +
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	82 datetime.timedelta(seconds=60 * 60 * 24 * 365))
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	83 session._set_cookie_expires(_year)
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	84
442 d66a7fa7689b moved loged in user propagation out of forms, Marcin Kuzminski <marcin@python-works.com> parents: 437 diff changeset	85 session.save()
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	86
1718 f78bee8eec78 reduce cookie size for better support of client side sessions Marcin Kuzminski <marcin@python-works.com> parents: 1628 diff changeset	87 log.info('user %s is now authenticated and stored in '
f78bee8eec78 reduce cookie size for better support of client side sessions Marcin Kuzminski <marcin@python-works.com> parents: 1628 diff changeset	88 'session, session attrs %s' % (username, cs))
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	89
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	90 # dumps session attrs back to cookie
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	91 session._update_cookie_out()
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	92
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	93 # we set new cookie
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	94 headers = None
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	95 if session.request['set_cookie']:
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	96 # send set-cookie headers back to response to update cookie
44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	97 headers = [('Set-Cookie', session.request['cookie_out'])]
1818 cf51bbfb120e auto white-space removal Marcin Kuzminski <marcin@python-works.com> parents: 1802 diff changeset	98
2679 dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	99 allowed_schemes = ['http', 'https']
437 930f8182a884 Added redirection to page that request came from, after login in Marcin Kuzminski <marcin@python-works.com> parents: 424 diff changeset	100 if c.came_from:
2679 dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	101 parsed = urlparse.urlparse(c.came_from)
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	102 server_parsed = urlparse.urlparse(url.current())
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	103 if parsed.scheme and parsed.scheme not in allowed_schemes:
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	104 log.error(
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	105 'Suspicious URL scheme detected %s for url %s' %
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	106 (parsed.scheme, parsed))
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	107 c.came_from = url('home')
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	108 elif server_parsed.netloc != parsed.netloc:
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	109 log.error('Suspicious NETLOC detected %s for url %s'
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	110 'server url is: %s' %
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	111 (parsed.netloc, parsed, server_parsed))
dffb92224edf removed ftp from allowed schemas Marcin Kuzminski <marcin@python-works.com> parents: 2678 diff changeset	112 c.came_from = url('home')
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	113 raise HTTPFound(location=c.came_from, headers=headers)
437 930f8182a884 Added redirection to page that request came from, after login in Marcin Kuzminski <marcin@python-works.com> parents: 424 diff changeset	114 else:
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	115 raise HTTPFound(location=url('home'), headers=headers)
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	116
564 ba7e24cd4786 refactor codes and setup for python 2.5 Marcin Kuzminski <marcin@python-works.com> parents: 549 diff changeset	117 except formencode.Invalid, errors:
4095 b59568e929ef fixed password refill in login form when wrong password was given Marcin Kuzminski <marcin@python-works.com> parents: 4074 diff changeset	118 defaults = errors.value
b59568e929ef fixed password refill in login form when wrong password was given Marcin Kuzminski <marcin@python-works.com> parents: 4074 diff changeset	119 # remove password from filling in form again
b59568e929ef fixed password refill in login form when wrong password was given Marcin Kuzminski <marcin@python-works.com> parents: 4074 diff changeset	120 del defaults['password']
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	121 return htmlfill.render(
556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	122 render('/login.html'),
556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	123 defaults=errors.value,
360 db187729c40c new style error display for login Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	124 errors=errors.error_dict or {},
db187729c40c new style error display for login Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	125 prefix_error=False,
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	126 encoding="UTF-8")
4074 3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	127 except UserCreationError, e:
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	128 # container auth or other auth functions that create users on
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	129 # the fly can throw this exception signaling that there's issue
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	130 # with user creation, explanation should be provided in
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	131 # Exception itself
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	132 h.flash(e, 'error')
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	133
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	134 return render('/login.html')
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	135
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	136 @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
442 d66a7fa7689b moved loged in user propagation out of forms, Marcin Kuzminski <marcin@python-works.com> parents: 437 diff changeset	137 'hg.register.manual_activate')
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	138 def register(self):
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	139 c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\
3370 fdb0f59b2189 fixes #762, LDAP and container created users are now activated based on Marcin Kuzminski <marcin@python-works.com> parents: 3146 diff changeset	140 .AuthUser.permissions['global']
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	141
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	142 if request.POST:
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	143 register_form = RegisterForm()()
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	144 try:
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	145 form_result = register_form.to_python(dict(request.POST))
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	146 form_result['active'] = c.auto_active
1749 8ecc6b8229a5 commit less models Marcin Kuzminski <marcin@python-works.com> parents: 1731 diff changeset	147 UserModel().create_registration(form_result)
3370 fdb0f59b2189 fixes #762, LDAP and container created users are now activated based on Marcin Kuzminski <marcin@python-works.com> parents: 3146 diff changeset	148 h.flash(_('You have successfully registered into RhodeCode'),
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	149 category='success')
2623 44678a64cfae Use HttpFound response in login. Marcin Kuzminski <marcin@python-works.com> parents: 2045 diff changeset	150 Session().commit()
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	151 return redirect(url('login_home'))
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	152
564 ba7e24cd4786 refactor codes and setup for python 2.5 Marcin Kuzminski <marcin@python-works.com> parents: 549 diff changeset	153 except formencode.Invalid, errors:
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	154 return htmlfill.render(
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	155 render('/register.html'),
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	156 defaults=errors.value,
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	157 errors=errors.error_dict or {},
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	158 prefix_error=False,
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	159 encoding="UTF-8")
4074 3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	160 except UserCreationError, e:
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	161 # container auth or other auth functions that create users on
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	162 # the fly can throw this exception signaling that there's issue
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	163 # with user creation, explanation should be provided in
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	164 # Exception itself
3b136af34329 Added pre-create user hook. Marcin Kuzminski <marcin@python-works.com> parents: 3960 diff changeset	165 h.flash(e, 'error')
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	166
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 360 diff changeset	167 return render('/register.html')
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	168
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	169 def password_reset(self):
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	170 if request.POST:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	171 password_reset_form = PasswordResetForm()()
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	172 try:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	173 form_result = password_reset_form.to_python(dict(request.POST))
1749 8ecc6b8229a5 commit less models Marcin Kuzminski <marcin@python-works.com> parents: 1731 diff changeset	174 UserModel().reset_password_link(form_result)
1417 5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	175 h.flash(_('Your password reset link was sent'),
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	176 category='success')
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	177 return redirect(url('login_home'))
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	178
564 ba7e24cd4786 refactor codes and setup for python 2.5 Marcin Kuzminski <marcin@python-works.com> parents: 549 diff changeset	179 except formencode.Invalid, errors:
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	180 return htmlfill.render(
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	181 render('/password_reset.html'),
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	182 defaults=errors.value,
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	183 errors=errors.error_dict or {},
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	184 prefix_error=False,
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	185 encoding="UTF-8")
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	186
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 459 diff changeset	187 return render('/password_reset.html')
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	188
1417 5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	189 def password_reset_confirmation(self):
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	190 if request.GET and request.GET.get('key'):
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	191 try:
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	192 user = User.get_by_api_key(request.GET.get('key'))
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	193 data = dict(email=user.email)
1749 8ecc6b8229a5 commit less models Marcin Kuzminski <marcin@python-works.com> parents: 1731 diff changeset	194 UserModel().reset_password(data)
1417 5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	195 h.flash(_('Your password reset was successful, '
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	196 'new password has been sent to your email'),
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	197 category='success')
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	198 except Exception, e:
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	199 log.error(e)
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	200 return redirect(url('reset_password'))
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	201
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	202 return redirect(url('login_home'))
5875955def39 fixes #223 improve password reset form Marcin Kuzminski <marcin@python-works.com> parents: 1400 diff changeset	203
186 556473ba0399 fixed menu in home page, and added login html with forms that validates username and password. Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	204 def logout(self):
1802 145677a36675 Remember Me option on login Matt Zuba <matt.zuba@goodwillaz.org> parents: 1749 diff changeset	205 session.delete()
145677a36675 Remember Me option on login Matt Zuba <matt.zuba@goodwillaz.org> parents: 1749 diff changeset	206 log.info('Logging out and deleting session for user')
636 ffd07396d315 Fixes for raw_id, needed for git Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	207 redirect(url('home'))

Mercurial > kallithea

annotate rhodecode/controllers/login.py @ 4095:b59568e929ef