Mercurial > kallithea
annotate rhodecode/controllers/login.py @ 4095:b59568e929ef
fixed password refill in login form when wrong password was given
It's better to not refill the passwords on wrong credentials given.
Standard behaviour on all pages are making the password blank
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 22 Jul 2013 16:01:07 +0200 |
parents | 3b136af34329 |
children | 360f31856657 ffd45b185016 |
rev | line source |
---|---|
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
1 # -*- coding: utf-8 -*- |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
2 """ |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
3 rhodecode.controllers.login |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
5 |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
6 Login controller for rhodeocode |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1121
diff
changeset
|
7 |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
8 :created_on: Apr 22, 2010 |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
9 :author: marcink |
1824
89efedac4e6c
2012 copyrights
Marcin Kuzminski <marcin@python-works.com>
parents:
1818
diff
changeset
|
10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
11 :license: GPLv3, see COPYING for more details. |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
12 """ |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # This program is free software: you can redistribute it and/or modify |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
14 # it under the terms of the GNU General Public License as published by |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
15 # the Free Software Foundation, either version 3 of the License, or |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
16 # (at your option) any later version. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1121
diff
changeset
|
17 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
202
diff
changeset
|
18 # This program is distributed in the hope that it will be useful, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
202
diff
changeset
|
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
202
diff
changeset
|
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
202
diff
changeset
|
21 # GNU General Public License for more details. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1121
diff
changeset
|
22 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
202
diff
changeset
|
23 # You should have received a copy of the GNU General Public License |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
25 |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
26 import logging |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
27 import formencode |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
28 import datetime |
2678
04d2bcfbe7a6
security fix, inspired by django security
Marcin Kuzminski <marcin@python-works.com>
parents:
2623
diff
changeset
|
29 import urlparse |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
30 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
31 from formencode import htmlfill |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
32 from webob.exc import HTTPFound |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
33 from pylons.i18n.translation import _ |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
34 from pylons.controllers.util import abort, redirect |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
35 from pylons import request, response, session, tmpl_context as c, url |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
36 |
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
37 import rhodecode.lib.helpers as h |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
474
diff
changeset
|
38 from rhodecode.lib.auth import AuthUser, HasPermissionAnyDecorator |
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
474
diff
changeset
|
39 from rhodecode.lib.base import BaseController, render |
4074
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
40 from rhodecode.lib.exceptions import UserCreationError |
1400
0d7b56b97953
Simplified last_login call on user, and changed login to use User model directly
Marcin Kuzminski <marcin@python-works.com>
parents:
1212
diff
changeset
|
41 from rhodecode.model.db import User |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
474
diff
changeset
|
42 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
43 from rhodecode.model.user import UserModel |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1718
diff
changeset
|
44 from rhodecode.model.meta import Session |
861
fd2ea6ceadc8
updated docs on every controller
Marcin Kuzminski <marcin@python-works.com>
parents:
761
diff
changeset
|
45 |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
46 |
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
47 log = logging.getLogger(__name__) |
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
48 |
1212 | 49 |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
50 class LoginController(BaseController): |
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
51 |
202
3fd2af1ba5ea
updated logging in logout. Added before, on login page.
Marcin Kuzminski <marcin@python-works.com>
parents:
195
diff
changeset
|
52 def __before__(self): |
3fd2af1ba5ea
updated logging in logout. Added before, on login page.
Marcin Kuzminski <marcin@python-works.com>
parents:
195
diff
changeset
|
53 super(LoginController, self).__before__() |
3fd2af1ba5ea
updated logging in logout. Added before, on login page.
Marcin Kuzminski <marcin@python-works.com>
parents:
195
diff
changeset
|
54 |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
55 def index(self): |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1530
diff
changeset
|
56 # redirect if already logged in |
2679
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
57 c.came_from = request.GET.get('came_from') |
3146
c5169e445fb8
Full IP restrictions enabled
Marcin Kuzminski <marcin@python-works.com>
parents:
2679
diff
changeset
|
58 not_default = self.rhodecode_user.username != 'default' |
c5169e445fb8
Full IP restrictions enabled
Marcin Kuzminski <marcin@python-works.com>
parents:
2679
diff
changeset
|
59 ip_allowed = self.rhodecode_user.ip_allowed |
c5169e445fb8
Full IP restrictions enabled
Marcin Kuzminski <marcin@python-works.com>
parents:
2679
diff
changeset
|
60 if self.rhodecode_user.is_authenticated and not_default and ip_allowed: |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
61 return redirect(url('home')) |
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
62 |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
63 if request.POST: |
1718
f78bee8eec78
reduce cookie size for better support of client side sessions
Marcin Kuzminski <marcin@python-works.com>
parents:
1628
diff
changeset
|
64 # import Login Form validator class |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
65 login_form = LoginForm() |
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
66 try: |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
67 session.invalidate() |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
68 c.form_result = login_form.to_python(dict(request.POST)) |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1530
diff
changeset
|
69 # form checks for username/password, now we're authenticated |
442
d66a7fa7689b
moved loged in user propagation out of forms,
Marcin Kuzminski <marcin@python-works.com>
parents:
437
diff
changeset
|
70 username = c.form_result['username'] |
1530
04027bdb876c
Refactoring of model get functions
Marcin Kuzminski <marcin@python-works.com>
parents:
1417
diff
changeset
|
71 user = User.get_by_username(username, case_insensitive=True) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
72 auth_user = AuthUser(user.user_id) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
73 auth_user.set_authenticated() |
1718
f78bee8eec78
reduce cookie size for better support of client side sessions
Marcin Kuzminski <marcin@python-works.com>
parents:
1628
diff
changeset
|
74 cs = auth_user.get_cookie_store() |
f78bee8eec78
reduce cookie size for better support of client side sessions
Marcin Kuzminski <marcin@python-works.com>
parents:
1628
diff
changeset
|
75 session['rhodecode_user'] = cs |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
76 user.update_lastlogin() |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
77 Session().commit() |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
78 |
1802
145677a36675
Remember Me option on login
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
1749
diff
changeset
|
79 # If they want to be remembered, update the cookie |
3625
260a7a01b054
follow Python conventions for boolean values
Mads Kiilerich <madski@unity3d.com>
parents:
3370
diff
changeset
|
80 if c.form_result['remember']: |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
81 _year = (datetime.datetime.now() + |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
82 datetime.timedelta(seconds=60 * 60 * 24 * 365)) |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
83 session._set_cookie_expires(_year) |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
84 |
442
d66a7fa7689b
moved loged in user propagation out of forms,
Marcin Kuzminski <marcin@python-works.com>
parents:
437
diff
changeset
|
85 session.save() |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
86 |
1718
f78bee8eec78
reduce cookie size for better support of client side sessions
Marcin Kuzminski <marcin@python-works.com>
parents:
1628
diff
changeset
|
87 log.info('user %s is now authenticated and stored in ' |
f78bee8eec78
reduce cookie size for better support of client side sessions
Marcin Kuzminski <marcin@python-works.com>
parents:
1628
diff
changeset
|
88 'session, session attrs %s' % (username, cs)) |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
89 |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
90 # dumps session attrs back to cookie |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
91 session._update_cookie_out() |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
92 |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
93 # we set new cookie |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
94 headers = None |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
95 if session.request['set_cookie']: |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
96 # send set-cookie headers back to response to update cookie |
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
97 headers = [('Set-Cookie', session.request['cookie_out'])] |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1802
diff
changeset
|
98 |
2679
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
99 allowed_schemes = ['http', 'https'] |
437
930f8182a884
Added redirection to page that request came from, after login in
Marcin Kuzminski <marcin@python-works.com>
parents:
424
diff
changeset
|
100 if c.came_from: |
2679
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
101 parsed = urlparse.urlparse(c.came_from) |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
102 server_parsed = urlparse.urlparse(url.current()) |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
103 if parsed.scheme and parsed.scheme not in allowed_schemes: |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
104 log.error( |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
105 'Suspicious URL scheme detected %s for url %s' % |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
106 (parsed.scheme, parsed)) |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
107 c.came_from = url('home') |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
108 elif server_parsed.netloc != parsed.netloc: |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
109 log.error('Suspicious NETLOC detected %s for url %s' |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
110 'server url is: %s' % |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
111 (parsed.netloc, parsed, server_parsed)) |
dffb92224edf
removed ftp from allowed schemas
Marcin Kuzminski <marcin@python-works.com>
parents:
2678
diff
changeset
|
112 c.came_from = url('home') |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
113 raise HTTPFound(location=c.came_from, headers=headers) |
437
930f8182a884
Added redirection to page that request came from, after login in
Marcin Kuzminski <marcin@python-works.com>
parents:
424
diff
changeset
|
114 else: |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
115 raise HTTPFound(location=url('home'), headers=headers) |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
116 |
564
ba7e24cd4786
refactor codes and setup for python 2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
549
diff
changeset
|
117 except formencode.Invalid, errors: |
4095
b59568e929ef
fixed password refill in login form when wrong password was given
Marcin Kuzminski <marcin@python-works.com>
parents:
4074
diff
changeset
|
118 defaults = errors.value |
b59568e929ef
fixed password refill in login form when wrong password was given
Marcin Kuzminski <marcin@python-works.com>
parents:
4074
diff
changeset
|
119 # remove password from filling in form again |
b59568e929ef
fixed password refill in login form when wrong password was given
Marcin Kuzminski <marcin@python-works.com>
parents:
4074
diff
changeset
|
120 del defaults['password'] |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
121 return htmlfill.render( |
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
122 render('/login.html'), |
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
123 defaults=errors.value, |
360
db187729c40c
new style error display for login
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
124 errors=errors.error_dict or {}, |
db187729c40c
new style error display for login
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
125 prefix_error=False, |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
126 encoding="UTF-8") |
4074
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
127 except UserCreationError, e: |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
128 # container auth or other auth functions that create users on |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
129 # the fly can throw this exception signaling that there's issue |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
130 # with user creation, explanation should be provided in |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
131 # Exception itself |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
132 h.flash(e, 'error') |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
133 |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
134 return render('/login.html') |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
135 |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
136 @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', |
442
d66a7fa7689b
moved loged in user propagation out of forms,
Marcin Kuzminski <marcin@python-works.com>
parents:
437
diff
changeset
|
137 'hg.register.manual_activate') |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
138 def register(self): |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
139 c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\ |
3370
fdb0f59b2189
fixes #762, LDAP and container created users are now activated based on
Marcin Kuzminski <marcin@python-works.com>
parents:
3146
diff
changeset
|
140 .AuthUser.permissions['global'] |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
141 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
142 if request.POST: |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
143 register_form = RegisterForm()() |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
144 try: |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
145 form_result = register_form.to_python(dict(request.POST)) |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
146 form_result['active'] = c.auto_active |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1731
diff
changeset
|
147 UserModel().create_registration(form_result) |
3370
fdb0f59b2189
fixes #762, LDAP and container created users are now activated based on
Marcin Kuzminski <marcin@python-works.com>
parents:
3146
diff
changeset
|
148 h.flash(_('You have successfully registered into RhodeCode'), |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
149 category='success') |
2623
44678a64cfae
Use HttpFound response in login.
Marcin Kuzminski <marcin@python-works.com>
parents:
2045
diff
changeset
|
150 Session().commit() |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
151 return redirect(url('login_home')) |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
152 |
564
ba7e24cd4786
refactor codes and setup for python 2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
549
diff
changeset
|
153 except formencode.Invalid, errors: |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
154 return htmlfill.render( |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
155 render('/register.html'), |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
156 defaults=errors.value, |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
157 errors=errors.error_dict or {}, |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
158 prefix_error=False, |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
159 encoding="UTF-8") |
4074
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
160 except UserCreationError, e: |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
161 # container auth or other auth functions that create users on |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
162 # the fly can throw this exception signaling that there's issue |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
163 # with user creation, explanation should be provided in |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
164 # Exception itself |
3b136af34329
Added pre-create user hook.
Marcin Kuzminski <marcin@python-works.com>
parents:
3960
diff
changeset
|
165 h.flash(e, 'error') |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
166 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
360
diff
changeset
|
167 return render('/register.html') |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
168 |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
169 def password_reset(self): |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
170 if request.POST: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
171 password_reset_form = PasswordResetForm()() |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
172 try: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
173 form_result = password_reset_form.to_python(dict(request.POST)) |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1731
diff
changeset
|
174 UserModel().reset_password_link(form_result) |
1417
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
175 h.flash(_('Your password reset link was sent'), |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
176 category='success') |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
177 return redirect(url('login_home')) |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
178 |
564
ba7e24cd4786
refactor codes and setup for python 2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
549
diff
changeset
|
179 except formencode.Invalid, errors: |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
180 return htmlfill.render( |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
181 render('/password_reset.html'), |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
182 defaults=errors.value, |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
183 errors=errors.error_dict or {}, |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
184 prefix_error=False, |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
185 encoding="UTF-8") |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
186 |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
459
diff
changeset
|
187 return render('/password_reset.html') |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
188 |
1417
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
189 def password_reset_confirmation(self): |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
190 if request.GET and request.GET.get('key'): |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
191 try: |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
192 user = User.get_by_api_key(request.GET.get('key')) |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
193 data = dict(email=user.email) |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1731
diff
changeset
|
194 UserModel().reset_password(data) |
1417
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
195 h.flash(_('Your password reset was successful, ' |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
196 'new password has been sent to your email'), |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
197 category='success') |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
198 except Exception, e: |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
199 log.error(e) |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
200 return redirect(url('reset_password')) |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
201 |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
202 return redirect(url('login_home')) |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1400
diff
changeset
|
203 |
186
556473ba0399
fixed menu in home page, and added login html with forms that validates username and password.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
204 def logout(self): |
1802
145677a36675
Remember Me option on login
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
1749
diff
changeset
|
205 session.delete() |
145677a36675
Remember Me option on login
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
1749
diff
changeset
|
206 log.info('Logging out and deleting session for user') |
636
ffd07396d315
Fixes for raw_id, needed for git
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
207 redirect(url('home')) |