2021-05-29 18:22:51 +02:00
|
|
|
# -*- coding: UTF-8 -*
|
|
|
|
"""
|
|
|
|
auth.routes.py
|
|
|
|
"""
|
|
|
|
|
2021-08-28 16:01:41 +02:00
|
|
|
from app.scodoc.sco_exceptions import ScoValueError
|
|
|
|
from flask import current_app, g, flash, render_template
|
|
|
|
from flask import redirect, url_for, request
|
2021-07-28 08:42:22 +02:00
|
|
|
from flask_login.utils import login_required
|
2021-05-29 18:22:51 +02:00
|
|
|
from werkzeug.urls import url_parse
|
|
|
|
from flask_login import login_user, logout_user, current_user
|
|
|
|
|
|
|
|
from app import db
|
|
|
|
from app.auth import bp
|
|
|
|
from app.auth.forms import (
|
|
|
|
LoginForm,
|
|
|
|
UserCreationForm,
|
|
|
|
ResetPasswordRequestForm,
|
|
|
|
ResetPasswordForm,
|
2021-08-28 16:01:41 +02:00
|
|
|
DeactivateUserForm,
|
2021-05-29 18:22:51 +02:00
|
|
|
)
|
2022-03-21 22:07:34 +01:00
|
|
|
from app.auth.models import Role
|
2021-05-29 18:22:51 +02:00
|
|
|
from app.auth.models import User
|
|
|
|
from app.auth.email import send_password_reset_email
|
2021-06-26 21:57:54 +02:00
|
|
|
from app.decorators import admin_required
|
2021-08-28 16:01:41 +02:00
|
|
|
from app.decorators import permission_required
|
2021-05-29 18:22:51 +02:00
|
|
|
|
|
|
|
_ = lambda x: x # sans babel
|
|
|
|
_l = _
|
|
|
|
|
|
|
|
|
|
|
|
@bp.route("/login", methods=["GET", "POST"])
|
|
|
|
def login():
|
|
|
|
if current_user.is_authenticated:
|
2021-08-17 22:11:35 +02:00
|
|
|
return redirect(url_for("scodoc.index"))
|
2021-05-29 18:22:51 +02:00
|
|
|
form = LoginForm()
|
|
|
|
if form.validate_on_submit():
|
2021-06-26 21:57:54 +02:00
|
|
|
user = User.query.filter_by(user_name=form.user_name.data).first()
|
2021-05-29 18:22:51 +02:00
|
|
|
if user is None or not user.check_password(form.password.data):
|
2021-09-09 12:49:23 +02:00
|
|
|
current_app.logger.info("login: invalid (%s)", form.user_name.data)
|
2021-09-11 15:59:06 +02:00
|
|
|
flash(_("Nom ou mot de passe invalide"))
|
2021-05-29 18:22:51 +02:00
|
|
|
return redirect(url_for("auth.login"))
|
|
|
|
login_user(user, remember=form.remember_me.data)
|
2021-09-09 12:49:23 +02:00
|
|
|
current_app.logger.info("login: success (%s)", form.user_name.data)
|
2021-05-29 18:22:51 +02:00
|
|
|
next_page = request.args.get("next")
|
|
|
|
if not next_page or url_parse(next_page).netloc != "":
|
2021-08-17 22:11:35 +02:00
|
|
|
next_page = url_for("scodoc.index")
|
2021-05-29 18:22:51 +02:00
|
|
|
return redirect(next_page)
|
2021-10-13 21:00:03 +02:00
|
|
|
message = request.args.get("message", "")
|
|
|
|
return render_template(
|
|
|
|
"auth/login.html", title=_("Sign In"), form=form, message=message
|
|
|
|
)
|
2021-05-29 18:22:51 +02:00
|
|
|
|
|
|
|
|
|
|
|
@bp.route("/logout")
|
|
|
|
def logout():
|
|
|
|
logout_user()
|
2021-08-17 22:11:35 +02:00
|
|
|
return redirect(url_for("scodoc.index"))
|
2021-05-29 18:22:51 +02:00
|
|
|
|
|
|
|
|
|
|
|
@bp.route("/create_user", methods=["GET", "POST"])
|
|
|
|
@admin_required
|
|
|
|
def create_user():
|
|
|
|
"Form creating new user"
|
|
|
|
form = UserCreationForm()
|
|
|
|
if form.validate_on_submit():
|
2021-06-26 21:57:54 +02:00
|
|
|
user = User(user_name=form.user_name.data, email=form.email.data)
|
2021-05-29 18:22:51 +02:00
|
|
|
user.set_password(form.password.data)
|
|
|
|
db.session.add(user)
|
|
|
|
db.session.commit()
|
2021-06-26 21:57:54 +02:00
|
|
|
flash("User {} created".format(user.user_name))
|
2021-08-17 22:11:35 +02:00
|
|
|
return redirect(url_for("scodoc.index"))
|
2021-05-29 18:22:51 +02:00
|
|
|
return render_template(
|
2022-05-03 13:35:17 +02:00
|
|
|
"auth/register.html", title="Création utilisateur", form=form
|
2021-05-29 18:22:51 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
@bp.route("/reset_password_request", methods=["GET", "POST"])
|
|
|
|
def reset_password_request():
|
2021-08-28 16:01:41 +02:00
|
|
|
"""Form demande renvoi de mot de passe par mail
|
|
|
|
Si l'utilisateur est déjà authentifié, le renvoie simplement sur
|
|
|
|
la page d'accueil.
|
|
|
|
"""
|
2021-05-29 18:22:51 +02:00
|
|
|
if current_user.is_authenticated:
|
2021-08-17 22:11:35 +02:00
|
|
|
return redirect(url_for("scodoc.index"))
|
2021-05-29 18:22:51 +02:00
|
|
|
form = ResetPasswordRequestForm()
|
|
|
|
if form.validate_on_submit():
|
2021-08-28 16:01:41 +02:00
|
|
|
users = User.query.filter_by(email=form.email.data).all()
|
|
|
|
if len(users) == 1:
|
|
|
|
send_password_reset_email(users[0])
|
|
|
|
elif len(users) > 1:
|
|
|
|
current_app.logger.info(
|
|
|
|
"reset_password_request: multiple users with email '{}' (ignoring)".format(
|
|
|
|
form.email.data
|
|
|
|
)
|
|
|
|
)
|
2021-05-29 18:22:51 +02:00
|
|
|
else:
|
|
|
|
current_app.logger.info(
|
|
|
|
"reset_password_request: for unkown user '{}'".format(form.email.data)
|
|
|
|
)
|
2021-10-17 11:19:01 +02:00
|
|
|
flash(
|
|
|
|
_("Voir les instructions envoyées par mail (pensez à regarder vos spams)")
|
|
|
|
)
|
2021-05-29 18:22:51 +02:00
|
|
|
return redirect(url_for("auth.login"))
|
|
|
|
return render_template(
|
|
|
|
"auth/reset_password_request.html", title=_("Reset Password"), form=form
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
@bp.route("/reset_password/<token>", methods=["GET", "POST"])
|
|
|
|
def reset_password(token):
|
|
|
|
if current_user.is_authenticated:
|
2021-08-17 22:11:35 +02:00
|
|
|
return redirect(url_for("scodoc.index"))
|
2021-05-29 18:22:51 +02:00
|
|
|
user = User.verify_reset_password_token(token)
|
2022-05-03 13:35:17 +02:00
|
|
|
if user is None:
|
2021-08-17 22:11:35 +02:00
|
|
|
return redirect(url_for("scodoc.index"))
|
2021-05-29 18:22:51 +02:00
|
|
|
form = ResetPasswordForm()
|
|
|
|
if form.validate_on_submit():
|
|
|
|
user.set_password(form.password.data)
|
|
|
|
db.session.commit()
|
2021-10-15 19:17:40 +02:00
|
|
|
flash(_("Votre mot de passe a été changé."))
|
2021-05-29 18:22:51 +02:00
|
|
|
return redirect(url_for("auth.login"))
|
2021-10-15 19:17:40 +02:00
|
|
|
return render_template("auth/reset_password.html", form=form, user=user)
|
2022-03-21 22:07:34 +01:00
|
|
|
|
|
|
|
|
|
|
|
@bp.route("/reset_standard_roles_permissions", methods=["GET", "POST"])
|
|
|
|
@admin_required
|
|
|
|
def reset_standard_roles_permissions():
|
|
|
|
Role.reset_standard_roles_permissions()
|
|
|
|
flash("rôles standard réinitialisés !")
|
|
|
|
return redirect(url_for("scodoc.configuration"))
|