ScoDoc/app/auth/forms.py

# -*- coding: UTF-8 -*

"""Formulaires authentification
"""
from urllib.parse import urlparse, urljoin
from flask import request, url_for, redirect
from flask_wtf import FlaskForm
from wtforms import BooleanField, HiddenField, PasswordField, StringField, SubmitField
from wtforms.fields.simple import FileField
from wtforms.validators import ValidationError, DataRequired, Email, EqualTo
from app.auth.models import User, is_valid_password


_ = lambda x: x  # sans babel
_l = _

# See http://flask.pocoo.org/snippets/63/
def is_safe_url(target):
    ref_url = urlparse(request.host_url)
    test_url = urlparse(urljoin(request.host_url, target))
    return test_url.scheme in ("http", "https") and ref_url.netloc == test_url.netloc


def get_redirect_target():
    for target in request.args.get("next"), request.referrer:
        if not target:
            continue
        if is_safe_url(target):
            return target


class RedirectForm(FlaskForm):
    next = HiddenField()

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        if not self.next.data:
            self.next.data = get_redirect_target() or ""

    def redirect(self, endpoint="index", **values):
        if is_safe_url(self.next.data):
            return redirect(self.next.data)
        target = get_redirect_target()
        return redirect(target or url_for(endpoint, **values))


class LoginForm(RedirectForm):
    user_name = StringField(_l("Nom d'utilisateur"), validators=[DataRequired()])
    password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])
    remember_me = BooleanField(_l("mémoriser la connexion"))
    submit = SubmitField(_l("Suivant"))

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)


class UserCreationForm(FlaskForm):
    user_name = StringField(_l("Nom d'utilisateur"), validators=[DataRequired()])
    email = StringField(_l("Email"), validators=[DataRequired(), Email()])
    password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])
    password2 = PasswordField(
        _l("Répéter"), validators=[DataRequired(), EqualTo("password")]
    )
    submit = SubmitField(_l("Inscrire"))

    def validate_user_name(self, user_name):
        user = User.query.filter_by(user_name=user_name.data).first()
        if user is not None:
            raise ValidationError(_("Please use a different user_name."))

    def validate_email(self, email):
        user = User.query.filter_by(email=email.data).first()
        if user is not None:
            raise ValidationError(_("Please use a different email address."))


class ResetPasswordRequestForm(FlaskForm):
    email = StringField(
        _l("Adresse email associée à votre compte ScoDoc:"),
        validators=[DataRequired(), Email()],
    )
    submit = SubmitField(_l("Envoyer"))


class ResetPasswordForm(FlaskForm):
    password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])
    password2 = PasswordField(
        _l("Répéter"), validators=[DataRequired(), EqualTo("password")]
    )
    submit = SubmitField(_l("Valider ce mot de passe"))

    def validate_password(self, password):
        if not is_valid_password(password.data):
            raise ValidationError(f"Mot de passe trop simple, recommencez")


class DeactivateUserForm(FlaskForm):
    submit = SubmitField("Modifier l'utilisateur")
    cancel = SubmitField(label="Annuler", render_kw={"formnovalidate": True})


class CASUsersImportConfigForm(FlaskForm):
    user_config_file = FileField(
        label="Fichier Excel à réimporter",
        description="""fichier avec les paramètres CAS renseignés""",
    )
    submit = SubmitField("Importer le fichier utilisateurs")
    cancel = SubmitField(label="Annuler", render_kw={"formnovalidate": True})
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`# -- coding: UTF-8 -`

			`"""Formulaires authentification`
			`"""`
Secure Back Redirects on login form 2022-07-26 16:05:30 +02:00			`from urllib.parse import urlparse, urljoin`
			`from flask import request, url_for, redirect`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`from flask_wtf import FlaskForm`
Secure Back Redirects on login form 2022-07-26 16:05:30 +02:00			`from wtforms import BooleanField, HiddenField, PasswordField, StringField, SubmitField`
CAS: export/import config comptes via Excel 2023-03-02 22:55:25 +01:00			`from wtforms.fields.simple import FileField`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`from wtforms.validators import ValidationError, DataRequired, Email, EqualTo`
amélioration formulaires creation/edition utilisateurs 2021-10-15 19:17:40 +02:00			`from app.auth.models import User, is_valid_password`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00

			`_ = lambda x: x # sans babel`
			`_l = _`

Secure Back Redirects on login form 2022-07-26 16:05:30 +02:00			`# See http://flask.pocoo.org/snippets/63/`
			`def is_safe_url(target):`
			`ref_url = urlparse(request.host_url)`
			`test_url = urlparse(urljoin(request.host_url, target))`
			`return test_url.scheme in ("http", "https") and ref_url.netloc == test_url.netloc`


			`def get_redirect_target():`
			`for target in request.args.get("next"), request.referrer:`
			`if not target:`
			`continue`
			`if is_safe_url(target):`
			`return target`


			`class RedirectForm(FlaskForm):`
			`next = HiddenField()`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00
Secure Back Redirects on login form 2022-07-26 16:05:30 +02:00			`def __init__(self, args, *kwargs):`
			`super().__init__(args, *kwargs)`
			`if not self.next.data:`
			`self.next.data = get_redirect_target() or ""`

			`def redirect(self, endpoint="index", **values):`
			`if is_safe_url(self.next.data):`
			`return redirect(self.next.data)`
			`target = get_redirect_target()`
			`return redirect(target or url_for(endpoint, **values))`


			`class LoginForm(RedirectForm):`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`user_name = StringField(_l("Nom d'utilisateur"), validators=[DataRequired()])`
			`password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])`
			`remember_me = BooleanField(_l("mémoriser la connexion"))`
			`submit = SubmitField(_l("Suivant"))`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00
Secure Back Redirects on login form 2022-07-26 16:05:30 +02:00			`def __init__(self, args, *kwargs):`
			`super().__init__(args, *kwargs)`

Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00
			`class UserCreationForm(FlaskForm):`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`user_name = StringField(_l("Nom d'utilisateur"), validators=[DataRequired()])`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`email = StringField(_l("Email"), validators=[DataRequired(), Email()])`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`password2 = PasswordField(`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`_l("Répéter"), validators=[DataRequired(), EqualTo("password")]`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`)`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`submit = SubmitField(_l("Inscrire"))`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00
début implémentation gestion utilisateurs 2021-06-26 21:57:54 +02:00			`def validate_user_name(self, user_name):`
			`user = User.query.filter_by(user_name=user_name.data).first()`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`if user is not None:`
début implémentation gestion utilisateurs 2021-06-26 21:57:54 +02:00			`raise ValidationError(_("Please use a different user_name."))`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00
			`def validate_email(self, email):`
			`user = User.query.filter_by(email=email.data).first()`
			`if user is not None:`
			`raise ValidationError(_("Please use a different email address."))`


			`class ResetPasswordRequestForm(FlaskForm):`
Améliorer page infos utilisateurs 2021-10-17 11:19:01 +02:00			`email = StringField(`
			`_l("Adresse email associée à votre compte ScoDoc:"),`
			`validators=[DataRequired(), Email()],`
			`)`
			`submit = SubmitField(_l("Envoyer"))`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00

			`class ResetPasswordForm(FlaskForm):`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`password2 = PasswordField(`
fix migration adresses + cosmetique 2021-09-11 15:59:06 +02:00			`_l("Répéter"), validators=[DataRequired(), EqualTo("password")]`
Application Flask pour ScoDoc 8 2021-05-29 18:22:51 +02:00			`)`
amélioration formulaires creation/edition utilisateurs 2021-10-15 19:17:40 +02:00			`submit = SubmitField(_l("Valider ce mot de passe"))`

			`def validate_password(self, password):`
			`if not is_valid_password(password.data):`
			`raise ValidationError(f"Mot de passe trop simple, recommencez")`
Améliore formulaires gestion utilisateurs 2021-08-28 16:01:41 +02:00

			`class DeactivateUserForm(FlaskForm):`
			`submit = SubmitField("Modifier l'utilisateur")`
			`cancel = SubmitField(label="Annuler", render_kw={"formnovalidate": True})`
CAS: export/import config comptes via Excel 2023-03-02 22:55:25 +01:00

			`class CASUsersImportConfigForm(FlaskForm):`
			`user_config_file = FileField(`
			`label="Fichier Excel à réimporter",`
			`description="""fichier avec les paramètres CAS renseignés""",`
			`)`
			`submit = SubmitField("Importer le fichier utilisateurs")`
			`cancel = SubmitField(label="Annuler", render_kw={"formnovalidate": True})`