index.py
263 lines
| 9.1 KiB
| text/x-python
|
PythonLexer
| r0 | # -*- coding: utf-8 -*- | |||
| r112 | # Copyright 2010 - 2017 RhodeCode GmbH and the AppEnlight project authors | |||
| r0 | # | |||
| r112 | # Licensed under the Apache License, Version 2.0 (the "License"); | |||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| r0 | # | |||
| r112 | # http://www.apache.org/licenses/LICENSE-2.0 | |||
| r0 | # | |||
| r112 | # Unless required by applicable law or agreed to in writing, software | |||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
| r0 | ||||
| import datetime | ||||
| import logging | ||||
| import uuid | ||||
| import pyramid.security as security | ||||
| from pyramid.view import view_config | ||||
| from pyramid.httpexceptions import HTTPFound | ||||
| from pyramid.response import Response | ||||
| from pyramid.security import NO_PERMISSION_REQUIRED | ||||
| from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignInSuccess | ||||
| from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignInBadAuth | ||||
| from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignOut | ||||
| r135 | from ziggurat_foundations.models.services.user import UserService | |||
| r0 | ||||
| from appenlight.lib.social import handle_social_data | ||||
| from appenlight.models import DBSession | ||||
| from appenlight.models.user import User | ||||
| from appenlight.models.services.user import UserService | ||||
| from appenlight.subscribers import _ | ||||
| from appenlight import forms | ||||
| from webob.multidict import MultiDict | ||||
| log = logging.getLogger(__name__) | ||||
| @view_config(context=ZigguratSignInSuccess, permission=NO_PERMISSION_REQUIRED) | ||||
| def sign_in(request): | ||||
| """ | ||||
| Performs sign in by sending proper user identification headers | ||||
| Regenerates CSRF token | ||||
| """ | ||||
| user = request.context.user | ||||
| if user.status == 1: | ||||
| request.session.new_csrf_token() | ||||
| user.last_login_date = datetime.datetime.utcnow() | ||||
| r153 | social_data = request.session.get("zigg.social_auth") | |||
| r0 | if social_data: | |||
| handle_social_data(request, user, social_data) | ||||
| else: | ||||
| r153 | request.session.flash(_("Account got disabled")) | |||
| r0 | ||||
| r153 | if request.context.came_from != "/": | |||
| return HTTPFound( | ||||
| location=request.context.came_from, headers=request.context.headers | ||||
| ) | ||||
| r0 | else: | |||
| r153 | return HTTPFound( | |||
| location=request.route_url("/"), headers=request.context.headers | ||||
| ) | ||||
| r0 | ||||
| @view_config(context=ZigguratSignInBadAuth, permission=NO_PERMISSION_REQUIRED) | ||||
| def bad_auth(request): | ||||
| """ | ||||
| Handles incorrect login flow | ||||
| """ | ||||
| r153 | request.session.flash(_("Incorrect username or password"), "warning") | |||
| return HTTPFound( | ||||
| location=request.route_url("register"), headers=request.context.headers | ||||
| ) | ||||
| r0 | ||||
| @view_config(context=ZigguratSignOut, permission=NO_PERMISSION_REQUIRED) | ||||
| def sign_out(request): | ||||
| """ | ||||
| Removes user identification cookie | ||||
| """ | ||||
| r153 | return HTTPFound( | |||
| location=request.route_url("register"), headers=request.context.headers | ||||
| ) | ||||
| r0 | ||||
| r153 | @view_config( | |||
| route_name="lost_password", | ||||
| renderer="appenlight:templates/user/lost_password.jinja2", | ||||
| permission=NO_PERMISSION_REQUIRED, | ||||
| ) | ||||
| r0 | def lost_password(request): | |||
| """ | ||||
| Presents lost password page - sends password reset link to | ||||
| specified email address. | ||||
| This link is valid only for 10 minutes | ||||
| """ | ||||
| form = forms.LostPasswordForm(request.POST, csrf_context=request) | ||||
| r153 | if request.method == "POST" and form.validate(): | |||
| r135 | user = UserService.by_email(form.email.data) | |||
| r0 | if user: | |||
| r135 | UserService.regenerate_security_code(user) | |||
| r0 | user.security_code_date = datetime.datetime.utcnow() | |||
| email_vars = { | ||||
| r153 | "user": user, | |||
| "request": request, | ||||
| "email_title": "AppEnlight :: New password request", | ||||
| r0 | } | |||
| UserService.send_email( | ||||
| r153 | request, | |||
| recipients=[user.email], | ||||
| r0 | variables=email_vars, | |||
| r153 | template="/email_templates/lost_password.jinja2", | |||
| ) | ||||
| msg = ( | ||||
| "Password reset email had been sent. " | ||||
| "Please check your mailbox for further instructions." | ||||
| ) | ||||
| r0 | request.session.flash(_(msg)) | |||
| r153 | return HTTPFound(location=request.route_url("lost_password")) | |||
| r0 | return {"form": form} | |||
| r153 | @view_config( | |||
| route_name="lost_password_generate", | ||||
| permission=NO_PERMISSION_REQUIRED, | ||||
| renderer="appenlight:templates/user/lost_password_generate.jinja2", | ||||
| ) | ||||
| r0 | def lost_password_generate(request): | |||
| """ | ||||
| Shows new password form - perform time check and set new password for user | ||||
| """ | ||||
| r135 | user = UserService.by_user_name_and_security_code( | |||
| r153 | request.GET.get("user_name"), request.GET.get("security_code") | |||
| ) | ||||
| r0 | if user: | |||
| delta = datetime.datetime.utcnow() - user.security_code_date | ||||
| if user and delta.total_seconds() < 600: | ||||
| form = forms.NewPasswordForm(request.POST, csrf_context=request) | ||||
| if request.method == "POST" and form.validate(): | ||||
| r135 | UserService.set_password(user, form.new_password.data) | |||
| r153 | request.session.flash(_("You can sign in with your new password.")) | |||
| return HTTPFound(location=request.route_url("register")) | ||||
| r0 | else: | |||
| return {"form": form} | ||||
| else: | ||||
| r153 | return Response("Security code expired") | |||
| r0 | ||||
| r153 | @view_config( | |||
| route_name="register", | ||||
| renderer="appenlight:templates/user/register.jinja2", | ||||
| permission=NO_PERMISSION_REQUIRED, | ||||
| ) | ||||
| r0 | def register(request): | |||
| """ | ||||
| Render register page with form | ||||
| Also handles oAuth flow for registration | ||||
| """ | ||||
| r153 | login_url = request.route_url("ziggurat.routes.sign_in") | |||
| r0 | if request.query_string: | |||
| r153 | query_string = "?%s" % request.query_string | |||
| r0 | else: | |||
| r153 | query_string = "" | |||
| referrer = "%s%s" % (request.path, query_string) | ||||
| r0 | ||||
| r153 | if referrer in [login_url, "/register", "/register?sign_in=1"]: | |||
| referrer = "/" # never use the login form itself as came_from | ||||
| r0 | sign_in_form = forms.SignInForm( | |||
| r153 | came_from=request.params.get("came_from", referrer), csrf_context=request | |||
| ) | ||||
| r0 | ||||
| # populate form from oAuth session data returned by authomatic | ||||
| r153 | social_data = request.session.get("zigg.social_auth") | |||
| if request.method != "POST" and social_data: | ||||
| r0 | log.debug(social_data) | |||
| r153 | user_name = social_data["user"].get("user_name", "").split("@")[0] | |||
| form_data = {"user_name": user_name, "email": social_data["user"].get("email")} | ||||
| form_data["user_password"] = str(uuid.uuid4()) | ||||
| form = forms.UserRegisterForm(MultiDict(form_data), csrf_context=request) | ||||
| r0 | form.user_password.widget.hide_value = False | |||
| else: | ||||
| form = forms.UserRegisterForm(request.POST, csrf_context=request) | ||||
| r153 | if request.method == "POST" and form.validate(): | |||
| log.info("registering user") | ||||
| r0 | # insert new user here | |||
| r153 | if request.registry.settings["appenlight.disable_registration"]: | |||
| request.session.flash(_("Registration is currently disabled.")) | ||||
| return HTTPFound(location=request.route_url("/")) | ||||
| r128 | ||||
| r0 | new_user = User() | |||
| DBSession.add(new_user) | ||||
| form.populate_obj(new_user) | ||||
| r135 | UserService.regenerate_security_code(new_user) | |||
| r0 | new_user.status = 1 | |||
| r135 | UserService.set_password(new_user, new_user.user_password) | |||
| r153 | new_user.registration_ip = request.environ.get("REMOTE_ADDR") | |||
| r0 | ||||
| if social_data: | ||||
| handle_social_data(request, new_user, social_data) | ||||
| r153 | email_vars = { | |||
| "user": new_user, | ||||
| "request": request, | ||||
| "email_title": "AppEnlight :: Start information", | ||||
| } | ||||
| r0 | UserService.send_email( | |||
| r153 | request, | |||
| recipients=[new_user.email], | ||||
| variables=email_vars, | ||||
| template="/email_templates/registered.jinja2", | ||||
| ) | ||||
| request.session.flash(_("You have successfully registered.")) | ||||
| r0 | DBSession.flush() | |||
| headers = security.remember(request, new_user.id) | ||||
| r153 | return HTTPFound(location=request.route_url("/"), headers=headers) | |||
| r12 | settings = request.registry.settings | |||
| social_plugins = {} | ||||
| r153 | if settings.get("authomatic.pr.twitter.key", ""): | |||
| social_plugins["twitter"] = True | ||||
| if settings.get("authomatic.pr.google.key", ""): | ||||
| social_plugins["google"] = True | ||||
| if settings.get("authomatic.pr.github.key", ""): | ||||
| social_plugins["github"] = True | ||||
| if settings.get("authomatic.pr.bitbucket.key", ""): | ||||
| social_plugins["bitbucket"] = True | ||||
| r12 | ||||
| r0 | return { | |||
| "form": form, | ||||
| r12 | "sign_in_form": sign_in_form, | |||
| r153 | "social_plugins": social_plugins, | |||
| r0 | } | |||
| r153 | @view_config( | |||
| route_name="/", | ||||
| renderer="appenlight:templates/app.jinja2", | ||||
| permission=NO_PERMISSION_REQUIRED, | ||||
| ) | ||||
| @view_config( | ||||
| route_name="angular_app_ui", | ||||
| renderer="appenlight:templates/app.jinja2", | ||||
| permission=NO_PERMISSION_REQUIRED, | ||||
| ) | ||||
| @view_config( | ||||
| route_name="angular_app_ui_ix", | ||||
| renderer="appenlight:templates/app.jinja2", | ||||
| permission=NO_PERMISSION_REQUIRED, | ||||
| ) | ||||
| r0 | def app_main_index(request): | |||
| """ | ||||
| Render dashoard/report browser page page along with: | ||||
| - flash messages | ||||
| - application list | ||||
| - assigned reports | ||||
| - latest events | ||||
| (those last two come from subscribers.py that sets global renderer variables) | ||||
| """ | ||||
| r19 | return {} | |||
