index.py
263 lines
| 9.1 KiB
| text/x-python
|
PythonLexer
r0 | # -*- coding: utf-8 -*- | |||
r112 | # Copyright 2010 - 2017 RhodeCode GmbH and the AppEnlight project authors | |||
r0 | # | |||
r112 | # Licensed under the Apache License, Version 2.0 (the "License"); | |||
# you may not use this file except in compliance with the License. | ||||
# You may obtain a copy of the License at | ||||
r0 | # | |||
r112 | # http://www.apache.org/licenses/LICENSE-2.0 | |||
r0 | # | |||
r112 | # Unless required by applicable law or agreed to in writing, software | |||
# distributed under the License is distributed on an "AS IS" BASIS, | ||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
# See the License for the specific language governing permissions and | ||||
# limitations under the License. | ||||
r0 | ||||
import datetime | ||||
import logging | ||||
import uuid | ||||
import pyramid.security as security | ||||
from pyramid.view import view_config | ||||
from pyramid.httpexceptions import HTTPFound | ||||
from pyramid.response import Response | ||||
from pyramid.security import NO_PERMISSION_REQUIRED | ||||
from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignInSuccess | ||||
from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignInBadAuth | ||||
from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignOut | ||||
r135 | from ziggurat_foundations.models.services.user import UserService | |||
r0 | ||||
from appenlight.lib.social import handle_social_data | ||||
from appenlight.models import DBSession | ||||
from appenlight.models.user import User | ||||
from appenlight.models.services.user import UserService | ||||
from appenlight.subscribers import _ | ||||
from appenlight import forms | ||||
from webob.multidict import MultiDict | ||||
log = logging.getLogger(__name__) | ||||
@view_config(context=ZigguratSignInSuccess, permission=NO_PERMISSION_REQUIRED) | ||||
def sign_in(request): | ||||
""" | ||||
Performs sign in by sending proper user identification headers | ||||
Regenerates CSRF token | ||||
""" | ||||
user = request.context.user | ||||
if user.status == 1: | ||||
request.session.new_csrf_token() | ||||
user.last_login_date = datetime.datetime.utcnow() | ||||
r153 | social_data = request.session.get("zigg.social_auth") | |||
r0 | if social_data: | |||
handle_social_data(request, user, social_data) | ||||
else: | ||||
r153 | request.session.flash(_("Account got disabled")) | |||
r0 | ||||
r153 | if request.context.came_from != "/": | |||
return HTTPFound( | ||||
location=request.context.came_from, headers=request.context.headers | ||||
) | ||||
r0 | else: | |||
r153 | return HTTPFound( | |||
location=request.route_url("/"), headers=request.context.headers | ||||
) | ||||
r0 | ||||
@view_config(context=ZigguratSignInBadAuth, permission=NO_PERMISSION_REQUIRED) | ||||
def bad_auth(request): | ||||
""" | ||||
Handles incorrect login flow | ||||
""" | ||||
r153 | request.session.flash(_("Incorrect username or password"), "warning") | |||
return HTTPFound( | ||||
location=request.route_url("register"), headers=request.context.headers | ||||
) | ||||
r0 | ||||
@view_config(context=ZigguratSignOut, permission=NO_PERMISSION_REQUIRED) | ||||
def sign_out(request): | ||||
""" | ||||
Removes user identification cookie | ||||
""" | ||||
r153 | return HTTPFound( | |||
location=request.route_url("register"), headers=request.context.headers | ||||
) | ||||
r0 | ||||
r153 | @view_config( | |||
route_name="lost_password", | ||||
renderer="appenlight:templates/user/lost_password.jinja2", | ||||
permission=NO_PERMISSION_REQUIRED, | ||||
) | ||||
r0 | def lost_password(request): | |||
""" | ||||
Presents lost password page - sends password reset link to | ||||
specified email address. | ||||
This link is valid only for 10 minutes | ||||
""" | ||||
form = forms.LostPasswordForm(request.POST, csrf_context=request) | ||||
r153 | if request.method == "POST" and form.validate(): | |||
r135 | user = UserService.by_email(form.email.data) | |||
r0 | if user: | |||
r135 | UserService.regenerate_security_code(user) | |||
r0 | user.security_code_date = datetime.datetime.utcnow() | |||
email_vars = { | ||||
r153 | "user": user, | |||
"request": request, | ||||
"email_title": "AppEnlight :: New password request", | ||||
r0 | } | |||
UserService.send_email( | ||||
r153 | request, | |||
recipients=[user.email], | ||||
r0 | variables=email_vars, | |||
r153 | template="/email_templates/lost_password.jinja2", | |||
) | ||||
msg = ( | ||||
"Password reset email had been sent. " | ||||
"Please check your mailbox for further instructions." | ||||
) | ||||
r0 | request.session.flash(_(msg)) | |||
r153 | return HTTPFound(location=request.route_url("lost_password")) | |||
r0 | return {"form": form} | |||
r153 | @view_config( | |||
route_name="lost_password_generate", | ||||
permission=NO_PERMISSION_REQUIRED, | ||||
renderer="appenlight:templates/user/lost_password_generate.jinja2", | ||||
) | ||||
r0 | def lost_password_generate(request): | |||
""" | ||||
Shows new password form - perform time check and set new password for user | ||||
""" | ||||
r135 | user = UserService.by_user_name_and_security_code( | |||
r153 | request.GET.get("user_name"), request.GET.get("security_code") | |||
) | ||||
r0 | if user: | |||
delta = datetime.datetime.utcnow() - user.security_code_date | ||||
if user and delta.total_seconds() < 600: | ||||
form = forms.NewPasswordForm(request.POST, csrf_context=request) | ||||
if request.method == "POST" and form.validate(): | ||||
r135 | UserService.set_password(user, form.new_password.data) | |||
r153 | request.session.flash(_("You can sign in with your new password.")) | |||
return HTTPFound(location=request.route_url("register")) | ||||
r0 | else: | |||
return {"form": form} | ||||
else: | ||||
r153 | return Response("Security code expired") | |||
r0 | ||||
r153 | @view_config( | |||
route_name="register", | ||||
renderer="appenlight:templates/user/register.jinja2", | ||||
permission=NO_PERMISSION_REQUIRED, | ||||
) | ||||
r0 | def register(request): | |||
""" | ||||
Render register page with form | ||||
Also handles oAuth flow for registration | ||||
""" | ||||
r153 | login_url = request.route_url("ziggurat.routes.sign_in") | |||
r0 | if request.query_string: | |||
r153 | query_string = "?%s" % request.query_string | |||
r0 | else: | |||
r153 | query_string = "" | |||
referrer = "%s%s" % (request.path, query_string) | ||||
r0 | ||||
r153 | if referrer in [login_url, "/register", "/register?sign_in=1"]: | |||
referrer = "/" # never use the login form itself as came_from | ||||
r0 | sign_in_form = forms.SignInForm( | |||
r153 | came_from=request.params.get("came_from", referrer), csrf_context=request | |||
) | ||||
r0 | ||||
# populate form from oAuth session data returned by authomatic | ||||
r153 | social_data = request.session.get("zigg.social_auth") | |||
if request.method != "POST" and social_data: | ||||
r0 | log.debug(social_data) | |||
r153 | user_name = social_data["user"].get("user_name", "").split("@")[0] | |||
form_data = {"user_name": user_name, "email": social_data["user"].get("email")} | ||||
form_data["user_password"] = str(uuid.uuid4()) | ||||
form = forms.UserRegisterForm(MultiDict(form_data), csrf_context=request) | ||||
r0 | form.user_password.widget.hide_value = False | |||
else: | ||||
form = forms.UserRegisterForm(request.POST, csrf_context=request) | ||||
r153 | if request.method == "POST" and form.validate(): | |||
log.info("registering user") | ||||
r0 | # insert new user here | |||
r153 | if request.registry.settings["appenlight.disable_registration"]: | |||
request.session.flash(_("Registration is currently disabled.")) | ||||
return HTTPFound(location=request.route_url("/")) | ||||
r128 | ||||
r0 | new_user = User() | |||
DBSession.add(new_user) | ||||
form.populate_obj(new_user) | ||||
r135 | UserService.regenerate_security_code(new_user) | |||
r0 | new_user.status = 1 | |||
r135 | UserService.set_password(new_user, new_user.user_password) | |||
r153 | new_user.registration_ip = request.environ.get("REMOTE_ADDR") | |||
r0 | ||||
if social_data: | ||||
handle_social_data(request, new_user, social_data) | ||||
r153 | email_vars = { | |||
"user": new_user, | ||||
"request": request, | ||||
"email_title": "AppEnlight :: Start information", | ||||
} | ||||
r0 | UserService.send_email( | |||
r153 | request, | |||
recipients=[new_user.email], | ||||
variables=email_vars, | ||||
template="/email_templates/registered.jinja2", | ||||
) | ||||
request.session.flash(_("You have successfully registered.")) | ||||
r0 | DBSession.flush() | |||
headers = security.remember(request, new_user.id) | ||||
r153 | return HTTPFound(location=request.route_url("/"), headers=headers) | |||
r12 | settings = request.registry.settings | |||
social_plugins = {} | ||||
r153 | if settings.get("authomatic.pr.twitter.key", ""): | |||
social_plugins["twitter"] = True | ||||
if settings.get("authomatic.pr.google.key", ""): | ||||
social_plugins["google"] = True | ||||
if settings.get("authomatic.pr.github.key", ""): | ||||
social_plugins["github"] = True | ||||
if settings.get("authomatic.pr.bitbucket.key", ""): | ||||
social_plugins["bitbucket"] = True | ||||
r12 | ||||
r0 | return { | |||
"form": form, | ||||
r12 | "sign_in_form": sign_in_form, | |||
r153 | "social_plugins": social_plugins, | |||
r0 | } | |||
r153 | @view_config( | |||
route_name="/", | ||||
renderer="appenlight:templates/app.jinja2", | ||||
permission=NO_PERMISSION_REQUIRED, | ||||
) | ||||
@view_config( | ||||
route_name="angular_app_ui", | ||||
renderer="appenlight:templates/app.jinja2", | ||||
permission=NO_PERMISSION_REQUIRED, | ||||
) | ||||
@view_config( | ||||
route_name="angular_app_ui_ix", | ||||
renderer="appenlight:templates/app.jinja2", | ||||
permission=NO_PERMISSION_REQUIRED, | ||||
) | ||||
r0 | def app_main_index(request): | |||
""" | ||||
Render dashoard/report browser page page along with: | ||||
- flash messages | ||||
- application list | ||||
- assigned reports | ||||
- latest events | ||||
(those last two come from subscribers.py that sets global renderer variables) | ||||
""" | ||||
r19 | return {} | |||