##// END OF EJS Templates
Merge beta branch into stable
Merge beta branch into stable

File last commit:

r2776:63e58ef8 merge default
r2776:63e58ef8 merge default
Show More
login.py
196 lines | 7.5 KiB | text/x-python | PythonLexer
updated docs on every controller
r861 # -*- coding: utf-8 -*-
"""
rhodecode.controllers.login
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Login controller for rhodeocode
source code cleanup: remove trailing white space, normalize file endings
r1203
updated docs on every controller
r861 :created_on: Apr 22, 2010
:author: marcink
2012 copyrights
r1824 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
updated docs on every controller
r861 :license: GPLv3, see COPYING for more details.
"""
fixed license issue #149
r1206 # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
renamed project to rhodecode
r547 # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
renamed project to rhodecode
r547 # You should have received a copy of the GNU General Public License
fixed license issue #149
r1206 # along with this program. If not, see <http://www.gnu.org/licenses/>.
renamed project to rhodecode
r547
updated docs on every controller
r861 import logging
import formencode
Use HttpFound response in login....
r2623 import datetime
security fix, inspired by django security...
r2678 import urlparse
updated docs on every controller
r861
renamed project to rhodecode
r547 from formencode import htmlfill
Use HttpFound response in login....
r2623 from webob.exc import HTTPFound
updated docs on every controller
r861 from pylons.i18n.translation import _
from pylons.controllers.util import abort, redirect
renamed project to rhodecode
r547 from pylons import request, response, session, tmpl_context as c, url
updated docs on every controller
r861
import rhodecode.lib.helpers as h
renamed project to rhodecode
r547 from rhodecode.lib.auth import AuthUser, HasPermissionAnyDecorator
from rhodecode.lib.base import BaseController, render
Simplified last_login call on user, and changed login to use User model directly
r1400 from rhodecode.model.db import User
renamed project to rhodecode
r547 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm
Code refactoring,models renames...
r629 from rhodecode.model.user import UserModel
implements #222 registration feedback...
r1731 from rhodecode.model.meta import Session
updated docs on every controller
r861
renamed project to rhodecode
r547
log = logging.getLogger(__name__)
pep8ify
r1212
renamed project to rhodecode
r547 class LoginController(BaseController):
def __before__(self):
super(LoginController, self).__before__()
def index(self):
Some code cleanups and fixes
r1628 # redirect if already logged in
removed ftp from allowed schemas...
r2679 c.came_from = request.GET.get('came_from')
Fixes for raw_id, needed for git...
r636
replaced all global calls to template context (rhodecode_user), into instance attributes
r1121 if self.rhodecode_user.is_authenticated \
and self.rhodecode_user.username != 'default':
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
Fixes for raw_id, needed for git...
r636 return redirect(url('home'))
renamed project to rhodecode
r547 if request.POST:
reduce cookie size for better support of client side sessions
r1718 # import Login Form validator class
renamed project to rhodecode
r547 login_form = LoginForm()
try:
Use HttpFound response in login....
r2623 session.invalidate()
renamed project to rhodecode
r547 c.form_result = login_form.to_python(dict(request.POST))
Some code cleanups and fixes
r1628 # form checks for username/password, now we're authenticated
renamed project to rhodecode
r547 username = c.form_result['username']
Refactoring of model get functions
r1530 user = User.get_by_username(username, case_insensitive=True)
Major rewrite of auth objects. Moved parts of filling user data into user model....
r1117 auth_user = AuthUser(user.user_id)
auth_user.set_authenticated()
reduce cookie size for better support of client side sessions
r1718 cs = auth_user.get_cookie_store()
session['rhodecode_user'] = cs
Use HttpFound response in login....
r2623 user.update_lastlogin()
Session().commit()
Matt Zuba
Remember Me option on login
r1802 # If they want to be remembered, update the cookie
if c.form_result['remember'] is not False:
Use HttpFound response in login....
r2623 _year = (datetime.datetime.now() +
datetime.timedelta(seconds=60 * 60 * 24 * 365))
session._set_cookie_expires(_year)
renamed project to rhodecode
r547 session.save()
Fixes for raw_id, needed for git...
r636
reduce cookie size for better support of client side sessions
r1718 log.info('user %s is now authenticated and stored in '
'session, session attrs %s' % (username, cs))
Use HttpFound response in login....
r2623
# dumps session attrs back to cookie
session._update_cookie_out()
# we set new cookie
headers = None
if session.request['set_cookie']:
# send set-cookie headers back to response to update cookie
headers = [('Set-Cookie', session.request['cookie_out'])]
auto white-space removal
r1818
removed ftp from allowed schemas...
r2679 allowed_schemes = ['http', 'https']
renamed project to rhodecode
r547 if c.came_from:
removed ftp from allowed schemas...
r2679 parsed = urlparse.urlparse(c.came_from)
server_parsed = urlparse.urlparse(url.current())
if parsed.scheme and parsed.scheme not in allowed_schemes:
log.error(
'Suspicious URL scheme detected %s for url %s' %
(parsed.scheme, parsed))
c.came_from = url('home')
elif server_parsed.netloc != parsed.netloc:
log.error('Suspicious NETLOC detected %s for url %s'
'server url is: %s' %
(parsed.netloc, parsed, server_parsed))
c.came_from = url('home')
Use HttpFound response in login....
r2623 raise HTTPFound(location=c.came_from, headers=headers)
renamed project to rhodecode
r547 else:
Use HttpFound response in login....
r2623 raise HTTPFound(location=url('home'), headers=headers)
Fixes for raw_id, needed for git...
r636
refactor codes and setup for python 2.5...
r564 except formencode.Invalid, errors:
renamed project to rhodecode
r547 return htmlfill.render(
render('/login.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
Fixes for raw_id, needed for git...
r636
renamed project to rhodecode
r547 return render('/login.html')
Fixes for raw_id, needed for git...
r636
renamed project to rhodecode
r547 @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
'hg.register.manual_activate')
def register(self):
c.auto_active = False
Refactoring of model get functions
r1530 for perm in User.get_by_username('default').user_perms:
renamed project to rhodecode
r547 if perm.permission.permission_name == 'hg.register.auto_activate':
c.auto_active = True
break
Fixes for raw_id, needed for git...
r636
renamed project to rhodecode
r547 if request.POST:
Fixes for raw_id, needed for git...
r636
renamed project to rhodecode
r547 register_form = RegisterForm()()
try:
form_result = register_form.to_python(dict(request.POST))
form_result['active'] = c.auto_active
commit less models...
r1749 UserModel().create_registration(form_result)
more renames for rhode code !!
r549 h.flash(_('You have successfully registered into rhodecode'),
Fixes for raw_id, needed for git...
r636 category='success')
Use HttpFound response in login....
r2623 Session().commit()
renamed project to rhodecode
r547 return redirect(url('login_home'))
Fixes for raw_id, needed for git...
r636
refactor codes and setup for python 2.5...
r564 except formencode.Invalid, errors:
renamed project to rhodecode
r547 return htmlfill.render(
render('/register.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
Fixes for raw_id, needed for git...
r636
renamed project to rhodecode
r547 return render('/register.html')
def password_reset(self):
if request.POST:
password_reset_form = PasswordResetForm()()
try:
form_result = password_reset_form.to_python(dict(request.POST))
commit less models...
r1749 UserModel().reset_password_link(form_result)
fixes #223 improve password reset form
r1417 h.flash(_('Your password reset link was sent'),
Fixes for raw_id, needed for git...
r636 category='success')
renamed project to rhodecode
r547 return redirect(url('login_home'))
Fixes for raw_id, needed for git...
r636
refactor codes and setup for python 2.5...
r564 except formencode.Invalid, errors:
renamed project to rhodecode
r547 return htmlfill.render(
render('/password_reset.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
Fixes for raw_id, needed for git...
r636
renamed project to rhodecode
r547 return render('/password_reset.html')
Fixes for raw_id, needed for git...
r636
fixes #223 improve password reset form
r1417 def password_reset_confirmation(self):
if request.GET and request.GET.get('key'):
try:
user = User.get_by_api_key(request.GET.get('key'))
data = dict(email=user.email)
commit less models...
r1749 UserModel().reset_password(data)
fixes #223 improve password reset form
r1417 h.flash(_('Your password reset was successful, '
'new password has been sent to your email'),
category='success')
except Exception, e:
log.error(e)
return redirect(url('reset_password'))
return redirect(url('login_home'))
renamed project to rhodecode
r547 def logout(self):
Matt Zuba
Remember Me option on login
r1802 session.delete()
log.info('Logging out and deleting session for user')
Fixes for raw_id, needed for git...
r636 redirect(url('home'))