login.py
166 lines
| 5.9 KiB
| text/x-python
|
PythonLexer
r861 | # -*- coding: utf-8 -*- | |||
""" | ||||
rhodecode.controllers.login | ||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||||
Login controller for rhodeocode | ||||
r1203 | ||||
r861 | :created_on: Apr 22, 2010 | |||
:author: marcink | ||||
r1203 | :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com> | |||
r861 | :license: GPLv3, see COPYING for more details. | |||
""" | ||||
r1206 | # This program is free software: you can redistribute it and/or modify | |||
# it under the terms of the GNU General Public License as published by | ||||
# the Free Software Foundation, either version 3 of the License, or | ||||
# (at your option) any later version. | ||||
r1203 | # | |||
r547 | # This program is distributed in the hope that it will be useful, | |||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
# GNU General Public License for more details. | ||||
r1203 | # | |||
r547 | # You should have received a copy of the GNU General Public License | |||
r1206 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
r547 | ||||
r861 | import logging | |||
import formencode | ||||
r547 | from formencode import htmlfill | |||
r861 | ||||
from pylons.i18n.translation import _ | ||||
from pylons.controllers.util import abort, redirect | ||||
r547 | from pylons import request, response, session, tmpl_context as c, url | |||
r861 | ||||
import rhodecode.lib.helpers as h | ||||
r547 | from rhodecode.lib.auth import AuthUser, HasPermissionAnyDecorator | |||
from rhodecode.lib.base import BaseController, render | ||||
r1400 | from rhodecode.model.db import User | |||
r547 | from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm | |||
r629 | from rhodecode.model.user import UserModel | |||
r861 | ||||
r547 | ||||
log = logging.getLogger(__name__) | ||||
r1212 | ||||
r547 | class LoginController(BaseController): | |||
def __before__(self): | ||||
super(LoginController, self).__before__() | ||||
def index(self): | ||||
#redirect if already logged in | ||||
c.came_from = request.GET.get('came_from', None) | ||||
r636 | ||||
r1121 | if self.rhodecode_user.is_authenticated \ | |||
and self.rhodecode_user.username != 'default': | ||||
r673 | ||||
r636 | return redirect(url('home')) | |||
r547 | if request.POST: | |||
#import Login Form validator class | ||||
login_form = LoginForm() | ||||
try: | ||||
c.form_result = login_form.to_python(dict(request.POST)) | ||||
r1117 | #form checks for username/password, now we're authenticated | |||
r547 | username = c.form_result['username'] | |||
r1530 | user = User.get_by_username(username, case_insensitive=True) | |||
r1117 | auth_user = AuthUser(user.user_id) | |||
auth_user.set_authenticated() | ||||
r548 | session['rhodecode_user'] = auth_user | |||
r547 | session.save() | |||
r636 | ||||
r1117 | log.info('user %s is now authenticated and stored in session', | |||
username) | ||||
r547 | user.update_lastlogin() | |||
r636 | ||||
r547 | if c.came_from: | |||
return redirect(c.came_from) | ||||
else: | ||||
r636 | return redirect(url('home')) | |||
r564 | except formencode.Invalid, errors: | |||
r547 | return htmlfill.render( | |||
render('/login.html'), | ||||
defaults=errors.value, | ||||
errors=errors.error_dict or {}, | ||||
prefix_error=False, | ||||
encoding="UTF-8") | ||||
r636 | ||||
r547 | return render('/login.html') | |||
r636 | ||||
r547 | @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', | |||
'hg.register.manual_activate') | ||||
def register(self): | ||||
user_model = UserModel() | ||||
c.auto_active = False | ||||
r1530 | for perm in User.get_by_username('default').user_perms: | |||
r547 | if perm.permission.permission_name == 'hg.register.auto_activate': | |||
c.auto_active = True | ||||
break | ||||
r636 | ||||
r547 | if request.POST: | |||
r636 | ||||
r547 | register_form = RegisterForm()() | |||
try: | ||||
form_result = register_form.to_python(dict(request.POST)) | ||||
form_result['active'] = c.auto_active | ||||
user_model.create_registration(form_result) | ||||
r549 | h.flash(_('You have successfully registered into rhodecode'), | |||
r636 | category='success') | |||
r547 | return redirect(url('login_home')) | |||
r636 | ||||
r564 | except formencode.Invalid, errors: | |||
r547 | return htmlfill.render( | |||
render('/register.html'), | ||||
defaults=errors.value, | ||||
errors=errors.error_dict or {}, | ||||
prefix_error=False, | ||||
encoding="UTF-8") | ||||
r636 | ||||
r547 | return render('/register.html') | |||
def password_reset(self): | ||||
user_model = UserModel() | ||||
if request.POST: | ||||
r636 | ||||
r547 | password_reset_form = PasswordResetForm()() | |||
try: | ||||
form_result = password_reset_form.to_python(dict(request.POST)) | ||||
r1417 | user_model.reset_password_link(form_result) | |||
h.flash(_('Your password reset link was sent'), | ||||
r636 | category='success') | |||
r547 | return redirect(url('login_home')) | |||
r636 | ||||
r564 | except formencode.Invalid, errors: | |||
r547 | return htmlfill.render( | |||
render('/password_reset.html'), | ||||
defaults=errors.value, | ||||
errors=errors.error_dict or {}, | ||||
prefix_error=False, | ||||
encoding="UTF-8") | ||||
r636 | ||||
r547 | return render('/password_reset.html') | |||
r636 | ||||
r1417 | def password_reset_confirmation(self): | |||
if request.GET and request.GET.get('key'): | ||||
try: | ||||
user_model = UserModel() | ||||
user = User.get_by_api_key(request.GET.get('key')) | ||||
data = dict(email=user.email) | ||||
user_model.reset_password(data) | ||||
h.flash(_('Your password reset was successful, ' | ||||
'new password has been sent to your email'), | ||||
category='success') | ||||
except Exception, e: | ||||
log.error(e) | ||||
return redirect(url('reset_password')) | ||||
return redirect(url('login_home')) | ||||
r547 | def logout(self): | |||
r1117 | del session['rhodecode_user'] | |||
r547 | session.save() | |||
log.info('Logging out and setting user as Empty') | ||||
r636 | redirect(url('home')) | |||