| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 |
- # -*- coding: utf-8 -*-
- """
- flaskbb.auth.views
- ~~~~~~~~~~~~~~~~~~~~
- This view provides user authentication, registration and a view for
- resetting the password of a user if he has lost his password
- :copyright: (c) 2014 by the FlaskBB Team.
- :license: BSD, see LICENSE for more details.
- """
- from flask import Blueprint, flash, redirect, url_for, request, current_app
- from flask_login import (current_user, login_user, login_required,
- logout_user, confirm_login, login_fresh)
- from flask_babelex import gettext as _
- from flaskbb.utils.helpers import render_template
- from flaskbb.email import send_reset_token
- from flaskbb.auth.forms import (LoginForm, ReauthForm, ForgotPasswordForm,
- ResetPasswordForm)
- from flaskbb.user.models import User
- auth = Blueprint("auth", __name__)
- @auth.route("/login", methods=["GET", "POST"])
- def login():
- """
- Logs the user in
- """
- if current_user is not None and current_user.is_authenticated():
- return redirect(url_for("user.profile"))
- form = LoginForm(request.form)
- if form.validate_on_submit():
- user, authenticated = User.authenticate(form.login.data,
- form.password.data)
- if user and authenticated:
- login_user(user, remember=form.remember_me.data)
- return redirect(request.args.get("next") or
- url_for("forum.index"))
- flash(_("Wrong username or password"), "danger")
- return render_template("auth/login.html", form=form)
- @auth.route("/reauth", methods=["GET", "POST"])
- @login_required
- def reauth():
- """
- Reauthenticates a user
- """
- if not login_fresh():
- form = ReauthForm(request.form)
- if form.validate_on_submit():
- confirm_login()
- flash(_("Reauthenticated"), "success")
- return redirect(request.args.get("next") or
- url_for("user.profile"))
- return render_template("auth/reauth.html", form=form)
- return redirect(request.args.get("next") or
- url_for("user.profile", username=current_user.username))
- @auth.route("/logout")
- @login_required
- def logout():
- logout_user()
- flash(("Logged out"), "success")
- return redirect(url_for("forum.index"))
- @auth.route("/register", methods=["GET", "POST"])
- def register():
- """
- Register a new user
- """
- if current_user is not None and current_user.is_authenticated():
- return redirect(url_for("user.profile"))
- if current_app.config["RECAPTCHA_ENABLED"]:
- from flaskbb.auth.forms import RegisterRecaptchaForm
- form = RegisterRecaptchaForm(request.form)
- else:
- from flaskbb.auth.forms import RegisterForm
- form = RegisterForm(request.form)
- if form.validate_on_submit():
- user = form.save()
- login_user(user)
- flash(_("Thanks for registering"), "success")
- return redirect(url_for("user.profile", username=current_user.username))
- return render_template("auth/register.html", form=form)
- @auth.route('/resetpassword', methods=["GET", "POST"])
- def forgot_password():
- """
- Sends a reset password token to the user.
- """
- if not current_user.is_anonymous():
- return redirect(url_for("forum.index"))
- form = ForgotPasswordForm()
- if form.validate_on_submit():
- user = User.query.filter_by(email=form.email.data).first()
- if user:
- token = user.make_reset_token()
- send_reset_token(user, token=token)
- flash(_("E-Mail sent! Please check your inbox."), "info")
- return redirect(url_for("auth.forgot_password"))
- else:
- flash(_("You have entered an username or email that is not linked "
- "with your account"), "danger")
- return render_template("auth/forgot_password.html", form=form)
- @auth.route("/resetpassword/<token>", methods=["GET", "POST"])
- def reset_password(token):
- """
- Handles the reset password process.
- """
- if not current_user.is_anonymous():
- return redirect(url_for("forum.index"))
- form = ResetPasswordForm()
- if form.validate_on_submit():
- user = User.query.filter_by(email=form.email.data).first()
- expired, invalid, data = user.verify_reset_token(form.token.data)
- if invalid:
- flash(_("Your password token is invalid."), "danger")
- return redirect(url_for("auth.forgot_password"))
- if expired:
- flash(_("Your password is expired."), "danger")
- return redirect(url_for("auth.forgot_password"))
- if user and data:
- user.password = form.password.data
- user.save()
- flash(_("Your password has been updated."), "success")
- return redirect(url_for("auth.login"))
- form.token.data = token
- return render_template("auth/reset_password.html", form=form)
|
