Compare commits

...

2 commits

Author SHA1 Message Date
683fc644c8 create confirmed account with social login 2024-04-07 23:05:24 +03:00
6ff2a7957f rearrange auth function 2024-04-07 22:13:19 +03:00

View file

@ -16,6 +16,63 @@ from io import BytesIO
import pyqrcode
import sys
@auth.before_app_request
def before_request():
#print('session: %s' % str(session))
if current_user.is_authenticated:
current_user.ping()
#print('request for {} from {}#{}'.format(request.endpoint, current_user.email, current_user.id))
if not current_user.confirmed and request.endpoint[:5] != 'auth.' and request.endpoint != 'static':
print(request.endpoint)
return redirect(url_for('auth.unconfirmed'))
@auth.route('/unconfirmed')
def unconfirmed():
if current_user.is_anonymous or current_user.confirmed:
return redirect(url_for('main.index'))
return render_template('auth/unconfirmed.html')
@auth.route('/register', methods=['GET', 'POST'])
def register():
page = { 'title': 'Register' }
form = RegistrationForm()
if form.validate_on_submit():
user = User(email=form.email.data, password=form.password.data)
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token()
send_email(user.email, 'ForestNet Registration', 'auth/email/confirm', user=user, token=token)
#notify admin
newip = request.remote_addr
if request.headers.getlist("X-Forwarded-For"):
newip = request.headers.getlist("X-Forwarded-For")[0]
else:
newip = request.remote_addr
send_email(current_app.config['MAIL_USERNAME'], user.email + ' registered!', 'auth/email/adm_regnotify', user=user, ipaddr=newip )
flash('Thank you for the registration! We have send you an activation email')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', page=page, form=form)
@auth.route('/confirm/<token>')
@login_required
def confirm(token):
if current_user.confirmed:
return redirect(url_for('main.index'))
if current_user.confirm(token):
flash('Your account is confirmed!')
else:
flash('Confirmation time expired!')
return redirect(url_for('main.index'))
@auth.route('/confirm')
@login_required
def resend_confirmation():
token = current_user.generate_confirmation_token()
send_email(current_user.email, 'Confirm_your_account',
'auth/email/confirm', user=current_user, token=token)
flash('New confirmation code was sent.')
return redirect(url_for('main.index'))
@auth.route('/authorize/<provider>')
def oauth2_authorize(provider):
if not current_user.is_anonymous:
@ -99,7 +156,7 @@ def oauth2_callback(provider):
user = db.session.scalar(db.select(User).where(User.email == email))
if user is None:
#user = User(email=email, username=email.split('@')[0])
user = User(email=email)
user = User(email=email, confirmed=True)
db.session.add(user)
db.session.commit()
@ -107,22 +164,6 @@ def oauth2_callback(provider):
login_user(user)
return redirect(url_for('main.index'))
@auth.before_app_request
def before_request():
#print('session: %s' % str(session))
if current_user.is_authenticated:
current_user.ping()
#print('request for {} from {}#{}'.format(request.endpoint, current_user.email, current_user.id))
if not current_user.confirmed and request.endpoint[:5] != 'auth.' and request.endpoint != 'static':
print(request.endpoint)
return redirect(url_for('auth.unconfirmed'))
@auth.route('/unconfirmed')
def unconfirmed():
if current_user.is_anonymous or current_user.confirmed:
return redirect(url_for('main.index'))
return render_template('auth/unconfirmed.html')
@auth.route('/login', methods=['GET', 'POST'])
def login():
page = { 'title': 'Login' }
@ -158,7 +199,6 @@ def login():
return render_template('auth/login.html', page=page, form=form)
@auth.route('/twofactor', methods=['GET', 'POST'])
def twofactor():
if 'email' not in session:
@ -214,55 +254,6 @@ def qrcode():
'Pragma': 'no-cache',
'Expires': '0'}
@auth.route("/logout", methods=['GET'])
@login_required
def logout():
logout_user()
flash('You have logged out')
return redirect(url_for('main.index'))
@auth.route('/register', methods=['GET', 'POST'])
def register():
#print(current_app.secret_key)
page = { 'title': 'Register' }
form = RegistrationForm()
if form.validate_on_submit():
user = User(email=form.email.data, password=form.password.data)
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token()
send_email(user.email, 'ForestNet Registration', 'auth/email/confirm', user=user, token=token)
#notify admin
newip = request.remote_addr
if request.headers.getlist("X-Forwarded-For"):
newip = request.headers.getlist("X-Forwarded-For")[0]
else:
newip = request.remote_addr
send_email(current_app.config['MAIL_USERNAME'], user.email + ' registered!', 'auth/email/adm_regnotify', user=user, ipaddr=newip )
flash('Thank you for the registration! We have send you an activation email')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', page=page, form=form)
@auth.route('/confirm/<token>')
@login_required
def confirm(token):
if current_user.confirmed:
return redirect(url_for('main.index'))
if current_user.confirm(token):
flash('Your account is confirmed!')
else:
flash('Confirmation time expired!')
return redirect(url_for('main.index'))
@auth.route('/confirm')
@login_required
def resend_confirmation():
token = current_user.generate_confirmation_token()
send_email(current_user.email, 'Confirm_your_account',
'auth/email/confirm', user=current_user, token=token)
flash('New confirmation code was sent.')
return redirect(url_for('main.index'))
@auth.route('/change-password', methods=['GET', 'POST'])
@login_required
def change_password():
@ -311,3 +302,10 @@ def password_reset(token):
return redirect(url_for('main.index'))
return render_template('auth/reset_password.html', form=form)
@auth.route("/logout", methods=['GET'])
@login_required
def logout():
logout_user()
flash('You have logged out')
return redirect(url_for('main.index'))