globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

refactor: User.login and User.logout methods moved to app.flask module

Browse source
This commit is contained in:
Éloi Rivard 2023-08-23 14:56:56 +02:00
parent 94682bc02e
commit 8b98726348
No known key found for this signature in database
GPG key ID: 7EDA204EA57DD184
5 changed files with 46 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
canaille/app/flask.py
View file

@ -31,6 +31,35 @@ def current_user():
return None
def login_user(user):
"""
Opens a session for the user.
"""
g.user = user
try:
previous = (
session["user_id"]
if isinstance(session["user_id"], list)
else [session["user_id"]]
)
session["user_id"] = previous + [user.id]
except KeyError:
session["user_id"] = [user.id]
def logout_user():
"""
Closes the user session.
"""
try:
session["user_id"].pop()
del g.user
if not session["user_id"]:
del session["user_id"]
except (IndexError, KeyError):
pass
def user_needed():
def wrapper(view_function):
@wraps(view_function)

8
canaille/core/account.py
View file

@ -13,6 +13,8 @@ from canaille.app import default_fields
from canaille.app import models
from canaille.app import obj_to_b64
from canaille.app.flask import current_user
from canaille.app.flask import login_user
from canaille.app.flask import logout_user
from canaille.app.flask import permissions_needed
from canaille.app.flask import render_htmx_template
from canaille.app.flask import request_is_htmx
@ -338,7 +340,7 @@ def registration(data=None, hash=None):
)
user = profile_create(current_app, form)
user.login()
login_user(user)
flash(_("Your account has been created successfully."), "success")
return redirect(url_for("core.account.profile_edition", edited_user=user))
@ -796,7 +798,7 @@ def profile_settings_edit(editor, edited_user):
def profile_delete(user, edited_user):
self_deletion = user.id == edited_user.id
if self_deletion:
user.logout()
logout_user()
flash(
_(
@ -815,7 +817,7 @@ def profile_delete(user, edited_user):
@bp.route("/impersonate/<user:puppet>")
@permissions_needed("impersonate_users")
def impersonate(user, puppet):
puppet.login()
login_user(puppet)
flash(
_("Connection successful. Welcome %(user)s", user=puppet.formatted_name[0]),
"success",

14
canaille/core/auth.py
View file

@ -1,6 +1,8 @@
from canaille.app import build_hash
from canaille.app import models
from canaille.app.flask import current_user
from canaille.app.flask import login_user
from canaille.app.flask import logout_user
from canaille.app.flask import smtp_needed
from canaille.app.themes import render_template
from canaille.backends import BaseBackend
@ -44,7 +46,7 @@ def login():
return redirect(url_for("core.auth.firstlogin", user=user))
if not form.validate():
models.User.logout()
logout_user()
flash(_("Login failed, please check your information"), "error")
return render_template("login.html", form=form)
@ -70,7 +72,7 @@ def password():
return redirect(url_for("core.auth.firstlogin", user=user))
if not form.validate() or not user:
models.User.logout()
logout_user()
flash(_("Login failed, please check your information"), "error")
return render_template(
"password.html", form=form, username=session["attempt_login"]
@ -78,14 +80,14 @@ def password():
success, message = user.check_password(form.password.data)
if not success:
models.User.logout()
logout_user()
flash(message or _("Login failed, please check your information"), "error")
return render_template(
"password.html", form=form, username=session["attempt_login"]
)
del session["attempt_login"]
user.login()
login_user(user)
flash(
_("Connection successful. Welcome %(user)s", user=user.formatted_name[0]),
"success",
@ -105,7 +107,7 @@ def logout():
),
"success",
)
user.logout()
logout_user()
return redirect("/")
@ -209,7 +211,7 @@ def reset(user, hash):
if request.form and form.validate():
user.set_password(form.password.data)
user.login()
login_user(user)
flash(_("Your password has been updated successfully"), "success")
return redirect(url_for("core.account.profile_edition", edited_user=user))

31
canaille/core/models.py
View file

@ -1,9 +1,6 @@
import datetime
from typing import Optional
from flask import g
from flask import session
class User:
"""
@ -20,34 +17,6 @@ class User:
def get_from_login(cls, login=None, **kwargs) -> Optional["User"]:
raise NotImplementedError()
def login(self):
"""
Opens a session for the user.
"""
g.user = self
try:
previous = (
session["user_id"]
if isinstance(session["user_id"], list)
else [session["user_id"]]
)
session["user_id"] = previous + [self.id]
except KeyError:
session["user_id"] = [self.id]
@classmethod
def logout(self):
"""
Closes the user session.
"""
try:
session["user_id"].pop()
del g.user
if not session["user_id"]:
del session["user_id"]
except (IndexError, KeyError):
pass
def has_password(self) -> bool:
"""
Checks wether a password has been set for the user.

6
canaille/oidc/endpoints.py
View file

@ -8,6 +8,8 @@ from authlib.oauth2 import OAuth2Error
from canaille import csrf
from canaille.app import models
from canaille.app.flask import current_user
from canaille.app.flask import login_user
from canaille.app.flask import logout_user
from canaille.app.flask import set_parameter_in_url_query
from canaille.app.themes import render_template
from canaille.core.forms import FullLoginForm
@ -84,7 +86,7 @@ def authorize():
)
return render_template("login.html", form=form, menu=False)
user.login()
login_user(user)
return redirect(request.url)
@ -326,7 +328,7 @@ def end_session():
session["end_session_data"] = data
return render_template("logout.html", form=form, client=client, menu=False)
user.logout()
logout_user()
if "end_session_confirmation" in session:
del session["end_session_confirmation"]