-
Notifications
You must be signed in to change notification settings - Fork 6
/
routes.py
139 lines (126 loc) · 5.77 KB
/
routes.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
from is_safe_url import is_safe_url
from flask_login import login_user, logout_user, current_user
from flask import Blueprint, render_template, request, flash, redirect, url_for, abort, session
from app import bcrypt, db, security, login_manager, config
from app.auth.models import User
from flask_talisman import Talisman, ALLOW_FROM
from validate_email_address import validate_email
from app.auth.email import send_password_reset_email
from app.auth.forms import LoginForm, RegisterForm, ResetPasswordRequestForm, ResetPasswordForm
from app.utils import _log_message_
auth = Blueprint('auth', __name__)
@login_manager.user_loader
def load_user(user_id):
try:
return User.query.get(user_id)
except:
return None
@auth.route('/login',
methods=['GET', 'POST'])
# @security["talisman"](frame_options=ALLOW_FROM,
# frame_options_allow_from='*')
def login():
"""
This is the login route corresponding to the `/login` route,
the `login_manager.user_loader` loads the current user into the function,
also as security measure are the talisman/rate-limiter on the end-points in place for more info:
<i> https://flask-limiter.readthedocs.io/en/stable/
<ii> https://github.com/GoogleCloudPlatform/flask-talisman
:return: Logged in page rendered on the specified template `templates/auth/login.html`
"""
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm(request.form)
attempt = session.get('attempt',None)
if form.validate_on_submit():
username = form.username.data
password = form.password.data
remember = form.remember.data
user = User.query.filter_by(username=username).first()
if user.check_password(password):
login_user(user, remember=remember)
next_ = request.args.get('next')
if not is_safe_url(next_,allowed_hosts='*'):
return abort(400)
else:
return redirect(next_ or url_for('main.index'))
else:
if (attempt == 0) or (attempt is None):
session['attempt'] = 5
else:
attempt -= 1
session['attempt'] = attempt
if attempt == 1:
client_ip = request.remote_addr
flash('This is your last attempt, %s will be blocked for 24hr, Attempt %d of 5' % (
client_ip, attempt), 'error')
flash('Password incorrect', category='danger')
return render_template('auth/login.html', form=form)
@auth.route('/logout')
def logout():
logout_user()
flash('You have logged out now.', category='info')
return redirect(url_for('auth.login'))
@auth.route('/register',
methods=['GET', 'POST'])
# @security["talisman"](frame_options=ALLOW_FROM,
# frame_options_allow_from='*')
def register():
"""
This is the register route corresponding to the `/register` route,
this function creates the new user and creates them in the specified db configuration
also as security measure are the talisman/rate-limiter on the end-points in place for more info:
<i> https://flask-limiter.readthedocs.io/en/stable/
<ii> https://github.com/GoogleCloudPlatform/flask-talisman
:return: Logged in page rendered on the specified template `templates/auth/register.html`
"""
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegisterForm(request.form)
if form.validate_on_submit():
username = form.username.data
password = form.password.data
email = form.email.data
user = User(username=username,
password=password,
email=email)
if validate_email(email):#, verify=True
db.session.add(user)
db.session.commit()
else:
flash('Email is not valid or does not exists.', category='danger')
return redirect(url_for('auth.register'))
flash('Congrats, register success. You can log in now.', category='info')
return redirect(url_for('main.index'))
return render_template('auth/register.html',
form=form,
min=config["base"].PASSWORD_CHECKER_MIN,
max=config["base"].PASSWORD_CHECKER_MAX)
@auth.route('/reset_password/<token>', methods=['GET', 'POST'])
# @security["talisman"](frame_options=ALLOW_FROM,
# frame_options_allow_from='*')
def reset_password(token):
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ResetPasswordForm(request.form)
if form.validate_on_submit():
user = User.verify_reset_password_token(token)
user.password = bcrypt.generate_password_hash(form.password.data)
db.session.commit()
flash('Your password has been reset.')
return redirect(url_for('auth.login'))
return render_template('auth/reset_password.html', form=form)
@auth.route('/send_reset_password_request', methods=['GET', 'POST'])
# @security["talisman"](frame_options=ALLOW_FROM,
# frame_options_allow_from='*')
def reset_password_request():
if current_user.is_authenticated:
return redirect(url_for('auth.login'))
form = ResetPasswordRequestForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
send_password_reset_email(user)
flash('Check your email for the instructions to reset your password')
return redirect(url_for('auth.login'))
return render_template('auth/reset_password_request.html', form=form)