diff options
Diffstat (limited to 'newspipe/web/views/session_mgmt.py')
-rw-r--r-- | newspipe/web/views/session_mgmt.py | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/newspipe/web/views/session_mgmt.py b/newspipe/web/views/session_mgmt.py new file mode 100644 index 00000000..0db76115 --- /dev/null +++ b/newspipe/web/views/session_mgmt.py @@ -0,0 +1,113 @@ +import json +import logging + +from datetime import datetime +from werkzeug.security import generate_password_hash +from werkzeug.exceptions import NotFound +from flask import (render_template, flash, session, request, + url_for, redirect, current_app) +from flask_babel import gettext, lazy_gettext +from flask_login import LoginManager, logout_user, \ + login_required, current_user +from flask_principal import (Principal, AnonymousIdentity, UserNeed, + identity_changed, identity_loaded, + session_identity_loader) + +import conf +from web.views.common import admin_role, api_role, login_user_bundle +from web.controllers import UserController +from web.forms import SignupForm, SigninForm +from notifications import notifications + +Principal(current_app) +# Create a permission with a single Need, in this case a RoleNeed. + +login_manager = LoginManager() +login_manager.init_app(current_app) +login_manager.login_view = 'login' +login_manager.login_message = lazy_gettext('Please log in to access this page.') +login_manager.login_message_category = 'info' + +logger = logging.getLogger(__name__) + + +@identity_loaded.connect_via(current_app._get_current_object()) +def on_identity_loaded(sender, identity): + # Set the identity user object + identity.user = current_user + + # Add the UserNeed to the identity + if current_user.is_authenticated: + identity.provides.add(UserNeed(current_user.id)) + if current_user.is_admin: + identity.provides.add(admin_role) + if current_user.is_api: + identity.provides.add(api_role) + + +@login_manager.user_loader +def load_user(user_id): + return UserController(user_id, ignore_context=True).get( + id=user_id, is_active=True) + +@current_app.before_request +def before_request(): + if current_user.is_authenticated: + UserController(current_user.id).update( + {'id': current_user.id}, {'last_seen': datetime.utcnow()}) + +@current_app.route('/login', methods=['GET', 'POST']) +def login(): + if current_user.is_authenticated: + return redirect(url_for('home')) + form = SigninForm() + if form.validate_on_submit(): + login_user_bundle(form.user) + return form.redirect('home') + return render_template('login.html', form=form) + + +@current_app.route('/logout') +@login_required +def logout(): + # Remove the user information from the session + logout_user() + + # Remove session keys set by Flask-Principal + for key in ('identity.name', 'identity.auth_type'): + session.pop(key, None) + + # Tell Flask-Principal the user is anonymous + identity_changed.send(current_app, identity=AnonymousIdentity()) + session_identity_loader() + + return redirect(url_for('login')) + + +@current_app.route('/signup', methods=['GET', 'POST']) +def signup(): + if not conf.SELF_REGISTRATION: + flash(gettext('Self-registration is disabled.'), 'warning') + return redirect(url_for('home')) + if current_user.is_authenticated: + return redirect(url_for('home')) + + form = SignupForm() + if form.validate_on_submit(): + user = UserController().create(nickname=form.nickname.data, + pwdhash=generate_password_hash(form.password.data)) + + # Send the confirmation email + try: + notifications.new_account_notification(user, form.email.data) + except Exception as error: + flash(gettext('Problem while sending activation email: %(error)s', + error=error), 'danger') + return redirect(url_for('home')) + + flash(gettext('Your account has been created. ' + 'Check your mail to confirm it.'), 'success') + + return redirect(url_for('home')) + + return render_template('signup.html', form=form) |