2016-01-05 17:08:50 +00:00
|
|
|
from flask import (
|
2018-02-20 11:22:17 +00:00
|
|
|
Markup,
|
|
|
|
|
abort,
|
2016-03-14 16:30:48 +00:00
|
|
|
flash,
|
2018-02-20 11:22:17 +00:00
|
|
|
redirect,
|
|
|
|
|
render_template,
|
2016-03-30 16:16:34 +01:00
|
|
|
request,
|
2018-02-20 11:22:17 +00:00
|
|
|
session,
|
|
|
|
|
url_for,
|
2016-03-30 16:16:34 +01:00
|
|
|
)
|
2018-02-20 11:22:17 +00:00
|
|
|
from flask_login import current_user
|
2016-03-17 13:07:52 +00:00
|
|
|
|
2018-02-20 11:22:17 +00:00
|
|
|
from app import invite_api_client, login_manager, user_api_client
|
2016-03-30 16:16:34 +01:00
|
|
|
from app.main import main
|
2015-12-08 15:30:55 +00:00
|
|
|
from app.main.forms import LoginForm
|
2015-11-27 09:47:29 +00:00
|
|
|
|
|
|
|
|
|
2016-01-05 14:30:06 +00:00
|
|
|
@main.route('/sign-in', methods=(['GET', 'POST']))
|
|
|
|
|
def sign_in():
|
2016-05-04 13:01:55 +01:00
|
|
|
if current_user and current_user.is_authenticated:
|
2018-11-15 15:38:43 +00:00
|
|
|
return redirect(url_for('main.show_accounts_or_dashboard'))
|
2016-02-23 15:45:19 +00:00
|
|
|
|
2016-01-27 12:22:32 +00:00
|
|
|
form = LoginForm()
|
2017-12-06 20:24:25 +00:00
|
|
|
|
2016-01-27 12:22:32 +00:00
|
|
|
if form.validate_on_submit():
|
2016-03-30 16:16:34 +01:00
|
|
|
|
2016-03-21 11:48:16 +00:00
|
|
|
user = user_api_client.get_user_by_email_or_none(form.email_address.data)
|
2016-01-28 16:36:36 +00:00
|
|
|
user = _get_and_verify_user(user, form.password.data)
|
2016-03-29 12:13:36 +01:00
|
|
|
if user and user.state == 'pending':
|
2016-09-06 15:44:33 +01:00
|
|
|
return redirect(url_for('main.resend_email_verification'))
|
2016-03-30 16:16:34 +01:00
|
|
|
|
|
|
|
|
if user and session.get('invited_user'):
|
|
|
|
|
invited_user = session.get('invited_user')
|
2017-12-21 16:42:16 +00:00
|
|
|
if user.email_address.lower() != invited_user['email_address'].lower():
|
2016-03-30 16:16:34 +01:00
|
|
|
flash("You can't accept an invite for another person.")
|
|
|
|
|
session.pop('invited_user', None)
|
|
|
|
|
abort(403)
|
|
|
|
|
else:
|
|
|
|
|
invite_api_client.accept_invite(invited_user['service'], invited_user['id'])
|
2016-01-27 12:22:32 +00:00
|
|
|
if user:
|
2016-01-27 16:30:33 +00:00
|
|
|
session['user_details'] = {"email": user.email_address, "id": user.id}
|
2016-05-04 13:01:55 +01:00
|
|
|
if user.is_active:
|
2017-11-07 16:11:31 +00:00
|
|
|
if user.auth_type == "email_auth":
|
|
|
|
|
return sign_in_email(user.id, user.email_address)
|
2016-03-14 16:30:48 +00:00
|
|
|
else:
|
2017-11-07 16:11:31 +00:00
|
|
|
return sign_in_sms(user.id, user.mobile_number)
|
|
|
|
|
|
2016-01-28 16:36:36 +00:00
|
|
|
# Vague error message for login in case of user not known, locked, inactive or password not verified
|
2017-10-18 14:51:26 +01:00
|
|
|
flash(Markup(
|
|
|
|
|
(
|
|
|
|
|
"The email address or password you entered is incorrect."
|
|
|
|
|
" <a href={password_reset}>Forgot your password</a>?"
|
2016-04-26 12:26:41 +01:00
|
|
|
).format(password_reset=url_for('.forgot_password'))
|
2016-04-26 12:14:06 +01:00
|
|
|
))
|
2016-01-05 14:30:06 +00:00
|
|
|
|
2017-02-17 14:06:09 +00:00
|
|
|
other_device = current_user.logged_in_elsewhere()
|
|
|
|
|
return render_template(
|
|
|
|
|
'views/signin.html',
|
|
|
|
|
form=form,
|
|
|
|
|
again=bool(request.args.get('next')),
|
|
|
|
|
other_device=other_device
|
|
|
|
|
)
|
2017-02-16 13:33:32 +00:00
|
|
|
|
|
|
|
|
|
2017-11-07 16:11:31 +00:00
|
|
|
def sign_in_email(user_id, to):
|
|
|
|
|
if request.args.get('next'):
|
|
|
|
|
user_api_client.send_verify_code(user_id, 'email', None, request.args.get('next'))
|
|
|
|
|
else:
|
|
|
|
|
user_api_client.send_verify_code(user_id, 'email', None)
|
|
|
|
|
return redirect(url_for('.two_factor_email_sent'))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def sign_in_sms(user_id, to):
|
|
|
|
|
user_api_client.send_verify_code(user_id, 'sms', to)
|
|
|
|
|
if request.args.get('next'):
|
|
|
|
|
return redirect(url_for('.two_factor', next=request.args.get('next')))
|
|
|
|
|
else:
|
|
|
|
|
return redirect(url_for('.two_factor'))
|
|
|
|
|
|
|
|
|
|
|
2017-02-16 13:33:32 +00:00
|
|
|
@login_manager.unauthorized_handler
|
|
|
|
|
def sign_in_again():
|
|
|
|
|
return redirect(
|
|
|
|
|
url_for('main.sign_in', next=request.path)
|
|
|
|
|
)
|
2016-01-26 12:32:08 +00:00
|
|
|
|
|
|
|
|
|
2016-01-28 16:36:36 +00:00
|
|
|
def _get_and_verify_user(user, password):
|
2016-01-26 12:32:08 +00:00
|
|
|
if not user:
|
|
|
|
|
return None
|
|
|
|
|
elif user.is_locked():
|
|
|
|
|
return None
|
2016-03-17 13:07:52 +00:00
|
|
|
elif not user_api_client.verify_password(user.id, password):
|
2016-01-26 12:32:08 +00:00
|
|
|
return None
|
|
|
|
|
else:
|
|
|
|
|
return user
|