darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
159fe60c1a4585e1ed7c7af5a2df232bdff4e76f
notifications-admin/app/main/views/sign_in.py
Adam Shimali fc01735d70 Removed some un needed flash messages raised as bugs. 
In the process found a couple of edge cases of incorrect
use of invitation links by other users which are now
handled.
2016-03-31 09:44:01 +01:00

86 lines
2.8 KiB
Python
Raw Blame History

from flask import (
render_template,
redirect,
url_for,
session,
flash,
request,
abort
)
from flask.ext.login import (
current_user,
login_fresh,
confirm_login
)
from app import (
user_api_client,
invite_api_client,
service_api_client
)
from app.main import main
from app.main.forms import LoginForm
@main.route('/sign-in', methods=(['GET', 'POST']))
def sign_in():
if current_user and current_user.is_authenticated():
return redirect(url_for('main.choose_service'))
form = LoginForm()
if form.validate_on_submit():
user = user_api_client.get_user_by_email_or_none(form.email_address.data)
user = _get_and_verify_user(user, form.password.data)
if user and user.state == 'pending':
flash("You haven't verified your email or mobile number yet.")
return redirect(url_for('main.sign_in'))
if user and session.get('invited_user'):
invited_user = session.get('invited_user')
if user.email_address != invited_user['email_address']:
flash("You can't accept an invite for another person.")
session.pop('invited_user', None)
abort(403)
else:
invite_api_client.accept_invite(invited_user['service'], invited_user['id'])
if user:
# Remember me login
if not login_fresh() and \
not current_user.is_anonymous() and \
current_user.id == user.id and \
user.is_active():
confirm_login()
services = service_api_client.get_services({'user_id': str(user.id)}).get('data', [])
if (len(services) == 1):
return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
session['user_details'] = {"email": user.email_address, "id": user.id}
if user.is_active():
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
if request.args.get('next'):
return redirect(url_for('.two_factor', next=request.args.get('next')))
else:
return redirect(url_for('.two_factor'))
# Vague error message for login in case of user not known, locked, inactive or password not verified
flash('Username or password is incorrect')
return render_template('views/signin.html', form=form)
def _get_and_verify_user(user, password):
if not user:
return None
elif user.is_locked():
return None
elif not user_api_client.verify_password(user.id, password):
return None
else:
return user
Reference in New Issue View Git Blame Copy Permalink