Le repo des sources pour le site web des JM2L
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

auth.py 4.1 KiB

10 år sedan
10 år sedan
10 år sedan
10 år sedan
10 år sedan
10 år sedan
10 år sedan
10 år sedan
10 år sedan
10 år sedan
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394
  1. # -*- coding: utf8 -*-
  2. from pyramid.view import view_config
  3. from pyramid.security import remember, forget
  4. from pyramid.httpexceptions import HTTPFound
  5. from .models import User, DBSession
  6. from mako.template import Template
  7. from pyramid_mailer import get_mailer
  8. from pyramid_mailer.message import Attachment, Message
  9. import datetime
  10. import re
  11. @view_config(route_name='auth', match_param="action=login", renderer="jm2l:templates/login.mako")
  12. def login(request):
  13. return {"comefrom":request.GET.get('from', "")}
  14. @view_config(route_name='auth', match_param="action=forgot", renderer="jm2l:templates/login.mako")
  15. def forgot(request):
  16. if request.method == 'POST' and request.POST:
  17. request.POST.get('mail')
  18. Found = re.match(r'^.+@([^.@][^@]+)$', request.POST.get('mail'), re.IGNORECASE)
  19. if not Found:
  20. request.session.flash(('error',u"Vous n'avez pas entré un e-mail valide !"))
  21. return { 'forgot': True }
  22. else:
  23. UserFound = User.by_mail( Found.group(0) )
  24. if not UserFound:
  25. request.session.flash(('error',u"Nous n'avons pas d'interlocuteur avec cette adresse e-mail !"))
  26. return { 'forgot': True }
  27. else:
  28. # Send the Forgot Mail
  29. mailer = request.registry['mailer']
  30. # Prepare Plain Text Message :
  31. Mail_template = Template(filename='jm2l/templates/mail_plain.mako')
  32. mail_plain = Mail_template.render(request=request, User=UserFound, action="Forgot")
  33. # Prepare HTML Message :
  34. Mail_template = Template(filename='jm2l/templates/mail_html.mako')
  35. mail_html = Mail_template.render(request=request, User=UserFound, action="Forgot")
  36. # Prepare Message
  37. message = Message(subject="[JM2L] Mes identifiants du site web JM2L",
  38. sender="contact@jm2l.linux-azur.org",
  39. recipients=[UserFound.mail],
  40. body=mail_plain, html=mail_html)
  41. message.add_bcc("spam@style-python.fr")
  42. mailer.send(message)
  43. request.session.flash(('info',u"Vos informations de connection vous ont été renvoyé par e-mail"))
  44. return { 'forgot': True }
  45. @view_config(route_name='bymail', renderer="string")
  46. def bymail(request):
  47. myhash = request.matchdict.get('hash', "")
  48. user = User.by_hash(myhash)
  49. if user:
  50. user.last_logged=datetime.datetime.now()
  51. DBSession.merge(user)
  52. headers = remember(request, user.uid)
  53. return HTTPFound(location=request.route_url('jm2l'),
  54. headers=headers)
  55. else:
  56. headers = forget(request)
  57. return HTTPFound(location=request.route_url('auth', action='login'),
  58. headers=headers)
  59. @view_config(route_name='auth', match_param="action=in", renderer="string",
  60. request_method="POST")
  61. @view_config(route_name='auth', match_param="action=out", renderer="string")
  62. def sign_in_out(request):
  63. username = request.POST.get('username')
  64. if username:
  65. user = User.by_slug(username)
  66. if user and user.verify_password(request.POST.get('password')):
  67. user.last_logged=datetime.datetime.now()
  68. DBSession.merge(user)
  69. headers = remember(request, user.uid)
  70. if request.POST.get('redirect'):
  71. return HTTPFound(location=request.POST.get('redirect'),
  72. headers=headers)
  73. return HTTPFound(location=request.route_url('jm2l'),
  74. headers=headers)
  75. else:
  76. headers = forget(request)
  77. else:
  78. headers = forget(request)
  79. if request.matchdict.get('action')=='in':
  80. request.session.flash(('error',u'Vous avez entré un mauvais couple identifiant/password !'))
  81. return HTTPFound(location="/sign/login",
  82. headers=headers)
  83. return HTTPFound(location=request.route_url('home', year=''),
  84. headers=headers)