Le repo des sources pour le site web des JM2L
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
 
 
 
 
 

115 Zeilen
5.0 KiB

  1. # -*- coding: utf8 -*-
  2. from pyramid.view import view_config
  3. from pyramid.security import remember, forget
  4. from pyramid.httpexceptions import HTTPFound
  5. from .models import User, DBSession
  6. from mako.template import Template
  7. from pyramid_mailer import get_mailer
  8. from pyramid_mailer.message import Attachment, Message
  9. from .forms import UserPasswordForm
  10. from passlib.hash import argon2
  11. from .security import check_logged
  12. import datetime
  13. import re
  14. @view_config(route_name='auth', match_param="action=login", renderer="jm2l:templates/login.mako")
  15. def login(request):
  16. return {"comefrom":request.GET.get('from', "")}
  17. @view_config(route_name='auth', match_param="action=forgot", renderer="jm2l:templates/login.mako")
  18. def forgot(request):
  19. if request.method == 'POST' and request.POST:
  20. request.POST.get('mail')
  21. Found = re.match(r'^.+@([^.@][^@]+)$', request.POST.get('mail'), re.IGNORECASE)
  22. if not Found:
  23. request.session.flash(('error',u"Vous n'avez pas entré un e-mail valide !"))
  24. return { 'forgot': True }
  25. else:
  26. UserFound = User.by_mail( Found.group(0) )
  27. if not UserFound:
  28. request.session.flash(('error',u"Nous n'avons pas d'interlocuteur avec cette adresse e-mail !"))
  29. return { 'forgot': True }
  30. else:
  31. # Send the Forgot Mail
  32. mailer = request.mailer
  33. # Prepare Plain Text Message :
  34. Mail_template = Template(filename='jm2l/templates/mail_plain.mako')
  35. mail_plain = Mail_template.render(request=request, User=UserFound, action="Forgot")
  36. # Prepare HTML Message :
  37. Mail_template = Template(filename='jm2l/templates/mail_html.mako')
  38. mail_html = Mail_template.render(request=request, User=UserFound, action="Forgot")
  39. # Prepare Message
  40. message = Message(subject="[JM2L] Mes identifiants du site web JM2L",
  41. sender="contact@jm2l.linux-azur.org",
  42. recipients=[UserFound.mail],
  43. body=mail_plain, html=mail_html)
  44. message.add_bcc("spam@style-python.fr")
  45. mailer.send(message)
  46. request.session.flash(('info',u"Vos informations de connexion vous ont été renvoyées par e-mail"))
  47. return { 'forgot': True }
  48. @view_config(route_name='bymail', renderer="string")
  49. def bymail(request):
  50. myhash = request.matchdict.get('hash', "")
  51. reset = request.GET.get('reset', False)
  52. user = User.by_hash(myhash)
  53. if user:
  54. user.last_logged=datetime.datetime.now()
  55. DBSession.merge(user)
  56. headers = remember(request, user.uid)
  57. if reset:
  58. return HTTPFound(location=request.route_url('auth', action='reset'),
  59. headers=headers)
  60. else:
  61. return HTTPFound(location=request.route_url('jm2l'),
  62. headers=headers)
  63. else:
  64. headers = forget(request)
  65. return HTTPFound(location=request.route_url('auth', action='login'),
  66. headers=headers)
  67. @view_config(route_name='auth', match_param="action=in", renderer="string",
  68. request_method="POST")
  69. @view_config(route_name='auth', match_param="action=out", renderer="string")
  70. def sign_in_out(request):
  71. username = request.POST.get('username')
  72. if username:
  73. user = User.by_slug(username)
  74. if user and user.verify_password(request.POST.get('password')):
  75. user.last_logged=datetime.datetime.now()
  76. DBSession.merge(user)
  77. headers = remember(request, user.uid)
  78. if request.POST.get('redirect'):
  79. return HTTPFound(location=request.POST.get('redirect'),
  80. headers=headers)
  81. return HTTPFound(location=request.route_url('jm2l'),
  82. headers=headers)
  83. else:
  84. headers = forget(request)
  85. else:
  86. headers = forget(request)
  87. if request.matchdict.get('action')=='in':
  88. request.session.flash(('error',u'Vous avez entré un mauvais couple identifiant/password !'))
  89. return HTTPFound(location="/sign/login",
  90. headers=headers)
  91. return HTTPFound(location=request.route_url('home', year=''),
  92. headers=headers)
  93. @view_config(route_name='auth', match_param="action=reset", renderer="jm2l:templates/reset_password.mako")
  94. def reset_password(request):
  95. check_logged(request)
  96. form = UserPasswordForm(request.POST, request.user, meta={'csrf_context': request.session})
  97. if request.method == 'POST' and form.validate():
  98. request.user.password = argon2.using(rounds=4).hash(form.password.data)
  99. DBSession.merge(request.user)
  100. headers = remember(request, request.user.uid)
  101. return HTTPFound(location=request.route_url('jm2l'),
  102. headers=headers)
  103. return { 'password_form': form }