forked from gergely/calendar-social
Add our own login form
We gain multiple things with this, but the main point is to do audit logging in case a valid user enters an invalid password.
This commit is contained in:
parent
2b8e976543
commit
aede5873d2
@ -75,6 +75,7 @@ class CalendarSocialApp(Flask):
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
def __init__(self, name, config=None):
|
def __init__(self, name, config=None):
|
||||||
|
from .forms import LoginForm
|
||||||
from .models import db, User, Role
|
from .models import db, User, Role
|
||||||
from .security import security, AnonymousUser
|
from .security import security, AnonymousUser
|
||||||
|
|
||||||
@ -91,7 +92,7 @@ class CalendarSocialApp(Flask):
|
|||||||
babel.localeselector(get_locale)
|
babel.localeselector(get_locale)
|
||||||
|
|
||||||
user_store = SQLAlchemyUserDatastore(db, User, Role)
|
user_store = SQLAlchemyUserDatastore(db, User, Role)
|
||||||
security.init_app(self, datastore=user_store, anonymous_user=AnonymousUser)
|
security.init_app(self, datastore=user_store, anonymous_user=AnonymousUser, login_form=LoginForm)
|
||||||
|
|
||||||
self.context_processor(template_vars)
|
self.context_processor(template_vars)
|
||||||
|
|
||||||
|
@ -18,6 +18,7 @@
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
from flask_babelex import lazy_gettext as _
|
from flask_babelex import lazy_gettext as _
|
||||||
|
from flask_security.forms import LoginForm as BaseLoginForm
|
||||||
from flask_wtf import FlaskForm
|
from flask_wtf import FlaskForm
|
||||||
import pytz
|
import pytz
|
||||||
from wtforms import BooleanField, PasswordField, SelectField, StringField
|
from wtforms import BooleanField, PasswordField, SelectField, StringField
|
||||||
@ -159,3 +160,35 @@ class SettingsForm(FlaskForm):
|
|||||||
continue
|
continue
|
||||||
|
|
||||||
user.settings[name] = str(field.data)
|
user.settings[name] = str(field.data)
|
||||||
|
|
||||||
|
|
||||||
|
class LoginForm(BaseLoginForm):
|
||||||
|
"""Login form for Calendar.social
|
||||||
|
"""
|
||||||
|
|
||||||
|
email = StringField(_('Username or email'), validators=[DataRequired()])
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
super(LoginForm, self).__init__(*args, **kwargs)
|
||||||
|
|
||||||
|
self.user = None
|
||||||
|
|
||||||
|
def validate(self):
|
||||||
|
from flask_security.utils import _datastore
|
||||||
|
from flask_security.utils import verify_and_update_password
|
||||||
|
|
||||||
|
from .models import AuditLog
|
||||||
|
|
||||||
|
ret = super(LoginForm, self).validate()
|
||||||
|
|
||||||
|
if self.user is None:
|
||||||
|
self.user = _datastore.get_user(self.email.data)
|
||||||
|
|
||||||
|
if self.user is None:
|
||||||
|
# We can’t figure out the user that’s trying to log in, just return
|
||||||
|
return ret
|
||||||
|
|
||||||
|
if not verify_and_update_password(self.password.data, self.user):
|
||||||
|
AuditLog.log(self.user, AuditLog.TYPE_LOGIN_FAIL)
|
||||||
|
|
||||||
|
return ret
|
||||||
|
Loading…
Reference in New Issue
Block a user