Refactor user login, change password to use colander/deform

This commit is contained in:
Lance Edgar 2018-02-10 16:47:53 -06:00
parent cff757fe9e
commit ec438ead51
5 changed files with 53 additions and 69 deletions
tailbone/views

View file

@ -2,7 +2,7 @@
################################################################################
#
# Rattail -- Retail Software Framework
# Copyright © 2010-2017 Lance Edgar
# Copyright © 2010-2018 Lance Edgar
#
# This file is part of Rattail.
#
@ -28,47 +28,42 @@ from __future__ import unicode_literals, absolute_import
from rattail.db.auth import authenticate_user, set_user_password
import formencode as fe
import colander
from deform import widget as dfwidget
from pyramid.httpexceptions import HTTPForbidden
from pyramid_simpleform import Form
from webhelpers2.html import tags, literal
from tailbone import forms
from tailbone import forms2 as forms
from tailbone.db import Session
from tailbone.views import View
from tailbone.auth import login_user, logout_user
class UserLogin(fe.Schema):
allow_extra_fields = True
filter_extra_fields = True
username = fe.validators.NotEmpty()
password = fe.validators.NotEmpty()
class UserLogin(colander.MappingSchema):
username = colander.SchemaNode(colander.String())
password = colander.SchemaNode(colander.String(),
widget=dfwidget.PasswordWidget())
class CurrentPasswordCorrect(fe.validators.FancyValidator):
def _to_python(self, value, state):
user = state
if not authenticate_user(Session, user.username, value):
raise fe.Invalid("The password is incorrect.", value, state)
return value
@colander.deferred
def current_password_correct(node, kw):
user = kw['user']
def validate(node, value):
if not authenticate_user(Session(), user.username, value):
raise colander.Invalid(node, "The password is incorrect")
return validate
class ChangePassword(fe.Schema):
class ChangePassword(colander.MappingSchema):
allow_extra_fields = True
filter_extra_fields = True
current_password = colander.SchemaNode(colander.String(),
widget=dfwidget.PasswordWidget(),
validator=current_password_correct)
current_password = fe.All(
fe.validators.NotEmpty(),
CurrentPasswordCorrect())
new_password = fe.validators.NotEmpty()
confirm_password = fe.validators.NotEmpty()
chained_validators = [fe.validators.FieldsMatch(
'new_password', 'confirm_password')]
new_password = colander.SchemaNode(colander.String(),
widget=dfwidget.CheckedPasswordWidget())
class AuthenticationView(View):
@ -103,10 +98,15 @@ class AuthenticationView(View):
self.request.session.flash("{} is already logged in".format(self.request.user), 'error')
return self.redirect(referrer)
form = forms.SimpleForm(self.request, UserLogin)
if form.validate():
user = self.authenticate_user(form.data['username'],
form.data['password'])
form = forms.Form(schema=UserLogin(), request=self.request)
form.save_label = "Login"
form.auto_disable_save = False
form.auto_disable = False # TODO: deprecate / remove this
form.show_reset = True
form.show_cancel = False
if form.validate(newstyle=True):
user = self.authenticate_user(form.validated['username'],
form.validated['password'])
if user:
# okay now they're truly logged in
headers = login_user(self.request, user)
@ -122,7 +122,7 @@ class AuthenticationView(View):
default=self.request.static_url('tailbone:static/img/home_logo.png'))
return {
'form': forms.FormRenderer(form),
'form': form,
'referrer': referrer,
'image_url': image_url,
'dialog': mobile,
@ -169,12 +169,14 @@ class AuthenticationView(View):
self.request.session.flash("Cannot change password for 'chuck' in demo mode", 'error')
return self.redirect(self.request.get_referrer())
form = Form(self.request, schema=ChangePassword, state=self.request.user)
if form.validate():
set_user_password(self.request.user, form.data['new_password'])
schema = ChangePassword().bind(user=self.request.user)
form = forms.Form(schema=schema, request=self.request)
if form.validate(newstyle=True):
set_user_password(self.request.user, form.validated['new_password'])
self.request.session.flash("Your password has been changed.")
return self.redirect(self.request.get_referrer())
return {'form': forms.FormRenderer(form)}
return {'form': form}
def become_root(self):
"""