API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 3rd, 2017
175
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.75 KB | None | 0 0
raw download clone embed print report
  1. def __str__(self):
  2. return self.name
  3.  
  4. # Flask-Login integration
  5. def is_authenticated(self):
  6. return True
  7.  
  8.  
  9. def is_active(self):
  10. return True
  11.  
  12.  
  13. def is_anonymous(self):
  14. return False
  15.  
  16.  
  17. def get_id(self):
  18. return self.id
  19.  
  20. def __unicode__(self):
  21. return self.login
  22.  
  23.  
  24. def __repr__(self):
  25. return '<User %r>' % self.login
  26.  
  27.  
  28. def __str__(self):
  29. return self.email
  30. # Setup Flask-Security
  31.  
  32. login = fields.StringField('Username', validators=[validators.Length(message=user_message, max=60),
  33. validators.required(user_required)])
  34. password = fields.PasswordField('Password', validators=[validators.Length(message=pass_message, max=50),
  35. validators.required(pass_required)])
  36.  
  37. def get_user(self):
  38. return db.session.query(User).filter_by(login=self.login.data).first()
  39.  
  40. def validate_login(self, field):
  41. user = self.get_user()
  42.  
  43. if user is None:
  44. raise validators.ValidationError('Invalid user')
  45.  
  46. # we're comparing the plaintext pw with the the hash from the db
  47. if not check_password_hash(user.password, self.password.data):
  48. # to compare plain text passwords use
  49. # if user.password != self.password.data:
  50. raise validators.ValidationError('Invalid password')
  51.  
  52. login = fields.StringField('Username', validators=[validators.Length(message=username_message, min=4, max=25),
  53. validators.required(username_required)])
  54. email = fields.StringField('Email', validators=[validators.Length(message=email_address_message, max=60),
  55. validators.required(email_address_required)])
  56. password = fields.PasswordField('Password', validators=[validators.required(password_message),
  57. validators.EqualTo('confirm', message='Passwords must match')])
  58. confirm = fields.PasswordField('Repeat Password')
  59.  
  60. def validate_login(self, field):
  61. if db.session.query(User).filter_by(login=self.login.data).count() > 0:
  62. raise validators.ValidationError('Duplicate username')
  63. if db.session.query(User).filter_by(email=self.email.data).count() > 0:
  64. raise validators.ValidationError('Duplicate email')
  65.  
  66. # Create user loader function
  67. @login_manager.user_loader
  68. def load_user(user_id):
  69. return db.session.query(User).get(user_id)
  70.  
  71. if current_user.has_role('superuser'):
  72. return True
  73.  
  74. return False
  75.  
  76. def _handle_view(self, name, **kwargs):
  77. """
  78. Override builtin _handle_view in order to redirect users when a view is not accessible.
  79. """
  80. if not self.is_accessible():
  81. if current_user.is_authenticated:
  82. # permission denied
  83. abort(403)
  84. else:
  85. # login
  86. return redirect(url_for('admin.login_view', next=request.url))
  87.  
  88. @expose('/login/', methods=['GET', 'POST'])
  89. def login_view(self):
  90. # handle user login
  91. form = LoginForm(request.form)
  92. if helpers.validate_form_on_submit(form):
  93. user = form.get_user()
  94. login.login_user(user)
  95.  
  96. if login.current_user.is_authenticated:
  97. return redirect(url_for('.index'))
  98. link = '<p>Don't have an account? <a href="' + url_for('.register_view') + '">Click here to register.</a></p>'
  99. self._template_args['form'] = form
  100. self._template_args['link'] = link
  101. return super(MyAdminIndexView, self).index()
  102.  
  103. @expose('/register/', methods=['GET', 'POST'])
  104. def register_view(self):
  105. form = RegistrationForm(request.form)
  106. if helpers.validate_form_on_submit(form):
  107. user = User()
  108.  
  109. form.populate_obj(user)
  110. # we hash the users password to avoid saving it as plaintext in the db,
  111. # remove to use plain text:
  112. user.password = generate_password_hash(form.password.data)
  113.  
  114. db.session.add(user)
  115. db.session.commit()
  116.  
  117. login.login_user(user)
  118. return redirect(url_for('.index'))
  119. link = '<p>Already have an account? <a href="' + url_for('.login_view') + '">Click here to log in.</a></p>'
  120. self._template_args['form'] = form
  121. self._template_args['link'] = link
  122. return super(MyAdminIndexView, self).index()
  123.  
  124. @expose('/logout/')
  125. def logout_view(self):
  126. login.logout_user()
  127. return redirect(url_for('.index'))
  128.  
  129. db.create_all()
  130.  
  131. with app.app_context():
  132. user_role = Role(name='user')
  133. super_user_role = Role(name='superuser')
  134. db.session.add(user_role)
  135. db.session.add(super_user_role)
  136. db.session.commit()
  137.  
  138.  
  139. test_user = user_datastore.create_user(
  140. login='Admin',
  141. email='admin',
  142. password=generate_password_hash('admin'),
  143. roles=[user_role, super_user_role]
  144. )
  145. db.session.add(test_user)
  146. db.session.commit()
  147.  
  148. return
  149.  
  150. # Start app
  151. app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!