Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def __str__(self):
- return self.name
- # Flask-Login integration
- def is_authenticated(self):
- return True
- def is_active(self):
- return True
- def is_anonymous(self):
- return False
- def get_id(self):
- return self.id
- def __unicode__(self):
- return self.login
- def __repr__(self):
- return '<User %r>' % self.login
- def __str__(self):
- return self.email
- # Setup Flask-Security
- login = fields.StringField('Username', validators=[validators.Length(message=user_message, max=60),
- validators.required(user_required)])
- password = fields.PasswordField('Password', validators=[validators.Length(message=pass_message, max=50),
- validators.required(pass_required)])
- def get_user(self):
- return db.session.query(User).filter_by(login=self.login.data).first()
- def validate_login(self, field):
- user = self.get_user()
- if user is None:
- raise validators.ValidationError('Invalid user')
- # we're comparing the plaintext pw with the the hash from the db
- if not check_password_hash(user.password, self.password.data):
- # to compare plain text passwords use
- # if user.password != self.password.data:
- raise validators.ValidationError('Invalid password')
- login = fields.StringField('Username', validators=[validators.Length(message=username_message, min=4, max=25),
- validators.required(username_required)])
- email = fields.StringField('Email', validators=[validators.Length(message=email_address_message, max=60),
- validators.required(email_address_required)])
- password = fields.PasswordField('Password', validators=[validators.required(password_message),
- validators.EqualTo('confirm', message='Passwords must match')])
- confirm = fields.PasswordField('Repeat Password')
- def validate_login(self, field):
- if db.session.query(User).filter_by(login=self.login.data).count() > 0:
- raise validators.ValidationError('Duplicate username')
- if db.session.query(User).filter_by(email=self.email.data).count() > 0:
- raise validators.ValidationError('Duplicate email')
- # Create user loader function
- @login_manager.user_loader
- def load_user(user_id):
- return db.session.query(User).get(user_id)
- if current_user.has_role('superuser'):
- return True
- return False
- def _handle_view(self, name, **kwargs):
- """
- Override builtin _handle_view in order to redirect users when a view is not accessible.
- """
- if not self.is_accessible():
- if current_user.is_authenticated:
- # permission denied
- abort(403)
- else:
- # login
- return redirect(url_for('admin.login_view', next=request.url))
- @expose('/login/', methods=['GET', 'POST'])
- def login_view(self):
- # handle user login
- form = LoginForm(request.form)
- if helpers.validate_form_on_submit(form):
- user = form.get_user()
- login.login_user(user)
- if login.current_user.is_authenticated:
- return redirect(url_for('.index'))
- link = '<p>Don't have an account? <a href="' + url_for('.register_view') + '">Click here to register.</a></p>'
- self._template_args['form'] = form
- self._template_args['link'] = link
- return super(MyAdminIndexView, self).index()
- @expose('/register/', methods=['GET', 'POST'])
- def register_view(self):
- form = RegistrationForm(request.form)
- if helpers.validate_form_on_submit(form):
- user = User()
- form.populate_obj(user)
- # we hash the users password to avoid saving it as plaintext in the db,
- # remove to use plain text:
- user.password = generate_password_hash(form.password.data)
- db.session.add(user)
- db.session.commit()
- login.login_user(user)
- return redirect(url_for('.index'))
- link = '<p>Already have an account? <a href="' + url_for('.login_view') + '">Click here to log in.</a></p>'
- self._template_args['form'] = form
- self._template_args['link'] = link
- return super(MyAdminIndexView, self).index()
- @expose('/logout/')
- def logout_view(self):
- login.logout_user()
- return redirect(url_for('.index'))
- db.create_all()
- with app.app_context():
- user_role = Role(name='user')
- super_user_role = Role(name='superuser')
- db.session.add(user_role)
- db.session.add(super_user_role)
- db.session.commit()
- test_user = user_datastore.create_user(
- login='Admin',
- email='admin',
- password=generate_password_hash('admin'),
- roles=[user_role, super_user_role]
- )
- db.session.add(test_user)
- db.session.commit()
- return
- # Start app
- app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement