ScoDoc/app/auth/forms.py

101 lines
3.4 KiB
Python

# -*- coding: UTF-8 -*
"""Formulaires authentification
TODO: à revoir complètement pour reprendre ZScoUsers et les pages d'authentification
"""
from urllib.parse import urlparse, urljoin
from flask import request, url_for, redirect
from flask_wtf import FlaskForm
from wtforms import BooleanField, HiddenField, PasswordField, StringField, SubmitField
from wtforms.validators import ValidationError, DataRequired, Email, EqualTo
from app.auth.models import User, is_valid_password
_ = lambda x: x # sans babel
_l = _
# See http://flask.pocoo.org/snippets/63/
def is_safe_url(target):
ref_url = urlparse(request.host_url)
test_url = urlparse(urljoin(request.host_url, target))
return test_url.scheme in ("http", "https") and ref_url.netloc == test_url.netloc
def get_redirect_target():
for target in request.args.get("next"), request.referrer:
if not target:
continue
if is_safe_url(target):
return target
class RedirectForm(FlaskForm):
next = HiddenField()
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
if not self.next.data:
self.next.data = get_redirect_target() or ""
def redirect(self, endpoint="index", **values):
if is_safe_url(self.next.data):
return redirect(self.next.data)
target = get_redirect_target()
return redirect(target or url_for(endpoint, **values))
class LoginForm(RedirectForm):
user_name = StringField(_l("Nom d'utilisateur"), validators=[DataRequired()])
password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])
remember_me = BooleanField(_l("mémoriser la connexion"))
submit = SubmitField(_l("Suivant"))
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
class UserCreationForm(FlaskForm):
user_name = StringField(_l("Nom d'utilisateur"), validators=[DataRequired()])
email = StringField(_l("Email"), validators=[DataRequired(), Email()])
password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])
password2 = PasswordField(
_l("Répéter"), validators=[DataRequired(), EqualTo("password")]
)
submit = SubmitField(_l("Inscrire"))
def validate_user_name(self, user_name):
user = User.query.filter_by(user_name=user_name.data).first()
if user is not None:
raise ValidationError(_("Please use a different user_name."))
def validate_email(self, email):
user = User.query.filter_by(email=email.data).first()
if user is not None:
raise ValidationError(_("Please use a different email address."))
class ResetPasswordRequestForm(FlaskForm):
email = StringField(
_l("Adresse email associée à votre compte ScoDoc:"),
validators=[DataRequired(), Email()],
)
submit = SubmitField(_l("Envoyer"))
class ResetPasswordForm(FlaskForm):
password = PasswordField(_l("Mot de passe"), validators=[DataRequired()])
password2 = PasswordField(
_l("Répéter"), validators=[DataRequired(), EqualTo("password")]
)
submit = SubmitField(_l("Valider ce mot de passe"))
def validate_password(self, password):
if not is_valid_password(password.data):
raise ValidationError(f"Mot de passe trop simple, recommencez")
class DeactivateUserForm(FlaskForm):
submit = SubmitField("Modifier l'utilisateur")
cancel = SubmitField(label="Annuler", render_kw={"formnovalidate": True})