# -*- coding: utf-8 -*- # Part of Odoo, Flectra. See LICENSE file for full copyright and licensing details. import logging import werkzeug from flectra import http, _ from flectra.addons.auth_signup.models.res_users import SignupError from flectra.addons.web.controllers.main import ensure_db, Home from flectra.exceptions import UserError from flectra.http import request _logger = logging.getLogger(__name__) class AuthSignupHome(Home): @http.route() def web_login(self, *args, **kw): ensure_db() response = super(AuthSignupHome, self).web_login(*args, **kw) response.qcontext.update(self.get_auth_signup_config()) if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) return response @http.route('/web/signup', type='http', auth='public', website=True, sitemap=False) def web_auth_signup(self, *args, **kw): qcontext = self.get_auth_signup_qcontext() if not qcontext.get('token') and not qcontext.get('signup_enabled'): raise werkzeug.exceptions.NotFound() if 'error' not in qcontext and request.httprequest.method == 'POST': try: self.do_signup(qcontext) # Send an account creation confirmation email if qcontext.get('token'): user_sudo = request.env['res.users'].sudo().search([('login', '=', qcontext.get('login'))]) template = request.env.ref('auth_signup.mail_template_user_signup_account_created', raise_if_not_found=False) if user_sudo and template: template.sudo().with_context( lang=user_sudo.lang, auth_login=werkzeug.url_encode({'auth_login': user_sudo.email}), ).send_mail(user_sudo.id, force_send=True) return super(AuthSignupHome, self).web_login(*args, **kw) except UserError as e: qcontext['error'] = e.name or e.value except (SignupError, AssertionError) as e: if request.env["res.users"].sudo().search([("login", "=", qcontext.get("login"))]): qcontext["error"] = _("Another user is already registered using this email address.") else: _logger.error("%s", e) qcontext['error'] = _("Could not create a new account.") response = request.render('auth_signup.signup', qcontext) response.headers['X-Frame-Options'] = 'DENY' return response @http.route('/web/reset_password', type='http', auth='public', website=True, sitemap=False) def web_auth_reset_password(self, *args, **kw): qcontext = self.get_auth_signup_qcontext() if not qcontext.get('token') and not qcontext.get('reset_password_enabled'): raise werkzeug.exceptions.NotFound() if 'error' not in qcontext and request.httprequest.method == 'POST': try: if qcontext.get('token'): self.do_signup(qcontext) return super(AuthSignupHome, self).web_login(*args, **kw) else: login = qcontext.get('login') assert login, _("No login provided.") _logger.info( "Password reset attempt for <%s> by user <%s> from %s", login, request.env.user.login, request.httprequest.remote_addr) request.env['res.users'].sudo().reset_password(login) qcontext['message'] = _("An email has been sent with credentials to reset your password") except UserError as e: qcontext['error'] = e.name or e.value except SignupError: qcontext['error'] = _("Could not reset your password") _logger.exception('error when resetting password') except Exception as e: qcontext['error'] = str(e) response = request.render('auth_signup.reset_password', qcontext) response.headers['X-Frame-Options'] = 'DENY' return response def get_auth_signup_config(self): """retrieve the module config (which features are enabled) for the login page""" get_param = request.env['ir.config_parameter'].sudo().get_param return { 'signup_enabled': get_param('auth_signup.allow_uninvited') == 'True', 'reset_password_enabled': get_param('auth_signup.reset_password') == 'True', } def get_auth_signup_qcontext(self): """ Shared helper returning the rendering context for signup and reset password """ qcontext = request.params.copy() qcontext.update(self.get_auth_signup_config()) if not qcontext.get('token') and request.session.get('auth_signup_token'): qcontext['token'] = request.session.get('auth_signup_token') if qcontext.get('token'): try: # retrieve the user info (name, login or email) corresponding to a signup token token_infos = request.env['res.partner'].sudo().signup_retrieve_info(qcontext.get('token')) for k, v in token_infos.items(): qcontext.setdefault(k, v) except: qcontext['error'] = _("Invalid signup token") qcontext['invalid_token'] = True return qcontext def do_signup(self, qcontext): """ Shared helper that creates a res.partner out of a token """ values = { key: qcontext.get(key) for key in ('login', 'name', 'password') } if not values: raise UserError(_("The form was not properly filled in.")) if values.get('password') != qcontext.get('confirm_password'): raise UserError(_("Passwords do not match; please retype them.")) supported_langs = [lang['code'] for lang in request.env['res.lang'].sudo().search_read([], ['code'])] if request.lang in supported_langs: values['lang'] = request.lang self._signup_with_values(qcontext.get('token'), values) request.env.cr.commit() def _signup_with_values(self, token, values): db, login, password = request.env['res.users'].sudo().signup(values, token) request.env.cr.commit() # as authenticate will use its own cursor we need to commit the current transaction uid = request.session.authenticate(db, login, password) if not uid: raise SignupError(_('Authentication Failed.'))