136 lines
6.6 KiB
Python
136 lines
6.6 KiB
Python
# -*- coding: utf-8 -*-
|
|
# Part of Odoo, Flectra. See LICENSE file for full copyright and licensing details.
|
|
import logging
|
|
import werkzeug
|
|
|
|
from flectra import http, _
|
|
from flectra.addons.auth_signup.models.res_users import SignupError
|
|
from flectra.addons.web.controllers.main import ensure_db, Home
|
|
from flectra.exceptions import UserError
|
|
from flectra.http import request
|
|
|
|
_logger = logging.getLogger(__name__)
|
|
|
|
|
|
class AuthSignupHome(Home):
|
|
|
|
@http.route()
|
|
def web_login(self, *args, **kw):
|
|
ensure_db()
|
|
response = super(AuthSignupHome, self).web_login(*args, **kw)
|
|
response.qcontext.update(self.get_auth_signup_config())
|
|
if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
|
|
# Redirect if already logged in and redirect param is present
|
|
return http.redirect_with_hash(request.params.get('redirect'))
|
|
return response
|
|
|
|
@http.route('/web/signup', type='http', auth='public', website=True, sitemap=False)
|
|
def web_auth_signup(self, *args, **kw):
|
|
qcontext = self.get_auth_signup_qcontext()
|
|
|
|
if not qcontext.get('token') and not qcontext.get('signup_enabled'):
|
|
raise werkzeug.exceptions.NotFound()
|
|
|
|
if 'error' not in qcontext and request.httprequest.method == 'POST':
|
|
try:
|
|
self.do_signup(qcontext)
|
|
# Send an account creation confirmation email
|
|
if qcontext.get('token'):
|
|
user_sudo = request.env['res.users'].sudo().search([('login', '=', qcontext.get('login'))])
|
|
template = request.env.ref('auth_signup.mail_template_user_signup_account_created', raise_if_not_found=False)
|
|
if user_sudo and template:
|
|
template.sudo().with_context(
|
|
lang=user_sudo.lang,
|
|
auth_login=werkzeug.url_encode({'auth_login': user_sudo.email}),
|
|
password=request.params.get('password')
|
|
).send_mail(user_sudo.id, force_send=True)
|
|
return super(AuthSignupHome, self).web_login(*args, **kw)
|
|
except UserError as e:
|
|
qcontext['error'] = e.name or e.value
|
|
except (SignupError, AssertionError) as e:
|
|
if request.env["res.users"].sudo().search([("login", "=", qcontext.get("login"))]):
|
|
qcontext["error"] = _("Another user is already registered using this email address.")
|
|
else:
|
|
_logger.error("%s", e)
|
|
qcontext['error'] = _("Could not create a new account.")
|
|
|
|
response = request.render('auth_signup.signup', qcontext)
|
|
response.headers['X-Frame-Options'] = 'DENY'
|
|
return response
|
|
|
|
@http.route('/web/reset_password', type='http', auth='public', website=True, sitemap=False)
|
|
def web_auth_reset_password(self, *args, **kw):
|
|
qcontext = self.get_auth_signup_qcontext()
|
|
|
|
if not qcontext.get('token') and not qcontext.get('reset_password_enabled'):
|
|
raise werkzeug.exceptions.NotFound()
|
|
|
|
if 'error' not in qcontext and request.httprequest.method == 'POST':
|
|
try:
|
|
if qcontext.get('token'):
|
|
self.do_signup(qcontext)
|
|
return super(AuthSignupHome, self).web_login(*args, **kw)
|
|
else:
|
|
login = qcontext.get('login')
|
|
assert login, _("No login provided.")
|
|
_logger.info(
|
|
"Password reset attempt for <%s> by user <%s> from %s",
|
|
login, request.env.user.login, request.httprequest.remote_addr)
|
|
request.env['res.users'].sudo().reset_password(login)
|
|
qcontext['message'] = _("An email has been sent with credentials to reset your password")
|
|
except SignupError:
|
|
qcontext['error'] = _("Could not reset your password")
|
|
_logger.exception('error when resetting password')
|
|
except Exception as e:
|
|
qcontext['error'] = str(e)
|
|
|
|
response = request.render('auth_signup.reset_password', qcontext)
|
|
response.headers['X-Frame-Options'] = 'DENY'
|
|
return response
|
|
|
|
def get_auth_signup_config(self):
|
|
"""retrieve the module config (which features are enabled) for the login page"""
|
|
|
|
get_param = request.env['ir.config_parameter'].sudo().get_param
|
|
return {
|
|
'signup_enabled': get_param('auth_signup.allow_uninvited') == 'True',
|
|
'reset_password_enabled': get_param('auth_signup.reset_password') == 'True',
|
|
}
|
|
|
|
def get_auth_signup_qcontext(self):
|
|
""" Shared helper returning the rendering context for signup and reset password """
|
|
qcontext = request.params.copy()
|
|
qcontext.update(self.get_auth_signup_config())
|
|
if not qcontext.get('token') and request.session.get('auth_signup_token'):
|
|
qcontext['token'] = request.session.get('auth_signup_token')
|
|
if qcontext.get('token'):
|
|
try:
|
|
# retrieve the user info (name, login or email) corresponding to a signup token
|
|
token_infos = request.env['res.partner'].sudo().signup_retrieve_info(qcontext.get('token'))
|
|
for k, v in token_infos.items():
|
|
qcontext.setdefault(k, v)
|
|
except:
|
|
qcontext['error'] = _("Invalid signup token")
|
|
qcontext['invalid_token'] = True
|
|
return qcontext
|
|
|
|
def do_signup(self, qcontext):
|
|
""" Shared helper that creates a res.partner out of a token """
|
|
values = { key: qcontext.get(key) for key in ('login', 'name', 'password') }
|
|
if not values:
|
|
raise UserError(_("The form was not properly filled in."))
|
|
if values.get('password') != qcontext.get('confirm_password'):
|
|
raise UserError(_("Passwords do not match; please retype them."))
|
|
supported_langs = [lang['code'] for lang in request.env['res.lang'].sudo().search_read([], ['code'])]
|
|
if request.lang in supported_langs:
|
|
values['lang'] = request.lang
|
|
self._signup_with_values(qcontext.get('token'), values)
|
|
request.env.cr.commit()
|
|
|
|
def _signup_with_values(self, token, values):
|
|
db, login, password = request.env['res.users'].sudo().signup(values, token)
|
|
request.env.cr.commit() # as authenticate will use its own cursor we need to commit the current transaction
|
|
uid = request.session.authenticate(db, login, password)
|
|
if not uid:
|
|
raise SignupError(_('Authentication Failed.'))
|