- 
                Notifications
    You must be signed in to change notification settings 
- Fork 34
Set login form to use WTForms #321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Changes from all commits
464687d
              5abe6cd
              a2c6a93
              1fb834a
              b2e4a42
              5715c51
              File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | 
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| from flask_wtf import FlaskForm | ||
| from wtforms import PasswordField, StringField | ||
| from wtforms.validators import InputRequired, Length | ||
|  | ||
|  | ||
| class LoginForm(FlaskForm): | ||
| username = StringField( | ||
| 'Username', validators=[ | ||
| InputRequired(), Length(min=4, max=20), | ||
| ], | ||
| ) | ||
| password = PasswordField( | ||
| 'Password', validators=[InputRequired(), Length(min=8)], id='password', | ||
| ) | 
| Original file line number | Diff line number | Diff line change | 
|---|---|---|
|  | @@ -28,6 +28,7 @@ | |
| ) | ||
| from lms.lmsweb.forms.change_password import ChangePasswordForm | ||
| from lms.lmsweb.forms.register import RegisterForm | ||
| from lms.lmsweb.forms.login import LoginForm | ||
|         
                  NogaOs marked this conversation as resolved.
              Show resolved
            Hide resolved | ||
| from lms.lmsweb.forms.reset_password import RecoverPassForm, ResetPassForm | ||
| from lms.lmsweb.manifest import MANIFEST | ||
| from lms.lmsweb.redirections import ( | ||
|  | @@ -98,27 +99,30 @@ def ratelimit_handler(e): | |
| deduct_when=lambda response: response.status_code != 200, | ||
| ) | ||
| def login(login_message: Optional[str] = None): | ||
| next_page = request.form.get('next') | ||
| if current_user.is_authenticated: | ||
| return get_next_url(request.args.get('next')) | ||
| return get_next_url(next_page) | ||
|  | ||
| username = request.form.get('username') | ||
| password = request.form.get('password') | ||
| next_page = request.form.get('next') | ||
| form = LoginForm() | ||
| login_message = request.args.get('login_message') | ||
| if not form.validate_on_submit(): | ||
| return render_template( | ||
| 'login.html', form=form, login_message=login_message, | ||
| There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should we keep the login message from the last page request or generate new one? (I might have missed something in the logic here) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think I changed anything meaningful here. Me missing something in the logic here would be more probable :P There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Try to create a form validator instead of the  | ||
| ) | ||
|  | ||
| if request.method == 'POST': | ||
| try: | ||
| user = auth(username, password) | ||
| except (ForbiddenPermission, UnauthorizedError) as e: | ||
| error_message, _ = e.args | ||
| error_details = {'next': next_page, 'login_message': error_message} | ||
| return redirect(url_for('login', **error_details)) | ||
| else: | ||
| login_user(user) | ||
| session['_invalid_password_tries'] = 0 | ||
| return get_next_url(next_page) | ||
|  | ||
| return render_template('login.html', login_message=login_message) | ||
| username = form.username.data | ||
| password = form.password.data | ||
|  | ||
| try: | ||
| user = auth(username, password) | ||
| except (ForbiddenPermission, UnauthorizedError) as e: | ||
| error_message, _ = e.args | ||
| error_details = {'next': next_page, 'login_message': error_message} | ||
| return redirect(url_for('login', **error_details)) | ||
| else: | ||
| login_user(user) | ||
| session['_invalid_password_tries'] = 0 | ||
| return get_next_url(next_page) | ||
|  | ||
|  | ||
| @webapp.route('/signup', methods=['GET', 'POST']) | ||
|  | ||
| Original file line number | Diff line number | Diff line change | 
|---|---|---|
| @@ -1,45 +1,42 @@ | ||
| {% extends 'base.html' %} | ||
| {% from "_formhelpers.html" import render_field %} | ||
|  | ||
| {% block page_content %} | ||
| <div class="container"> | ||
| <div id="login-container"> | ||
| <div id="login" class="text-center"> | ||
| <img id="login-logo" src="{{ url_for('static', filename='avatar.jpg') }}" alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72"> | ||
| <h1 id="main-title" class="h3 font-weight-normal">{{ _('Login') }}</h1> | ||
| <p> | ||
| {{ _('Welcome to the exercise system!') }}<br> | ||
| {{ _('Insert your username and password:') }} | ||
| </p> | ||
| {% if login_message %} | ||
| <div id="login-message-box" class="text-center"> | ||
| <p> | ||
| {{ login_message }} | ||
| </p> | ||
| </div> | ||
| {% endif %} | ||
| <form class="align-items-center" method="post" action="{{ url_for('login') }}"> | ||
| <div class="row mb-3 {{ direction }}-language"> | ||
| <label for="username" class="visually-hidden">{{ _('Username') }}</label> | ||
| <div> | ||
| <input id="username" class="form-control form-control-lg" type="text" name="username" placeholder="{{ _('Username') }}" required autofocus> | ||
| </div> | ||
| </div> | ||
| <div class="row mb-3 {{ direction }}-language"> | ||
| <label for="password" class="visually-hidden">{{ _('Password') }}</label> | ||
| <div> | ||
| <input id="password" class="form-control form-control-lg" type="password" name="password" placeholder="{{ _('Password') }}" required> | ||
| </div> | ||
| </div> | ||
| <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" value="{{ csrf_token() }}" required> | ||
| <input class="form-control form-control-lg" type="hidden" name="next" id="next" value="{{ request.args.get('next', '') }}"> | ||
| <button class="btn btn-primary btn-lg btn-block">{{ _('Login') }}</button> | ||
| </form> | ||
| <a href="{{ url_for('reset_password') }}" id="forgot-my-password-link" role="button">{{ _('Forgot your password?') }}</a> | ||
| {% if config.REGISTRATION_OPEN %} | ||
| <hr class="mt-3 mb-3"> | ||
| <a href="{{ url_for('signup') }}" class="btn btn-success btn-sm" role="button">{{ _('Register') }}</a> | ||
| {% endif %} | ||
| </div> | ||
| </div> | ||
| </div> | ||
| <div class="container"> | ||
| <div id="login-container"> | ||
| <div id="login" class="text-center"> | ||
| 
      Comment on lines
    
      +5
     to 
      +7
    
   There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Please configure your IDE to convert TAB to 2 spaces in HTML | ||
| <img id="login-logo" src="{{ url_for('static', filename='avatar.jpg') }}" | ||
| alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72"> | ||
| <h1 id="main-title" class="h3 font-weight-normal">{{ _('Login') }}</h1> | ||
| <p> | ||
| {{ _('Welcome to the exercise system!') }}<br> | ||
| {{ _('Insert your username and password:') }} | ||
| </p> | ||
| {% if login_message %} | ||
| <div id="login-message-box" class="text-center"> | ||
| <p> | ||
| {{ login_message }} | ||
| </p> | ||
| </div> | ||
| {% endif %} | ||
|  | ||
| <form class="align-items-center" method="post" action="{{ url_for('login') }}"> | ||
| {{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }} | ||
| {{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }} | ||
| <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" | ||
| value="{{ csrf_token() }}" required> | ||
| <input class="form-control form-control-lg" type="hidden" name="next" id="next" | ||
| value="{{ request.args.get('next', '') }}"> | ||
| <button class="btn btn-primary btn-lg btn-block">{{ _('Login') }}</button> | ||
| <a href="{{ url_for('reset_password') }}" id="forgot-my-password-link" role="button">{{ _('Forgot your | ||
| password?') }}</a> | ||
| </form> | ||
|  | ||
| {% if config.REGISTRATION_OPEN %} | ||
| <hr class="mt-3 mb-3"> | ||
| <a href="{{ url_for('signup') }}" class="btn btn-success btn-sm" role="button">{{ _('Register') }}</a> | ||
| {% endif %} | ||
| </div> | ||
| </div> | ||
| </div> | ||
| {% endblock %} | ||
| Original file line number | Diff line number | Diff line change | 
|---|---|---|
|  | @@ -2,28 +2,32 @@ | |
| {% from "_formhelpers.html" import render_field %} | ||
|  | ||
| {% block page_content %} | ||
| <div class="container"> | ||
| <div id="signup-container"> | ||
| <div id="signup" class="text-center"> | ||
| <img id="signup-logo" src="{{ url_for('static', filename='avatar.jpg') }}" alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72"> | ||
| <h1 id="main-title" class="h3 font-weight-normal">{{ _('Registration') }}</h1> | ||
| <p> | ||
| {{ _('Welcome to the exercise system!') }}<br> | ||
| {{ _('Insert your email and password for registration:') }} | ||
| </p> | ||
| <form class="align-items-center {{ direction }}-language" method="post" action="{{ url_for('signup') }}"> | ||
| {{ render_field(form.email, cls="form-control form-control-lg", placeholder=_('Email Address')) }} | ||
| {{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }} | ||
| {{ render_field(form.fullname, cls="form-control form-control-lg", placeholder=_('Full Name')) }} | ||
| {{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }} | ||
| {{ render_field(form.confirm, cls="form-control form-control-lg", placeholder=_('Password Confirmation')) }} | ||
| <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" value="{{ csrf_token() }}" required> | ||
| <input class="form-control form-control-lg" type="hidden" name="next" id="next" value="{{ request.args.get('next', '') }}"> | ||
| <button class="btn btn-primary btn-lg btn-block">{{ _('Register') }}</button> | ||
| </form> | ||
| <hr class="mt-3 mb-3"> | ||
| <a href="/" class="btn btn-success btn-sm" role="button">{{ _('Back to login page') }}</a> | ||
| </div> | ||
| <div class="container"> | ||
| There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Please reindent it | ||
| <div id="signup-container"> | ||
| <div id="signup" class="text-center"> | ||
| <img id="signup-logo" src="{{ url_for('static', filename='avatar.jpg') }}" | ||
| alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72"> | ||
| <h1 id="main-title" class="h3 font-weight-normal">{{ _('Registration') }}</h1> | ||
| <p> | ||
| {{ _('Welcome to the exercise system!') }}<br> | ||
| {{ _('Insert your email and password for registration:') }} | ||
| </p> | ||
| <form class="align-items-center {{ direction }}-language" method="post" action="{{ url_for('signup') }}"> | ||
| {{ render_field(form.email, cls="form-control form-control-lg", placeholder=_('Email Address')) }} | ||
| {{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }} | ||
| {{ render_field(form.fullname, cls="form-control form-control-lg", placeholder=_('Full Name')) }} | ||
| {{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }} | ||
| {{ render_field(form.confirm, cls="form-control form-control-lg", placeholder=_('Password Confirmation')) }} | ||
| <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" | ||
| value="{{ csrf_token() }}" required> | ||
| <input class="form-control form-control-lg" type="hidden" name="next" id="next" | ||
| value="{{ request.args.get('next', '') }}"> | ||
| <button class="btn btn-primary btn-lg btn-block">{{ _('Register') }}</button> | ||
| </form> | ||
| <hr class="mt-3 mb-3"> | ||
| <a href="/" class="btn btn-success btn-sm" role="button">{{ _('Back to login page') }}</a> | ||
| </div> | ||
| </div> | ||
| </div> | ||
| </div> | ||
| {% endblock %} | ||
Uh oh!
There was an error while loading. Please reload this page.