Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Set login form to use WTForms #321

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Set login form to use WTForms #321

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
464687d
added the login form, and tons of notes
noga-acumen Sep 28, 2021
5abe6cd
minor changes
noga-acumen Oct 1, 2021
a2c6a93
final touch ups
noga-acumen Oct 1, 2021
1fb834a
Merge branch 'master' - lang change merge conflict
noga-acumen Oct 1, 2021
b2e4a42
flake8 fixes
noga-acumen Oct 1, 2021
5715c51
summore flake8 fixes
noga-acumen Oct 1, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions lms/lmsweb/forms/login.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
from flask_wtf import FlaskForm
from wtforms import PasswordField, StringField
from wtforms.validators import InputRequired, Length


class LoginForm(FlaskForm):
username = StringField(
'Username', validators=[
InputRequired(), Length(min=4, max=20),
],
)
password = PasswordField(
'Password', validators=[InputRequired(), Length(min=8)], id='password',
)
2 changes: 1 addition & 1 deletion lms/lmsweb/forms/reset_password.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
from flask_babel import gettext as _ # type: ignore
from flask_wtf import FlaskForm
from wtforms import StringField
from wtforms.fields.simple import PasswordField
from wtforms import PasswordField
NogaOs marked this conversation as resolved.
Show resolved Hide resolved
from wtforms.validators import Email, EqualTo, InputRequired, Length


Expand Down
38 changes: 21 additions & 17 deletions lms/lmsweb/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
)
from lms.lmsweb.forms.change_password import ChangePasswordForm
from lms.lmsweb.forms.register import RegisterForm
from lms.lmsweb.forms.login import LoginForm
NogaOs marked this conversation as resolved.
Show resolved Hide resolved
from lms.lmsweb.forms.reset_password import RecoverPassForm, ResetPassForm
from lms.lmsweb.manifest import MANIFEST
from lms.lmsweb.redirections import (
Expand Down Expand Up @@ -98,27 +99,30 @@ def ratelimit_handler(e):
deduct_when=lambda response: response.status_code != 200,
)
def login(login_message: Optional[str] = None):
next_page = request.form.get('next')
if current_user.is_authenticated:
return get_next_url(request.args.get('next'))
return get_next_url(next_page)

username = request.form.get('username')
password = request.form.get('password')
next_page = request.form.get('next')
form = LoginForm()
login_message = request.args.get('login_message')
if not form.validate_on_submit():
return render_template(
'login.html', form=form, login_message=login_message,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we keep the login message from the last page request or generate new one? (I might have missed something in the logic here)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think I changed anything meaningful here. Me missing something in the logic here would be more probable :P
From just messing around with the system, it seems to work - what should I fix here?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Try to create a form validator instead of the auth method and because of that you would remove 113-122 lines.
You can take a look in the lmsweb/tools/validators.py and the auth method in order to create the validator

)

if request.method == 'POST':
try:
user = auth(username, password)
except (ForbiddenPermission, UnauthorizedError) as e:
error_message, _ = e.args
error_details = {'next': next_page, 'login_message': error_message}
return redirect(url_for('login', **error_details))
else:
login_user(user)
session['_invalid_password_tries'] = 0
return get_next_url(next_page)

return render_template('login.html', login_message=login_message)
username = form.username.data
password = form.password.data

try:
user = auth(username, password)
except (ForbiddenPermission, UnauthorizedError) as e:
error_message, _ = e.args
error_details = {'next': next_page, 'login_message': error_message}
return redirect(url_for('login', **error_details))
else:
login_user(user)
session['_invalid_password_tries'] = 0
return get_next_url(next_page)


@webapp.route('/signup', methods=['GET', 'POST'])
Expand Down
79 changes: 38 additions & 41 deletions lms/templates/login.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,45 +1,42 @@
{% extends 'base.html' %}
{% from "_formhelpers.html" import render_field %}

{% block page_content %}
<div class="container">
<div id="login-container">
<div id="login" class="text-center">
<img id="login-logo" src="{{ url_for('static', filename='avatar.jpg') }}" alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
<h1 id="main-title" class="h3 font-weight-normal">{{ _('Login') }}</h1>
<p>
{{ _('Welcome to the exercise system!') }}<br>
{{ _('Insert your username and password:') }}
</p>
{% if login_message %}
<div id="login-message-box" class="text-center">
<p>
{{ login_message }}
</p>
</div>
{% endif %}
<form class="align-items-center" method="post" action="{{ url_for('login') }}">
<div class="row mb-3 {{ direction }}-language">
<label for="username" class="visually-hidden">{{ _('Username') }}</label>
<div>
<input id="username" class="form-control form-control-lg" type="text" name="username" placeholder="{{ _('Username') }}" required autofocus>
</div>
</div>
<div class="row mb-3 {{ direction }}-language">
<label for="password" class="visually-hidden">{{ _('Password') }}</label>
<div>
<input id="password" class="form-control form-control-lg" type="password" name="password" placeholder="{{ _('Password') }}" required>
</div>
</div>
<input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" value="{{ csrf_token() }}" required>
<input class="form-control form-control-lg" type="hidden" name="next" id="next" value="{{ request.args.get('next', '') }}">
<button class="btn btn-primary btn-lg btn-block">{{ _('Login') }}</button>
</form>
<a href="{{ url_for('reset_password') }}" id="forgot-my-password-link" role="button">{{ _('Forgot your password?') }}</a>
{% if config.REGISTRATION_OPEN %}
<hr class="mt-3 mb-3">
<a href="{{ url_for('signup') }}" class="btn btn-success btn-sm" role="button">{{ _('Register') }}</a>
{% endif %}
</div>
</div>
</div>
<div class="container">
<div id="login-container">
<div id="login" class="text-center">
Comment on lines +5 to +7
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please configure your IDE to convert TAB to 2 spaces in HTML

<img id="login-logo" src="{{ url_for('static', filename='avatar.jpg') }}"
alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
<h1 id="main-title" class="h3 font-weight-normal">{{ _('Login') }}</h1>
<p>
{{ _('Welcome to the exercise system!') }}<br>
{{ _('Insert your username and password:') }}
</p>
{% if login_message %}
<div id="login-message-box" class="text-center">
<p>
{{ login_message }}
</p>
</div>
{% endif %}

<form class="align-items-center" method="post" action="{{ url_for('login') }}">
{{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }}
{{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }}
<input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token"
value="{{ csrf_token() }}" required>
<input class="form-control form-control-lg" type="hidden" name="next" id="next"
value="{{ request.args.get('next', '') }}">
<button class="btn btn-primary btn-lg btn-block">{{ _('Login') }}</button>
<a href="{{ url_for('reset_password') }}" id="forgot-my-password-link" role="button">{{ _('Forgot your
password?') }}</a>
</form>

{% if config.REGISTRATION_OPEN %}
<hr class="mt-3 mb-3">
<a href="{{ url_for('signup') }}" class="btn btn-success btn-sm" role="button">{{ _('Register') }}</a>
{% endif %}
</div>
</div>
</div>
{% endblock %}
48 changes: 26 additions & 22 deletions lms/templates/signup.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,28 +2,32 @@
{% from "_formhelpers.html" import render_field %}

{% block page_content %}
<div class="container">
<div id="signup-container">
<div id="signup" class="text-center">
<img id="signup-logo" src="{{ url_for('static', filename='avatar.jpg') }}" alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
<h1 id="main-title" class="h3 font-weight-normal">{{ _('Registration') }}</h1>
<p>
{{ _('Welcome to the exercise system!') }}<br>
{{ _('Insert your email and password for registration:') }}
</p>
<form class="align-items-center {{ direction }}-language" method="post" action="{{ url_for('signup') }}">
{{ render_field(form.email, cls="form-control form-control-lg", placeholder=_('Email Address')) }}
{{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }}
{{ render_field(form.fullname, cls="form-control form-control-lg", placeholder=_('Full Name')) }}
{{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }}
{{ render_field(form.confirm, cls="form-control form-control-lg", placeholder=_('Password Confirmation')) }}
<input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" value="{{ csrf_token() }}" required>
<input class="form-control form-control-lg" type="hidden" name="next" id="next" value="{{ request.args.get('next', '') }}">
<button class="btn btn-primary btn-lg btn-block">{{ _('Register') }}</button>
</form>
<hr class="mt-3 mb-3">
<a href="/" class="btn btn-success btn-sm" role="button">{{ _('Back to login page') }}</a>
</div>
<div class="container">
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please reindent it

<div id="signup-container">
<div id="signup" class="text-center">
<img id="signup-logo" src="{{ url_for('static', filename='avatar.jpg') }}"
alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
<h1 id="main-title" class="h3 font-weight-normal">{{ _('Registration') }}</h1>
<p>
{{ _('Welcome to the exercise system!') }}<br>
{{ _('Insert your email and password for registration:') }}
</p>
<form class="align-items-center {{ direction }}-language" method="post" action="{{ url_for('signup') }}">
{{ render_field(form.email, cls="form-control form-control-lg", placeholder=_('Email Address')) }}
{{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }}
{{ render_field(form.fullname, cls="form-control form-control-lg", placeholder=_('Full Name')) }}
{{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }}
{{ render_field(form.confirm, cls="form-control form-control-lg", placeholder=_('Password Confirmation')) }}
<input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token"
value="{{ csrf_token() }}" required>
<input class="form-control form-control-lg" type="hidden" name="next" id="next"
value="{{ request.args.get('next', '') }}">
<button class="btn btn-primary btn-lg btn-block">{{ _('Register') }}</button>
</form>
<hr class="mt-3 mb-3">
<a href="/" class="btn btn-success btn-sm" role="button">{{ _('Back to login page') }}</a>
</div>
</div>
</div>
</div>
{% endblock %}