aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/plugins/basic_auth
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/plugins/basic_auth')
-rw-r--r--mediagoblin/plugins/basic_auth/README.rst2
-rw-r--r--mediagoblin/plugins/basic_auth/__init__.py8
-rw-r--r--mediagoblin/plugins/basic_auth/forms.py10
-rw-r--r--mediagoblin/plugins/basic_auth/tools.py4
-rw-r--r--mediagoblin/plugins/basic_auth/views.py38
5 files changed, 35 insertions, 27 deletions
diff --git a/mediagoblin/plugins/basic_auth/README.rst b/mediagoblin/plugins/basic_auth/README.rst
index 82f247ed..87a7b16f 100644
--- a/mediagoblin/plugins/basic_auth/README.rst
+++ b/mediagoblin/plugins/basic_auth/README.rst
@@ -5,7 +5,7 @@
===================
The basic_auth plugin is enabled by default in mediagoblin.ini. This plugin
-provides basic username and password authentication for GNU Mediagoblin.
+provides basic username and password authentication for GNU MediaGoblin.
This plugin can be enabled alongside :ref:`openid-chapter` and
:ref:`persona-chapter`.
diff --git a/mediagoblin/plugins/basic_auth/__init__.py b/mediagoblin/plugins/basic_auth/__init__.py
index 64564c7f..31a4fd95 100644
--- a/mediagoblin/plugins/basic_auth/__init__.py
+++ b/mediagoblin/plugins/basic_auth/__init__.py
@@ -19,7 +19,7 @@ import os
from mediagoblin.plugins.basic_auth import forms as auth_forms
from mediagoblin.plugins.basic_auth import tools as auth_tools
from mediagoblin.auth.tools import create_basic_user
-from mediagoblin.db.models import User
+from mediagoblin.db.models import LocalUser
from mediagoblin.tools import pluginapi
from sqlalchemy import or_
from mediagoblin.tools.staticdirect import PluginStatic
@@ -56,10 +56,10 @@ def setup_plugin():
def get_user(**kwargs):
username = kwargs.pop('username', None)
if username:
- user = User.query.filter(
+ user = LocalUser.query.filter(
or_(
- User.username == username,
- User.email == username,
+ LocalUser.username == username,
+ LocalUser.email == username,
)).first()
return user
diff --git a/mediagoblin/plugins/basic_auth/forms.py b/mediagoblin/plugins/basic_auth/forms.py
index 42b84bf3..3d684e91 100644
--- a/mediagoblin/plugins/basic_auth/forms.py
+++ b/mediagoblin/plugins/basic_auth/forms.py
@@ -20,7 +20,7 @@ from mediagoblin.auth.tools import normalize_user_or_email_field
class RegistrationForm(wtforms.Form):
- username = wtforms.TextField(
+ username = wtforms.StringField(
_('Username'),
[wtforms.validators.InputRequired(),
normalize_user_or_email_field(allow_email=False)])
@@ -28,17 +28,17 @@ class RegistrationForm(wtforms.Form):
_('Password'),
[wtforms.validators.InputRequired(),
wtforms.validators.Length(min=5, max=1024)])
- email = wtforms.TextField(
+ email = wtforms.StringField(
_('Email address'),
[wtforms.validators.InputRequired(),
normalize_user_or_email_field(allow_user=False)])
class LoginForm(wtforms.Form):
- username = wtforms.TextField(
+ username = wtforms.StringField(
_('Username or Email'),
[wtforms.validators.InputRequired(),
- normalize_user_or_email_field()])
+ normalize_user_or_email_field(is_login=True)])
password = wtforms.PasswordField(
_('Password'))
stay_logged_in = wtforms.BooleanField(
@@ -47,7 +47,7 @@ class LoginForm(wtforms.Form):
class ForgotPassForm(wtforms.Form):
- username = wtforms.TextField(
+ username = wtforms.StringField(
_('Username or email'),
[wtforms.validators.InputRequired(),
normalize_user_or_email_field()])
diff --git a/mediagoblin/plugins/basic_auth/tools.py b/mediagoblin/plugins/basic_auth/tools.py
index f943bf39..13f240b2 100644
--- a/mediagoblin/plugins/basic_auth/tools.py
+++ b/mediagoblin/plugins/basic_auth/tools.py
@@ -16,6 +16,8 @@
import bcrypt
import random
+import six
+
from mediagoblin import mg_globals
from mediagoblin.tools.crypto import get_timed_signer_url
from mediagoblin.tools.mail import send_email
@@ -66,7 +68,7 @@ def bcrypt_gen_password_hash(raw_pass, extra_salt=None):
if extra_salt:
raw_pass = u"%s:%s" % (extra_salt, raw_pass)
- return unicode(
+ return six.text_type(
bcrypt.hashpw(raw_pass.encode('utf-8'), bcrypt.gensalt()))
diff --git a/mediagoblin/plugins/basic_auth/views.py b/mediagoblin/plugins/basic_auth/views.py
index 02d370f0..f398f0d2 100644
--- a/mediagoblin/plugins/basic_auth/views.py
+++ b/mediagoblin/plugins/basic_auth/views.py
@@ -16,7 +16,7 @@
from itsdangerous import BadSignature
from mediagoblin import messages
-from mediagoblin.db.models import User
+from mediagoblin.db.models import LocalUser
from mediagoblin.decorators import require_active_login
from mediagoblin.plugins.basic_auth import forms, tools
from mediagoblin.tools.crypto import get_timed_signer_url
@@ -48,7 +48,7 @@ def forgot_password(request):
found_by_email = '@' in fp_form.username.data
if found_by_email:
- user = User.query.filter_by(
+ user = LocalUser.query.filter_by(
email=fp_form.username.data).first()
# Don't reveal success in case the lookup happened by email address.
success_message = _("If that email address (case sensitive!) is "
@@ -56,24 +56,27 @@ def forgot_password(request):
"instructions on how to change your password.")
else: # found by username
- user = User.query.filter_by(
+ user = LocalUser.query.filter_by(
username=fp_form.username.data).first()
if user is None:
- messages.add_message(request,
- messages.WARNING,
- _("Couldn't find someone with that username."))
- return redirect(request, 'mediagoblin.auth.forgot_password')
+ messages.add_message(
+ request,
+ messages.WARNING,
+ _("Couldn't find someone with that username."))
+ return redirect(request,
+ 'mediagoblin.plugins.basic_auth.forgot_password')
success_message = _("An email has been sent with instructions "
"on how to change your password.")
if user and user.has_privilege(u'active') is False:
# Don't send reminder because user is inactive or has no verified email
- messages.add_message(request,
+ messages.add_message(
+ request,
messages.WARNING,
- _("Could not send password recovery email as your username is in"
- "active or your account's email address has not been verified."))
+ _("Could not send password recovery email as your username is "
+ "inactive or your account's email address has not been verified."))
return redirect(request, 'mediagoblin.user_pages.user_home',
user=user.username)
@@ -114,7 +117,7 @@ def verify_forgot_password(request):
'index')
# check if it's a valid user id
- user = User.query.filter_by(id=int(token)).first()
+ user = LocalUser.query.filter_by(id=int(token)).first()
# no user in db
if not user:
@@ -153,15 +156,17 @@ def verify_forgot_password(request):
#
# if not user.email_verified:
# messages.add_message(
- # request, messages.ERROR,
+ # request,
+ # messages.ERROR,
# _('You need to verify your email before you can reset your'
# ' password.'))
if not user.status == 'active':
messages.add_message(
- request, messages.ERROR,
- _('You are no longer an active user. Please contact the system'
- ' admin to reactivate your account.'))
+ request,
+ messages.ERROR,
+ _("You are no longer an active user. Please contact the system "
+ "admin to reactivate your account."))
return redirect(
request, 'index')
@@ -211,7 +216,8 @@ def change_pass(request):
user.save()
messages.add_message(
- request, messages.SUCCESS,
+ request,
+ messages.SUCCESS,
_('Your password was changed successfully'))
return redirect(request, 'mediagoblin.edit.account')