From f1c52d01aa24bf144c4303d0fc71bed3beaecc94 Mon Sep 17 00:00:00 2001 From: Matt Wright Date: Thu, 23 Aug 2012 20:56:13 -0400 Subject: [PATCH] Even more polish --- flask_security/core.py | 2 +- flask_security/forms.py | 15 +++++++++----- flask_security/script.py | 39 ----------------------------------- flask_security/views.py | 44 ++++++++++++++++++---------------------- 4 files changed, 31 insertions(+), 69 deletions(-) diff --git a/flask_security/core.py b/flask_security/core.py index 5f042a5..3766de4 100644 --- a/flask_security/core.py +++ b/flask_security/core.py @@ -9,12 +9,12 @@ :license: MIT, see LICENSE for more details. """ -from itsdangerous import URLSafeTimedSerializer from flask import current_app from flask.ext.login import AnonymousUser as AnonymousUserBase, \ UserMixin as BaseUserMixin, LoginManager, current_user from flask.ext.principal import Principal, RoleNeed, UserNeed, Identity, \ identity_loaded +from itsdangerous import URLSafeTimedSerializer from passlib.context import CryptContext from werkzeug.datastructures import ImmutableList from werkzeug.local import LocalProxy diff --git a/flask_security/forms.py b/flask_security/forms.py index 613b99e..38957fc 100644 --- a/flask_security/forms.py +++ b/flask_security/forms.py @@ -9,17 +9,17 @@ :license: MIT, see LICENSE for more details. """ -from flask import request, current_app as app -from flask.ext.wtf import Form, TextField, PasswordField, SubmitField, \ - HiddenField, Required, BooleanField, EqualTo, Email, ValidationError, \ - Length +from flask import request, current_app +from flask.ext.wtf import Form as BaseForm, TextField, PasswordField, \ + SubmitField, HiddenField, Required, BooleanField, EqualTo, Email, \ + ValidationError, Length from werkzeug.local import LocalProxy from .confirmable import requires_confirmation from .utils import verify_password, get_message # Convenient reference -_datastore = LocalProxy(lambda: app.extensions['security'].datastore) +_datastore = LocalProxy(lambda: current_app.extensions['security'].datastore) email_required = Required(message='Email not provided') @@ -40,6 +40,11 @@ def valid_user_email(form, field): raise ValidationError('Specified user does not exist') +class Form(BaseForm): + def __init__(self, *args, **kwargs): + super(Form, self).__init__(csrf_enabled=not current_app.testing, + *args, **kwargs) + class EmailFormMixin(): email = TextField("Email Address", validators=[email_required, diff --git a/flask_security/script.py b/flask_security/script.py index 0bf3f16..f81159d 100644 --- a/flask_security/script.py +++ b/flask_security/script.py @@ -105,42 +105,3 @@ class ActivateUserCommand(_ToggleActiveCommand): def run(self, user_identifier): _datastore.activate_user(user_identifier) print "User '%s' has been activated" % user_identifier - - -class GenerateBlueprintCommand(Command): - """Generate a Flask-Security blueprint object""" - - option_list = ( - Option('--output', '-o', dest='output', default=None), - ) - - def run(self, output): - output = os.path.join(os.getcwd(), output) if output else 'security.py' - - if os.path.exists(output): - msg = 'File %s exists. Do you want to overwrite it?' % output - if not prompt_bool(msg): - return - - with open(output, 'w') as o: - source = inspect.getfile(views).replace('.pyc', '.py') - - with open(source, 'r') as s: - to_remove = '"""' + views.__doc__ + '"""' - to_replace = """ -\""" - Flask-Security - ~~~~~~~~~~~~~~ - - This module was generated by Flask-Security to give developers greater - control over the various security mechanisms. For more information about - using this feature see: - - TODO: Documentation URL -\""" -""" - contents = s.read().replace(to_remove, to_replace) - o.write(contents) - - print 'File generated successfully.' - print output diff --git a/flask_security/views.py b/flask_security/views.py index f6834d3..376ff09 100644 --- a/flask_security/views.py +++ b/flask_security/views.py @@ -9,29 +9,29 @@ :license: MIT, see LICENSE for more details. """ -from flask import current_app as app, redirect, request, \ - render_template, jsonify, after_this_request, Blueprint +from flask import current_app, redirect, request, render_template, jsonify, \ + after_this_request, Blueprint from werkzeug.datastructures import MultiDict from werkzeug.local import LocalProxy -from flask_security.confirmable import send_confirmation_instructions, \ +from .confirmable import send_confirmation_instructions, \ confirm_user, confirm_email_token_status -from flask_security.decorators import login_required -from flask_security.forms import LoginForm, ConfirmRegisterForm, RegisterForm, \ +from .decorators import login_required +from .forms import LoginForm, ConfirmRegisterForm, RegisterForm, \ ForgotPasswordForm, ResetPasswordForm, SendConfirmationForm, \ PasswordlessLoginForm -from flask_security.passwordless import send_login_instructions, \ +from .passwordless import send_login_instructions, \ login_token_status -from flask_security.recoverable import reset_password_token_status, \ +from .recoverable import reset_password_token_status, \ send_reset_password_instructions, update_password -from flask_security.registerable import register_user -from flask_security.utils import get_url, get_post_login_redirect, do_flash, \ - get_message, config_value, login_user, logout_user, \ - anonymous_user_required, url_for_security as url_for +from .registerable import register_user +from .utils import get_url, get_post_login_redirect, do_flash, \ + get_message, login_user, logout_user, anonymous_user_required, \ + url_for_security as url_for # Convenient references -_security = LocalProxy(lambda: app.extensions['security']) +_security = LocalProxy(lambda: current_app.extensions['security']) _datastore = LocalProxy(lambda: _security.datastore) @@ -64,11 +64,9 @@ def login(): """View function for login view""" if request.json: - form_data = MultiDict(request.json) + form = LoginForm(MultiDict(request.json)) else: - form_data = request.form - - form = LoginForm(form_data, csrf_enabled=not app.testing) + form = LoginForm() if form.validate_on_submit(): login_user(form.user, remember=form.remember.data) @@ -100,11 +98,9 @@ def register(): """View function which handles a registration request.""" if _security.confirmable: - form = ConfirmRegisterForm + form = ConfirmRegisterForm() else: - form = RegisterForm - - form = form(csrf_enabled=not app.testing) + form = RegisterForm() if form.validate_on_submit(): user = register_user(**form.to_dict()) @@ -127,7 +123,7 @@ def register(): def send_login(): """View function that sends login instructions for passwordless login""" - form = PasswordlessLoginForm(csrf_enabled=not app.testing) + form = PasswordlessLoginForm() if form.validate_on_submit(): send_login_instructions(form.user) @@ -163,7 +159,7 @@ def token_login(token): def send_confirmation(): """View function which sends confirmation instructions.""" - form = SendConfirmationForm(csrf_enabled=not app.testing) + form = SendConfirmationForm() if form.validate_on_submit(): send_confirmation_instructions(form.user) @@ -203,7 +199,7 @@ def confirm_email(token): def forgot_password(): """View function that handles a forgotten password request.""" - form = ForgotPasswordForm(csrf_enabled=not app.testing) + form = ForgotPasswordForm() if form.validate_on_submit(): send_reset_password_instructions(form.user) @@ -228,7 +224,7 @@ def reset_password(token): if invalid or expired: return redirect(url_for('forgot_password')) - form = ResetPasswordForm(csrf_enabled=not app.testing) + form = ResetPasswordForm() if form.validate_on_submit(): update_password(user, form.password.data)