Mercurial > libervia-web

comparison libervia/web/pages/login/page_meta.py @ 1518:eb00d593801d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refactoring: rename `libervia` to `libervia.web` + update imports following backend changes
author Goffi <goffi@goffi.org>
date Fri, 02 Jun 2023 16:49:28 +0200
parents libervia/pages/login/page_meta.py@106bae41f5c8
children 7941444c1671
comparison
equal deleted inserted replaced
1517:b8ed9726525b 1518:eb00d593801d
1 #!/usr/bin/env python3
2
3
4 from libervia.backend.core.i18n import _
5 from libervia.backend.core import exceptions
6 from libervia.web.server.constants import Const as C
7 from libervia.web.server import session_iface
8 from twisted.internet import defer
9 from libervia.backend.core.log import getLogger
10
11 log = getLogger(__name__)
12
13 """SàT log-in page, with link to create an account"""
14
15 name = "login"
16 access = C.PAGES_ACCESS_PUBLIC
17 template = "login/login.html"
18
19
20 def prepare_render(self, request):
21 template_data = request.template_data
22
23 #  we redirect to logged page if a session is active
24 profile = self.get_profile(request)
25 if profile is not None:
26 self.page_redirect("/login/logged", request)
27
28 # login error message
29 session_data = self.host.get_session_data(request, session_iface.IWebSession)
30 login_error = session_data.pop_page_data(self, "login_error")
31 if login_error is not None:
32 template_data["S_C"] = C # we need server constants in template
33 template_data["login_error"] = login_error
34 template_data["empty_password_allowed"] = bool(
35 self.host.options["empty_password_allowed_warning_dangerous_list"]
36 )
37
38 # register page url
39 if self.host.options["allow_registration"]:
40 template_data["register_url"] = self.get_page_redirect_url(request, "register")
41
42 #  if login is set, we put it in template to prefill field
43 template_data["login"] = session_data.pop_page_data(self, "login")
44
45
46 def login_error(self, request, error_const):
47 """set login_error in page data
48
49 @param error_const(unicode): one of login error constant
50 @return C.POST_NO_CONFIRM: avoid confirm message
51 """
52 session_data = self.host.get_session_data(request, session_iface.IWebSession)
53 session_data.set_page_data(self, "login_error", error_const)
54 return C.POST_NO_CONFIRM
55
56
57 async def on_data_post(self, request):
58 profile = self.get_profile(request)
59 type_ = self.get_posted_data(request, "type")
60 if type_ == "disconnect":
61 if profile is None:
62 log.warning(_("Disconnect called when no profile is logged"))
63 self.page_error(request, C.HTTP_BAD_REQUEST)
64 else:
65 self.host.purge_session(request)
66 return C.POST_NO_CONFIRM
67 elif type_ == "login":
68 login, password = self.get_posted_data(request, ("login", "password"))
69 try:
70 status = await self.host.connect(request, login, password)
71 except exceptions.ProfileUnknownError:
72 # the profile doesn't exist, we return the same error as for invalid password
73 # to avoid bruteforcing valid profiles
74 log.warning(f"login tentative with invalid profile: {login!r}")
75 return login_error(self, request, C.PROFILE_AUTH_ERROR)
76 except ValueError as e:
77 message = str(e)
78 if message in (C.XMPP_AUTH_ERROR, C.PROFILE_AUTH_ERROR):
79 return login_error(self, request, message)
80 else:
81 # this error was not expected!
82 raise e
83 except exceptions.TimeOutError:
84 return login_error(self, request, C.NO_REPLY)
85 else:
86 if status in (C.PROFILE_LOGGED, C.PROFILE_LOGGED_EXT_JID, C.SESSION_ACTIVE):
87 # Profile has been logged correctly
88 self.redirect_or_continue(request)
89 else:
90 log.error(_("Unhandled status: {status}".format(status=status)))
91 else:
92 self.page_error(request, C.HTTP_BAD_REQUEST)