49 Commits

Author SHA1 Message Date
Jonathan Sandoval
4106eef3a4 No length check for login form 2016-04-07 16:34:00 -05:00
Andrew Browning
5c7b2a6381 Fix #5451 - add_message inconsistencies
Reformat add_message function calls for consistency and PEP8 line
continuations.
2016-04-02 19:59:01 -04:00
Christopher Allan Webber
64c035b39f Issue #5394: Wrong url for forgot_password in basic_auth plugin
Fix by jerome.  Thank you!
2016-01-21 12:37:50 -08:00
Jessica Tallon
d88fcb03e2 Change codebase to query or create correct User model
The code base had many references to User.username and other
specific to LocalUser attributes as that was the way it use to exist.
This updates those to query on the generic User model but filtering
by attributes on the LocalUser.
2015-07-31 15:15:24 +02:00
Jakob Kramer
f4686cde16 wtforms.fields.TextField was deprecated
WTForms documentation:
> The TextField alias for StringField is deprecated.

Signed-off-by: Berker Peksag <berker.peksag@gmail.com>
2015-03-12 21:57:53 +02:00
Christopher Allan Webber
f6bad0eb26 Merge branch 'master' into merge-python3-port
Has some issues, will iteratively fix!

Conflicts:
	mediagoblin/gmg_commands/__init__.py
	mediagoblin/gmg_commands/deletemedia.py
	mediagoblin/gmg_commands/users.py
	mediagoblin/oauth/views.py
	mediagoblin/plugins/api/views.py
	mediagoblin/tests/test_api.py
	mediagoblin/tests/test_edit.py
	mediagoblin/tests/test_oauth1.py
	mediagoblin/tests/test_util.py
	mediagoblin/tools/mail.py
	mediagoblin/webfinger/views.py
	setup.py
2014-09-16 14:01:43 -05:00
Loïc Le Ninan
0742e11dff Fixes #899 : DeprecationWarning about Required going away in WTForms 3.0. Replaced Required with InputRequired. 2014-06-13 10:23:07 -05:00
Berker Peksag
e49b7e02b2 Use six.text_type instead of unicode().
I will be switch to use ``from __future__ import unicode_literals`` later.
2014-06-02 20:59:28 +03:00
Christopher Allan Webber
4491174df2 accoutn -> account. Typo fix caught by Laura Arjona! Thanks!
This commit sponsored by Nick Adams!  Thank you!
2013-11-04 15:05:40 -06:00
Christopher Allan Webber
6180e3a915 Fixing up the email verified stuff to reflect the email_verified stuff!
This commit sponsored by Derek Holdaway.  Thanks!
2013-10-08 13:58:02 -05:00
Rodney Ewing
33b5cebe75 fixed some typos and missed imports 2013-08-16 10:28:49 -07:00
Rodney Ewing
f66e4282d4 moved create account link on login page to a hook 2013-08-16 10:28:49 -07:00
Rodney Ewing
581e52c264 deleted misplaced template 2013-08-16 10:28:49 -07:00
Rodney Ewing
36f901fbbd used template hooks instead of hardcoding basic_auth functionality into templates 2013-08-16 10:28:48 -07:00
Rodney Ewing
af665c4eb9 moved change_pass to basic_auth and fixed some typos with the moving of forgot pass 2013-08-16 10:28:48 -07:00
Rodney Ewing
aeae6cc290 moved forgot pass to basic_auth plugin 2013-08-16 10:28:47 -07:00
Rodney Ewing
fb900ef27b Merge branch 'auth_docs'
Conflicts:
	docs/source/index.rst
2013-08-16 10:24:41 -07:00
Rodney Ewing
0ec7ce4ec6 updated to new render_divs macro 2013-07-11 14:56:40 -07:00
Jakob Kramer
527b7e3b57 add login option: stay_logged_in
As proposed in issue #354; it adds an attribute max_age
to mediagoblin.tools.session.Session  that is passed to
response.set_cookie;  max_age is set to 30  days if the
checkbox is selected
2013-07-11 14:56:40 -07:00
Rodney Ewing
b3c4cbd5c1 only check password if there is a store_hash 2013-07-10 10:35:26 -07:00
Rodney Ewing
bd0ece0557 added basic_auth and openid docs to index and link them together 2013-07-09 12:57:57 -07:00
Rodney Ewing
6a93bb4ef7 basic_auth documentation 2013-07-09 12:31:01 -07:00
Rodney Ewing
fea0b3b289 use template hooks instead of hardcoding in templates 2013-07-03 13:49:17 -05:00
Rodney Ewing
5adb906a0a merge --squash openid branch to take care of a false merge commit in the
basic_auth branch that openid is forked from

Commits squashed together (in reverse chronological order):
 - do the label thing only for boolean fields
 - made edit_account to autofocus on the first field
 - added feature to render_divs where if field.label == '' then it
   will render form.description the same a render_label
 - added allow_registration check
 - refactored create_user
 - removed verification_key from create_user
 - removed get_user from openid
 - cleanup after removing openid from template_env.globals
 - fix for werkzueg 0.9.1
 - cleanup after merge
 - more tests
 - restored openid extra_validation just for safety
 - tests for openid
 - deleted openid extra_validation
 - passed next parameter in session for openid
 - fixed a bug that was deleting the messages
 - implemented openid store using sqlalchemy
 - ask openid provider for 'nickname' to prefill username in registration form
 - refactored delete openid url to work with generic urls such as
   google and to not allow a user to delete a url if it is there only
   one and they don't have a pw
 - refactored login to register user workflow, which fixed a problem
   where the 'or register with a password link' wasn't showing up when
   the finish_login view called the register view because there wasn't
   any redirect.
 - added the ability to remove openid's
 - added the ability to add openids to an existing account
 - refactored start_login and finish_login views
 - modified edit_account.html to use render_divs
 - modified gmg/edit/views to behave appropriatly if no password
   authentication is enabled. moved the update email stuff to it's own
   funtion to make edit_account view cleaner. edit_account now
   modifies the form depending on the plugins.
 - minor typos
 - added retrieving email from openid provider
 - moved allow_registration check to a decorator
 - moved check if auth is enabled to a decorator
 - changed openid user registration to go through login first
 - cleanup after merge
 - modified verification emails to use itsdangerous tokens
 - added error handling on bad token, fixed route, and added tests
 - added support for user to change email address
 - added link to login view openid/password in login template
 - updated openid get_user function
 - modified get_user function to take kwargs instead of username
 - no need for user might be email kwarg in check_login_simple
 - added gen_password_hash and check_password functions to auth/__init__
 - added focus to form input
 - made imports fully qualified
 - modified basic_auth.check_login to check that the user has a pw_hash first
 - changed occurances of form.data['whatever'] to form.whatever.data
 - convert tabs to spaces in register template, remove unsed
   templates, and fixed trans tags in templates
 - in process of openid login. it works, but needs major imporvements
 - make password field required in basic_auth form
 - check if password field present in basic_auth create_user
 - modified openid create_user function
 - modified models based on Elronds suggestions
 - changed register form action to a variable to be passed in by the
   view using the template
 - openid plugin v0, still need to authenticate via openid.
 - added a register_user function to be able to use in a plugin's
   register view, and modified auth/views.register to redirect to
   openid/register if appropriate.
 - Modified basic_auth plugin to work with modified auth plugin
   hooks. Added context variables. Removed basic_auth/tools which was
   previously renamed to basic_auth/lib.
 - modified auth/__init__ hooks to work better with multiple
   plugins. Removed auth/lib.py. And added a basic_extra_verification
   function that all plugins will use.
 - added models and migrations for openid plugin
2013-07-03 13:49:16 -05:00
Christopher Allan Webber
ac0bc6a1e1 fixing the config section we pull things out of for basic_auth 2013-07-03 08:09:48 -05:00
Rodney Ewing
af4414a85f Merge remote-tracking branch 'upstream/master' into auth
Conflicts:
	mediagoblin/app.py
	mediagoblin/auth/forms.py
	mediagoblin/auth/tools.py
	mediagoblin/db/migrations.py
	mediagoblin/db/models.py
	mediagoblin/edit/views.py
	mediagoblin/plugins/basic_auth/tools.py
	mediagoblin/tests/test_edit.py
2013-06-25 13:37:21 -07:00
Rodney Ewing
e4deacd9c8 changes after cwebb's review 2013-06-21 14:14:40 -07:00
Rodney Ewing
b1e02e0a70 modified get_user function to take kwargs instead of username 2013-05-27 11:14:08 -07:00
Rodney Ewing
3b8c733b98 no need for check_login with the new check_login_simple function 2013-05-27 08:54:25 -07:00
Rodney Ewing
3bcdc49088 renamed lib to tools 2013-05-27 08:43:12 -07:00
Rodney Ewing
cdc6b571e3 cleanup after merge 2013-05-27 08:39:34 -07:00
Rodney Ewing
f339b76a4e moving forgot_password views back to gmg/auth and cleanup 2013-05-24 18:09:57 -07:00
Rodney Ewing
b194f29fe3 added gen_password_hash and check_password functions to auth/__init__ 2013-05-24 16:52:50 -07:00
Rodney Ewing
09ae2df4eb modified basic_auth.check_login to check that the user has a pw_hash first 2013-05-24 16:52:49 -07:00
Rodney Ewing
569873d8f0 changed occurances of form.data['whatever'] to form.whatever.data
Conflicts:
	mediagoblin/plugins/basic_auth/__init__.py
	mediagoblin/plugins/openid/__init__.py
2013-05-24 16:52:49 -07:00
Rodney Ewing
94d77e1fc1 check if password field present in basic_auth create_user 2013-05-24 16:52:49 -07:00
Rodney Ewing
c94316bff4 Modified basic_auth plugin to work with modified auth plugin hooks. Added context variables. Removed basic_auth/tools which was previously renamed to basic_auth/lib. 2013-05-24 16:52:49 -07:00
Rodney Ewing
ba016fda9a added Copyright header to basic_auth/forms.py 2013-05-24 16:52:49 -07:00
Rodney Ewing
14efa7bdf1 moved fake_login_attempt to plugins 2013-05-24 16:52:49 -07:00
Rodney Ewing
f65615eaf9 renamed hook as to no conflict with existing hook names 2013-05-24 16:52:48 -07:00
Rodney Ewing
5b6923ab84 renamed basic_auth/tools to basic_auth/lib 2013-05-24 16:52:48 -07:00
Rodney Ewing
0bd654a346 modified check_login function to return None instead of False to be able to have multiple plugins check_login 2013-05-24 16:52:48 -07:00
Rodney Ewing
9c2c9be79d moved bcrypt_gen_password_hash to basic_auth/tools and added gen_password_hash function to auth/__init__ 2013-05-24 16:52:48 -07:00
Rodney Ewing
d54cf48a33 moved bcrypt_check_password to basic_auth/tools from auth/lib 2013-05-24 16:52:48 -07:00
Rodney Ewing
744f1c83b9 add a check for authentication plugin on startup and respond according to no_auth config option. allows instance to be run w/o authentication 2013-05-24 16:52:48 -07:00
Rodney Ewing
0f3504e35b moved normalize_user_or_email_field to auth/tools.py from auth/forms.py 2013-05-24 16:52:47 -07:00
Rodney Ewing
58460a8301 moved forgot pw views to basic_auth plugin 2013-05-24 16:52:47 -07:00
Rodney Ewing
77e1aca8db added login.html template hook and basic_auth login template 2013-05-24 16:51:27 -07:00
Rodney Ewing
ee355966c8 basic_auth v0 plugin working 2013-05-24 16:51:27 -07:00