Coverage for dryxPyramid/views/views

Hot-keys on this page

r m x p toggle line displays

j k next/prev highlighted chunk

0 (zero) top of page

1 (one) first highlighted chunk

1from builtins import object

2import logging

3from pyramid.httpexceptions import HTTPFound

4from pyramid.response import Response

5from pyramid.view import view_config, view_defaults, forbidden_view_config

6from pyramid.security import remember, forget

7from passlib.hash import sha256_crypt

8from dryxPyramid.security import get_users_and_groups

9from dryxPyramid.templates.responses import templates_login

11# RESOURCE CONTEXT

14@forbidden_view_config()

15def forbidden(request):

16 login = login_view(request)

17 login.referrer = "/"

18 if request.method == "GET" or ("method" in request.params and request.params["method"] == "get"):

19 login.message = "You do not have the correct permissions to view this page"

20 else:

21 login.message = "You do not have the correct permissions to perform this action"

22 # href = request.route_path('login')

23 return login.login()

26@view_defaults(route_name='login', permission="view_everyone")

27class login_view(object):

29 def __init__(self, request):

30 self.request = request

31 self.log = logging.getLogger(__name__)

32 self.log.debug("instantiating a new 'login' view")

33 self.USERS, self.GROUPS = get_users_and_groups(request)

34 self.message = ""

35 self.referrer = request.url

37 @view_config(route_name='login', permission="view_everyone")

38 def login(self):

39 # Some Varibales

40 request = self.request

41 login_url = request.route_url('login')

42 referrer = self.referrer

43 message = self.message

44 login = ''

45 password = ''

47 # never use the login form itself as came_from

48 if login_url in referrer or "/" == referrer:

49 href = request.route_path('index')

50 referrer = href

51 came_from = request.params.get('came_from', referrer)

53 # test post method parameter to see if user can login

54 if 'login' in request.params and (('method' in request.params and request.params["method"] == "post") or request.method == "POST"):

55 login = request.params['login']

56 login = login.replace("@pessto.org", "")

57 password = request.params['password']

58 if login not in self.USERS:

59 message = 'incorrect username or password'

60 else:

61 if sha256_crypt.verify(password, self.USERS.get(login)):

62 headers = remember(request, login)

63 return HTTPFound(location=came_from,

64 headers=headers)

65 else:

66 message = 'incorrect username or password'

68 # If wrong details added, or GET method used, return login page

69 loginPage = templates_login(

70 log=self.log,

71 request=request,

72 mainCssFilePath=self.request.registry.settings[

73 "main css filepath"],

74 jsFilePath=self.request.registry.settings["main js filepath"],

75 pageTitle="Login",

76 iconPath=self.request.registry.settings["path to webapp icon"],

77 message=message,

78 came_from=came_from

79 )

80 responseContent = loginPage.get()

81 return Response(responseContent)

Coverage for dryxPyramid/views/views_login.py : 29%

49 statements

Coverage for dryxPyramid/views/views_login.py : 29%

49 statements 14 run 35 missing 0 excluded

49 statements