added basic user login / logout

7 years ago · 725a23979b
6 changed files with 118 additions and 22 deletions
--- a/ordr2/resources/init.py
+++ b/ordr2/resources/init.py
@ -10,9 +10,9 @@ class Root(BaseResource):
				@@ -10,9 +10,9 @@ class Root(BaseResource):
    __name__ = None
    __parent__ = None

-    _nodes = [
+    _nodes = {
        'account': Account
-        ]
+        }

    def __init__(self, request):
        self._request = request
--- a/ordr2/scripts/initializedb.py
+++ b/ordr2/scripts/initializedb.py
@ -49,3 +49,4 @@ def main(argv=sys.argv):
				@@ -49,3 +49,4 @@ def main(argv=sys.argv):
            role=Role.ADMIN
            )
        model.set_password('holgi')
+        dbsession.add(model)
--- a/ordr2/static/css/style.css
+++ b/ordr2/static/css/style.css
@ -4,7 +4,7 @@ html, body {
				@@ -4,7 +4,7 @@ html, body {

 body {
 	background-color: #FCFCFC;
-	
+
 }

 /*Opera Fix*/
@ -81,7 +81,7 @@ body:before {/* thanks to Maleika (Kohoutec)*/
				@@ -81,7 +81,7 @@ body:before {/* thanks to Maleika (Kohoutec)*/
  display: table;
  height: 86px;
  margin-bottom: -47px;
-  width: 100%;	
+  width: 100%;
 }

 .content .container-fluid, .content .container {
@ -99,8 +99,8 @@ footer {
				@@ -99,8 +99,8 @@ footer {

 footer a {
 	display: inline-block;
-	height: 26px;	
-	opacity: 0.5;	
+	height: 26px;
+	opacity: 0.5;
 	-webkit-transition: all 0.5s ease 0s;
 	-moz-transition: all 0.5s ease 0s;
 	-o-transition: all 0.5s ease 0s;
@ -127,7 +127,7 @@ footer .icon-dbs {
				@@ -127,7 +127,7 @@ footer .icon-dbs {
 	background-image: url(../img/sprite.png);
 	background-position: 0px -214px;
 	height: 26px;
-	width: 174px;	
+	width: 174px;
 }

 /*================================ BUTTONS ================================*/
@ -310,7 +310,7 @@ button.btn-flat {
				@@ -310,7 +310,7 @@ button.btn-flat {
 	width: 18px;
 	display: inline-block;
 	overflow: hidden;
-	text-indent: -9999px;	
+	text-indent: -9999px;
 }

 .search .autocomplete {
@ -321,7 +321,7 @@ button.btn-flat {
				@@ -321,7 +321,7 @@ button.btn-flat {
 	width: 18px;
 	display: inline-block;
 	overflow: hidden;
-	text-indent: -9999px;	
+	text-indent: -9999px;
 }

 .search .add-on:active {
@ -474,7 +474,7 @@ table .action.edit:hover {
				@@ -474,7 +474,7 @@ table .action.edit:hover {
 }

 .modal-body .option a {
-	font-weight: bold;	
+	font-weight: bold;
 }

 .modal-body .checklist {
@ -542,7 +542,7 @@ table .action.edit:hover {
				@@ -542,7 +542,7 @@ table .action.edit:hover {

 #register-successful, #access-denied {
 	margin: 90px 0 50px;
-	text-align: center;	
+	text-align: center;
 }

 #register-successful h1, #access-denied h1 {
@ -566,7 +566,7 @@ hgroup .info {
				@@ -566,7 +566,7 @@ hgroup .info {
 	line-height: 24px;
 }

-.account.login_failed h1 {
+.account.login h1 {
 	border-bottom: 1px solid #EEEEEE;
 	font-family: 'Anton',sans-serif;
 	font-size: 50px;
@ -582,7 +582,7 @@ hgroup .info {
				@@ -582,7 +582,7 @@ hgroup .info {
 	-webkit-transition: background-color 0.50s linear;
 	-moz-transition: background-color 0.50s linear;
 	-o-transition: background-color 0.50s linear;
-	transition: background-color 0.50s linear;	
+	transition: background-color 0.50s linear;
 }

 .admin-options .option {
@ -626,7 +626,7 @@ hgroup .info {
				@@ -626,7 +626,7 @@ hgroup .info {
 	margin-bottom: 5px;
 	-webkit-border-radius: 5px;
 	-moz-border-radius: 5px;
-	border-radius: 5px;	
+	border-radius: 5px;
 }

 .faq section {
@ -668,7 +668,7 @@ hgroup .info {
				@@ -668,7 +668,7 @@ hgroup .info {
 	-webkit-transition: background-color 0.1s ease 0s;
 	-moz-transition: background-color 0.1s ease 0s;
 	-o-transition: background-color 0.1s ease 0s;
-	transition: background-color 0.1s ease 0s;				
+	transition: background-color 0.1s ease 0s;
 }

 .accordion li:hover {
@ -686,11 +686,11 @@ hgroup .info {
				@@ -686,11 +686,11 @@ hgroup .info {
 	padding: 0;
 	-webkit-border-radius: 5px;
 	-moz-border-radius: 5px;
-	border-radius: 5px;	
+	border-radius: 5px;
 	-webkit-transition: background-color 0.1s ease 0s;
 	-moz-transition: background-color 0.1s ease 0s;
 	-o-transition: background-color 0.1s ease 0s;
-	transition: background-color 0.1s ease 0s;	
+	transition: background-color 0.1s ease 0s;
 }

 .accordion-heading a {
@ -698,14 +698,14 @@ hgroup .info {
				@@ -698,14 +698,14 @@ hgroup .info {
 	display: block;
 	font-size: 18px;
 	font-weight: bold;
-  line-height: 27px;	
+  line-height: 27px;
 	padding: 8px 15px;
 	text-decoration: none;
 	outline: none;
 	-webkit-transition: color 0.1s ease 0s;
 	-moz-transition: color 0.1s ease 0s;
 	-o-transition: color 0.1s ease 0s;
-	transition: color 0.1s ease 0s;		
+	transition: color 0.1s ease 0s;
 }

 .accordion-heading a:hover {
--- a/ordr2/templates/account/login.jinja2
+++ b/ordr2/templates/account/login.jinja2
@ -0,0 +1,36 @@
				@@ -0,0 +1,36 @@
+{% extends "ordr2:templates/layout.jinja2" %}
+
+{% block subtitle %} Login {% endblock subtitle %}
+
+{% block content %}
+<div class="container">
+	<div class="row">
+		<div class="span6 offset3">
+			<h1>Log in</h1>
+			<?php echo $this->session->flashdata('message'); ?>
+		</div>
+	</div>
+	<div class="row">
+		<div class="span6 offset3">
+		    <form action="{{request.resource_url(request.root, 'account', 'login')}}" method="post" class="form-horizontal">
+                <fieldset class="control-group">
+                      <label for="input01" class="control-label">Username</label>
+                      <div class="controls">
+                        <input type="text" name="username" class="span3" size="30">
+                      </div>
+                </fieldset>
+                <fieldset class="control-group">
+                      <label for="password" class="control-label">Password</label>
+                      <div class="controls">
+                        <input type="password" name="password" class="span3" size="30">
+                      </div>
+                </fieldset>
+                <fieldset class="form-actions">
+                  <input type="hidden" name="csrf_token" value="{{get_csrf_token()}}">
+                  <button class="btn primary large" type="submit">Log in</button>
+                </fieldset>
+            </form>
+		</div>
+	</div>
+</div>
+{% endblock content %}
--- a/ordr2/templates/layout.jinja2
+++ b/ordr2/templates/layout.jinja2
@ -34,13 +34,13 @@
				@@ -34,13 +34,13 @@
                </ul>
                <ul class="nav pull-right">
                    <li class="dropdown" id="user-options">
-                        <a data-toggle="dropdown" class="dropdown-toggle" href="#">Logged in as <span class="user-name">{{request.user.username}}</span></a>
+                        <a data-toggle="dropdown" class="dropdown-toggle" href="#">Logged in as <span class="user-name">{{request.user.user_name}}</span></a>
                        <ul class="dropdown-menu">
                          <li><a href="{{request.resource_url(request.root, 'account', 'settings')}}">Settings</a></li>
                          <li><a href="#">Help</a></li>
                          <li><a href="https://git.cpi.imtek.uni-freiburg.de/holgi/ordr2/issues">Submit an Issue</a></li>
                          <li class="divider"></li>
-                          <li><a href="{{request.resource_url(request.root, 'account', 'logout')}}">Settings</a></li>
+                          <li><a href="{{request.resource_url(request.root, 'account', 'logout')}}">Logout</a></li>
                        </ul>
                    </li>
                </ul>
@ -51,7 +51,6 @@
				@@ -51,7 +51,6 @@
                </ul>
                <form action="{{request.resource_url(request.root, 'account', 'login')}}" method="post" class="navbar-form pull-right">
                  <input type="hidden" name="csrf_token" value="{{get_csrf_token()}}">
-                  <input type="hidden" name="redirect" value="{{request.url}}" />
                  <input name="username" type="text" placeholder="Username" class="input-small">
                  <input name="password" type="password" placeholder="Password" class="input-small">
                  <button type="submit" class="btn">Log in</button>
--- a/ordr2/views/account.py
+++ b/ordr2/views/account.py
@ -0,0 +1,60 @@
				@@ -0,0 +1,60 @@
+from pyramid.httpexceptions import HTTPFound
+from pyramid.renderers import render
+from pyramid.security import remember, forget
+from pyramid.view import view_config
+
+from ordr2.models import User
+
+# user log in and log out
+
+@view_config(
+    context='ordr2:resources.Account',
+    name='login',
+    permission='login',
+    request_method='GET',
+    renderer='ordr2:templates/account/login.jinja2')
+def login_form(context, request):
+    ''' display a login form '''
+    return {}
+
+
+@view_config(
+    context='ordr2:resources.Account',
+    name='login',
+    permission='login',
+    request_method='POST')
+def login(context, request):
+    ''' loging in a user '''
+    username = request.POST.get('username')
+    password = request.POST.get('password')
+
+    # Form validation is not done for login forms,
+    # either the data represents a user or not.
+    user = request.dbsession.query(User).filter_by(user_name=username).first()
+    if user is not None:
+        if user.is_active and user.check_password(password):
+            headers = remember(request, user.id)
+            return HTTPFound(
+                request.resource_path(request.root, 'orders'),
+                headers=headers
+                )
+
+    #request.session.flash(MSG_LOGIN_ERROR.format(url), 'error')
+    return HTTPFound(request.resource_path(context, 'login'))
+
+
+@view_config(
+    context='ordr2:resources.Account',
+    name='logout',
+    permission='logout'
+    )
+def logout(context, request):
+    ''' logout of a user '''
+    if request.user:
+        pass
+        # request.session.flash(MSG_LOGOUT, 'success')
+    headers = forget(request)
+    return HTTPFound(
+        request.resource_path(request.root, 'about'),
+        headers=headers
+        )