# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.login

~~~~~~~~~~~~~~~~~~~~~~~~~~~

Login controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 22, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import re

import formencode

from formencode import htmlfill

from tg import request, session

from tg import tmpl_context as c

from tg.i18n import ugettext as _

from webob.exc import HTTPBadRequest, HTTPFound

import kallithea.lib.helpers as h

from kallithea.config.routing import url

from kallithea.lib.auth import AuthUser, HasPermissionAnyDecorator

from kallithea.lib.base import BaseController, log_in_user, render

from kallithea.lib.exceptions import UserCreationError

from kallithea.model.db import Setting, User

from kallithea.model.forms import LoginForm, PasswordResetConfirmationForm, PasswordResetRequestForm, RegisterForm

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

log = logging.getLogger(__name__)

class LoginController(BaseController):

    def _validate_came_from(self, came_from,

            _re=re.compile(r"/(?!/)[-!#$%&'()*+,./:;=?@_~0-9A-Za-z]*$")):

        """Return True if came_from is valid and can and should be used.

        Determines if a URI reference is valid and relative to the origin;

        or in RFC 3986 terms, whether it matches this production:

          origin-relative-ref = path-absolute [ "?" query ] [ "#" fragment ]

        with the exception that '%' escapes are not validated and '#' is

        allowed inside the fragment part.

        """

        return _re.match(came_from) is not None

    def index(self):

        c.came_from = request.GET.get('came_from', '')

        if c.came_from:

            if not self._validate_came_from(c.came_from):

                log.error('Invalid came_from (not server-relative): %r', c.came_from)

                raise HTTPBadRequest()

        else:

            c.came_from = url('home')

        if request.POST:

            # import Login Form validator class

            login_form = LoginForm()()

            try:

                c.form_result = login_form.to_python(dict(request.POST))

                # form checks for username/password, now we're authenticated

                username = c.form_result['username']

                assert user is not None  # the same user get just passed in the form validation

            except formencode.Invalid as errors:

                defaults = errors.value

                # remove password from filling in form again

                defaults.pop('password', None)

                return htmlfill.render(

                    render('/login.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            except UserCreationError as e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

            else:

                auth_user = log_in_user(user, c.form_result['remember'], is_external_auth=False, ip_addr=request.ip_addr)

                if auth_user:

                    raise HTTPFound(location=c.came_from)

                h.flash(_('Authentication failed.'), 'error')

        else:

            # redirect if already logged in

            if not request.authuser.is_anonymous:

                raise HTTPFound(location=c.came_from)

            # continue to show login to default user

        return render('/login.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',

                               'hg.register.manual_activate')

    def register(self):

        def_user_perms = AuthUser(dbuser=User.get_default_user()).permissions['global']

        c.auto_active = 'hg.register.auto_activate' in def_user_perms

        settings = Setting.get_app_settings()

        captcha_private_key = settings.get('captcha_private_key')

        c.captcha_active = bool(captcha_private_key)

        c.captcha_public_key = settings.get('captcha_public_key')

        if request.POST:

            register_form = RegisterForm()()

            try:

                form_result = register_form.to_python(dict(request.POST))

                form_result['active'] = c.auto_active

                if c.captcha_active:

                    from kallithea.lib.recaptcha import submit

                    response = submit(request.POST.get('g-recaptcha-response'),

                                      private_key=captcha_private_key,

                                      remoteip=request.ip_addr)

                    if not response.is_valid:

                        _value = form_result

                        _msg = _('Bad captcha')

                        error_dict = {'recaptcha_field': _msg}

                        raise formencode.Invalid(_msg, _value, None,

                                                 error_dict=error_dict)

                UserModel().create_registration(form_result)

                h.flash(_('You have successfully registered with %s') % (c.site_name or 'Kallithea'),

                        category='success')

                Session().commit()

                raise HTTPFound(location=url('login_home'))

            except formencode.Invalid as errors:

                return htmlfill.render(

                    render('/register.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            except UserCreationError as e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

        return render('/register.html')

    def password_reset(self):

        settings = Setting.get_app_settings()

        captcha_private_key = settings.get('captcha_private_key')

        c.captcha_active = bool(captcha_private_key)

        c.captcha_public_key = settings.get('captcha_public_key')

        if request.POST:

            password_reset_form = PasswordResetRequestForm()()

            try:

                form_result = password_reset_form.to_python(dict(request.POST))

                if c.captcha_active:

                    from kallithea.lib.recaptcha import submit

                    response = submit(request.POST.get('g-recaptcha-response'),

        if isfunction(formencode_obj):

            # case we wrap validators into functions

            formencode_obj = self.formencode_obj(*args, **kwargs)

        return formencode_obj(*self.args, **self.kwargs)

class KallitheaAuthPluginBase(object):

    auth_func_attrs = {

        "username": "unique username",

        "firstname": "first name",

        "lastname": "last name",

        "email": "email address",

        "groups": '["list", "of", "groups"]',

        "extern_name": "name in external source of record",

        "admin": 'True|False defines if user should be Kallithea admin',

    }

    @property

    def validators(self):

        """

        Exposes Kallithea validators modules

        """

        # this is a hack to overcome issues with pylons threadlocals and

        # translator object _() not being registered properly.

        class LazyCaller(object):

            def __init__(self, name):

                self.validator_name = name

            def __call__(self, *args, **kwargs):

                from kallithea.model import validators as v

                obj = getattr(v, self.validator_name)

                #log.debug('Initializing lazy formencode object: %s', obj)

                return LazyFormencode(obj, *args, **kwargs)

        class ProxyGet(object):

            def __getattribute__(self, name):

                return LazyCaller(name)

        return ProxyGet()

    @hybrid_property

    def name(self):

        """

        Returns the name of this authentication plugin.

        :returns: string

        """

        raise NotImplementedError("Not implemented in base class")

    @hybrid_property

    def is_container_auth(self):

        """

        Returns bool if this module uses container auth.

        This property will trigger an automatic call to authenticate on

        a visit to the website or during a push/pull.

        :returns: bool

        """

        return False

    def accepts(self, user, accepts_empty=True):

        """

        Checks if this authentication module should accept a request for

        the current user.

        :param user: user object fetched using plugin's get_user() method.

        :param accepts_empty: if True accepts don't allow the user to be empty

        :returns: boolean

        """

        plugin_name = self.name

        if not user and not accepts_empty:

            log.debug('User is empty not allowed to authenticate')

            return False

        if user and user.extern_type and user.extern_type != plugin_name:

            log.debug('User %s should authenticate using %s this is %s, skipping',

                      user, user.extern_type, plugin_name)

            return False

        return True

    def get_user(self, username=None, **kwargs):

        """

        Helper method for user fetching in plugins, by default it's using

        simple fetch by username, but this method can be customized in plugins

        eg. container auth plugin to fetch user by environ params

        :param username: username if given to fetch from database

        :param kwargs: extra arguments needed for user fetching.

        """

        user = None

        log.debug('Trying to fetch user `%s` from Kallithea database',

                  username)

        if username:

            user = User.get_by_username_or_email(username)

        else:

            log.debug('provided username:`%s` is empty skipping...', username)

        return user

    def settings(self):

        """

        Return a list of the form:

        [

            {

                "name": "OPTION_NAME",

                "type": "[bool|password|string|int|select]",

                ["values": ["opt1", "opt2", ...]]

                "validator": "expr"

                "description": "A short description of the option" [,

                "default": Default Value],

                ["formname": "Friendly Name for Forms"]

            } [, ...]

        ]

        This is used to interrogate the authentication plugin as to what

        settings it expects to be present and configured.

        'type' is a shorthand notation for what kind of value this option is.

        This is primarily used by the auth web form to control how the option

        is configured.

                bool : checkbox

                password : password input box

                string : input box

                select : single select dropdown

        'validator' is an lazy instantiated form field validator object, ala

        formencode. You need to *call* this object to init the validators.

        All calls to Kallithea validators should be used through self.validators

        which is a lazy loading proxy of formencode module.

        """

        raise NotImplementedError("Not implemented in base class")

    def plugin_settings(self):

        """

        This method is called by the authentication framework, not the .settings()

        method. This method adds a few default settings (e.g., "enabled"), so that

        plugin authors don't have to maintain a bunch of boilerplate.

        OVERRIDING THIS METHOD WILL CAUSE YOUR PLUGIN TO FAIL.

        """

        rcsettings = self.settings()

        rcsettings.insert(0, {

            "name": "enabled",

            "validator": self.validators.StringBoolean(if_missing=False),

            "type": "bool",

            "description": "Enable or Disable this Authentication Plugin",

            "formname": "Enabled"

            }

        )

        return rcsettings

    def auth(self, userobj, username, passwd, settings, **kwargs):

        """

        Given a user object (which may be None), username, a plaintext password,

        and a settings object (containing all the keys needed as listed in settings()),

        authenticate this user's login attempt.

        Return None on failure. On success, return a dictionary with keys from

        KallitheaAuthPluginBase.auth_func_attrs.

        This is later validated for correctness.

        """

        raise NotImplementedError("not implemented in base class")

    def _authenticate(self, userobj, username, passwd, settings, **kwargs):

        """

        Wrapper to call self.auth() that validates call on it

        """

        user_data = self.auth(userobj, username, passwd, settings, **kwargs)

        if user_data is not None:

            return self._validate_auth_return(user_data)

        return None

    def _validate_auth_return(self, user_data):

        if not isinstance(user_data, dict):

            raise Exception('returned value from auth must be a dict')

        for k in self.auth_func_attrs:

            if k not in user_data:

                raise Exception('Missing %s attribute from returned data' % k)

        return user_data

class KallitheaExternalAuthPlugin(KallitheaAuthPluginBase):

    def use_fake_password(self):

        """

        Return a boolean that indicates whether or not we should set the user's

        password to a random value when it is authenticated by this plugin.

        If your plugin provides authentication, then you will generally want this.

        :returns: boolean

        self._email = val.lower() if val else None

    @property

    def firstname(self):

        # alias for future

        return self.name

    @property

    def emails(self):

        other = UserEmailMap.query().filter(UserEmailMap.user == self).all()

        return [self.email] + [x.email for x in other]

    @property

    def api_keys(self):

        other = UserApiKeys.query().filter(UserApiKeys.user == self).all()

        return [self.api_key] + [x.api_key for x in other]

    @property

    def ip_addresses(self):

        ret = UserIpMap.query().filter(UserIpMap.user == self).all()

        return [x.ip_addr for x in ret]

    @property

    def full_name(self):

        return '%s %s' % (self.firstname, self.lastname)

    @property

    def full_name_or_username(self):

        """

        Show full name.

        If full name is not set, fall back to username.

        """

        return ('%s %s' % (self.firstname, self.lastname)

                if (self.firstname and self.lastname) else self.username)

    @property

    def full_name_and_username(self):

        """

        Show full name and username as 'Firstname Lastname (username)'.

        If full name is not set, fall back to username.

        """

        return ('%s %s (%s)' % (self.firstname, self.lastname, self.username)

                if (self.firstname and self.lastname) else self.username)

    @property

    def full_contact(self):

        return '%s %s <%s>' % (self.firstname, self.lastname, self.email)

    @property

    def short_contact(self):

        return '%s %s' % (self.firstname, self.lastname)

    @property

    def is_admin(self):

        return self.admin

    @hybrid_property

    def is_default_user(self):

        return self.username == User.DEFAULT_USER

    @hybrid_property

    def user_data(self):

        if not self._user_data:

            return {}

        try:

            return ext_json.loads(self._user_data)

        except TypeError:

            return {}

    @user_data.setter

    def user_data(self, val):

        try:

            self._user_data = ascii_bytes(ext_json.dumps(val))

        except Exception:

            log.error(traceback.format_exc())

    def __repr__(self):

        return "<%s %s: %r')>" % (self.__class__.__name__, self.user_id, self.username)

    @classmethod

    def guess_instance(cls, value):

        return super(User, cls).guess_instance(value, User.get_by_username)

    @classmethod

    def get_or_404(cls, id_, allow_default=True):

        '''

        Overridden version of BaseDbModel.get_or_404, with an extra check on

        the default user.

        '''

        user = super(User, cls).get_or_404(id_)

        if not allow_default and user.is_default_user:

            raise DefaultUserException()

        return user

    @classmethod

        """

        For anything that looks like an email address, look up by the email address (matching

        case insensitively).

        For anything else, try to look up by the user name.

        This assumes no normal username can have '@' symbol.

        """

        if '@' in username_or_email:

            return User.get_by_email(username_or_email, cache=cache)

        else:

            return User.get_by_username(username_or_email, case_insensitive=case_insensitive, cache=cache)

    @classmethod

    def get_by_username(cls, username, case_insensitive=False, cache=False):

        if case_insensitive:

            q = cls.query().filter(sqlalchemy.func.lower(cls.username) == sqlalchemy.func.lower(username))

        else:

            q = cls.query().filter(cls.username == username)

        if cache:

            q = q.options(FromCache(

                            "sql_cache_short",

                            "get_user_%s" % _hash_key(username)

                          )

            )

        return q.scalar()

    @classmethod

    def get_by_api_key(cls, api_key, cache=False, fallback=True):

        if len(api_key) != 40 or not api_key.isalnum():

            return None

        q = cls.query().filter(cls.api_key == api_key)

        if cache:

            q = q.options(FromCache("sql_cache_short",

                                    "get_api_key_%s" % api_key))

        res = q.scalar()

        if fallback and not res:

            # fallback to additional keys

            _res = UserApiKeys.query().filter_by(api_key=api_key, is_expired=False).first()

            if _res:

                res = _res.user

        if res is None or not res.active or res.is_default_user:

            return None

        return res

    @classmethod

    def get_by_email(cls, email, cache=False):

        q = cls.query().filter(sqlalchemy.func.lower(cls.email) == sqlalchemy.func.lower(email))

        if cache:

            q = q.options(FromCache("sql_cache_short",

                                    "get_email_key_%s" % email))

        ret = q.scalar()

        if ret is None:

            q = UserEmailMap.query()

            # try fetching in alternate email map

            q = q.filter(sqlalchemy.func.lower(UserEmailMap.email) == sqlalchemy.func.lower(email))

            q = q.options(joinedload(UserEmailMap.user))

            if cache:

                q = q.options(FromCache("sql_cache_short",

                                        "get_email_map_key_%s" % email))

            ret = getattr(q.scalar(), 'user', None)

        return ret

    @classmethod

    def get_from_cs_author(cls, author):

        """

        Tries to get User objects out of commit author string

        :param author:

        """

        from kallithea.lib.helpers import email, author_name

        # Valid email in the attribute passed, see if they're in the system

        _email = email(author)

        if _email:

            user = cls.get_by_email(_email)

            if user is not None:

                return user

        # Maybe we can match by username?

        _author = author_name(author)

        user = cls.get_by_username(_author, case_insensitive=True)

        if user is not None:

            return user

    def update_lastlogin(self):

        """Update user lastlogin"""

        self.last_login = datetime.datetime.now()

        log.debug('updated user %s lastlogin', self.username)

    @classmethod

    def get_first_admin(cls):