# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.login

~~~~~~~~~~~~~~~~~~~~~~~~~~~

Login controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 22, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import formencode

import datetime

import urlparse

from formencode import htmlfill

from webob.exc import HTTPFound

from pylons.i18n.translation import _

from pylons.controllers.util import redirect

from pylons import request, session, tmpl_context as c, url

import kallithea.lib.helpers as h

from kallithea.lib.auth import AuthUser, HasPermissionAnyDecorator

from kallithea.lib.auth_modules import importplugin

from kallithea.lib.base import BaseController, render

from kallithea.lib.exceptions import UserCreationError

from kallithea.model.db import User, Setting

from kallithea.model.forms import LoginForm, RegisterForm, PasswordResetForm

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class LoginController(BaseController):

    def __before__(self):

        super(LoginController, self).__before__()

    def _store_user_in_session(self, username, remember=False):

        user = User.get_by_username(username, case_insensitive=True)

        auth_user = AuthUser(user.user_id)

        auth_user.set_authenticated()

        cs = auth_user.get_cookie_store()

        session['authuser'] = cs

        user.update_lastlogin()

        Session().commit()

        # If they want to be remembered, update the cookie

        if remember:

            _year = (datetime.datetime.now() +

                     datetime.timedelta(seconds=60 * 60 * 24 * 365))

            session._set_cookie_expires(_year)

        session.save()

        log.info('user %s is now authenticated and stored in '

                 'session, session attrs %s' % (username, cs))

        # dumps session attrs back to cookie

        session._update_cookie_out()

        # we set new cookie

        headers = None

        if session.request['set_cookie']:

            # send set-cookie headers back to response to update cookie

            headers = [('Set-Cookie', session.request['cookie_out'])]

        return headers

    def _validate_came_from(self, came_from):

        if not came_from:

            return came_from

        parsed = urlparse.urlparse(came_from)

        server_parsed = urlparse.urlparse(url.current())

        allowed_schemes = ['http', 'https']

        if parsed.scheme and parsed.scheme not in allowed_schemes:

            log.error('Suspicious URL scheme detected %s for url %s' %

                     (parsed.scheme, parsed))

            came_from = url('home')

        elif server_parsed.netloc != parsed.netloc:

            log.error('Suspicious NETLOC detected %s for url %s server url '

                      'is: %s' % (parsed.netloc, parsed, server_parsed))

            came_from = url('home')

        return came_from

    def index(self):

        _default_came_from = url('home')

        c.came_from = came_from or _default_came_from

        not_default = self.authuser.username != User.DEFAULT_USER

        ip_allowed = self.authuser.ip_allowed

        # redirect if already logged in

        if self.authuser.is_authenticated and not_default and ip_allowed:

        if request.POST:

            # import Login Form validator class

            login_form = LoginForm()

            try:

                session.invalidate()

                c.form_result = login_form.to_python(dict(request.POST))

                # form checks for username/password, now we're authenticated

                headers = self._store_user_in_session(

                                        username=c.form_result['username'],

                                        remember=c.form_result['remember'])

            except formencode.Invalid, errors:

                defaults = errors.value

                # remove password from filling in form again

                del defaults['password']

                return htmlfill.render(

                    render('/login.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            except UserCreationError, e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

        # check if we use container plugin, and try to login using it.

        auth_plugins = Setting.get_auth_plugins()

        if any((importplugin(name).is_container_auth for name in auth_plugins)):

            from kallithea.lib import auth_modules

            try:

                auth_info = auth_modules.authenticate('', '', request.environ)

            except UserCreationError, e:

                log.error(e)

                h.flash(e, 'error')

                # render login, with flash message about limit

                return render('/login.html')

            if auth_info:

                headers = self._store_user_in_session(auth_info.get('username'))

        return render('/login.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',

                               'hg.register.manual_activate')

    def register(self):

        c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\

            .AuthUser.permissions['global']

        settings = Setting.get_app_settings()

        captcha_private_key = settings.get('captcha_private_key')

        c.captcha_active = bool(captcha_private_key)

        c.captcha_public_key = settings.get('captcha_public_key')

        if request.POST:

            register_form = RegisterForm()()

            try:

                form_result = register_form.to_python(dict(request.POST))

                form_result['active'] = c.auto_active

                if c.captcha_active:

                    from kallithea.lib.recaptcha import submit

                    response = submit(request.POST.get('recaptcha_challenge_field'),

                                      request.POST.get('recaptcha_response_field'),

                                      private_key=captcha_private_key,

                                      remoteip=self.ip_addr)

                    if c.captcha_active and not response.is_valid:

                        _value = form_result

                        _msg = _('Bad captcha')

                        error_dict = {'recaptcha_field': _msg}

                        raise formencode.Invalid(_msg, _value, None,

                                                 error_dict=error_dict)

                UserModel().create_registration(form_result)

                h.flash(_('You have successfully registered into Kallithea'),

                        category='success')

                Session().commit()

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/register.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            except UserCreationError, e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

        return render('/register.html')

    def password_reset(self):

        settings = Setting.get_app_settings()

        captcha_private_key = settings.get('captcha_private_key')

        c.captcha_active = bool(captcha_private_key)

        c.captcha_public_key = settings.get('captcha_public_key')

        if request.POST:

            password_reset_form = PasswordResetForm()()

            try:

                form_result = password_reset_form.to_python(dict(request.POST))

                if c.captcha_active:

                    from kallithea.lib.recaptcha import submit

                    response = submit(request.POST.get('recaptcha_challenge_field'),

                                      request.POST.get('recaptcha_response_field'),

                                      private_key=captcha_private_key,

                                      remoteip=self.ip_addr)

                    if c.captcha_active and not response.is_valid:

                        _value = form_result

                        _msg = _('Bad captcha')

                        error_dict = {'recaptcha_field': _msg}

                        raise formencode.Invalid(_msg, _value, None,

                                                 error_dict=error_dict)

                UserModel().reset_password_link(form_result)

                h.flash(_('Your password reset link was sent'),

                            category='success')

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/password_reset.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

        return render('/password_reset.html')

    def password_reset_confirmation(self):

        if request.GET and request.GET.get('key'):

            try:

            return True

        else:

            log.info('Access for IP:%s forbidden, '

                     'not in %s' % (ip_addr, allowed_ips))

            return False

    def __repr__(self):

        return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\

            % (self.user_id, self.username, self.ip_addr, self.is_authenticated)

    def set_authenticated(self, authenticated=True):

        if self.user_id != self.anonymous_user.user_id:

            self.is_authenticated = authenticated

    def get_cookie_store(self):

        return {'username': self.username,

                'user_id': self.user_id,

                'is_authenticated': self.is_authenticated}

    @classmethod

    def from_cookie_store(cls, cookie_store):

        """

        Creates AuthUser from a cookie store

        :param cls:

        :param cookie_store:

        """

        user_id = cookie_store.get('user_id')

        username = cookie_store.get('username')

        api_key = cookie_store.get('api_key')

        return AuthUser(user_id, api_key, username)

    @classmethod

    def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):

        _set = set()

        if inherit_from_default:

            default_ips = UserIpMap.query().filter(UserIpMap.user ==

                                            User.get_default_user(cache=True))

            if cache:

                default_ips = default_ips.options(FromCache("sql_cache_short",

                                                  "get_user_ips_default"))

            # populate from default user

            for ip in default_ips:

                try:

                    _set.add(ip.ip_addr)

                except ObjectDeletedError:

                    # since we use heavy caching sometimes it happens that we get

                    # deleted objects here, we just skip them

                    pass

        user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)

        if cache:

            user_ips = user_ips.options(FromCache("sql_cache_short",

                                                  "get_user_ips_%s" % user_id))

        for ip in user_ips:

            try:

                _set.add(ip.ip_addr)

            except ObjectDeletedError:

                # since we use heavy caching sometimes it happens that we get

                # deleted objects here, we just skip them

                pass

        return _set or set(['0.0.0.0/0', '::/0'])

def set_available_permissions(config):

    """

    This function will propagate pylons globals with all available defined

    permission given in db. We don't want to check each time from db for new

    permissions since adding a new permission also requires application restart

    ie. to decorate new views with the newly created permission

    :param config: current pylons config instance

    """

    log.info('getting information about all available permissions')

    try:

        sa = meta.Session

        all_perms = sa.query(Permission).all()

        config['available_permissions'] = [x.permission_name for x in all_perms]

    finally:

        meta.Session.remove()

#==============================================================================

# CHECK DECORATORS

#==============================================================================

def redirect_to_login(message=None):

    from kallithea.lib import helpers as h

    p = url.current()

    if message:

        h.flash(h.literal(message), category='warning')

    log.debug('Redirecting to login page, origin: %s' % p)

class LoginRequired(object):

    """

    Must be logged in to execute this function else

    redirect to login page

    :param api_access: if enabled this checks only for valid auth token

        and grants access based on valid token

    """

    def __init__(self, api_access=False):

        self.api_access = api_access

    def __call__(self, func):

        return decorator(self.__wrapper, func)

    def __wrapper(self, func, *fargs, **fkwargs):

        cls = fargs[0]

        user = cls.authuser

        loc = "%s:%s" % (cls.__class__.__name__, func.__name__)

        log.debug('Checking access for user %s @ %s' % (user, loc))

        # check if our IP is allowed

        if not user.ip_allowed:

            return redirect_to_login(_('IP %s not allowed' % (user.ip_addr)))

        # check if we used an API key and it's a valid one

        api_key = request.GET.get('api_key')

        if api_key is not None:

            # explicit controller is enabled or API is in our whitelist

            if self.api_access or allowed_api_access(loc, api_key=api_key):

                if api_key in user.api_keys:

                    log.info('user %s authenticated with API key ****%s @ %s'

                             % (user, api_key[-4:], loc))

                    return func(*fargs, **fkwargs)

                else:

                    log.warning('API key ****%s is NOT valid' % api_key[-4:])

                    return redirect_to_login(_('Invalid API key'))

            else:

                # controller does not allow API access

                log.warning('API access to %s is not allowed' % loc)

                return abort(403)

        # CSRF protection - POSTs with session auth must contain correct token

        if request.POST and user.is_authenticated:

            token = request.POST.get(secure_form.token_key)

            if not token or token != secure_form.authentication_token():

                log.error('CSRF check failed')

                return abort(403)

        # regular user authentication

        if user.is_authenticated:

            log.info('user %s authenticated with regular auth @ %s' % (user, loc))

            return func(*fargs, **fkwargs)

        else:

            log.warning('user %s NOT authenticated with regular auth @ %s' % (user, loc))

            return redirect_to_login()

class NotAnonymous(object):

    """

    Must be logged in to execute this function else

    redirect to login page"""

    def __call__(self, func):

        return decorator(self.__wrapper, func)

    def __wrapper(self, func, *fargs, **fkwargs):

        cls = fargs[0]

        self.user = cls.authuser

        log.debug('Checking if user is not anonymous @%s' % cls)

        anonymous = self.user.username == User.DEFAULT_USER

        if anonymous:

            return redirect_to_login(_('You need to be a registered user to '

                    'perform this action'))

        else:

            return func(*fargs, **fkwargs)

class PermsDecorator(object):

    """Base class for controller decorators"""

    def __init__(self, *required_perms):

        self.required_perms = set(required_perms)

        self.user_perms = None

    def __call__(self, func):

        return decorator(self.__wrapper, func)

    def __wrapper(self, func, *fargs, **fkwargs):

        cls = fargs[0]

        self.user = cls.authuser

        self.user_perms = self.user.permissions

        log.debug('checking %s permissions %s for %s %s',

## -*- coding: utf-8 -*-

<%inherit file="base/root.html"/>

<%block name="title">

    ${_('Log In')}

</%block>

<div id="login" class="panel panel-default">

    <%include file="/base/flash_msg.html"/>

    <!-- login -->

    <div class="panel-heading title withlogo">

        %if c.site_name:

            <h5>${_('Log In to %s') % c.site_name}</h5>

        %else:

            <h5>${_('Log In')}</h5>

        %endif

    </div>

    <div class="panel-body inner">

        <div class="form">

            <i class="icon-lock"></i>

            <!-- fields -->

            <div class="form-horizontal">

                <div class="form-group">

                    <label class="control-label col-sm-5" for="username">${_('Username')}:</label>

                    <div class="input col-sm-7">

                        ${h.text('username',class_='form-control focus large')}

                    </div>

                </div>

                <div class="form-group">

                    <label class="control-label col-sm-5" for="password">${_('Password')}:</label>

                    <div class="input col-sm-7">

                        ${h.password('password',class_='form-control focus large')}

                    </div>

                </div>

                <div class="form-group">

                    <div class="col-sm-offset-5 col-sm-7">

                        <div class="checkbox">

                            <label for="remember">

                                <input type="checkbox" id="remember" name="remember"/>

                                ${_('Remember me')}

                            </label>

                        </div>

                    </div>

                </div>

            </div>

            <!-- end fields -->

            <!-- links -->

            <div class="links">

                ${h.link_to(_('Forgot your password ?'),h.url('reset_password'))}

                %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():

                  /

                 ${h.link_to(_("Don't have an account ?"),h.url('register'))}

                %endif

                <span class="buttons">

                    ${h.submit('sign_in',_('Sign In'),class_="btn btn-default")}

                </span>

            </div>

            <!-- end links -->

        </div>

        ${h.end_form()}

        <script type="text/javascript">

        $(document).ready(function(){

            $('#username').focus();

        });

        </script>

    </div>

    <!-- end login -->

</div>

# -*- coding: utf-8 -*-

from __future__ import with_statement

import mock

from kallithea.tests import *

from kallithea.tests.fixture import Fixture

from kallithea.lib.utils2 import generate_api_key

from kallithea.lib.auth import check_password

from kallithea.lib import helpers as h

from kallithea.model.api_key import ApiKeyModel

from kallithea.model import validators

from kallithea.model.db import User, Notification

from kallithea.model.meta import Session

fixture = Fixture()

class TestLoginController(TestController):

    def tearDown(self):

        for n in Notification.query().all():

            Session().delete(n)

        Session().commit()

        self.assertEqual(Notification.query().all(), [])

    def test_index(self):

        response = self.app.get(url(controller='login', action='index'))

        self.assertEqual(response.status, '200 OK')

        # Test response...

    def test_login_admin_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'test_admin',

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        self.assertEqual(response.session['authuser'].get('username'),

                         'test_admin')

        response = response.follow()

        response.mustcontain('/%s' % HG_REPO)

    def test_login_regular_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'test_regular',

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        self.assertEqual(response.session['authuser'].get('username'),

                         'test_regular')

        response = response.follow()

        response.mustcontain('/%s' % HG_REPO)

    def test_login_ok_came_from(self):

        test_came_from = '/_admin/users'

        response = self.app.post(url(controller='login', action='index',

                                     came_from=test_came_from),

                                 {'username': 'test_admin',

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        response = response.follow()

        self.assertEqual(response.status, '200 OK')

        response.mustcontain('Users Administration')

    @parameterized.expand([

          ('data:text/html,<script>window.alert("xss")</script>',),

          ('mailto:test@example.com',),

          ('file:///etc/passwd',),

          ('ftp://some.ftp.server',),

    ])

    def test_login_bad_came_froms(self, url_came_from):

        response = self.app.post(url(controller='login', action='index',

                                     came_from=url_came_from),

                                 {'username': 'test_admin',

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        self.assertEqual(response._environ['paste.testing_variables']

                         ['tmpl_context'].came_from, '/')

        response = response.follow()

        self.assertEqual(response.status, '200 OK')

    def test_login_short_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'test_admin',

                                  'password': 'as'})

        self.assertEqual(response.status, '200 OK')

        response.mustcontain('Enter 3 characters or more')

    def test_login_wrong_username_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'error',

                                  'password': 'test12'})

        response.mustcontain('invalid user name')

        response.mustcontain('invalid password')

    #==========================================================================

    # REGISTRATIONS

    #==========================================================================

    def test_register(self):

        response = self.app.get(url(controller='login', action='register'))

        response.mustcontain('Sign Up')

    def test_register_err_same_username(self):

        uname = 'test_admin'

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': uname,

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'goodmail@domain.com',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.ValidUsername()._messages['username_exists']

        msg = h.html_escape(msg % {'username': uname})

        response.mustcontain(msg)

    def test_register_err_same_email(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'test_admin_0',

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'test_admin@mail.com',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.UniqSystemEmail()()._messages['email_taken']

        response.mustcontain(msg)

    def test_register_err_same_email_case_sensitive(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'test_admin_1',

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'TesT_Admin@mail.COM',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.UniqSystemEmail()()._messages['email_taken']

        response.mustcontain(msg)

    def test_register_err_wrong_data(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'xs',

                                             'password': 'test',

                                             'password_confirmation': 'test',

                                             'email': 'goodmailm',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        self.assertEqual(response.status, '200 OK')

        response.mustcontain('An email address must contain a single @')

        response.mustcontain('Enter a value 6 characters long or more')

    def test_register_err_username(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'error user',

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'goodmailm',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        response.mustcontain('An email address must contain a single @')

        response.mustcontain('Username may only contain '

                'alphanumeric characters underscores, '

                'periods or dashes and must begin with '

                'alphanumeric character')

    def test_register_err_case_sensitive(self):

        usr = 'Test_Admin'

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': usr,

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'goodmailm',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        response.mustcontain('An email address must contain a single @')

        msg = validators.ValidUsername()._messages['username_exists']

        msg = h.html_escape(msg % {'username': usr})

        response.mustcontain(msg)

    def test_register_special_chars(self):

        response = self.app.post(url(controller='login', action='register'),

                                        {'username': 'xxxaxn',

                                         'password': 'ąćźżąśśśś',

                                         'password_confirmation': 'ąćźżąśśśś',

                                         'email': 'goodmailm@test.plx',

                                         'firstname': 'test',

                                         'lastname': 'test'})

        msg = validators.ValidPassword()._messages['invalid_password']