Login controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 22, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import formencode

import urlparse

from formencode import htmlfill

from webob.exc import HTTPFound, HTTPBadRequest

from pylons.i18n.translation import _

from pylons.controllers.util import redirect

from pylons import request, session, tmpl_context as c, url

import kallithea.lib.helpers as h

from kallithea.lib.auth import AuthUser, HasPermissionAnyDecorator

from kallithea.lib.base import BaseController, log_in_user, render

from kallithea.lib.exceptions import UserCreationError

from kallithea.lib.utils2 import safe_str

from kallithea.model.db import User, Setting

from kallithea.model.forms import \

    LoginForm, RegisterForm, PasswordResetRequestForm, PasswordResetConfirmationForm

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class LoginController(BaseController):

    def __before__(self):

        super(LoginController, self).__before__()

    def _validate_came_from(self, came_from):

        """Return True if came_from is valid and can and should be used"""

        url = urlparse.urlsplit(came_from)

        return not url.scheme and not url.netloc

    def index(self):

        if c.came_from:

            if not self._validate_came_from(c.came_from):

                log.error('Invalid came_from (not server-relative): %r', c.came_from)

                raise HTTPBadRequest()

        else:

            c.came_from = came_from = url('home')

        not_default = self.authuser.username != User.DEFAULT_USER

        ip_allowed = AuthUser.check_ip_allowed(self.authuser, self.ip_addr)

        # redirect if already logged in

        if self.authuser.is_authenticated and not_default and ip_allowed:

            raise HTTPFound(location=came_from)

        if request.POST:

            # import Login Form validator class

            login_form = LoginForm()

            try:

                c.form_result = login_form.to_python(dict(request.POST))

                # form checks for username/password, now we're authenticated

                username = c.form_result['username']

                user = User.get_by_username(username, case_insensitive=True)

            except formencode.Invalid as errors:

                defaults = errors.value

                # remove password from filling in form again

                del defaults['password']

                return htmlfill.render(

                    render('/login.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            except UserCreationError as e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

            else:

                log_in_user(user, c.form_result['remember'],

                    is_external_auth=False)

                raise HTTPFound(location=came_from)

        return render('/login.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',

                               'hg.register.manual_activate')

    def register(self):

        c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\

            .AuthUser.permissions['global']

            for ip in default_ips:

                try:

                    _set.add(ip.ip_addr)

                except ObjectDeletedError:

                    # since we use heavy caching sometimes it happens that we get

                    # deleted objects here, we just skip them

                    pass

        user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)

        if cache:

            user_ips = user_ips.options(FromCache("sql_cache_short",

                                                  "get_user_ips_%s" % user_id))

        for ip in user_ips:

            try:

                _set.add(ip.ip_addr)

            except ObjectDeletedError:

                # since we use heavy caching sometimes it happens that we get

                # deleted objects here, we just skip them

                pass

        return _set or set(['0.0.0.0/0', '::/0'])

def set_available_permissions(config):

    """

    This function will propagate pylons globals with all available defined

    permission given in db. We don't want to check each time from db for new

    permissions since adding a new permission also requires application restart

    ie. to decorate new views with the newly created permission

    :param config: current pylons config instance

    """

    log.info('getting information about all available permissions')

    try:

        sa = meta.Session

        all_perms = sa.query(Permission).all()

        config['available_permissions'] = [x.permission_name for x in all_perms]

    finally:

        meta.Session.remove()

#==============================================================================

# CHECK DECORATORS

#==============================================================================

def redirect_to_login(message=None):

    from kallithea.lib import helpers as h

    if message:

        h.flash(h.literal(message), category='warning')

    log.debug('Redirecting to login page, origin: %s', p)

class LoginRequired(object):

    """

    Must be logged in to execute this function else

    redirect to login page

    :param api_access: if enabled this checks only for valid auth token

        and grants access based on valid token

    """

    def __init__(self, api_access=False):

        self.api_access = api_access

    def __call__(self, func):

        return decorator(self.__wrapper, func)

    def __wrapper(self, func, *fargs, **fkwargs):

        controller = fargs[0]

        user = controller.authuser

        loc = "%s:%s" % (controller.__class__.__name__, func.__name__)

        log.debug('Checking access for user %s @ %s', user, loc)

        if not AuthUser.check_ip_allowed(user, controller.ip_addr):

            return redirect_to_login(_('IP %s not allowed') % controller.ip_addr)

        # check if we used an API key and it's a valid one

        api_key = request.GET.get('api_key')

        if api_key is not None:

            # explicit controller is enabled or API is in our whitelist

            if self.api_access or allowed_api_access(loc, api_key=api_key):

                if api_key in user.api_keys:

                    log.info('user %s authenticated with API key ****%s @ %s',

                             user, api_key[-4:], loc)

                    return func(*fargs, **fkwargs)

                else:

                    log.warning('API key ****%s is NOT valid', api_key[-4:])

                    return redirect_to_login(_('Invalid API key'))

            else:

                # controller does not allow API access

                log.warning('API access to %s is not allowed', loc)

                return abort(403)

        # Only allow the following HTTP request methods. (We sometimes use POST

        # requests with a '_method' set to 'PUT' or 'DELETE'; but that is only

        # used for the route lookup, and does not affect request.method.)

        if request.method not in ['GET', 'HEAD', 'POST', 'PUT']:

            return abort(405)

    </li>

    % if h.HasPermissionAll('hg.admin')('access admin main page'):

      <li ${is_current('admin')}>

        <a class="menu_link childs" title="${_('Admin')}" href="${h.url('admin_home')}">

          <i class="icon-gear"></i> ${_('Admin')}

        </a>

        ${admin_menu()}

      </li>

    % elif c.authuser.repositories_admin or c.authuser.repository_groups_admin or c.authuser.user_groups_admin:

    <li ${is_current('admin')}>

        <a class="menu_link childs" title="${_('Admin')}">

          <i class="icon-gear"></i> ${_('Admin')}

        </a>

        ${admin_menu_simple(c.authuser.repositories_admin,

                            c.authuser.repository_groups_admin,

                            c.authuser.user_groups_admin or h.HasPermissionAny('hg.usergroup.create.true')())}

    </li>

    % endif

    <li ${is_current('my_pullrequests')}>

      <a class="menu_link" title="${_('My Pull Requests')}" href="${h.url('my_pullrequests')}">

        <i class="icon-git-pull-request"></i> ${_('My Pull Requests')}

        %if c.my_pr_count != 0:

          <span class="menu_link_notifications">${c.my_pr_count}</span>

        %endif

      </a>

    </li>

    ## USER MENU

    <li>

      <a class="menu_link childs" id="quick_login_link">

          <span class="icon">

            ${h.gravatar(c.authuser.email, size=20)}

          </span>

          %if c.authuser.username != 'default':

            <span class="menu_link_user">${c.authuser.username}</span>

            %if c.unread_notifications != 0:

              <span class="menu_link_notifications">${c.unread_notifications}</span>

            %endif

          %else:

              <span>${_('Not Logged In')}</span>

          %endif

      </a>

      <div class="user-menu">

        <div id="quick_login">

          %if c.authuser.username == 'default' or c.authuser.user_id is None:

            <h4>${_('Login to Your Account')}</h4>

            <div class="form">

                <div class="fields">

                    <div class="field">

                        <div class="label">

                            <label for="username">${_('Username')}:</label>

                        </div>

                        <div class="input">

                            ${h.text('username',class_='focus')}

                        </div>

                    </div>

                    <div class="field">

                        <div class="label">

                            <label for="password">${_('Password')}:</label>

                        </div>

                        <div class="input">

                            ${h.password('password',class_='focus')}

                        </div>

                    </div>

                    <div class="buttons">

                        <div class="password_forgoten">${h.link_to(_('Forgot password ?'),h.url('reset_password'))}</div>

                        <div class="register">

                        %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():

                         ${h.link_to(_("Don't have an account ?"),h.url('register'))}

                        %endif

                        </div>

                        <div class="submit">

                            ${h.submit('sign_in',_('Log In'),class_="btn btn-mini")}

                        </div>

                    </div>

                </div>

            </div>

            ${h.end_form()}

          %else:

            <div class="links_left">

                <div class="big_gravatar">

                  ${h.gravatar(c.authuser.email, size=48)}

                </div>

                <div class="full_name">${c.authuser.full_name_or_username}</div>

                <div class="email">${c.authuser.email}</div>

            </div>

            <div class="links_right">

            <ol class="links">

              <li><a href="${h.url('notifications')}">${_('Notifications')}: ${c.unread_notifications}</a></li>

              <li>${h.link_to(_('My Account'),h.url('my_account'))}</li>

              %if not c.authuser.is_external_auth:

                ## Cannot log out if using external (container) authentication.

        %if co.text:

          ${h.rst_w_mentions(co.text)|n}

        %endif

      </div>

    </div>

  </div>

</%def>

## expanded with .format(f_path, line_no)

## TODO: don't assume line_no is globally unique ...

<%def name="comment_inline_form()">

<div id='comment-inline-form-template' style="display:none">

  <div class="ac">

  %if c.authuser.username != 'default':

    ${h.form('#', class_='inline-form')}

      <div id="edit-container_{1}" class="clearfix">

        <div class="comment-help">${_('Commenting on line {1}.')}

          ${(_('Comments parsed using %s syntax with %s support.') % (

                 ('<a href="%s">RST</a>' % h.url('rst_help')),

                   ('<span style="color:#577632" class="tooltip" title="%s">@mention</span>' % _('Use @username inside this text to notify another user'))

               )

            )|n

           }

        </div>

        <div class="mentions-container" id="mentions_container_{1}"></div>

        <textarea id="text_{1}" name="text" class="comment-block-ta yui-ac-input"></textarea>

      </div>

      <div id="preview-container_{1}" class="clearfix" style="display:none">

        <div class="comment-help">

            ${_('Comment preview')}

        </div>

        <div id="preview-box_{1}" class="preview-box"></div>

      </div>

      <div class="comment-button">

        <div class="submitting-overlay">${_('Submitting ...')}</div>

        <input type="hidden" name="f_path" value="{0}">

        <input type="hidden" name="line" value="{1}">

        ${h.submit('save', _('Comment'), class_='btn btn-small save-inline-form')}

        ${h.reset('hide-inline-form', _('Cancel'), class_='btn btn-small hide-inline-form')}

        <div id="preview-btn_{1}" class="preview-btn btn btn-small">${_('Preview')}</div>

        <div id="edit-btn_{1}" class="edit-btn btn btn-small" style="display:none">${_('Edit')}</div>

      </div>

    ${h.end_form()}

  %else:

      ${h.form('')}

      <div class="clearfix">

          <div class="comment-help">

          </div>

      </div>

      <div class="comment-button">

      ${h.reset('hide-inline-form', _('Hide'), class_='btn btn-small hide-inline-form')}

      </div>

      ${h.end_form()}

  %endif

  </div>

</div>

</%def>

## show comment count as "x comments (y inline, z general)"

<%def name="comment_count(inline_cnt, general_cnt)">

    ${'%s (%s, %s)' % (

        ungettext("%d comment", "%d comments", inline_cnt + general_cnt) % (inline_cnt + general_cnt),

        ungettext("%d inline", "%d inline", inline_cnt) % inline_cnt,

        ungettext("%d general", "%d general", general_cnt) % general_cnt

    )}

    <span class="firstlink"></span>

</%def>

## generate inline comments and the main ones

<%def name="generate_comments()">

<div class="comments">

  %for f_path, lines in c.inline_comments:

    %for line_no, comments in lines.iteritems():

      <div class="comments-list-chunk" data-f_path="${f_path}" data-line_no="${line_no}" data-target-id="${h.safeid(h.safe_unicode(f_path))}_${line_no}">

        %for co in comments:

            ${comment_block(co)}

        %endfor

      </div>

    %endfor

  %endfor

  <div class="comments-number">

    ${comment_count(c.inline_cnt, len(c.comments))}

  </div>

      <div class="comments-list-general">

        %for co in c.comments:

            ${comment_block(co)}

        %endfor

      </div>

</div>

</%def>

## -*- coding: utf-8 -*-

<%inherit file="base/root.html"/>

<%block name="title">

    ${_('Log In')}

</%block>

<div id="login" class="panel panel-default">

    <%include file="/base/flash_msg.html"/>

    <!-- login -->

    <div class="panel-heading title withlogo">

        %if c.site_name:

            <h5>${_('Log In to %s') % c.site_name}</h5>

        %else:

            <h5>${_('Log In')}</h5>

        %endif

    </div>

    <div class="panel-body inner">

        <div class="form">

            <i class="icon-lock"></i>

            <!-- fields -->

            <div class="form-horizontal">

                <div class="form-group">

                    <label class="control-label col-sm-5" for="username">${_('Username')}:</label>

                    <div class="input col-sm-7">

                        ${h.text('username',class_='form-control focus large')}

                    </div>

                </div>

                <div class="form-group">

                    <label class="control-label col-sm-5" for="password">${_('Password')}:</label>

                    <div class="input col-sm-7">

                        ${h.password('password',class_='form-control focus large')}

                    </div>

                </div>

                <div class="form-group">

                    <div class="col-sm-offset-5 col-sm-7">

                        <div class="checkbox">

                            <label for="remember">

                                <input type="checkbox" id="remember" name="remember"/>

                                ${_('Remember me')}

                            </label>

                        </div>

                    </div>

                </div>

            </div>

            <!-- end fields -->

            <!-- links -->

            <div class="links">

                ${h.link_to(_('Forgot your password ?'),h.url('reset_password'))}

                %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():

                  /

                 ${h.link_to(_("Don't have an account ?"),h.url('register'))}

                %endif

                <span class="buttons">

                    ${h.submit('sign_in',_('Sign In'),class_="btn btn-default")}

                </span>

            </div>

            <!-- end links -->

        </div>

        ${h.end_form()}

        <script type="text/javascript">

        $(document).ready(function(){

# -*- coding: utf-8 -*-

import re

import time

import mock

from kallithea.tests import *

from kallithea.tests.fixture import Fixture

from kallithea.lib.utils2 import generate_api_key

from kallithea.lib.auth import check_password

from kallithea.lib import helpers as h

from kallithea.model.api_key import ApiKeyModel

from kallithea.model import validators

from kallithea.model.db import User, Notification

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

fixture = Fixture()

class TestLoginController(TestController):

    def setUp(self):

        self.remove_all_notifications()

        self.assertEqual(Notification.query().all(), [])

    def test_index(self):

        response = self.app.get(url(controller='login', action='index'))

        self.assertEqual(response.status, '200 OK')

        # Test response...

    def test_login_admin_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': TEST_USER_ADMIN_LOGIN,

                                  'password': TEST_USER_ADMIN_PASS})

        self.assertEqual(response.status, '302 Found')

        self.assert_authenticated_user(response, TEST_USER_ADMIN_LOGIN)

        response = response.follow()

        response.mustcontain('/%s' % HG_REPO)

    def test_login_regular_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': TEST_USER_REGULAR_LOGIN,

                                  'password': TEST_USER_REGULAR_PASS})

        self.assertEqual(response.status, '302 Found')

        self.assert_authenticated_user(response, TEST_USER_REGULAR_LOGIN)

        response = response.follow()

        response.mustcontain('/%s' % HG_REPO)

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': TEST_USER_REGULAR_LOGIN,

                                  'password': TEST_USER_REGULAR_PASS})

        # Verify that a login session has been established.

        response = self.app.get(url(controller='login', action='index'))

        response = response.follow()

        self.assertIn('authuser', response.session)

        response.click('Log Out')

        # Verify that the login session has been terminated.

        response = self.app.get(url(controller='login', action='index'))

        self.assertNotIn('authuser', response.session)

    @parameterized.expand([

          ('data:text/html,<script>window.alert("xss")</script>',),

          ('mailto:test@example.com',),

          ('file:///etc/passwd',),

          ('ftp://ftp.example.com',),

          ('http://other.example.com/bl%C3%A5b%C3%A6rgr%C3%B8d',),

          ('//evil.example.com/',),

    ])

    def test_login_bad_came_froms(self, url_came_from):

        response = self.app.post(url(controller='login', action='index',

                                     came_from=url_came_from),

                                 {'username': TEST_USER_ADMIN_LOGIN,

                                  'password': TEST_USER_ADMIN_PASS},

                                 status=400)

    def test_login_short_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': TEST_USER_ADMIN_LOGIN,

                                  'password': 'as'})

        self.assertEqual(response.status, '200 OK')

        response.mustcontain('Enter 3 characters or more')

    def test_login_wrong_username_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'error',

                                  'password': 'test12'})

        response.mustcontain('Invalid username or password')

    # verify that get arguments are correctly passed along login redirection

    @parameterized.expand([

        ({'blue': u'blå'.encode('utf-8'), 'green':u'grøn'},

    ])

    def test_redirection_to_login_form_preserves_get_args(self, args, args_encoded):

        with fixture.anon_access(False):

            response = self.app.get(url(controller='summary', action='index',

                                        repo_name=HG_REPO,

                                        **args))

            self.assertEqual(response.status, '302 Found')

            for encoded in args_encoded:

    @parameterized.expand([

        ({'foo':'one', 'bar':'two'}, ('foo=one', 'bar=two')),

             ('blue=bl%C3%A5', 'green=gr%C3%B8n')),

    ])

    def test_login_form_preserves_get_args(self, args, args_encoded):

        response = self.app.get(url(controller='login', action='index',

        for encoded in args_encoded:

    @parameterized.expand([

        ({'foo':'one', 'bar':'two'}, ('foo=one', 'bar=two')),

             ('blue=bl%C3%A5', 'green=gr%C3%B8n')),

    ])

    def test_redirection_after_successful_login_preserves_get_args(self, args, args_encoded):

        response = self.app.post(url(controller='login', action='index',

                                 {'username': TEST_USER_ADMIN_LOGIN,

                                  'password': TEST_USER_ADMIN_PASS})

        self.assertEqual(response.status, '302 Found')

        for encoded in args_encoded:

            self.assertIn(encoded, response.location)

    @parameterized.expand([

        ({'foo':'one', 'bar':'two'}, ('foo=one', 'bar=two')),

             ('blue=bl%C3%A5', 'green=gr%C3%B8n')),

    ])

    def test_login_form_after_incorrect_login_preserves_get_args(self, args, args_encoded):

        response = self.app.post(url(controller='login', action='index',

                                 {'username': 'error',

                                  'password': 'test12'})

        response.mustcontain('Invalid username or password')

        for encoded in args_encoded:

    #==========================================================================

    # REGISTRATIONS

    #==========================================================================

    def test_register(self):

        response = self.app.get(url(controller='login', action='register'))

        response.mustcontain('Sign Up')

    def test_register_err_same_username(self):

        uname = TEST_USER_ADMIN_LOGIN

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': uname,

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'goodmail@example.com',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.ValidUsername()._messages['username_exists']

        msg = h.html_escape(msg % {'username': uname})

        response.mustcontain(msg)

    def test_register_err_same_email(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'test_admin_0',

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': TEST_USER_ADMIN_EMAIL,

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.UniqSystemEmail()()._messages['email_taken']

        response.mustcontain(msg)

    def test_register_err_same_email_case_sensitive(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'test_admin_1',

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': TEST_USER_ADMIN_EMAIL.title(),

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.UniqSystemEmail()()._messages['email_taken']

        response.mustcontain(msg)

    def test_register_err_wrong_data(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': 'xs',