Blueprints for user_session and user_login modules.

author: Frederick Muriuki Muriithi 2023-06-16 08:28:52 +0300
committer: Frederick Muriuki Muriithi 2023-06-20 13:36:50 +0300
commit: c0fd60447099ea4ce215d399cadb18af1918e6fb (patch)
tree: 4f70786f2061d9e07184abec8f2b3f0492e8685e
parent: 3ac57ba09a504bf0f03c0786c1d2504363a660ec (diff)
download: genenetwork2-c0fd60447099ea4ce215d399cadb18af1918e6fb.tar.gz
4 files changed, 73 insertions, 50 deletions
diff --git a/wqflask/wqflask/__init__.py b/wqflask/wqflask/__init__.py
index 45b5a14b..9a8460e4 100644
--- a/wqflask/wqflask/__init__.py
+++ b/wqflask/wqflask/__init__.py
@@ -19,7 +19,7 @@ from utility.configuration import tempdir, override_from_envvars
 from gn3.authentication import DataRole, AdminRole
 
 from wqflask.database import parse_db_url
-
+from wqflask.user_session import UserSession
 from wqflask.group_manager import group_management
 from wqflask.resource_manager import resource_management
 from wqflask.metadata_edits import metadata_edit
@@ -129,6 +129,26 @@ def include_admin_role_class():
 def include_data_role_class():
     return {'DataRole': DataRole}
 
+@app.before_request
+def get_user_session():
+    g.user_session = UserSession()
+    # I think this should solve the issue of deleting the cookie and redirecting to the home page when a user's session has expired
+    if not g.user_session:
+        response = make_response(redirect(url_for('login')))
+        response.set_cookie('session_id_v2', '', expires=0)
+        return response
+
+
+@app.after_request
+def set_user_session(response):
+    if hasattr(g, 'user_session'):
+        if not request.cookies.get(g.user_session.cookie_name):
+            response.set_cookie(g.user_session.cookie_name,
+                                g.user_session.cookie)
+    else:
+        response.set_cookie('session_id_v2', '', expires=0)
+    return response
+
 
 from wqflask import group_manager
 from wqflask import resource_manager
@@ -138,8 +158,6 @@ from wqflask import gsearch
 from wqflask import update_search_results
 from wqflask import docs
 from wqflask import db_info
-from wqflask import user_login
-from wqflask import user_session
 
 import wqflask.views
 import wqflask.partial_correlations_views
diff --git a/wqflask/wqflask/top_level_routes.py b/wqflask/wqflask/top_level_routes.py
index 680736ec..a1f26725 100644
--- a/wqflask/wqflask/top_level_routes.py
+++ b/wqflask/wqflask/top_level_routes.py
@@ -4,6 +4,8 @@ from flask import Blueprint
 from .api import api_bp
 # from .views import main_views
 from base.trait import trait_bp
+from .user_login import ulogin_bp
+from .user_session import usession_bp
 from .collect import collections_bp
 from .partial_correlations_views import pcorrs_bp
 
@@ -13,7 +15,9 @@ toplevel = Blueprint("toplevel", __name__)
 
 toplevel.register_blueprint(trait_bp)
 toplevel.register_blueprint(pcorrs_bp)
+toplevel.register_blueprint(ulogin_bp)
 # toplevel.register_blueprint(main_views)
+toplevel.register_blueprint(usession_bp)
 toplevel.register_blueprint(collections_bp)
 
 toplevel.register_blueprint(api_bp, url_prefix="/api")
diff --git a/wqflask/wqflask/user_login.py b/wqflask/wqflask/user_login.py
index ae61edb0..69ae9e10 100644
--- a/wqflask/wqflask/user_login.py
+++ b/wqflask/wqflask/user_login.py
@@ -7,24 +7,34 @@ import hmac
 import base64
 import requests
 
+from smtplib import SMTP
 import simplejson as json
+from flask import (
+    g,
+    Flask,
+    flash,
+    abort,
+    url_for,
+    request,
+    redirect,
+    Blueprint,
+    make_response,
+    render_template,
+    current_app as app)
 
-from flask import (Flask, g, render_template, url_for, request, make_response,
-                   redirect, flash, abort)
-
-from wqflask import app
 from wqflask import pbkdf2
 from wqflask.user_session import UserSession
 
 from utility import hmac
+from utility.configuration import get_setting
 from utility.redis_tools import is_redis_available, get_redis_conn, get_user_id, get_user_by_unique_column, set_user_attribute, save_user, save_verification_code, check_verification_code, get_user_collections, save_collections
-Redis = get_redis_conn()
 
-from smtplib import SMTP
-from utility.tools import SMTP_CONNECT, SMTP_USERNAME, SMTP_PASSWORD, LOG_SQL_ALCHEMY, GN2_BRANCH_URL
+Redis = get_redis_conn()
 
 THREE_DAYS = 60 * 60 * 24 * 3
 
+ulogin_bp = Blueprint("user_login", __name__)
+
 
 def timestamp():
     return datetime.datetime.utcnow().isoformat()
@@ -116,13 +126,14 @@ def send_email(toaddr, msg, fromaddr="no-reply@genenetwork.org"):
     'UNKNOWN' TLS is used
 
     """
-    if SMTP_USERNAME == 'UNKNOWN':
-        server = SMTP(SMTP_CONNECT)
+    if get_setting(app, "SMTP_USERNAME") == 'UNKNOWN':
+        server = SMTP(get_setting(app, "SMTP_CONNECT"))
         server.sendmail(fromaddr, toaddr, msg)
     else:
-        server = SMTP(SMTP_CONNECT)
+        server = SMTP(get_setting(app, "SMTP_CONNECT"))
         server.starttls()
-        server.login(SMTP_USERNAME, SMTP_PASSWORD)
+        server.login(get_setting(app, "SMTP_USERNAME"),
+                     get_setting(app, "SMTP_PASSWORD"))
         server.sendmail(fromaddr, toaddr, msg)
         server.quit()
 
@@ -149,7 +160,7 @@ def send_invitation_email(user_email, temp_password, template_name="email/user_i
     return {"recipient": recipient, "subject": subject, "body": body}
 
 
-@app.route("/manage/verify_email")
+@ulogin_bp.route("/manage/verify_email")
 def verify_email():
     if 'code' in request.args:
         user_details = check_verification_code(request.args['code'])
@@ -169,7 +180,7 @@ def verify_email():
                 "Invalid code: Password reset code does not exist or might have expired!", "error")
 
 
-@app.route("/n/login", methods=('GET', 'POST'))
+@ulogin_bp.route("/n/login", methods=('GET', 'POST'))
 def login():
     params = request.form if request.form else request.args
     if not params:  # ZS: If coming to page for first time
@@ -249,7 +260,7 @@ def login():
                 return response
 
 
-@app.route("/n/login/github_oauth2", methods=('GET', 'POST'))
+@ulogin_bp.route("/n/login/github_oauth2", methods=('GET', 'POST'))
 def github_oauth2():
     from utility.tools import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, GITHUB_AUTH_URL
     code = request.args.get("code")
@@ -292,7 +303,7 @@ def get_github_user_details(access_token):
     return json.loads(result)
 
 
-@app.route("/n/login/orcid_oauth2", methods=('GET', 'POST'))
+@ulogin_bp.route("/n/login/orcid_oauth2", methods=('GET', 'POST'))
 def orcid_oauth2():
     from uuid import uuid4
     from utility.tools import ORCID_CLIENT_ID, ORCID_CLIENT_SECRET, ORCID_TOKEN_URL, ORCID_AUTH_URL
@@ -304,7 +315,7 @@ def orcid_oauth2():
             "client_id": ORCID_CLIENT_ID,
             "client_secret": ORCID_CLIENT_SECRET,
             "grant_type": "authorization_code",
-            "redirect_uri": GN2_BRANCH_URL + "n/login/orcid_oauth2",
+            "redirect_uri": get_setting(app, "GN2_BRANCH_URL") + "n/login/orcid_oauth2",
             "code": code
         }
 
@@ -339,7 +350,7 @@ def get_github_user_details(access_token):
     return json.loads(result)
 
 
-@app.route("/n/logout")
+@ulogin_bp.route("/n/logout")
 def logout():
     UserSession().delete_session()
     flash("You are now logged out. We hope you come back soon!")
@@ -349,7 +360,7 @@ def logout():
     return response
 
 
-@app.route("/n/forgot_password", methods=['GET'])
+@ulogin_bp.route("/n/forgot_password", methods=['GET'])
 def forgot_password():
     """Entry point for forgotten password"""
     print("ARGS: ", request.args)
@@ -391,7 +402,7 @@ def send_forgot_password_email(verification_email):
     return subject
 
 
-@app.route("/n/forgot_password_submit", methods=('POST',))
+@ulogin_bp.route("/n/forgot_password_submit", methods=('POST',))
 def forgot_password_submit():
     """When a forgotten password form is submitted we get here"""
     params = request.form
@@ -415,7 +426,7 @@ def forgot_password_submit():
         return redirect(url_for("forgot_password"))
 
 
-@app.route("/n/password_reset", methods=['GET'])
+@ulogin_bp.route("/n/password_reset", methods=['GET'])
 def password_reset():
     """Entry point after user clicks link in E-mail"""
     verification_code = request.args.get('code')
@@ -434,7 +445,7 @@ def password_reset():
         return redirect(url_for("login"))
 
 
-@app.route("/n/password_reset_step2", methods=('POST',))
+@ulogin_bp.route("/n/password_reset_step2", methods=('POST',))
 def password_reset_step2():
     """Handle confirmation E-mail for password reset"""
     errors = []
@@ -496,7 +507,7 @@ def register_user(params):
     return errors
 
 
-@app.route("/n/register", methods=('GET', 'POST'))
+@ulogin_bp.route("/n/register", methods=('GET', 'POST'))
 def register():
     errors = []
 
@@ -514,6 +525,6 @@ def register():
     return render_template("new_security/register_user.html", values=params, errors=errors)
 
 
-@app.errorhandler(401)
+@ulogin_bp.errorhandler(401)
 def unauthorized(error):
     return redirect(url_for('login'))
diff --git a/wqflask/wqflask/user_session.py b/wqflask/wqflask/user_session.py
index 39b2aec1..54bfb609 100644
--- a/wqflask/wqflask/user_session.py
+++ b/wqflask/wqflask/user_session.py
@@ -4,10 +4,19 @@ import uuid
 
 import simplejson as json
 
-from flask import (Flask, g, render_template, url_for, request, make_response,
-                   redirect, flash, abort)
+from flask import (
+    g,
+    Flask,
+    flash,
+    abort,
+    url_for,
+    request,
+    redirect,
+    Blueprint,
+    make_response,
+    render_template,
+    current_app as app)
 
-from wqflask import app
 from utility import hmac
 
 from utility.redis_tools import get_redis_conn, get_user_id, get_user_by_unique_column, set_user_attribute, get_user_collections, save_collections
@@ -17,26 +26,7 @@ Redis = get_redis_conn()
 THREE_DAYS = 60 * 60 * 24 * 3
 THIRTY_DAYS = 60 * 60 * 24 * 30
 
-
-@app.before_request
-def get_user_session():
-    g.user_session = UserSession()
-    # I think this should solve the issue of deleting the cookie and redirecting to the home page when a user's session has expired
-    if not g.user_session:
-        response = make_response(redirect(url_for('login')))
-        response.set_cookie('session_id_v2', '', expires=0)
-        return response
-
-
-@app.after_request
-def set_user_session(response):
-    if hasattr(g, 'user_session'):
-        if not request.cookies.get(g.user_session.cookie_name):
-            response.set_cookie(g.user_session.cookie_name,
-                                g.user_session.cookie)
-    else:
-        response.set_cookie('session_id_v2', '', expires=0)
-    return response
+usession_bp = Blueprint("user_session", __name__)
 
 
 def verify_cookie(cookie):
@@ -55,7 +45,7 @@ def create_signed_cookie():
     return the_uuid, uuid_signed
 
 
-@app.route("/user/manage", methods=('GET', 'POST'))
+@usession_bp.route("/user/manage", methods=('GET', 'POST'))
 def manage_user():
     params = request.form if request.form else request.args
     if 'new_full_name' in params:
author	Frederick Muriuki Muriithi	2023-06-16 08:28:52 +0300
committer	Frederick Muriuki Muriithi	2023-06-20 13:36:50 +0300
commit	c0fd60447099ea4ce215d399cadb18af1918e6fb (patch)
tree	4f70786f2061d9e07184abec8f2b3f0492e8685e
parent	3ac57ba09a504bf0f03c0786c1d2504363a660ec (diff)
download	genenetwork2-c0fd60447099ea4ce215d399cadb18af1918e6fb.tar.gz