- Modernized authentication with the introduction of TenantProject

- Created a base mail template - Adapt and improve document API to usage of catalogs and processors - Adapt eveai_sync to new authentication mechanism and usage of catalogs and processors
2024-11-21 17:24:33 +01:00
parent 4c009949b3
commit 7702a6dfcc
72 changed files with 2338 additions and 503 deletions
--- a/eveai_app/views/security_views.py
+++ b/eveai_app/views/security_views.py
@@ -11,11 +11,12 @@ from itsdangerous import URLSafeTimedSerializer
 from sqlalchemy.exc import SQLAlchemyError

 from common.models.user import User
+from common.utils.eveai_exceptions import EveAIException
 from common.utils.nginx_utils import prefixed_url_for
 from eveai_app.views.security_forms import SetPasswordForm, ResetPasswordForm, RequestResetForm
 from common.extensions import db
 from common.utils.security_utils import confirm_token, send_confirmation_email, send_reset_email
-from common.utils.security import set_tenant_session_data
+from common.utils.security import set_tenant_session_data, is_valid_tenant

 security_bp = Blueprint('security_bp', __name__)

@@ -40,11 +41,15 @@ def login():
    if request.method == 'POST':
        try:
            if form.validate_on_submit():
-                user = User.query.filter_by(email=form.email.data).first()
-                if user is None or not verify_and_update_password(form.password.data, user):
-                    flash('Invalid username or password', 'danger')
-                    current_app.logger.error(f'Failed to login user')
-                    return redirect(prefixed_url_for('security_bp.login'))
+                try:
+                    user = User.query.filter_by(email=form.email.data).first()
+                    if user is None or not verify_and_update_password(form.password.data, user):
+                        raise EveAIException('Invalid email or password')
+                    is_valid_tenant(user.tenant_id)
+                except EveAIException as e:
+                    flash(f'Failed to login user: {str(e)}', 'danger')
+                    current_app.logger.error(f'Failed to login user: {str(e)}')
+                    abort(401)

                if login_user(user):
                    current_app.logger.info(f'Login successful! Current User is {current_user.email}')
@@ -55,7 +60,7 @@ def login():
                        return redirect(prefixed_url_for('user_bp.tenant_overview'))
                else:
                    flash('Invalid username or password', 'danger')
-                    current_app.logger.error(f'Failed to login user {user.email}')
+                    current_app.logger.error(f'Invalid username or password for given email: {user.email}')
                    abort(401)
            else:
                current_app.logger.error(f'Invalid login form: {form.errors}')