Run: black and isort
This commit is contained in:
@@ -1,43 +1,51 @@
|
||||
from functools import wraps
|
||||
from flask import session, redirect, url_for, flash, request
|
||||
import logging
|
||||
from functools import wraps
|
||||
|
||||
from flask import flash, redirect, request, session, url_for
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def login_required(f):
|
||||
"""
|
||||
Decorator to protect routes that require authentication
|
||||
"""
|
||||
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
if 'user_id' not in session or 'email' not in session:
|
||||
flash('Please log in to access this page', 'warning')
|
||||
if "user_id" not in session or "email" not in session:
|
||||
flash("Please log in to access this page", "warning")
|
||||
logger.info(f"Unauthorized access attempt to {request.endpoint}")
|
||||
return redirect(url_for('login'))
|
||||
return redirect(url_for("login"))
|
||||
return f(*args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
|
||||
|
||||
def logout_required(f):
|
||||
"""
|
||||
Decorator for routes that should only be accessible when NOT logged in
|
||||
(e.g., login, register pages)
|
||||
"""
|
||||
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
if 'user_id' in session:
|
||||
flash('You are already logged in', 'info')
|
||||
return redirect(url_for('dashboard'))
|
||||
if "user_id" in session:
|
||||
flash("You are already logged in", "info")
|
||||
return redirect(url_for("dashboard"))
|
||||
return f(*args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
|
||||
|
||||
def get_current_user():
|
||||
"""
|
||||
Helper function to get current user info from session
|
||||
"""
|
||||
if 'user_id' in session:
|
||||
if "user_id" in session:
|
||||
return {
|
||||
'id': session['user_id'],
|
||||
'username': session['username'],
|
||||
'email': session['email']
|
||||
"id": session["user_id"],
|
||||
"username": session["username"],
|
||||
"email": session["email"],
|
||||
}
|
||||
return None
|
||||
return None
|
||||
|
||||
@@ -1,9 +1,10 @@
|
||||
import hashlib
|
||||
import secrets
|
||||
import logging
|
||||
import secrets
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class PasswordUtils:
|
||||
@staticmethod
|
||||
def hash_password(password: str, salt: str = None) -> tuple[str, str]:
|
||||
@@ -11,7 +12,7 @@ class PasswordUtils:
|
||||
salt = secrets.token_hex(32)
|
||||
password = password.strip()
|
||||
salted_password = password + salt
|
||||
hash_object = hashlib.sha512(salted_password.encode('utf-8'))
|
||||
hash_object = hashlib.sha512(salted_password.encode("utf-8"))
|
||||
password_hash = hash_object.hexdigest()
|
||||
logger.debug("Password hashed successfully")
|
||||
return password_hash, salt
|
||||
@@ -24,4 +25,4 @@ class PasswordUtils:
|
||||
@staticmethod
|
||||
def hash_password_simple(password: str) -> str:
|
||||
password = password.strip()
|
||||
return hashlib.sha512(password.encode('utf-8')).hexdigest()
|
||||
return hashlib.sha512(password.encode("utf-8")).hexdigest()
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
import re
|
||||
import logging
|
||||
import re
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class ValidationUtils:
|
||||
@staticmethod
|
||||
def validate_email(email: str) -> bool:
|
||||
@@ -10,7 +11,7 @@ class ValidationUtils:
|
||||
return False
|
||||
|
||||
email = email.strip().lower()
|
||||
pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
|
||||
pattern = r"^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$"
|
||||
is_valid = bool(re.match(pattern, email))
|
||||
|
||||
if not is_valid:
|
||||
@@ -27,7 +28,7 @@ class ValidationUtils:
|
||||
if len(username) < 3 or len(username) > 25:
|
||||
logger.warning(f"Username length invalid: {len(username)}")
|
||||
return False
|
||||
pattern = r'^[a-zA-Z0-9_]+$'
|
||||
pattern = r"^[a-zA-Z0-9_]+$"
|
||||
is_valid = bool(re.match(pattern, username))
|
||||
if not is_valid:
|
||||
logger.warning(f"Invalid username format: {username}")
|
||||
@@ -40,12 +41,14 @@ class ValidationUtils:
|
||||
errors.append("Password is required")
|
||||
return False, errors
|
||||
if len(password) < 4 or len(password) > 50:
|
||||
errors.append("Password must be at least 4 characters long and must not exceed 128 characters")
|
||||
if not re.search(r'[A-Z]', password):
|
||||
errors.append(
|
||||
"Password must be at least 4 characters long and must not exceed 128 characters"
|
||||
)
|
||||
if not re.search(r"[A-Z]", password):
|
||||
errors.append("Password must contain at least one uppercase letter")
|
||||
if not re.search(r'[a-z]', password):
|
||||
if not re.search(r"[a-z]", password):
|
||||
errors.append("Password must contain at least one lowercase letter")
|
||||
if not re.search(r'\d', password):
|
||||
if not re.search(r"\d", password):
|
||||
errors.append("Password must contain at least one digit")
|
||||
if not re.search(r'[!@#$%^&*(),.?":{}|<>]', password):
|
||||
errors.append("Password must contain at least one special character")
|
||||
@@ -53,4 +56,4 @@ class ValidationUtils:
|
||||
if not is_valid:
|
||||
logger.warning(f"Password validation failed: {errors}")
|
||||
|
||||
return is_valid, errors
|
||||
return is_valid, errors
|
||||
|
||||
Reference in New Issue
Block a user