diff --git a/app/blueprints/github/__init__.py b/app/blueprints/github/__init__.py index b89bf581..0867273a 100644 --- a/app/blueprints/github/__init__.py +++ b/app/blueprints/github/__init__.py @@ -19,11 +19,11 @@ from flask import Blueprint bp = Blueprint("github", __name__) from flask import redirect, url_for, request, flash, abort, render_template, jsonify, current_app -from flask_login import current_user, login_required, login_user +from flask_login import current_user, login_required from sqlalchemy import func, or_, and_ from app import github, csrf -from app.models import db, User, APIToken, Package, Permission, AuditSeverity, UserRank -from app.utils import randomString, abs_url_for, addAuditLog +from app.models import db, User, APIToken, Package, Permission, AuditSeverity +from app.utils import randomString, abs_url_for, addAuditLog, login_user_set_active from app.blueprints.api.support import error, handleCreateRelease import hmac, requests, json @@ -72,7 +72,7 @@ def callback(oauth_token): if userByGithub is None: flash("Unable to find an account for that Github user", "danger") return redirect(url_for("users.claim")) - elif login_user(userByGithub, remember=True): + elif login_user_set_active(userByGithub, remember=True): addAuditLog(AuditSeverity.USER, userByGithub, "Logged in using GitHub OAuth", url_for("users.profile", username=userByGithub.username)) db.session.commit() diff --git a/app/blueprints/users/claim.py b/app/blueprints/users/claim.py index 3552510b..1512d415 100644 --- a/app/blueprints/users/claim.py +++ b/app/blueprints/users/claim.py @@ -14,18 +14,19 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -from flask_login import login_user from . import bp from flask import redirect, render_template, session, request, flash, url_for from app.models import db, User, UserRank -from app.utils import randomString +from app.utils import randomString, login_user_set_active from app.tasks.forumtasks import checkForumAccount from app.tasks.phpbbparser import getProfile import re + def check_username(username): return username is not None and len(username) >= 2 and re.match("^[A-Za-z0-9._-]*$", username) + @bp.route("/user/claim/", methods=["GET", "POST"]) def claim(): username = request.args.get("username") @@ -52,7 +53,6 @@ def claim(): flash("Unable to find user", "danger") return redirect(url_for("users.claim")) - token = None if "forum_token" in session: token = session["forum_token"] else: @@ -102,7 +102,7 @@ def claim(): db.session.add(user) db.session.commit() - if login_user(user, remember=True): + if login_user_set_active(user, remember=True): return redirect(url_for("users.set_password")) else: flash("Unable to login as user", "danger") diff --git a/app/utils.py b/app/utils.py index 3a882e32..acd3d7e3 100644 --- a/app/utils.py +++ b/app/utils.py @@ -149,6 +149,15 @@ def make_flask_login_password(plaintext): return bcrypt.hash(plaintext.encode("UTF-8")) +def login_user_set_active(user: User, *args, **kwargs): + if user.rank == UserRank.NOT_JOINED and user.email is None: + user.rank = UserRank.MEMBER + user.is_active = True + db.session.commit() + + return login_user(user, *args, **kwargs) + + def rank_required(rank): def decorator(f): @wraps(f) @@ -163,6 +172,7 @@ def rank_required(rank): return decorated_function return decorator + def getPackageByInfo(author, name): user = User.query.filter_by(username=author).first() if user is None: