Improve user authentication error handling

This commit is contained in:
rubenwardy 2020-04-14 14:39:49 +01:00
parent 9cc3eba009
commit dadfe72b48
3 changed files with 29 additions and 12 deletions

@ -34,15 +34,16 @@ def claim():
if user and user.rank.atLeast(UserRank.NEW_MEMBER): if user and user.rank.atLeast(UserRank.NEW_MEMBER):
flash("User has already been claimed", "danger") flash("User has already been claimed", "danger")
return redirect(url_for("users.claim")) return redirect(url_for("users.claim"))
elif user is None and method == "github": elif method == "github":
flash("Unable to get Github username for user", "danger") if user is None or user.github_username is None:
return redirect(url_for("users.claim")) flash("Unable to get Github username for user", "danger")
elif user is None: return redirect(url_for("users.claim"))
flash("Unable to find that user", "danger") else:
return redirect(url_for("github.start"))
elif user is None and request.method == "POST":
flash("Unable to find user", "danger")
return redirect(url_for("users.claim")) return redirect(url_for("users.claim"))
if user is not None and method == "github":
return redirect(url_for("github.start"))
token = None token = None
if "forum_token" in session: if "forum_token" in session:
@ -70,8 +71,17 @@ def claim():
sig = None sig = None
try: try:
profile = getProfile("https://forum.minetest.net", username) profile = getProfile("https://forum.minetest.net", username)
sig = profile.signature sig = profile.signature if profile else None
except IOError: except IOError as e:
if hasattr(e, 'message'):
message = e.message
else:
message = str(e)
flash("Error whilst attempting to access forums: " + message, "danger")
return redirect(url_for("users.claim", username=username))
if profile is None:
flash("Unable to get forum signature - does the user exist?", "danger") flash("Unable to get forum signature - does the user exist?", "danger")
return redirect(url_for("users.claim", username=username)) return redirect(url_for("users.claim", username=username))

@ -16,7 +16,7 @@
from flask import * from flask import *
from flask_user import * from flask_user import signals, current_user, user_manager
from flask_login import login_user, logout_user from flask_login import login_user, logout_user
from app.markdown import render_markdown from app.markdown import render_markdown
from . import bp from . import bp
@ -192,7 +192,7 @@ def set_password():
# Send 'password_changed' email # Send 'password_changed' email
if user_manager.USER_ENABLE_EMAIL and current_user.email: if user_manager.USER_ENABLE_EMAIL and current_user.email:
emails.send_password_changed_email(current_user) user_manager.email_manager.send_password_changed_email(current_user)
# Send password_changed signal # Send password_changed signal
signals.user_changed_password.send(current_app._get_current_object(), user=current_user) signals.user_changed_password.send(current_app._get_current_object(), user=current_user)

@ -74,7 +74,14 @@ def __extract_signature(soup):
def getProfile(url, username): def getProfile(url, username):
url = url + "/memberlist.php?mode=viewprofile&un=" + urlEncodeNonAscii(username) url = url + "/memberlist.php?mode=viewprofile&un=" + urlEncodeNonAscii(username)
contents = urllib.request.urlopen(url).read().decode("utf-8") req = urllib.request.urlopen(url, timeout=5)
if req.getcode() == 404:
return None
if req.getcode() != 200:
raise IOError(req.getcode())
contents = req.read().decode("utf-8")
soup = BeautifulSoup(contents, "lxml") soup = BeautifulSoup(contents, "lxml")
if soup is None: if soup is None:
return None return None