mirror of
https://github.com/simple-login/app.git
synced 2024-11-16 00:48:32 +01:00
65 lines
1.9 KiB
Python
65 lines
1.9 KiB
Python
|
from flask import request, redirect, url_for, flash, render_template, g
|
||
from flask_login import login_user, current_user
|
|||
|
|||
|
from app import email_utils
|
||
from app.auth.base import auth_bp
|
|||
|
from app.extensions import db, limiter
|
||
from app.log import LOG
|
|||
from app.models import ActivationCode
|
|||
|
|||
|
|||
@auth_bp.route("/activate", methods=["GET", "POST"])
|
|||
|
@limiter.limit(
|
||
"10/minute", deduct_when=lambda r: hasattr(g, "deduct_limit") and g.deduct_limit
|
|||
)
|
|||
def activate():
|
|||
if current_user.is_authenticated:
|
|||
return (
|
|||
render_template("auth/activate.html", error="You are already logged in"),
|
|||
400,
|
|||
)
|
|||
|
|||
code = request.args.get("code")
|
|||
|
|||
activation_code: ActivationCode = ActivationCode.get_by(code=code)
|
|||
|
|||
if not activation_code:
|
|||
|
# Trigger rate limiter
|
||
g.deduct_limit = True
|
|||
return (
|
|||
|
render_template(
|
||
"auth/activate.html", error="Activation code cannot be found"
|
|||
),
|
|||
400,
|
|||
)
|
|||
|
|||
|
if activation_code.is_expired():
|
||
return (
|
|||
render_template(
|
|||
"auth/activate.html",
|
|||
|
error="Activation code was expired",
|
||
show_resend_activation=True,
|
|||
),
|
|||
400,
|
|||
)
|
|||
|
|||
user = activation_code.user
|
|||
user.activated = True
|
|||
login_user(user)
|
|||
|
email_utils.send_welcome_email(user)
|
||
|
|||
# activation code is to be used only once
|
|||
add delete() to ModelMixin: do NOT use the session.delete(), somehow it does a "SET" before "DELETE"
|
ActivationCode.delete(activation_code.id)
|
||
db.session.commit()
|
|||
|
|||
flash("Your account has been activated", "success")
|
|||
|
|||
# The activation link contains the original page, for ex authorize page
|
|||
if "next" in request.args:
|
|||
next_url = request.args.get("next")
|
|||
LOG.debug("redirect user to %s", next_url)
|
|||
return redirect(next_url)
|
|||
else:
|
|||
LOG.debug("redirect user to dashboard")
|
|||
return redirect(url_for("dashboard.index"))
|