Skip to content

Commit

Permalink
Fix the way href's are being set in DefaultAuthForms (#922)
Browse files Browse the repository at this point in the history
* Fix the way href's are being set in DefaultAuthForms to take into account the route defined for the Auth object

* Fix two additional redirects missed in the previous commit
  • Loading branch information
kszys authored Sep 27, 2024
1 parent a990917 commit b474ed0
Showing 1 changed file with 24 additions and 24 deletions.
48 changes: 24 additions & 24 deletions py4web/utils/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -1452,7 +1452,7 @@ def register(self, model=False):
dict(
label=self.auth.param.messages["buttons"]["sign-in"],
action="login",
href="/auth/api/login",
href=URL(f"{self.auth.route}/api/login"),
)
)

Expand All @@ -1461,15 +1461,15 @@ def register(self, model=False):
dict(
label=self.auth.param.messages["buttons"]["lost-password"],
action="request_reset_password",
href="/auth/api/request_reset_password",
href=URL(f"{self.auth.route}/api/request_reset_password"),
)
)

return dict(
public=True,
hidden=False,
fields=fields,
href="/auth/api/register",
href=URL(f"{self.auth.route}/api/register"),
submit_label=button_name,
additional_buttons=additional_buttons,
)
Expand Down Expand Up @@ -1511,7 +1511,7 @@ def register(self, model=False):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-in"],
_href="../auth/login",
_href=URL(f"{self.auth.route}/login"),
_class=self.auth.param.button_classes["sign-in"],
_role="button",
)
Expand All @@ -1520,7 +1520,7 @@ def register(self, model=False):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["lost-password"],
_href="../auth/request_reset_password",
_href=URL(f"{self.auth.route}/request_reset_password"),
_class=self.auth.param.button_classes["lost-password"],
_role="button",
)
Expand All @@ -1536,7 +1536,7 @@ def login_buttons(self):
if not hasattr(plugin, "get_login_url"):
continue

url = f"/auth/plugin/{name}/login"
url = URL(f"{self.auth.route}/plugin/{name}/login")

next_url = prevent_open_redirect(request.query.get("next"))
if next_url:
Expand All @@ -1548,7 +1548,7 @@ def login_buttons(self):

combined_div = DIV(
*[
A(item["label"], _href=f"..{item['href']}", _role="button")
A(item["label"], _href=f"{item['href']}", _role="button")
for item in top_buttons
]
)
Expand Down Expand Up @@ -1590,7 +1590,7 @@ def login(self, model=False):
dict(
label=self.auth.param.messages["buttons"]["sign-up"],
action="register",
href="/auth/api/register",
href=URL(f"{self.auth.route}/api/register"),
)
)

Expand All @@ -1599,7 +1599,7 @@ def login(self, model=False):
dict(
label=self.auth.param.messages["buttons"]["lost-password"],
action="request_reset_password",
href="/auth/api/request_reset_password",
href=URL(f"{self.auth.route}/api/request_reset_password"),
)
)

Expand All @@ -1609,7 +1609,7 @@ def login(self, model=False):
public=True,
hidden=False,
fields=fields,
href="/auth/api/login",
href=URL(f"{self.auth.route}/api/login"),
submit_label=button_name,
additional_buttons=additional_buttons,
)
Expand Down Expand Up @@ -1644,15 +1644,15 @@ def login(self, model=False):
):
self.auth.session["auth.2fa_user"] = user["id"]
self.auth.session["auth.2fa_next_url"] = next_url
redirect(URL("auth", "two_factor"))
redirect(URL(f"{self.auth.route}/two_factor"))
self.auth.store_user_in_session(user["id"])
self._postprocessing("login", form, user)

if self.auth.allows("register"):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-up"],
_href="../auth/register",
_href=URL(f"{self.auth.route}/register"),
_class=self.auth.param.button_classes["sign-up"],
_role="button",
)
Expand All @@ -1661,7 +1661,7 @@ def login(self, model=False):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["lost-password"],
_href="../auth/request_reset_password",
_href=URL(f"{self.auth.route}/request_reset_password"),
_class=self.auth.param.button_classes["lost-password"],
_role="button",
)
Expand Down Expand Up @@ -1730,7 +1730,7 @@ def two_factor(self):
self._set_flash(
self.auth.param.messages["errors"]["two_factor_max_tries"]
)
redirect(URL("auth", "login", vars=dict(next=next_url)))
redirect(URL(f"{self.auth.route}/login", vars=dict(next=next_url)))
return form

def request_reset_password(self, model=False):
Expand All @@ -1752,7 +1752,7 @@ def request_reset_password(self, model=False):
dict(
label=self.auth.param.messages["buttons"]["sign-in"],
action="login",
href="/auth/api/login",
href=URL(f"{self.auth.route}/api/login"),
)
)

Expand All @@ -1761,15 +1761,15 @@ def request_reset_password(self, model=False):
dict(
label=self.auth.param.messages["buttons"]["sign-up"],
action="register",
href="/auth/api/register",
href=URL(f"{self.auth.route}/api/register"),
)
)

return dict(
public=True,
hidden=False,
fields=fields,
href="/auth/api/request_reset_password",
href=URL(f"{self.auth.route}/api/request_reset_password"),
submit_label=button_name,
additional_buttons=additional_buttons,
)
Expand All @@ -1794,7 +1794,7 @@ def request_reset_password(self, model=False):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-in"],
_href="../auth/login",
_href=URL(f"{self.auth.route}/login"),
_class=self.auth.param.button_classes["sign-in"],
_role="button",
)
Expand All @@ -1804,7 +1804,7 @@ def request_reset_password(self, model=False):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-up"],
_href="../auth/register",
_href=URL(f"{self.auth.route}/register"),
_class=self.auth.param.button_classes["sign-up"],
_role="button",
)
Expand Down Expand Up @@ -1836,7 +1836,7 @@ def reset_password(self, model=False):
public=True,
hidden=True,
fields=fields,
href="/auth/api/reset_password",
href=URL(f"{self.auth.route}/api/reset_password"),
submit_label=button_name,
)

Expand Down Expand Up @@ -1888,7 +1888,7 @@ def change_password(self, model=False):
public=False,
hidden=False,
fields=fields,
href="/auth/api/change_password",
href=URL(f"{self.auth.route}/api/change_password"),
submit_label=button_name,
)

Expand Down Expand Up @@ -1948,7 +1948,7 @@ def profile(self, model=False):
public=False,
hidden=False,
fields=fields,
href="/auth/api/profile",
href=URL(f"{self.auth.route}/api/profile"),
submit_label=button_name,
deletable=deletable,
)
Expand All @@ -1968,7 +1968,7 @@ def profile(self, model=False):
def logout(self, model=False):
if model:
return dict(
public=False, hidden=False, noform=True, href="/auth/api/logout"
public=False, hidden=False, noform=True, href=URL(f"{self.auth.route}/api/logout")
)

"""Process logout"""
Expand All @@ -1980,7 +1980,7 @@ def logout(self, model=False):
def verify_email(self, model=False):
if model:
return dict(
public=True, hidden=True, noform=True, href="/auth/api/verify_email"
public=True, hidden=True, noform=True, href=URL(f"{self.auth.route}/api/verify_email")
)

"""Process token in email verification"""
Expand Down

0 comments on commit b474ed0

Please sign in to comment.