From c72f13d35b794f55f28cddefcd66a6f0c34c57f0 Mon Sep 17 00:00:00 2001 From: manrajg13 Date: Fri, 10 Mar 2023 18:33:38 -0500 Subject: [PATCH] Fix: Dockerfile and routes error handling Moved copying .env in dockerfile to avoid cache invalidation. Removed try and except in confirm2fa because it did nothing. Checking if next is None or '' before returning and removed data deletions in route functions. --- Dockerfile | 2 +- app/auth/forms.py | 6 ------ app/auth/routes.py | 10 +++++----- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/Dockerfile b/Dockerfile index ebd77ad..5f4bf9c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,11 +5,11 @@ RUN useradd microblog WORKDIR /home/microblog COPY requirements.txt requirements.txt -COPY .env .env RUN python -m venv venv RUN venv/bin/pip install -r requirements.txt RUN venv/bin/pip install gunicorn pymysql cryptography +COPY .env .env COPY app app COPY migrations migrations COPY microblog.py config.py boot.sh ./ diff --git a/app/auth/forms.py b/app/auth/forms.py index f0fbba5..7ac8730 100644 --- a/app/auth/forms.py +++ b/app/auth/forms.py @@ -20,12 +20,6 @@ class Enable2faForm(FlaskForm): verification_phone = StringField('Phone', validators=[DataRequired()]) submit = SubmitField('Enable 2FA') - def validate_verification_phone(self, verification_phone): - try: - return - except: - print("An exception occurred") - class Disable2faForm(FlaskForm): submit = SubmitField('Disable 2FA') diff --git a/app/auth/routes.py b/app/auth/routes.py index d3b5053..7762880 100644 --- a/app/auth/routes.py +++ b/app/auth/routes.py @@ -22,6 +22,8 @@ def login(): flash(_('Invalid username or password')) return redirect(url_for('auth.login')) next_page = request.args.get('next') + if not next_page or url_parse(next_page).netloc != '': + next_page = url_for('main.index') if user.two_factor_enabled(): request_verification_token(user.verification_phone) session['username'] = user.username @@ -30,19 +32,16 @@ def login(): 'auth.verify_2fa', next=next_page, remember='1' if form.remember_me.data else '0')) login_user(user, remember=form.remember_me.data) - if not next_page or url_parse(next_page).netloc != '': - next_page = url_for('main.index') return redirect(next_page) return render_template('auth/login.html', title=_('Sign In'), form=form) -@bp.route('/verify2fa', methods=['GET', 'POST']) +@bp.route('/verify_2fa', methods=['GET', 'POST']) def verify_2fa(): form = Confirm2faForm() if form.validate_on_submit(): phone = session['phone'] if check_verification_token(phone, form.token.data): - del session['phone'] if current_user.is_authenticated: current_user.verification_phone = phone db.session.commit() @@ -50,10 +49,11 @@ def verify_2fa(): return redirect(url_for('main.index')) else: username = session['username'] - del session['username'] user = User.query.filter_by(username=username).first() next_page = request.args.get('next') remember = request.args.get('remember', '0') == '1' + if not next_page or url_parse(next_page).netloc != '': + next_page = url_for('main.index') login_user(user, remember=remember) return redirect(next_page) form.token.errors.append('Invalid token')