From 41da9722acf2860b02ea679655d4d55957407df6 Mon Sep 17 00:00:00 2001
From: f00wl <f00wl@felinn.org>
Date: Sun, 12 Feb 2023 13:40:21 +0100
Subject: [PATCH] Add enablable Auth * Add bolean field to Auth class * Append
 migration * check TOTP enabled in login mechanism * enable password auth in
 signup mechanism

---
 hiboo/account/login.py                        |  4 +--
 hiboo/models.py                               |  4 ++-
 .../f9130c1a10f7_add_enableable_auth.py       | 26 +++++++++++++++++++
 3 files changed, 31 insertions(+), 3 deletions(-)
 create mode 100644 migrations/versions/f9130c1a10f7_add_enableable_auth.py

diff --git a/hiboo/account/login.py b/hiboo/account/login.py
index 0813265..d5add19 100644
--- a/hiboo/account/login.py
+++ b/hiboo/account/login.py
@@ -13,7 +13,7 @@ def signin_password():
     form = forms.LoginForm()
     if form.validate_on_submit():
         user = models.User.login(form.username.data, form.password.data)
-        if user and models.Auth.TOTP in user.auths:
+        if user and models.Auth.TOTP in user.auths and user.auths[models.Auth.TOTP].enabled:
             session["username"] = user.username
             return flask.redirect(utils.url_for(".signin_totp"))
         elif user:
@@ -73,7 +73,7 @@ def signup():
         else:
             user = models.User()
             user.username = form.username.data
-            auth = models.Auth(models.Auth.PASSWORD)
+            auth = models.Auth(models.Auth.PASSWORD, enabled=True)
             auth.set_password(form.password.data)
             user.auths = {models.Auth.PASSWORD: auth}
             models.db.session.add(user)
diff --git a/hiboo/models.py b/hiboo/models.py
index 8ca33ee..fd60980 100644
--- a/hiboo/models.py
+++ b/hiboo/models.py
@@ -164,10 +164,12 @@ class Auth(db.Model):
         TOTP: "blue"
     }
 
-    def __init__(self, realm):
+    def __init__(self, realm, enabled=False):
         self.realm = realm
+        self.enabled = enabled
 
     realm = db.Column(db.String(25), server_default=PASSWORD)
+    enabled = db.Column(db.Boolean(), nullable=False, default=1)
     user_uuid = db.Column(db.String(36), db.ForeignKey(User.uuid))
     user = db.relationship(User,
         backref=db.backref('auths',
diff --git a/migrations/versions/f9130c1a10f7_add_enableable_auth.py b/migrations/versions/f9130c1a10f7_add_enableable_auth.py
new file mode 100644
index 0000000..1724277
--- /dev/null
+++ b/migrations/versions/f9130c1a10f7_add_enableable_auth.py
@@ -0,0 +1,26 @@
+""" add enableable auth
+
+Revision ID: f9130c1a10f7
+Revises: 07709c08a6d7
+Create Date: 2023-02-10 14:57:20.853487
+"""
+
+from alembic import op
+import sqlalchemy as sa
+import hiboo
+
+
+revision = 'f9130c1a10f7'
+down_revision = '07709c08a6d7'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    with op.batch_alter_table('auth') as batch_op:
+        batch_op.add_column(sa.Column('enabled', sa.Boolean(), server_default="1", nullable=False))
+
+
+def downgrade():
+    with op.batch_alter_table('auth') as batch_op:
+        batch_op.drop_column('auth', 'enabled')
-- 
GitLab