Use class constante instead of flying strings

a4c9ce9b · f00wl · b099b9df · a4c9ce9b · a4c9ce9b · a4c9ce9b
Verified Commit a4c9ce9b authored 3 years ago by f00wl
--- a/hiboo/account/login.py
+++ b/hiboo/account/login.py
@@ -13,7 +13,7 @@ def signin():
    form = forms.LoginForm()
    if form.validate_on_submit():
        user = models.User.login(form.username.data, form.password.data)
-        if user and "totp" in user.auths:
+        if user and models.Auth.TOTP in user.auths:
            session["username"] = user.username
            return flask.redirect(flask.url_for(".totp_verify"))
        elif user:
@@ -35,7 +35,7 @@ def totp_verify():
    else:
        return flask.redirect(flask.url_for(".signin"))
    if form.validate_on_submit():
-        if user.auths["totp"].check_totp(form.totp.data):
+        if user.auths[models.Auth.TOTP].check_totp(form.totp.data):
            flask_login.login_user(user)
            session.pop("username")
            return flask.redirect(utils.url_or_intent(".home"))
@@ -75,9 +75,9 @@ def signup():
        else:
            user = models.User()
            user.username = form.username.data
-            auth = models.Auth("password")
+            auth = models.Auth(models.Auth.PASSWORD)
            auth.set_password(form.password.data)
-            user.auths = {"password": auth}
+            user.auths = {models.Auth.PASSWORD: auth}
            models.db.session.add(user)
            models.db.session.add(auth)
            models.log(models.History.SIGNUP,
@@ -100,7 +100,7 @@ def reset(token_uuid):
    if form.validate_on_submit():
        token.expired_at = datetime.datetime.now()
        models.db.session.add(token)
-        auth = token.user.auths["password"]
+        auth = token.user.auths[models.Auth.PASSWORD]
        auth.set_password(form.password.data)
        models.log(models.History.PASSWORD, user=token.user)
        models.db.session.add(auth)

--- a/hiboo/account/settings.py
+++ b/hiboo/account/settings.py
@@ -16,7 +16,7 @@ import base64
 def password():
    form = forms.PasswordForm()
    if form.validate_on_submit():
-        auth = flask_login.current_user.auths["password"]
+        auth = flask_login.current_user.auths[models.Auth.PASSWORD]
        if auth.check_password(form.old.data):
            auth.set_password(form.password.data)
            models.log(models.History.PASSWORD, user=flask_login.current_user)
@@ -33,8 +33,8 @@ def password():
 @security.authentication_required()
 def totp():
    user = flask_login.current_user
-    if "totp" in user.auths:
-        key = user.auths["totp"].value
+    if models.Auth.TOTP in user.auths:
+        key = user.auths[models.Auth.TOTP].value
        issuer = flask.current_app.config['WEBSITE_NAME']
        totp_uri = pyotp.totp.TOTP(key).provisioning_uri(
            name=user.username,
@@ -55,9 +55,9 @@ def totp():
 @security.confirmation_required("Setup 2FA with TOTP")
 def totp_setup():
    user = flask_login.current_user
-    auth = models.Auth("totp")
+    auth = models.Auth(models.Auth.TOTP)
    auth.set_otp_key()
-    user.auths["totp"] = auth
+    user.auths[models.Auth.TOTP] = auth
    models.log(models.History.MFA, user=flask_login.current_user)
    models.db.session.add(auth)
    models.db.session.commit()
@@ -70,7 +70,7 @@ def totp_setup():
 @security.confirmation_required("Delete 2FA with TOTP")
 def totp_delete():
    user = flask_login.current_user
-    auth = user.auths["totp"]
+    auth = user.auths[models.Auth.TOTP]
    models.log(models.History.MFA, user=flask_login.current_user)
    models.db.session.delete(auth)
    models.db.session.commit()

--- a/hiboo/models.py
+++ b/hiboo/models.py
@@ -98,9 +98,9 @@ class User(db.Model):
        if not user:
            return False
        auths = user.auths
-        if not auths["password"]:
+        if not auths[Auth.PASSWORD]:
            return False
-        if not auths["password"].check_password(password):
+        if not auths[Auth.PASSWORD].check_password(password):
            return False
        return user

@@ -133,10 +133,13 @@ class Auth(db.Model):
    """
    __tablename__ = "auth"

+    PASSWORD = "password"
+    TOTP = "totp"
+
    def __init__(self, realm):
        self.realm = realm

-    realm = db.Column(db.String(25), server_default="password")
+    realm = db.Column(db.String(25), server_default=PASSWORD)
    user_uuid = db.Column(db.String(36), db.ForeignKey(User.uuid))
    user = db.relationship(User,
        backref=db.backref('auths',

--- a/hiboo/user/cli.py
+++ b/hiboo/user/cli.py
@@ -9,7 +9,7 @@ import click
 @click.argument("password")
 def create(username, password):
    assert not models.User.query.filter_by(username=username).first()
-    auth = models.Auth("password")
+    auth = models.Auth(models.Auth.PASSWORD)
    auth.set_password(password)
    user = models.User(
        username=username,