From 18123f6745beaba99b40a4db6d9aad1dbcdf6925 Mon Sep 17 00:00:00 2001
From: Folker Bernitt <fbernitt@thoughtworks.com>
Date: Fri, 22 Jan 2016 17:42:35 +0100
Subject: Show sensible error message for failed login

- Issue #576
- Use of twisted templating
---
 service/pixelated/resources/login_resource.py | 65 +++++++++++++++++----------
 1 file changed, 41 insertions(+), 24 deletions(-)

(limited to 'service/pixelated/resources/login_resource.py')

diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py
index b249a67e..e7586bf6 100644
--- a/service/pixelated/resources/login_resource.py
+++ b/service/pixelated/resources/login_resource.py
@@ -16,26 +16,58 @@
 
 import logging
 import os
-from string import Template
 
 from twisted.cred import credentials
 from twisted.internet import defer
 from twisted.web.resource import IResource
 from twisted.web.server import NOT_DONE_YET
 from twisted.web.static import File
+from twisted.web.template import Element, XMLFile, renderElement, renderer, tags
+from twisted.python.filepath import FilePath
 
 from pixelated.resources import BaseResource, UnAuthorizedResource
 
 log = logging.getLogger(__name__)
 
 
+def _get_startup_folder():
+    path = os.path.dirname(os.path.abspath(__file__))
+    return os.path.join(path, '..', 'assets')
+
+
+def _get_static_folder():
+    static_folder = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "..", "web-ui", "app"))
+    # this is a workaround for packaging
+    if not os.path.exists(static_folder):
+        static_folder = os.path.abspath(
+            os.path.join(os.path.abspath(__file__), "..", "..", "..", "..", "web-ui", "app"))
+    if not os.path.exists(static_folder):
+        static_folder = os.path.join('/', 'usr', 'share', 'pixelated-user-agent')
+    return static_folder
+
+
+class LoginWebSite(Element):
+    loader = XMLFile(FilePath(os.path.join(_get_startup_folder(), 'login.html')))
+
+    def __init__(self, error_msg=None):
+        super(LoginWebSite, self).__init__()
+        self._error_msg = error_msg
+
+    @renderer
+    def error_msg(self, request, tag):
+        if self._error_msg is not None:
+            return tag(self._error_msg)
+        else:
+            return tag('')
+
+
 class LoginResource(BaseResource):
     BASE_URL = 'login'
 
     def __init__(self, services_factory, portal=None):
         BaseResource.__init__(self, services_factory)
-        self._static_folder = self._get_static_folder()
-        self._startup_folder = self._get_startup_folder()
+        self._static_folder = _get_static_folder()
+        self._startup_folder = _get_startup_folder()
         self._html_template = open(os.path.join(self._startup_folder, 'login.html')).read()
         self._portal = portal
         self.putChild('startup-assets', File(self._startup_folder))
@@ -51,8 +83,11 @@ class LoginResource(BaseResource):
         return UnAuthorizedResource()
 
     def render_GET(self, request):
-        response = Template(self._html_template).safe_substitute()
-        return str(response)
+        return self._render_template(request)
+
+    def _render_template(self, request, error_msg=None):
+        site = LoginWebSite(error_msg=error_msg)
+        return renderElement(request, site)
 
     def render_POST(self, request):
 
@@ -61,12 +96,8 @@ class LoginResource(BaseResource):
             request.finish()
 
         def render_error(error):
-            login_form = self.render_GET(request)
             request.status = 500
-            request.write('We got an error:\n')
-            request.write(str(error))
-            request.write(login_form)
-            request.finish()
+            return self._render_template(request, 'Invalid credentials')
 
         d = self._handle_login(request)
         d.addCallbacks(render_response, render_error)
@@ -90,17 +121,3 @@ class LoginResource(BaseResource):
         leap_user.init_http_session(request)
 
         log.info('about to redirect to home page')
-
-    def _get_startup_folder(self):
-        path = os.path.dirname(os.path.abspath(__file__))
-        return os.path.join(path, '..', 'assets')
-
-    def _get_static_folder(self):
-        static_folder = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "..", "web-ui", "app"))
-        # this is a workaround for packaging
-        if not os.path.exists(static_folder):
-            static_folder = os.path.abspath(
-                os.path.join(os.path.abspath(__file__), "..", "..", "..", "..", "web-ui", "app"))
-        if not os.path.exists(static_folder):
-            static_folder = os.path.join('/', 'usr', 'share', 'pixelated-user-agent')
-        return static_folder
-- 
cgit v1.2.3