Initial fix

2025-04-28 17:32:38 +02:00 · 2025-04-03 11:15:08 +02:00 · 2025-04-03 11:15:08 +02:00 · de580d9a7e
commit de580d9a7e
parent 56bee93346
4 changed files with 52 additions and 5 deletions
--- a/ihatemoney/static/css/main.css
+++ b/ihatemoney/static/css/main.css
@ -644,4 +644,9 @@ footer .icon svg {

 .edit-project .custom-file {
  margin-bottom: 2em;
-}
+}
+
+.connected-projects {
+  a {
+  }
+}
--- a/ihatemoney/templates/home.html
+++ b/ihatemoney/templates/home.html
@ -33,6 +33,20 @@
 </header>
 <main class="row home">
  <div class="card-deck ml-auto mr-auto">
+  {% if 'projects' in session %}
+    <div class="card">
+      <div class="card-header">
+        {{ _("Open a project in your current session") }}
+      </div>
+      <div class="card-body">
+        <ul class="connected-projects">
+          {% for id, name in session['projects'].items() %}
+            <li><a href="{{ url_for("main.list_bills", project_id=id )}}">{{name}}</a>
+          {% endfor %}
+        </ul>
+      </div>
+    </div>
+    {% endif %}
    <div class="card">
      <div class="card-header">
        {{ _("Log in to an existing project") }}
--- a/ihatemoney/tests/api_test.py
+++ b/ihatemoney/tests/api_test.py
@ -6,6 +6,7 @@ import pytest

 from ihatemoney.tests.common.help_functions import em_surround
 from ihatemoney.tests.common.ihatemoney_testcase import IhatemoneyTestCase
+from flask import session


 class TestAPI(IhatemoneyTestCase):
@ -1079,3 +1080,29 @@ class TestAPI(IhatemoneyTestCase):
        # Bill type should now be "Expense"
        got = json.loads(req.data.decode("utf-8"))
        assert got["bill_type"] == "Expense"
+
+    def test_get_auth(self):
+        """
+        Redirects to logged in projects
+        """
+        self.create_project("test-project")
+        self.login("test-project")
+
+    def test_post_auth_wrong_password(self):
+        """
+        Rejects wrong passwords for projects
+        in the session
+        """
+        self.create_project("project1", password="a")
+        self.login("project1", "a")
+
+        print(session["projects"])
+        
+
+    def test_post_auth_correct_password(self):
+        """
+        Accepts correct passwords for projects
+        in the session
+        """
+        pass
+
--- a/ihatemoney/web.py
+++ b/ihatemoney/web.py
@ -258,6 +258,7 @@ def join_project(token):
 def authenticate(project_id=None):
    """Authentication form"""
    form = AuthenticationForm()
+    is_post_auth = request.method == "POST" and form.validate()

    if not form.id.data and request.args.get("project_id"):
        form.id.data = request.args["project_id"]
@ -270,14 +271,13 @@ def authenticate(project_id=None):
        return render_template(
            "authenticate.html", form=form, create_project=project_id
        )
-
-    # if credentials are already in session, redirect
-    if session.get(project_id):
+    
+    # if credentials are already in session and no password is provided, redirect
+    if session.get(project_id) and not is_post_auth:
        setattr(g, "project", project)
        return redirect(url_for(".list_bills"))

    # else do form authentication authentication
-    is_post_auth = request.method == "POST" and form.validate()
    if is_post_auth and check_password_hash(project.password, form.password.data):
        set_authorized_project(project)
        setattr(g, "project", project)
@ -290,6 +290,7 @@ def authenticate(project_id=None):


 def get_project_form():
+    fancy = {'complexity':'Cyclo. compl.', 'churn': 'Churn', 'comments_ratio': 'Ratio', 'loc': 'LOC', 'dit': 'DIT', 'cbo': 'CBO', 'vulns': 'Vuln.', 'smells': 'Smells'}
    if current_app.config.get("ENABLE_CAPTCHA", False):
        return ProjectFormWithCaptcha()
    return ProjectForm()