Templates¶
This references the template files, their role and the variables available in their contexts. The intended audience for this reference is designers wishing to build their custom Canaille theme.
Base¶
Those templates are shared by all the pages rendered by Canaille.
Template files¶
- TEMPLATE base.html¶
The main template inherited by almost every other templates.
- Parameters:
user (
User
) – The current user, if logged in.features (
Features
) – The features enabled and available in Canaille.locale (
str
) – The user locale.logo_url (
str
) – The URL of the instance logo defined inLOGO
.favicon_url (
str
) – The URL of the instance favicon defined inFAVICON
.request_is_boosted (
bool
) – Whether the page is boosted byHTMX
.menu (
bool
) – Whether to display the menu or not.debug (
bool
) – Whether the app has been launched in debug mode.no_secret_key (bool) – Whether a
SECRET_KEY
has been defined.
- TEMPLATE error.html¶
The error page. Displayed for all kinds of errors (not found, internal server error etc.).
- TEMPLATE macro/flask.html¶
Macros for Flask flash message rendering
- TEMPLATE macro/form.html¶
Macros for form and form field rendering.
Connects WTForms, Fomantic-UI and HTMX.
- TEMPLATE macro/table.html¶
Macros for rendering table paginated with HTMX.
Forms¶
Core¶
The core templates are displayed in the authentication and profile edition pages.
Template files¶
- TEMPLATE core/about.html¶
-
The ‘About’ page.
This is an informational page, displaying the project links.
- Parameters:
version (
str
) – The current Canaille version.
- TEMPLATE core/firstlogin.html¶
-
The first login page.
This page is displayed to users who do not have set a password yet.
- TEMPLATE core/forgotten-password.html¶
-
Password forgotten page.
This page displays a form asking for the email address of users who cannot remember their password.
- TEMPLATE core/group.html¶
-
Group edition page.
Displays the group edition or creation form.
- Parameters:
edited_group (
Group
) –None
in a creation context. In edition context this is the edited group.form (
CreateGroupForm
orEditGroupForm
) – The group edition/creation form.
- TEMPLATE core/groups.html¶
-
The group list page.
- TEMPLATE core/invite.html¶
-
The invitation form page.
Displays the invitation form to users with the invitation permission.
- Parameters:
form (
InvitationForm
) – The invitation form.
- TEMPLATE core/join.html¶
The invitation acceptation page.
This page is displayed to users who have clicked on invitation links sent by mail (or by other media). It displays a basic account creation form.
- Parameters:
form (
JoinForm
) – The account creation form.
- TEMPLATE core/login.html¶
-
The login page.
This page displays a form to get the user identifier.
- Parameters:
form (
LoginForm
) – The login form.
- TEMPLATE core/profile_add.html¶
-
User account creation page.
This template displays an account creation form. It is used in the registration page, and in the manual account creation page available for users with user management permission.
- TEMPLATE core/profile_edit.html¶
-
The profile edition template.
Displays a user profile edition form.
- Parameters:
edited_user (
User
) – The user that the form will edit.profile_form (
FlaskForm
) – The user profile edition form. Dynamically built according to the userREAD
andWRITE
permissions. The available fields are those appearing in READ and WRITE, those only appearing in READ are read-only.emails_form (
EmailConfirmationForm
) – An email edition form. Used when thehas_email_confirmation
feature is enabled.
- TEMPLATE core/profile_settings.html¶
-
The profile settings template.
Displays the user settings edition form.
- Parameters:
edited_user (
User
) – The user that the form will edit.form (
FlaskForm
) – The user profile edition form. Dynamically built according to the userREAD
andWRITE
permissions. The available fields are those appearing in READ and WRITE, those only appearing in READ are read-only.self_deletion (
bool
) – Whether the editor is allowed to delete the account of the edited user.
- TEMPLATE core/reset-password.html¶
-
The password reset template.
Displays a password reset form.
- Parameters:
form (
PasswordResetForm
) – The password reset form.user (
User
) – The user associated with the URL.hash (
str
) – The secret link hash.
- TEMPLATE core/setup-mfa.html¶
The multi-factor authentication initialization template.
Display a QR-code and the OTP secret.
- TEMPLATE core/verify-mfa.html¶
The multi-factor authentication code verification template.
Displays a form that asks for the multi-factor authentication code.
- Parameters:
form (
TwoFactorForm
) – The code verification form.username (
str
) – The username of the user attempting to log-in.method (
str
(TOTP, HOTP, EMAIL_OTP, SMS_OTP)) – The authentication factor method.
Forms¶
- class canaille.core.endpoints.forms.CreateGroupForm(*args, **kwargs)[source]¶
Bases:
Form
The group creation form.
- description = <UnboundField(StringField, (l'Description',), {'validators': [<wtforms.validators.Optional object>]})>¶
- display_name = <UnboundField(StringField, (l'Name',), {'validators': [<wtforms.validators.DataRequired object>, <function unique_group>], 'render_kw': {'placeholder': l'group'}})>¶
- class canaille.core.endpoints.forms.DeleteGroupMemberForm(*args, **kwargs)[source]¶
Bases:
Form
- member = <UnboundField(StringField, (), {'filters': [<canaille.app.forms.IDToModel object>], 'validators': [<function existing_group_member>]})>¶
- class canaille.core.endpoints.forms.EditGroupForm(*args, **kwargs)[source]¶
Bases:
Form
The group edition form.
- description = <UnboundField(StringField, (l'Description',), {'validators': [<wtforms.validators.Optional object>]})>¶
- display_name = <UnboundField(StringField, (l'Name',), {'validators': [<wtforms.validators.DataRequired object>, <wtforms.validators.ReadOnly object>], 'render_kw': {'readonly': 'true'}})>¶
- class canaille.core.endpoints.forms.EmailConfirmationForm(*args, **kwargs)[source]¶
Bases:
Form
- new_email = <UnboundField(EmailField, (l'New email address',), {'validators': [<wtforms.validators.DataRequired object>, <function email_validator>, <function unique_email>], 'render_kw': {'placeholder': l'jane.doe@example.com', 'spellcheck': 'false', 'autocorrect': 'off'}})>¶
- old_emails = <UnboundField(FieldList, (<UnboundField(EmailField, (), {'validators': [<wtforms.validators.ReadOnly object>], 'description': l'This email will be used as a recovery address to reset the password if needed', 'render_kw': {'placeholder': l'jane.doe@example.com', 'spellcheck': 'false', 'autocorrect': 'off', 'readonly': 'true'}})>,), {'label': l'Email addresses'})>¶
- class canaille.core.endpoints.forms.ForgottenPasswordForm(*args, **kwargs)[source]¶
Bases:
Form
- login = <UnboundField(StringField, (l'Login',), {'validators': [<wtforms.validators.DataRequired object>, <function existing_login>], 'render_kw': {'placeholder': l'jane.doe@example.com', 'spellcheck': 'false', 'autocorrect': 'off'}})>¶
- class canaille.core.endpoints.forms.InvitationForm(*args, **kwargs)[source]¶
Bases:
Form
The user invitation form.
- email = <UnboundField(EmailField, (l'Email address',), {'validators': [<wtforms.validators.DataRequired object>, <function email_validator>, <function unique_email>], 'render_kw': {'placeholder': l'jane.doe@example.com', 'spellcheck': 'false', 'autocorrect': 'off'}})>¶
- groups = <UnboundField(SelectMultipleField, (l'Groups',), {'choices': <function InvitationForm.<lambda>>, 'render_kw': {}, 'coerce': <canaille.app.forms.IDToModel object>})>¶
- user_name = <UnboundField(StringField, (l'User name',), {'render_kw': {'placeholder': l'jdoe'}, 'validators': [<wtforms.validators.DataRequired object>, <function unique_user_name>]})>¶
- user_name_editable = <UnboundField(BooleanField, (l'Username editable by the invitee',), {})>¶
- class canaille.core.endpoints.forms.JoinForm(*args, **kwargs)[source]¶
Bases:
Form
- email = <UnboundField(EmailField, (l'Email address',), {'validators': [<wtforms.validators.DataRequired object>, <function email_validator>], 'render_kw': {'placeholder': l'jane.doe@example.com', 'spellcheck': 'false', 'autocorrect': 'off'}})>¶
- class canaille.core.endpoints.forms.LoginForm(*args, **kwargs)[source]¶
Bases:
Form
- login = <UnboundField(StringField, (l'Login',), {'validators': [<wtforms.validators.DataRequired object>, <function existing_login>], 'render_kw': {'placeholder': '', 'spellcheck': 'false', 'autocorrect': 'off', 'inputmode': 'email'}})>¶
- class canaille.core.endpoints.forms.PasswordForm(*args, **kwargs)[source]¶
Bases:
Form
- password = <UnboundField(PasswordField, (l'Password',), {'validators': [<wtforms.validators.DataRequired object>], 'render_kw': {'autocomplete': 'current-password'}})>¶
- class canaille.core.endpoints.forms.PasswordResetForm(*args, **kwargs)[source]¶
Bases:
Form
- confirmation = <UnboundField(PasswordField, (l'Password confirmation',), {'validators': [<wtforms.validators.EqualTo object>], 'render_kw': {'autocomplete': 'new-password'}})>¶
- password = <UnboundField(PasswordField, (l'Password',), {'validators': [<wtforms.validators.DataRequired object>, <function password_length_validator>, <function password_too_long_validator>, <function compromised_password_validator>], 'render_kw': {'autocomplete': 'new-password', 'class': 'password_strength'}})>¶
- class canaille.core.endpoints.forms.TwoFactorForm(*args, **kwargs)[source]¶
Bases:
Form
- otp = <UnboundField(StringField, (l'One-time password',), {'validators': [<wtforms.validators.DataRequired object>, <wtforms.validators.Length object>], 'render_kw': {'placeholder': l'123456', 'spellcheck': 'false', 'autocorrect': 'off'}})>¶
OIDC¶
The OIDC templates are displayed in the OIDC consent pages.
Template files¶
- TEMPLATE oidc/authorization_list.html¶
-
The list of authorizations.
Displays a paginated list of
AuthorizationCode
.- Parameters:
table_form (
TableForm
ofAuthorizationCode
.) – The paginated list form.
- TEMPLATE oidc/authorization_view.html¶
Authorization details template.
Displays details about an
AuthorizationCode
.- Parameters:
authorization (
AuthorizationCode
.) – The detailed authorization.
- TEMPLATE oidc/authorize.html¶
-
Consent request template.
This templates is displayed to users accessing a new application that requests to access to personal information. It lists the personal information requested by the application, and offers the user to accept or decline.
- Parameters:
user (
User
) – The user whose consent is asked.grant (An Authlib
Grant
) – The OIDC grant.
- TEMPLATE oidc/client_add.html¶
-
The client addition template.
Displays a form to create a new
Client
.- Parameters:
form (
ClientAddForm
.) – The client creation form.
- TEMPLATE oidc/client_edit.html¶
-
The client edition template.
Displays a form to edit a
Client
.- Parameters:
form (
ClientAddForm
.) – The client creation form.client (
Client
) – The edited client.
- TEMPLATE oidc/consent_list.html¶
-
The consented applications list.
Display a list of clients for which users have given or revoked their consent.
- TEMPLATE oidc/logout.html¶
The OIDC logout template.
Used during OIDC RP-initiated logout, when an user confirmation is needed.
- Parameters:
form (
LogoutForm
.) – The logout form.client (
Client
) – The client requesting the logout.
- TEMPLATE oidc/preconsent_list.html¶
-
The preconsented applications list.
Display a list of trusted clients for which it is implied that users don’t need to explicitly give their consent.
- TEMPLATE oidc/token_view.html¶
-
The token view template.
Displays the details of a token
Token
.- Parameters:
form (
TokenRevokationForm
.) – A token revokation form.
Forms¶
- class canaille.oidc.endpoints.forms.ClientAddForm(*args, **kwargs)[source]¶
Bases:
Form
- audience = <UnboundField(SelectMultipleField, (l'Token audiences',), {'validators': [<wtforms.validators.Optional object>], 'choices': <function _client_audiences>, 'validate_choice': False, 'coerce': <canaille.app.forms.IDToModel object>})>¶
- client_name = <UnboundField(StringField, (l'Name',), {'validators': [<wtforms.validators.DataRequired object>], 'render_kw': {'placeholder': 'Client Name'}})>¶
- client_uri = <UnboundField(URLField, (l'URI',), {'validators': [<wtforms.validators.DataRequired object>, <function is_uri>], 'render_kw': {'placeholder': 'https://mydomain.example'}})>¶
- contacts = <UnboundField(FieldList, (<UnboundField(EmailField, (l'Contacts',), {'validators': [<wtforms.validators.Optional object>, <function email_validator>], 'render_kw': {'placeholder': 'admin@mydomain.example'}})>,), {'min_entries': 1, 'validators': [<function unique_values>]})>¶
- grant_types = <UnboundField(SelectMultipleField, (l'Grant types',), {'validators': [<wtforms.validators.DataRequired object>], 'choices': [('password', 'password'), ('authorization_code', 'authorization_code'), ('implicit', 'implicit'), ('hybrid', 'hybrid'), ('refresh_token', 'refresh_token'), ('client_credentials', 'client_credentials')], 'default': ['authorization_code', 'refresh_token']})>¶
- jwk = <UnboundField(StringField, (l'JWK',), {'validators': [<wtforms.validators.Optional object>], 'render_kw': {'placeholder': ''}})>¶
- jwks_uri = <UnboundField(URLField, (l'JKW URI',), {'validators': [<wtforms.validators.Optional object>, <function is_uri>], 'render_kw': {'placeholder': ''}})>¶
- logo_uri = <UnboundField(URLField, (l'Logo URI',), {'validators': [<wtforms.validators.Optional object>, <function is_uri>], 'render_kw': {'placeholder': 'https://mydomain.example/logo.png'}})>¶
- policy_uri = <UnboundField(URLField, (l'Policy URI',), {'validators': [<wtforms.validators.Optional object>, <function is_uri>], 'render_kw': {'placeholder': 'https://mydomain.example/policy.html'}})>¶
- post_logout_redirect_uris = <UnboundField(FieldList, (<UnboundField(URLField, (l'Post logout redirect URIs',), {'validators': [<wtforms.validators.Optional object>, <function is_uri>], 'render_kw': {'placeholder': 'https://mydomain.example/you-have-been-disconnected'}})>,), {'min_entries': 1, 'validators': [<function unique_values>]})>¶
- preconsent = <UnboundField(BooleanField, (l'Pre-consent',), {'validators': [<wtforms.validators.Optional object>], 'default': False})>¶
- redirect_uris = <UnboundField(FieldList, (<UnboundField(URLField, (l'Redirect URIs',), {'validators': [<wtforms.validators.DataRequired object>, <function is_uri>], 'render_kw': {'placeholder': 'https://mydomain.example/callback'}})>,), {'min_entries': 1, 'validators': [<function unique_values>]})>¶
- response_types = <UnboundField(SelectMultipleField, (l'Response types',), {'validators': [<wtforms.validators.DataRequired object>], 'choices': [('code', 'code'), ('token', 'token'), ('id_token', 'id_token')], 'default': ['code']})>¶
- scope = <UnboundField(StringField, (l'Scope',), {'validators': [<wtforms.validators.Optional object>], 'default': 'openid profile email', 'render_kw': {'placeholder': 'openid profile'}})>¶
- software_id = <UnboundField(StringField, (l'Software ID',), {'validators': [<wtforms.validators.Optional object>], 'render_kw': {'placeholder': 'xyz'}})>¶
- software_version = <UnboundField(StringField, (l'Software Version',), {'validators': [<wtforms.validators.Optional object>], 'render_kw': {'placeholder': '1.0'}})>¶
- token_endpoint_auth_method = <UnboundField(SelectField, (l'Token Endpoint Auth Method',), {'validators': [<wtforms.validators.DataRequired object>], 'choices': [('client_secret_basic', 'client_secret_basic'), ('client_secret_post', 'client_secret_post'), ('none', 'none')], 'default': 'client_secret_basic'})>¶
- tos_uri = <UnboundField(URLField, (l'Terms of service URI',), {'validators': [<wtforms.validators.Optional object>, <function is_uri>], 'render_kw': {'placeholder': 'https://mydomain.example/tos.html'}})>¶