Beispiel #1
0
def status():
    oauth_providers = {}
    for name, provider in PROVIDERS.items():
        if not isinstance(provider, Stub):
            oauth_providers[name] = url_for('.login', provider=name)

    return jsonify({
        'logged_in': authz.logged_in(),
        'api_key': current_user.api_key if authz.logged_in() else None,
        'user': current_user if authz.logged_in() else None,
        'permissions': {},
        'logins': oauth_providers,
        'logout': url_for('.logout')
    })
Beispiel #2
0
def facebook_authorized(resp):
    next_url = session.get('next_url', url_for('ui'))
    if resp is None or 'access_token' not in resp:
        return redirect(next_url)
    session['facebook_token'] = (resp.get('access_token'), '')
    profile = PROVIDERS.get('facebook').get('/me').data
    data = {
        'display_name': profile.get('name'),
        'email': profile.get('email'),
        'facebook_id': profile.get('id')
    }
    user = User.load(data)
    db.session.commit()
    login_user(user, remember=True)
    return redirect(next_url)
Beispiel #3
0
def status():
    oauth_providers = {}
    for name, provider in PROVIDERS.items():
        if not isinstance(provider, Stub):
            oauth_providers[name] = url_for('.login', provider=name)

    return jsonify({
        'logged_in': authz.logged_in(),
        'is_admin': authz.is_admin(),
        'api_key': current_user.api_key if authz.logged_in() else None,
        'user': current_user if authz.logged_in() else None,
        'permissions': {},
        'logins': oauth_providers,
        'logout': url_for('.logout')
    })
Beispiel #4
0
def facebook_authorized(resp):
    next_url = session.get('next_url', url_for('ui'))
    if resp is None or 'access_token' not in resp:
        return redirect(next_url)
    session['facebook_token'] = (resp.get('access_token'), '')
    profile = PROVIDERS.get('facebook').get('/me').data
    data = {
        'display_name': profile.get('name'),
        'email': profile.get('email'),
        'facebook_id': profile.get('id')
    }
    user = User.load(data)
    db.session.commit()
    login_user(user, remember=True)
    return redirect(next_url)
Beispiel #5
0
def twitter_authorized(resp):
    next_url = session.get('next_url', url_for('ui'))
    if resp is None or 'oauth_token' not in resp:
        return redirect(next_url)
    session['twitter_token'] = (resp['oauth_token'],
                                resp['oauth_token_secret'])
    provider = PROVIDERS.get('twitter')
    res = provider.get('users/show.json?user_id=%s' % resp.get('user_id'))
    data = {
        'display_name': res.data.get('name'),
        'twitter_id': res.data.get('id')
    }
    user = User.load(data)
    db.session.commit()
    login_user(user, remember=True)
    return redirect(next_url)
Beispiel #6
0
def twitter_authorized(resp):
    next_url = session.get('next_url', url_for('ui'))
    if resp is None or 'oauth_token' not in resp:
        return redirect(next_url)
    session['twitter_token'] = (resp['oauth_token'],
                                resp['oauth_token_secret'])
    provider = PROVIDERS.get('twitter')
    res = provider.get('users/show.json?user_id=%s' % resp.get('user_id'))
    data = {
        'display_name': res.data.get('name'),
        'twitter_id': res.data.get('id')
    }
    user = User.load(data)
    db.session.commit()
    login_user(user, remember=True)
    return redirect(next_url)
Beispiel #7
0
def google_authorized(resp):
    next_url = session.get('next_url', url_for('ui'))
    if resp is None or 'access_token' not in resp:
        return redirect(next_url)
    session['google_token'] = (resp.get('access_token'), '')
    profile_url = 'https://www.googleapis.com/plus/v1/people/me'
    google = PROVIDERS.get('google')
    headers = {'Authorization': 'Bearer ' + google.get_request_token().key}
    profile = google.get(profile_url, headers=headers).data
    data = {
        'display_name': profile.get('displayName'),
        'email': profile.get('emails')[0]['value'],
        'google_id': profile.get('id')
    }
    user = User.load(data)
    db.session.commit()
    login_user(user, remember=True)
    return redirect(next_url)
Beispiel #8
0
    return redirect(request.args.get('next_url', url_for('ui')))


@blueprint.route('/api/1/sessions/login/<provider>')
def login(provider):
    if provider not in PROVIDERS:
        raise BadRequest('Unknown provider: %s' % provider)
    if current_user.is_authenticated():
        return redirect(url_for('ui'))
    session.clear()
    callback = url_for('.%s_authorized' % provider)
    session['next_url'] = request.args.get('next_url', url_for('ui'))
    return PROVIDERS[provider].authorize(callback=callback)


handler = PROVIDERS.get('twitter')

@blueprint.route('/api/1/sessions/callback/ooemail')
def ooemail_authorized():
    '''
    This is a callback for when we are returning from the
    external auth provider.
    So, we use this to handle our sign-in
    '''
    usr = User.by_email(request.args.get('email'))
    if usr is None:
        abort(403)
    ok = usr.check_pw(request.args.get('password'))
    if ok:
        login_user(usr)
        return 'oo email authorized'
Beispiel #9
0
    return redirect(request.args.get('next_url', url_for('ui')))


@blueprint.route('/api/1/sessions/login/<provider>')
def login(provider):
    if provider not in PROVIDERS:
        raise BadRequest('Unknown provider: %s' % provider)
    if current_user.is_authenticated():
        return redirect(url_for('ui'))
    session.clear()
    callback = url_for('.%s_authorized' % provider)
    session['next_url'] = request.args.get('next_url', url_for('ui'))
    return PROVIDERS[provider].authorize(callback=callback)


handler = PROVIDERS.get('twitter')


@blueprint.route('/api/1/sessions/callback/twitter')
@handler.authorized_handler
def twitter_authorized(resp):
    next_url = session.get('next_url', url_for('ui'))
    if resp is None or 'oauth_token' not in resp:
        return redirect(next_url)
    session['twitter_token'] = (resp['oauth_token'],
                                resp['oauth_token_secret'])
    provider = PROVIDERS.get('twitter')
    res = provider.get('users/show.json?user_id=%s' % resp.get('user_id'))
    data = {
        'display_name': res.data.get('name'),
        'twitter_id': res.data.get('id')
Beispiel #10
0
    return redirect(request.args.get('next_url', url_for('ui')))


@blueprint.route('/api/1/sessions/login/<provider>')
def login(provider):
    if provider not in PROVIDERS:
        raise BadRequest('Unknown provider: %s' % provider)
    if current_user.is_authenticated():
        return redirect(url_for('ui'))
    session.clear()
    callback = url_for('.%s_authorized' % provider)
    session['next_url'] = request.args.get('next_url', url_for('ui'))
    return PROVIDERS[provider].authorize(callback=callback)


handler = PROVIDERS.get('twitter')


@blueprint.route('/api/1/sessions/callback/ooemail')
def ooemail_authorized():
    '''
    This is a callback for when we are returning from the
    external auth provider.
    So, we use this to handle our sign-in
    '''
    usr = User.by_email(request.args.get('email'))
    if usr is None:
        abort(403)
    ok = usr.check_pw(request.args.get('password'))
    if ok:
        login_user(usr)