Beispiel #1
0
def first_login():
    if g.user is not None or 'user' not in session:
        flash(u'Something weird happened.')
        return redirect(url_for('.login'))

    if request.method == 'POST':
        if 'cancel' in request.form:
            del session['openid']
            flash(u'Login was aborted')
            return redirect(url_for('authentication.login'))

        user = User(session['openid'], request.form['name'],
                    session['user']['email'])
        user.generate_verification_token()
        db_session.add(user)
        db_session.commit()

        mailer.send(UserVerificationMessage,
                    to=user.email,
                    user_id=user.id,
                    verification_token=user.verification_token)
        flash(u'Successfully created profile and logged in')
        return redirect(oid.get_next_url())

    return render_template('authentication/first_login.html',
                           next=oid.get_next_url(),
                           openid=session['openid'])
Beispiel #2
0
def create_or_login(response):
    '''
    This is the hook for OpenID.try_login and is being called after a response
    has been received.
    '''

    session['user'] = {}
    session['openid'] = response.identity_url

    user = g.user or User.query.filter_by(openid=response.identity_url).first()

    if user is None:
        name = response.fullname or response.nickname
        session['user']['email'] = response.email
        params = dict(next=oid.get_next_url(), name=name)
        return redirect(url_for('.first_login', **params))

    g.user = user
    identity = Identity(user.id)

    # Notify Principal of the identity change
    identity_changed.send(current_app._get_current_object(), identity=identity)

    if user.openid != response.identity_url:
        user.openid = response.identity_url
        db_session.commit()
        flash(u'OpenID identity changed')
    else:
        flash(u'Successfully signed in', 'hurray')

    return redirect(oid.get_next_url())
def first_login():
    if g.user is not None or 'user' not in session:
        flash(u'Something weird happened.')
        return redirect(url_for('.login'))

    if request.method == 'POST':
        if 'cancel' in request.form:
            del session['openid']
            flash(u'Login was aborted')
            return redirect(url_for('authentication.login'))

        user = User(session['openid'], request.form['name'], session['user']['email'])
        user.generate_verification_token()
        db_session.add(user)
        db_session.commit()

        mailer.send(
            UserVerificationMessage, to=user.email,
            user_id=user.id, verification_token=user.verification_token
        )
        flash(u'Successfully created profile and logged in')
        return redirect(oid.get_next_url())

    return render_template(
        'authentication/first_login.html',
        next=oid.get_next_url(),
        openid=session['openid']
    )
def create_or_login(response):
    '''
    This is the hook for OpenID.try_login and is being called after a response
    has been received.
    '''

    session['user'] = {}
    session['openid'] = response.identity_url

    user = g.user or User.query.filter_by(openid=response.identity_url).first()

    if user is None:
        name = response.fullname or response.nickname
        session['user']['email'] = response.email
        params = dict(next=oid.get_next_url(), name = name)
        return redirect(url_for('.first_login', **params))

    g.user = user
    identity = Identity(user.id)

    # Notify Principal of the identity change
    identity_changed.send(
        current_app._get_current_object(),
        identity = identity
    )

    if user.openid != response.identity_url:
        user.openid = response.identity_url
        db_session.commit()
        flash(u'OpenID identity changed')
    else:
        flash(u'Successfully signed in', 'hurray')

    return redirect(oid.get_next_url())
Beispiel #5
0
 def cleanupAssociations(self):
     try:
         return OpenIDAssociation.query.filter(
             OpenIDAssociation.lifetime < int(time())
         ).delete()
     finally:
         db_session.commit()
Beispiel #6
0
 def cleanupNonces(self):
     try:
         return OpenIDUserNonce.query.filter(
             OpenIDUserNonce.timestamp <= int(time() - nonce.SKEW)
         ).delete()
     finally:
         db_session.commit()
Beispiel #7
0
 def removeAssociation(self, server_url, handle):
     try:
         return OpenIDAssociation.query.filter(
             (OpenIDAssociation.server_url == server_url) &
             (OpenIDAssociation.handle == handle)
         ).delete()
     finally:
         db_session.commit()
Beispiel #8
0
def users_send_verification(user_id):
    user = User.query.filter_by(id=user_id).first()
    user.verified = False
    user.generate_verification_token()
    db_session.commit()

    mailer.send(UserVerificationMessage, to=user.email, user_id=user.id, verification_token=user.verification_token)
    flash('Email verification sent to %s' % user.email, 'success')
    return redirect(url_for('.users_index'))
def verify_address(user_id, token):
    user = User.query.filter_by(id=user_id, verification_token=token).first()
    if not user:
        abort(401)

    user.verification_token = None
    user.verified = True
    db_session.commit()

    return redirect(url_for('.verified'))
Beispiel #10
0
def verify_address(user_id, token):
    user = User.query.filter_by(id=user_id, verification_token=token).first()
    if not user:
        abort(401)

    user.verification_token = None
    user.verified = True
    db_session.commit()

    return redirect(url_for('.verified'))
Beispiel #11
0
def users_delete():
    form = UserDeleteForm()
    user = User.query.filter_by(id=form.user_id.data).first()
    if not user:
        flash('The user does not exists.')
    else:
        if form.validate_on_submit:
            db_session.delete(user)
            db_session.commit()
            flash('The user has been deleted')
    return redirect(url_for('.users_index'))
Beispiel #12
0
def hotels_add():
    form = HotelForm()
    if form.validate_on_submit():
        hotel = Hotel()
        form.populate_obj(hotel)
        db_session.add(hotel)
        db_session.commit()
        flash('Hotel added.', 'success')
        return redirect(url_for('.hotels_index'))

    return render_template('admin/hotels/add.html', form=form)
Beispiel #13
0
def users_delete():
    form = UserDeleteForm()
    user = User.query.filter_by(id=form.user_id.data).first()
    if not user:
        flash('The user does not exists.')
    else:
        if form.validate_on_submit:
            db_session.delete(user)
            db_session.commit()
            flash('The user has been deleted')
    return redirect(url_for('.users_index'))
Beispiel #14
0
def hotels_add():
    form = HotelForm()
    if form.validate_on_submit():
        hotel = Hotel()
        form.populate_obj(hotel)
        db_session.add(hotel)
        db_session.commit()
        flash('Hotel added.', 'success')
        return redirect(url_for('.hotels_index'))

    return render_template('admin/hotels/add.html', form=form)
Beispiel #15
0
 def storeAssociation(self, server_url, association):
     assoc = OpenIDAssociation(
         server_url=server_url,
         handle=association.handle,
         secret=association.secret.encode('base64'),
         issued=association.issued,
         lifetime=association.lifetime,
         assoc_type=association.assoc_type
     )
     db_session.add(assoc)
     db_session.commit()
Beispiel #16
0
def users_send_verification(user_id):
    user = User.query.filter_by(id=user_id).first()
    user.verified = False
    user.generate_verification_token()
    db_session.commit()

    mailer.send(UserVerificationMessage,
                to=user.email,
                user_id=user.id,
                verification_token=user.verification_token)
    flash('Email verification sent to %s' % user.email, 'success')
    return redirect(url_for('.users_index'))
Beispiel #17
0
def hotels_edit(hotel_id):
    hotel = Hotel.query.filter_by(id=hotel_id).first()
    if not hotel:
        abort(404)

    form = HotelForm(obj=hotel)
    if form.validate_on_submit():
        form.populate_obj(hotel)
        db_session.commit()
        flash('Hotel information updated.', 'success')
        return redirect(url_for('.hotels_view', hotel_id=hotel.id))
    return render_template('admin/hotels/edit.html', form=form,hotel=hotel)
Beispiel #18
0
def hotels_edit(hotel_id):
    hotel = Hotel.query.filter_by(id=hotel_id).first()
    if not hotel:
        abort(404)

    form = HotelForm(obj=hotel)
    if form.validate_on_submit():
        form.populate_obj(hotel)
        db_session.commit()
        flash('Hotel information updated.', 'success')
        return redirect(url_for('.hotels_view', hotel_id=hotel.id))
    return render_template('admin/hotels/edit.html', form=form, hotel=hotel)
Beispiel #19
0
def hotels_delete(hotel_id):
    hotel = Hotel.query.filter_by(id=hotel_id).first()
    if not hotel:
        abort(404)

    form = HotelDeleteForm()
    if not form.validate_on_submit():
        abort(400)

    db_session.delete(hotel)
    db_session.commit()
    flash('Hotel deleted.', 'success')
    return redirect(url_for('.hotels_index'))
Beispiel #20
0
def hotels_delete(hotel_id):
    hotel = Hotel.query.filter_by(id=hotel_id).first()
    if not hotel:
        abort(404)

    form = HotelDeleteForm()
    if not form.validate_on_submit():
        abort(400)

    db_session.delete(hotel)
    db_session.commit()
    flash('Hotel deleted.', 'success')
    return redirect(url_for('.hotels_index'))
Beispiel #21
0
def users_edit(user_id):
    user = User.query.filter_by(id=user_id).first()
    if not user:
        abort(404)

    user_form = UserForm(obj=user)

    verification_form = UserSendVerificationForm(obj=user)
    if user_form.validate_on_submit():
        user_form.populate_obj(user)
        db_session.commit()
        return redirect(url_for('.users_index'))

    return render_template('admin/users/edit.html', user=user, user_form=user_form, verification_form=verification_form)
Beispiel #22
0
 def useNonce(self, server_url, timestamp, salt):
     if abs(timestamp - time()) > nonce.SKEW:
         return False
     rv = OpenIDUserNonce.query.filter(
         (OpenIDUserNonce.server_url == server_url) &
         (OpenIDUserNonce.timestamp == timestamp) &
         (OpenIDUserNonce.salt == salt)
     ).first()
     if rv is not None:
         return False
     rv = OpenIDUserNonce(server_url=server_url, timestamp=timestamp,
                          salt=salt)
     db_session.add(rv)
     db_session.commit()
     return True
Beispiel #23
0
def users_edit(user_id):
    user = User.query.filter_by(id=user_id).first()
    if not user:
        abort(404)

    user_form = UserForm(obj=user)

    verification_form = UserSendVerificationForm(obj=user)
    if user_form.validate_on_submit():
        user_form.populate_obj(user)
        db_session.commit()
        return redirect(url_for('.users_index'))

    return render_template('admin/users/edit.html',
                           user=user,
                           user_form=user_form,
                           verification_form=verification_form)