def testCreateNormalUser(self):
pw_hash = generate_password_hash('letmein')
site_user.create().execute({
'username': '******',
'first_name': 'myfirstname',
'last_name': 'mylastname',
'password': pw_hash
})
def testRegisteringExistingUser(self):
pw_hash = generate_password_hash('letmein')
site_user.create().execute({
'username': '******',
'first_name': 'myfirstname',
'last_name': 'mylastname',
'created': '',
'password': pw_hash
})
def testRegisterNewUser(self):
pw_hash = generate_password_hash('letmein')
site_user.create().execute({
'username': '******',
'first_name': 'myfirstname',
'last_name': 'mylastname',
'password': pw_hash
})
user_details = site_user.get_by_username({
'username': '******'}).get()
self.assertTrue(user_details)
self.assertTrue(pw_hash == user_details.get('password'))
self.assertTrue(user_details)
def register_submit():
data = {}
data['email'] = request.form.get('email')
data['username'] = request.form.get('email')
data['first_name'] = request.form.get('name').strip().split()[0]
data['last_name'] = request.form.get('name').strip().split()[-1]
data['password'] = request.form.get('password')
data['password_confirm'] = request.form.get('password')
data['password'] = generate_password_hash(request.form.get('password'))
#TODO password strength tests
if is_weak_password(request.form.get('password'), request.form.get('password_confirm')):
print 'password not strong enough'
redirect('/register')
header('Your account has been registered')
web.page.create('Your account has been registered')
new_user = site_user.create()
new_user.execute(data)
flash('Your account has now been created')
web.template.body.append(web.page.render())
return make_response(footer())
def oauth(provider, start_oauth_login=False):
oauth_verify = True
oauth_provider = oauth_conf.get(provider)
oauth_access_type = ''
oauth_approval_prompt = ''
if oauth_live is False:
print('offline testing')
oauth_verify = False
oauth_access_type = 'offline'
oauth_approval_prompt = "force"
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
if start_oauth_login:
oauth_session = OAuth2Session(
oauth_provider.get('client_id'),
scope=oauth_provider.get('scope'),
redirect_uri=request.url_root + oauth_provider.get('redirect_uri'))
if provider == 'facebook':
oauth_session = facebook_compliance_fix(oauth_session)
authorization_url, state = oauth_session.authorization_url(
oauth_provider.get('auth_uri'),
access_type=oauth_access_type,
approval_prompt=oauth_approval_prompt)
# State is used to prevent CSRF, keep this for later, make sure oauth returns to the same url.
# if testing and oauth_state errors make sure you logged in with localhost and not 127.0.0.1
session['oauth_state'] = state
session.modified = True
return redirect(authorization_url)
if session.get('oauth_state', None) is None:
flash('Something went wrong, oauth session not started')
return redirect('/login')
# allready authorised so lets handle the callback
oauth_session = OAuth2Session(
oauth_provider.get('client_id'),
state=session['oauth_state'],
redirect_uri=request.url_root + oauth_provider.get('redirect_uri'))
if provider == 'facebook':
oauth_session = facebook_compliance_fix(oauth_session)
# code error is todo with authorisation response
oauth_session.fetch_token(
oauth_provider.get('token_uri'),
client_secret=oauth_provider.get('client_secret'),
authorization_response=request.url,
verify=oauth_verify)
# Fetch a protected resource, i.e. user profile
response = oauth_session.get(oauth_provider.get('user_uri'))
oauth_response = response.json()
oauth_id = oauth_response.get('login') or oauth_response.get('id')
provider_id = oauth_lookup_id.get(provider)
oauth_user = site_user.fetch_oauth_login({
'username': oauth_id or '',
'provider': provider_id
}).get()
if oauth_user:
user_details = site_user.get_user_details({
'id': oauth_user.get('user_id')
}).get()
# we have matched a user so login and redirect
if user_details:
login_user(User(user_details.get('user_id')))
# no E-Mail so lets ask the user to set there email before allowing login
if not user_details.get('email'):
return redirect('/profile/change_email')
return redirect('/profile')
flash('Your new profile has been created, and your now logged in')
if current_user.get_id():
# link oauth to users account
site_user.create_oauth_login().execute({
'user_id': current_user.get_id(),
'username': oauth_id or '',
'provider': provider_id})
return redirect('/profile')
# create new user from oauth information
new_user_details = {
'password': '******',
'profile_image': oauth_response.get('picture'),
'username': oauth_id,
'first_name': oauth_response.get('given_name') or '',
'last_name': oauth_response.get('family_name') or ''}
if oauth_response.get('email'):
new_user_details['email']= oauth_response.get('email')
user_id = site_user.create().execute(new_user_details)
# register oauth login creation
site_user.create_oauth_login().execute({
'user_id': user_id,
'username': oauth_id or '',
'provider': provider_id})
login_user(User(user_id))
site_user.update_last_login().execute({'id': user_id})
if not user_id:
flash('Failed to create user')
return redirect('/login')
return redirect('/profile')
def oauth(provider=None):
oauth_verify = True
oauth_provider = oauth_conf.get('google')
oauth_access_type = ''
oauth_approval_prompt = ''
if oauth_live is False:
oauth_verify = False
oauth_access_type = 'offline'
oauth_approval_prompt = "force"
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
print session
print provider
if provider:
oauth_session = OAuth2Session(
oauth_provider.get('client_id'),
scope=oauth_provider.get('scope'),
redirect_uri=oauth_provider.get('redirect_uri'))
# offline for refresh token
# force to always make user click authorize
#generate the google url we will use to authorize and redirect there
authorization_url, state = oauth_session.authorization_url(
oauth_provider.get('auth_uri'),
access_type=oauth_access_type,
approval_prompt=oauth_approval_prompt)
print state
# State is used to prevent CSRF, keep this for later, make sure oauth returns to the same url.
session['oauth_state'] = state
session.modified = True
return redirect(authorization_url)
print session
#allready authorised so lets handle the callback
oauth_session = OAuth2Session(
oauth_provider.get('client_id'),
state=session['oauth_state'],
redirect_uri=oauth_provider.get('redirect_uri'))
token = oauth_session.fetch_token(
oauth_provider.get('token_uri'),
client_secret=oauth_provider.get('client_secret'),
authorization_response=request.url,
verify=oauth_verify)
# Fetch a protected resource, i.e. user profile
r = oauth_session.get('https://www.googleapis.com/oauth2/v1/userinfo')
oauth_user = r.json()
#https://www.googleapis.com/auth/plus.login
#https://www.googleapis.com/auth/plus.me
print oauth_user
user_details = site_user.get_by_email({
'email': oauth_user.get('email')
}).get()
if not user_details:
flash('Your new profile has been created, and your now logged in')
site_user.create().execute({
'email': oauth_user.get('email'),
'password': '******',
'profile_image': oauth_user.get('picture'),
'username': oauth_user.get('email'),
'first_name': oauth_user.get('given_name'),
'last_name': oauth_user.get('family_name')})
user_details = site_user.get_by_email({
'email': oauth_user.get('email')
}).get()
user = User(user_details.get('user_id'))
login_user(user)
site_user.update_last_login().execute(user_details)
return redirect('/profile')
