Beispiel #1
0
def reauth():

    if request.method == 'POST':
        confirm_login()
        flash(u'Reauthenticated')
        return redirect(request.args.get('next') or url_for('main.index'))
    return render_template('reauth.html')
Beispiel #2
0
def refresh():
    form = LoginForm()
    if form.validate_on_submit():
        confirm_login()
        flash("Authentication refreshed", "success")
        return redirect(request.args.get("next") or url_for("index"))
    return render_template("login.html", login_form=form)
Beispiel #3
0
def login_view():
    next_url = request.args.get('next', default='/', type=str)

    if app.config.get('IGNORE_AUTH'):
        fake_id = 'anonymous_superuser'
        anonymous_superuser = models.User.query.get(fake_id)
        if not anonymous_superuser:
            anonymous_superuser = models.User(
                id=fake_id,
                email_address='*****@*****.**',
                superuser=1)
            db.session.add(anonymous_superuser);
            db.session.commit()
        login_user(anonymous_superuser)
        confirm_login()
        return redirect(next_url)

    # Inspired by:
    #   http://stackoverflow.com/questions/9499286
    #   /using-google-oauth2-with-flask
    params = dict(
        response_type='code',
        client_id=config.GOOGLE_OAUTH2_CLIENT_ID,
        redirect_uri=config.GOOGLE_OAUTH2_REDIRECT_URI,
        scope=GOOGLE_OAUTH2_SCOPES,
        state=urllib.quote(next_url),
    )
    target_url = '%s?%s' % (
        GOOGLE_OAUTH2_AUTH_URL, urllib.urlencode(params))
    logging.debug('Redirecting user to login at url=%r', target_url)
    return redirect(target_url)
Beispiel #4
0
def reauth():
    if request.method == "POST":
        confirm_login()
        return redirect(request.args.get("next") or '/admin')

    template_data = {}
    return render_template("/auth/reauth.html", **template_data)
Beispiel #5
0
def reauth():
  if request.method == "POST":
    confirm_login()
    flash(u"Reauthenticated.")
    return redirect(request.args.get("next") or url_for("index"))

  return render_template("reauth.html")
Beispiel #6
0
def reauth():
	"""Reauths a user for page that require a fresh login."""
	if request.method == "POST":
		confirm_login()
		flash(__("Reauthentication successful"), "info")

	return redirect(url_for("home_page"))
Beispiel #7
0
def reauth():
    if request.method == "POST":
        confirm_login()
        flash(u"Reauthenticated.")
        return redirect(request.args.get("next") or '/admin')
    
    templateData = {}
    return render_template("/auth/login.html", **templateData)
def reauth():
    """ confirm_login sets the current session as fresh. Sessions become stale when they are reloaded from a cookie.
	"""
    if request.method == "POST":
        confirm_login()
        #~ flash(u"Регистрация обновлена.")
        return redirect(request.args.get("next") or url_for("cabinetPage"))
    return render_template("reauth.html")
Beispiel #9
0
def login_auth():
    # TODO: Handle when the 'error' parameter is present
    params = dict(
        code=request.args.get('code'),
        client_id=config.GOOGLE_OAUTH2_CLIENT_ID,
        client_secret=config.GOOGLE_OAUTH2_CLIENT_SECRET,
        redirect_uri=config.GOOGLE_OAUTH2_REDIRECT_URI,
        grant_type='authorization_code'
    )
    payload = urllib.urlencode(params)
    logging.debug('Posting for token to url=%r, payload=%r',
                  GOOGLE_OAUTH2_TOKEN_URL, payload)
    fetch_request = urllib2.Request(GOOGLE_OAUTH2_TOKEN_URL, payload)
    conn = urllib2.urlopen(fetch_request, timeout=FETCH_TIMEOUT_SECONDS)
    data = conn.read()
    result_dict = json.loads(data)

    params = dict(
        access_token=result_dict['access_token']
    )
    payload = urllib.urlencode(params)
    target_url = '%s?%s' % (GOOGLE_OAUTH2_USERINFO_URL, payload)
    logging.debug('Fetching user info from url=%r', target_url)
    fetch_request = urllib2.Request(target_url)
    conn = urllib2.urlopen(fetch_request, timeout=FETCH_TIMEOUT_SECONDS)
    data = conn.read()
    result_dict = json.loads(data)
    logging.debug('Result user info dict: %r', result_dict)
    email_address = result_dict['email']

    if not result_dict['verified_email']:
        abort(flask.Response('Your email address must be verified', 403))

    user_id = '%s:%s' % (models.User.GOOGLE_OAUTH2, result_dict['id'])
    user = models.User.query.get(user_id)
    if not user:
        user = models.User(id=user_id)

    # Email address on the account may change, user ID will stay the same.
    # Do not allow the user to claim existing build invitations with their
    # old email address.
    if user.email_address != email_address:
        user.email_address = email_address

    user.last_seen = datetime.datetime.utcnow()

    db.session.add(user)
    db.session.commit()

    login_user(user)
    confirm_login()

    # Clear all flashed messages from the session on login.
    flask.get_flashed_messages()

    final_url = urllib.unquote(request.args.get('state'))
    logging.debug('User is logged in. Redirecting to url=%r', final_url)
    return redirect(final_url)
Beispiel #10
0
def login_auth():
    # TODO: Handle when the 'error' parameter is present
    params = dict(
        code=request.args.get('code'),
        client_id=config.GOOGLE_OAUTH2_CLIENT_ID,
        client_secret=config.GOOGLE_OAUTH2_CLIENT_SECRET,
        redirect_uri=config.GOOGLE_OAUTH2_REDIRECT_URI,
        grant_type='authorization_code'
    )
    payload = urllib.urlencode(params)
    logging.debug('Posting for token to url=%r, payload=%r',
                  GOOGLE_OAUTH2_TOKEN_URL, payload)
    fetch_request = urllib2.Request(GOOGLE_OAUTH2_TOKEN_URL, payload)
    conn = urllib2.urlopen(fetch_request, timeout=FETCH_TIMEOUT_SECONDS)
    data = conn.read()
    result_dict = json.loads(data)

    params = dict(
        access_token=result_dict['access_token']
    )
    payload = urllib.urlencode(params)
    target_url = '%s?%s' % (GOOGLE_OAUTH2_USERINFO_URL, payload)
    logging.debug('Fetching user info from url=%r', target_url)
    fetch_request = urllib2.Request(target_url)
    conn = urllib2.urlopen(fetch_request, timeout=FETCH_TIMEOUT_SECONDS)
    data = conn.read()
    result_dict = json.loads(data)
    logging.debug('Result user info dict: %r', result_dict)
    email_address = result_dict['email']

    if not result_dict['verified_email']:
        abort(flask.Response('Your email address must be verified', 403))

    user_id = '%s:%s' % (models.User.GOOGLE_OAUTH2, result_dict['id'])
    user = models.User.query.get(user_id)
    if not user:
        user = models.User(id=user_id)

    # Email address on the account may change, user ID will stay the same.
    # Do not allow the user to claim existing build invitations with their
    # old email address.
    if user.email_address != email_address:
        user.email_address = email_address

    user.last_seen = datetime.datetime.utcnow()

    db.session.add(user)
    db.session.commit()

    login_user(user)
    confirm_login()

    # Clear all flashed messages from the session on login.
    flask.get_flashed_messages()

    final_url = urllib.unquote(request.args.get('state'))
    logging.debug('User is logged in. Redirecting to url=%r', final_url)
    return redirect(final_url)
Beispiel #11
0
def reauth():
    if request.method == "POST" and "username" in request.form:
        username = request.form["username"]
        user = check_login(username,request.form.get("password",""))
        if user is not None:
            confirm_login()
            return redirect(request.args.get("next") or url_for(".index"))
        else:
            flash("Sorry, your information did not match our records.")
    return render_template("admin/login.html")
Beispiel #12
0
def reauth():
    form = ReauthForm(next=request.args.get("next"))

    if request.method == "POST":
        user, authenticated = User.authenticate(current_user.name, form.password.data)
        if user and authenticated:
            confirm_login()
            flash(_("Reauthenticated."), "success")
            return redirect("/change_password")

        flash(_("Password is wrong."), "error")
    return render_template("frontend/reauth.html", form=form)
Beispiel #13
0
def refresh_login():
    form = PasswordForm()

    if form.validate_on_submit():
        if current_user.check_password(form.password.data):
            confirm_login()
            return redirect(request.args.get("next") or url_for("index"))
        else:
            flash("Incorrect password.")
            return redirect(url_for('refresh_login'))

    return render_template('accounts/refresh.html', form=form)
Beispiel #14
0
def reauth():
    if request.method == "POST":
        confirm_login()
        flash(u"Reauthenticated.")
        return redirect(request.args.get("next") or url_for("index"))

    contentObj = Content()

    templateData = {
		'content' : contentObj.getAllText(language=session['language'])
	}
    return render_template("/auth/reauth.html", **templateData)
Beispiel #15
0
def reauth():
    """
    Reauthenticates a user
    """

    if not login_fresh():
        form = ReauthForm(request.form)
        if form.validate_on_submit():
            confirm_login()
            flash(("Reauthenticated"), "success")
            return redirect(request.args.get("next") or url_for("user.profile"))
        return render_template("auth/reauth.html", form=form)
    return redirect(request.args.get("next") or url_for("user.profile", username=current_user.username))
Beispiel #16
0
def reauth():
    form = ReauthForm(next=request.args.get('next'))

    if request.method == 'POST':
        user, authenticated = User.authenticate(current_user.name,
                                                form.password.data)
        if user and authenticated:
            confirm_login()
            flash(_('Reauthenticated.'), 'success')
            return redirect('/change_password')

        flash(_('Password is wrong.'), 'error')
    return render_template('frontend/reauth.html', form=form)
Beispiel #17
0
def reauth():
    form = ReauthForm(next=request.args.get('next'))

    if request.method == 'POST':
        user, authenticated = User.authenticate(current_user.name,
                                                form.password.data)
        if user and authenticated:
            confirm_login()
            flash(_('Reauthenticated.'), 'success')
            return redirect(form.next.data or url_for('user.change_password'))

        flash(_('Password is incorrect.'), 'warning')
    return render_template('user/reauth.html', form=form)
Beispiel #18
0
def reauth():
    form = ReauthForm(next=request.args.get('next'))

    if request.method == 'POST':
        user, authenticated = User.authenticate(current_user.name,
                                                form.password.data)
        if user and authenticated:
            confirm_login()
            flash(_('Reauthenticated.'), 'success')
            return redirect(form.next.data or url_for('user.change_password'))

        flash(_('Password is incorrect.'), 'warning')
    return render_template('user/reauth.html', form=form)
Beispiel #19
0
def reauth():
    form = ReauthForm(next=request.args.get('next'))

    if request.method == 'POST':
        user, authenticated = User.authenticate(current_user.name,
                                    form.password.data)
        if user and authenticated:
            confirm_login()
            flash(_('Reauthenticated.'), 'success')
            return redirect('/change_password')

        flash(_('Password is wrong.'), 'error')
    return render_template('frontend/reauth.html', form=form)
Beispiel #20
0
def sign_in():

    if current_user and current_user.is_authenticated:
        return redirect(url_for('main.choose_service'))

    form = LoginForm()
    if form.validate_on_submit():

        user = user_api_client.get_user_by_email_or_none(form.email_address.data)
        user = _get_and_verify_user(user, form.password.data)
        if user and user.state == 'pending':
            flash("You haven't verified your email or mobile number yet.")
            return redirect(url_for('main.sign_in'))

        if user and session.get('invited_user'):
            invited_user = session.get('invited_user')
            if user.email_address != invited_user['email_address']:
                flash("You can't accept an invite for another person.")
                session.pop('invited_user', None)
                abort(403)
            else:
                invite_api_client.accept_invite(invited_user['service'], invited_user['id'])
        if user:
            # Remember me login
            if not login_fresh() and \
               not current_user.is_anonymous and \
               current_user.id == user.id and \
               user.is_active:

                confirm_login()
                services = service_api_client.get_services({'user_id': str(user.id)}).get('data', [])
                if (len(services) == 1):
                    return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
                else:
                    return redirect(url_for('main.choose_service'))

            session['user_details'] = {"email": user.email_address, "id": user.id}
            if user.is_active:
                user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
                if request.args.get('next'):
                    return redirect(url_for('.two_factor', next=request.args.get('next')))
                else:
                    return redirect(url_for('.two_factor'))
        # Vague error message for login in case of user not known, locked, inactive or password not verified
        flash(Markup((
            "The email address or password you entered is incorrect."
            " <a href={password_reset}>Forgot your password</a>?"
            ).format(password_reset=url_for('.forgot_password'))
        ))

    return render_template('views/signin.html', form=form)
Beispiel #21
0
def refresh_login():
    form = RefreshLoginForm()

    if form.validate_on_submit():
        user = User.authenticate(current_user.username, form.password.data)

        if user:
            confirm_login()
            flash('Refreshed login', 'success')
            return redirect(url_for('users.profile'))

        flash('Invalid password', 'error')

    return render_template('users/refresh_login.html', form=form)
Beispiel #22
0
def reauthenticate():
    # This isn't wrapped with login_required because it wouldn't make sense
    # to require a login to access the reauthenticate page. Instead, the
    # following if statement takes its place.
    if not current_user.is_authenticated or login_fresh():
        return redirect(url_for('main.index'))
    form = ReauthenticationForm()
    if form.validate_on_submit():
        if verify_password(current_user, form.password.data):
            confirm_login()
            LogEvent.reauthenticate(current_user)
            return form.redirect('main.index')
        flash_it(AuthMessages.INVALID_PASSWORD)
    return render_template('auth/reauthenticate.html', form=form)
Beispiel #23
0
def refresh_login():
    error = None
    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
        user = app.db.auth_user(
                request.form['username'],
                request.form['password'])
        if user:
            confirm_login(user)
            logger.info('User: %s - login auth success.' % (request.form['username']))
            return redirect(url_for('user_home', username=user.username))
        else:
            logger.info('User: %s - login auth failure.' % (request.form['username']))
            error = 'Invalid username or password.'
    return render_template('user/login.html', form=form, error=error)
Beispiel #24
0
def refresh():
    form = RefreshForm()
    if form.validate_on_submit():
        user = current_app.bouncer.user_class.find(email = form.email.data)
        if user:
            if user.verify_password(form.password.data):
                confirm_login()
                return redirect(session.pop('next', None) or url_for('index'))
    if request.method == 'POST':
        flash(_cfg('flash.login_error', 'Invalid username or password.'), 'error')
    else:
        session['next'] = request.args.get('next')
    providers = {}
    for k in current_app.bouncer.get_oauth_providers():
        providers[k] = current_app.bouncer.get_oauth_provider(k)['display_name']
    return render_template('bouncer/refresh.html', form = form, providers = providers)
Beispiel #25
0
def reauth():
    """ """
    form = ReauthForm(next=request.args.get('next'))

    if form.validate_on_submit():
        user, authenticated = User.authenticate(current_user.username,
                                                form.password.data)

        if user and authenticated:
            confirm_login()
            flash('Reauthentication complete.')
            return redirect(form.next.data or url_for('admin.index'))
        else:
            form.non_field_errors = [u'Incorrect password']

    return render_template('user/reauth.html', form=form)
Beispiel #26
0
def reauth():
    if confirm_login():
        flash('Reauthenticated', 'success')

    return redirect(
        request.args.get('next') or request.referrer
        or url_for('frontend.index'))
Beispiel #27
0
def reauth():
    """
    Reauthenticates a user
    """

    if not login_fresh():
        form = ReauthForm(request.form)
        if form.validate_on_submit():
            confirm_login()
            flash(("Reauthenticated"), "success")
            return redirect(
                request.args.get("next") or url_for("user.profile"))
        return render_template("auth/reauth.html", form=form)
    return redirect(
        request.args.get("next")
        or url_for("user.profile", username=current_user.username))
Beispiel #28
0
def reauth():
    """ """
    form = ReauthForm(next=request.args.get('next'))

    if form.validate_on_submit():
        user, authenticated = User.authenticate(current_user.username,
                                                form.password.data)

        if user and authenticated:
            confirm_login()
            flash('Reauthentication complete.')
            return redirect(form.next.data or url_for('admin.index'))
        else:
            form.non_field_errors = [u'Incorrect password']

    return render_template('user/reauth.html', form=form)
Beispiel #29
0
def reauth():
    form = ReauthForm(next=request.args.get('next'))

    if request.method == 'POST':
        user, authenticated = User.authenticate(current_user.username,
                                    form.password.data)
        if user and authenticated:
            confirm_login()
            current_app.logger.debug('reauth: %s' % session['_fresh'])
            flash(_('Reauthenticate.'), 'success')  # Reauthenticate
            return redirect('/change_password')

        flash(_(u'Password is wrong.'), 'error') #Password is wrong.
    return render_template('reauth.html', 
                            newtaskform = TaskForm(),
                            form=form)
Beispiel #30
0
def login(data):
    data = data or dict()

    usr = user.get_by_username(data.get('login'))

    if not usr:
        usr = user.get_by_email(data.get('login'))

    if not usr:
        raise ValidationError('Invalid login or password')

    if not user.verify_password(usr, data.get('password')):
        raise ValidationError('Invalid login or password')

    remember = parse_boolean(data.get('remember'))
    login_user(usr, remember=remember)
    confirm_login()
    return usr
Beispiel #31
0
def login(data):
    data = data or dict()

    usr = user.get_by_username(data.get('login'))

    if not usr:
        usr = user.get_by_email(data.get('login'))

    if not usr:
        raise ValidationError('Invalid login or password')

    if not user.verify_password(usr, data.get('password')):
        raise ValidationError('Invalid login or password')

    remember = parse_boolean(data.get('remember'))
    login_user(usr, remember=remember)
    confirm_login()
    return usr
Beispiel #32
0
def reauth():
    """Recreate a session."""
    current_app.logger.info('Entering session.views.reauth()...')

    # TODO: Verify current_user.email = form.data.email

    form = LoginForm()

    if form.validate_on_submit():
        user, authenticated = User.authenticate(form.email.data, form.password.data)
        if user and authenticated:
            confirm_login()
            response = jsonify(status='success', data=user.session_as_dict())
            response.status_code = 200
            current_app.logger.debug('Returning success; response.data=[%s]' % response.data)
            return response

    current_app.logger.debug('Returning fail; data = [%s].' % form.errors)
    return jsonify(status='fail', data=form.errors)
Beispiel #33
0
def reauthenticate():
    """The form page to ask user enter their password to revalidate their
    stale session.

    If a user let the system remember his or her login at :func:`signup`,
    we then call it a persistent session.  This is because such session
    will not be expired within just hours of time, nor will it become
    invalid after quitting the browser.

    We call a recovered session after a relaunch of the browser or time
    expiration a stale session.  Sometimes we may want to make sure the
    user owns the permission before taking any operations. In these
    situations, the stale sessions are not enough.

    So :class:`reauthenticate` view force the user to refresh their stale
    session.  You may decorate the view by
    :func:`~railgun.website.credential.fresh_login_required` to ensure
    this.

    If the credential passes validation, the user will be redirected to
    :func:`index` view, unless the `next` argument is given in the query
    string, where a redirection to `next` will take place.

    :route: /reauthenticate/
    :method: GET, POST
    :template: reauthenticate.html
    :form: :class:`~railgun.website.forms.ReAuthenticateForm`
    """
    # Re-authenticate form is just like signin but do not contain "remember"
    form = ReAuthenticateForm()
    next_url = request.args.get('next')

    if form.validate_on_submit():
        # Check whether the user exists
        user = authenticate(current_user.name, form.password.data)
        if user:
            confirm_login()
            return redirect(next_url or url_for('index'))
        # Report password error
        flash(_('Incorrect password.'), 'danger')
    return render_template('reauthenticate.html', form=form, next=next_url)
Beispiel #34
0
def reauthenticate():
    """The form page to ask user enter their password to revalidate their
    stale session.

    If a user let the system remember his or her login at :func:`signup`,
    we then call it a persistent session.  This is because such session
    will not be expired within just hours of time, nor will it become
    invalid after quitting the browser.

    We call a recovered session after a relaunch of the browser or time
    expiration a stale session.  Sometimes we may want to make sure the
    user owns the permission before taking any operations. In these
    situations, the stale sessions are not enough.

    So :class:`reauthenticate` view force the user to refresh their stale
    session.  You may decorate the view by
    :func:`~railgun.website.credential.fresh_login_required` to ensure
    this.

    If the credential passes validation, the user will be redirected to
    :func:`index` view, unless the `next` argument is given in the query
    string, where a redirection to `next` will take place.

    :route: /reauthenticate/
    :method: GET, POST
    :template: reauthenticate.html
    :form: :class:`~railgun.website.forms.ReAuthenticateForm`
    """
    # Re-authenticate form is just like signin but do not contain "remember"
    form = ReAuthenticateForm()
    next_url = request.args.get('next')

    if form.validate_on_submit():
        # Check whether the user exists
        user = authenticate(current_user.name, form.password.data)
        if user:
            confirm_login()
            return redirect(next_url or url_for('index'))
        # Report password error
        flash(_('Incorrect password.'), 'danger')
    return render_template('reauthenticate.html', form=form, next=next_url)
Beispiel #35
0
def create_or_login(resp):
    h = hashlib.new('ripemd160')
    session['openid'] = resp.identity_url
    user = None
    h.update(resp.identity_url)
    print session['openid'], h.hexdigest()
    identity = db.session.query(Identity).filter_by(url=h.hexdigest()).first()
    if identity:
	user = db.session.query(User).get(identity.user_id)

    if user is not None:
	if g.user.is_authenticated():
	    confirm_login()
        g.user = user
	login_user(user, remember=True)
	flash(u'Successfully signed in')
	return redirect_back('main.MainView:index')

    return redirect(url_for('account.ProfileView:create', next=oid.get_next_url(),
                            name=resp.fullname or resp.nickname,
                            email=resp.email))
Beispiel #36
0
def reauth():
    """Recreate a session."""
    current_app.logger.info('Entering session.views.reauth()...')

    # TODO: Verify current_user.email = form.data.email

    form = LoginForm()

    if form.validate_on_submit():
        user, authenticated = User.authenticate(form.email.data,
                                                form.password.data)
        if user and authenticated:
            confirm_login()
            response = jsonify(status='success', data=user.session_as_dict())
            response.status_code = 200
            current_app.logger.debug('Returning success; response.data=[%s]' %
                                     response.data)
            return response

    current_app.logger.debug('Returning fail; data = [%s].' % form.errors)
    return jsonify(status='fail', data=form.errors)
Beispiel #37
0
def reauth():
    """
    User re authentication view
    """
    app.logger.debug('User reauth')
    
    form = ReauthForm(next=request.args.get('next', None))
    #if the login is fresh there is no need to re-authenticate
    if login_fresh():
        return redirect(generate_redirect_url(next_=form.next.data))
    
    if form.validate_on_submit():
        user, authenticated = authenticate(current_user.get_username(), form.password.data)
        if user and authenticated:
            user.set_last_signon()
            confirm_login()
            return redirect(generate_redirect_url(next_=form.next.data))
        else:
            flash('Sorry, invalid login parameters', 'error')

    return render_template('reauth.html', form=form)
Beispiel #38
0
def reauth():
    if request.method == "POST":
        confirm_login()
        return redirect(request.args.get("next") or '/admin')
    return redirect('/login/twitter')
Beispiel #39
0
 def reauth():
     if request.method == 'POST':
         confirm_login()
         flash(u'Reauthenticated.')
         return redirect(request.args.get('next') or url_for('api_root'))
     return render_template('reauth.html')
Beispiel #40
0
 def _confirm_login():
     confirm_login()
     return u''
Beispiel #41
0
 def refresh():
     # do stuff
     confirm_login()
     return True
Beispiel #42
0
 def reauth():
     confirm_login()
     return u"Login confirmed"
Beispiel #43
0
 def refresh():
     # do stuff
     confirm_login()
     return True
def reauth():
    if request.method == "POST":
        confirm_login()
        flash(u"Reauthenticated.")
        return redirect(request.args.get("next") or url_for("index"))
    return render_template("reauth.html")
Beispiel #45
0
def reauth():
  if confirm_login():
    flash('Reauthenticated', 'success')

  return redirect(
    request.args.get('next') or request.referrer or url_for('frontend.index'))
Beispiel #46
0
 def reauth():
     confirm_login()
     return u"Login confirmed"