def get_user_extid(service, userdata):
"""
Retrieves a 'user', 'extid' and 'useremail' from the given service and userdata.
"""
provider = login_registry[service]
extid = getextid(service=service, userid=userdata['userid'])
user = None
useremail = None
if userdata.get('email'):
useremail = UserEmail.get(email=userdata['email'])
if extid is not None:
user = extid.user
# It is possible at this time that extid.user and useremail.user are different.
# We do not handle it here, but in the parent function login_service_postcallback.
elif useremail is not None and useremail.user is not None:
user = useremail.user
else:
# Cross-check with all other instances of the same LoginProvider (if we don't have a user)
# This is (for eg) for when we have two Twitter services with different access levels.
for other_service, other_provider in login_registry.items():
if (other_service != service
and other_provider.__class__ == provider.__class__):
other_extid = getextid(service=other_service,
userid=userdata['userid'])
if other_extid is not None:
user = other_extid.user
break
# TODO: Make this work when we have multiple confirmed email addresses available
return user, extid, useremail
def get_user_extid(service, userdata):
"""
Retrieves a 'user', 'extid' and 'useremail' from the given service and userdata.
"""
provider = login_registry[service]
extid = getextid(service=service, userid=userdata['userid'])
user = None
useremail = None
if userdata.get('email'):
useremail = UserEmail.get(email=userdata['email'])
if extid is not None:
user = extid.user
# It is possible at this time that extid.user and useremail.user are different.
# We do not handle it here, but in the parent function login_service_postcallback.
elif useremail is not None and useremail.user is not None:
user = useremail.user
else:
# Cross-check with all other instances of the same LoginProvider (if we don't have a user)
# This is (for eg) for when we have two Twitter services with different access levels.
for other_service, other_provider in login_registry.items():
if other_service != service and other_provider.__class__ == provider.__class__:
other_extid = getextid(service=other_service, userid=userdata['userid'])
if other_extid is not None:
user = other_extid.user
break
# TODO: Make this work when we have multiple confirmed email addresses available
return user, extid, useremail
def login():
# If user is already logged in, send them back
if g.user:
return redirect(get_next_url(referrer=True), code=303)
loginform = LoginForm()
service_forms = {}
for service, provider in login_registry.items():
if provider.at_login and provider.form is not None:
service_forms[service] = provider.get_form()
loginmethod = None
if request.method == 'GET':
loginmethod = request.cookies.get('login')
formid = request.form.get('form.id')
if request.method == 'POST' and formid == 'passwordlogin':
if loginform.validate():
user = loginform.user
login_internal(user)
db.session.commit()
flash('You are now logged in', category='success')
return set_loginmethod_cookie(render_redirect(get_next_url(session=True), code=303),
'password')
elif request.method == 'POST' and formid in service_forms:
form = service_forms[formid]['form']
if form.validate():
return set_loginmethod_cookie(login_registry[formid].do(form=form), formid)
elif request.method == 'POST':
abort(500)
if request.is_xhr and formid == 'passwordlogin':
return render_template('forms/loginform.html', loginform=loginform, Markup=Markup)
else:
return render_template('login.html', loginform=loginform, lastused=loginmethod,
service_forms=service_forms, Markup=Markup)
def get_user_extid(service, userdata):
"""
Retrieves a 'user', 'extid' and 'useremail' from the given service and userdata.
"""
provider = login_registry[service]
extid = getextid(service=service, userid=userdata['userid'])
useremail = None
if 'email' in userdata:
useremail = UserEmail.query.filter_by(email=userdata['email']).first()
user = None
if extid is not None:
user = extid.user
elif useremail is not None:
user = useremail.user
else:
# Cross-check with all other instances of the same LoginProvider (if we don't have a user)
# This is (for eg) for when we have two Twitter services with different access levels.
for other_service, other_provider in login_registry.items():
if other_service != service and other_provider.__class__ == provider.__class__:
other_extid = getextid(service=other_service, userid=userdata['userid'])
if other_extid is not None:
user = other_extid.user
break
# TODO: Make this work when we have multiple confirmed email addresses available
return user, extid, useremail
def login():
# If user is already logged in, send them back
if g.user:
return redirect(get_next_url(referrer=True), code=303)
loginform = LoginForm()
service_forms = {}
for service, provider in login_registry.items():
if provider.at_login and provider.form is not None:
service_forms[service] = provider.get_form()
loginmethod = None
if request.method == 'GET':
loginmethod = request.cookies.get('login')
formid = request.form.get('form.id')
if request.method == 'POST' and formid == 'passwordlogin':
if loginform.validate():
user = loginform.user
login_internal(user)
db.session.commit()
flash('You are now logged in', category='success')
return set_loginmethod_cookie(render_redirect(get_next_url(session=True), code=303),
'password')
elif request.method == 'POST' and formid in service_forms:
form = service_forms[formid]['form']
if form.validate():
return set_loginmethod_cookie(login_registry[formid].do(form=form), formid)
elif request.method == 'POST':
abort(500)
if request.is_xhr and formid == 'passwordlogin':
return render_template('forms/loginform.html', loginform=loginform, Markup=Markup)
else:
return render_template('login.html', loginform=loginform, lastused=loginmethod,
service_forms=service_forms, Markup=Markup, login_registry=login_registry)
def get_user_extid(service, userdata):
"""
Retrieves a 'user', 'extid' and 'useremail' from the given service and userdata.
"""
provider = login_registry[service]
extid = getextid(service=service, userid=userdata['userid'])
useremail = None
if 'email' in userdata:
useremail = UserEmail.query.filter_by(email=userdata['email']).first()
user = None
if extid is not None:
user = extid.user
elif useremail is not None:
user = useremail.user
else:
# Cross-check with all other instances of the same LoginProvider (if we don't have a user)
# This is (for eg) for when we have two Twitter services with different access levels.
for other_service, other_provider in login_registry.items():
if other_service != service and other_provider.__class__ == provider.__class__:
other_extid = getextid(service=other_service,
userid=userdata['userid'])
if other_extid is not None:
user = other_extid.user
break
# TODO: Make this work when we have multiple confirmed email addresses available
return user, extid, useremail
def account():
primary_email_form = EmailPrimaryForm()
primary_phone_form = PhonePrimaryForm()
service_forms = {}
for service, provider in login_registry.items():
if provider.at_login and provider.form is not None:
service_forms[service] = provider.get_form()
return render_template('account.html.jinja2',
primary_email_form=primary_email_form,
primary_phone_form=primary_phone_form,
service_forms=service_forms,
login_registry=login_registry)
def account():
primary_email_form = EmailPrimaryForm()
primary_phone_form = PhonePrimaryForm()
service_forms = {}
for service, provider in login_registry.items():
if provider.at_login and provider.form is not None:
service_forms[service] = provider.get_form()
return render_template('account.html.jinja2',
primary_email_form=primary_email_form,
primary_phone_form=primary_phone_form,
service_forms=service_forms,
login_registry=login_registry)
def login():
# If user is already logged in, send them back
if current_auth.is_authenticated:
return redirect(get_next_url(referrer=True), code=303)
loginform = LoginForm()
service_forms = {}
for service, provider in login_registry.items():
if provider.at_login and provider.form is not None:
service_forms[service] = provider.get_form()
loginmethod = None
if request.method == 'GET':
loginmethod = request.cookies.get('login')
formid = request.form.get('form.id')
if request.method == 'POST' and formid == 'passwordlogin':
try:
if loginform.validate():
user = loginform.user
login_internal(user)
db.session.commit()
flash(_("You are now logged in"), category='success')
return set_loginmethod_cookie(
render_redirect(get_next_url(session=True), code=303),
'password')
except LoginPasswordResetException:
return render_redirect(
url_for('.reset', expired=1, username=loginform.username.data))
elif request.method == 'POST' and formid in service_forms:
form = service_forms[formid]['form']
if form.validate():
return set_loginmethod_cookie(login_registry[formid].do(form=form),
formid)
elif request.method == 'POST':
abort(500)
iframe_block = {'X-Frame-Options': 'SAMEORIGIN'}
if request.is_xhr and formid == 'passwordlogin':
return render_template('loginform.html.jinja2',
loginform=loginform,
Markup=Markup), 200, iframe_block
else:
return render_template(
'login.html.jinja2',
loginform=loginform,
lastused=loginmethod,
service_forms=service_forms,
Markup=Markup,
login_registry=login_registry), 200, iframe_block
def login():
# If user is already logged in, send them back
if current_auth.is_authenticated:
return redirect(get_next_url(referrer=True), code=303)
loginform = LoginForm()
service_forms = {}
for service, provider in login_registry.items():
if provider.at_login and provider.form is not None:
service_forms[service] = provider.get_form()
loginmethod = None
if request.method == 'GET':
loginmethod = request.cookies.get('login')
formid = request.form.get('form.id')
if request.method == 'POST' and formid == 'passwordlogin':
try:
if loginform.validate():
user = loginform.user
login_internal(user)
db.session.commit()
flash(_("You are now logged in"), category='success')
return set_loginmethod_cookie(render_redirect(get_next_url(session=True), code=303),
'password')
except LoginPasswordResetException:
flash(_(u"Your account does not have a password set. Please enter your username "
"or email address to request a reset code and set a new password"), category='danger')
return render_redirect(url_for('.reset', username=loginform.username.data))
elif request.method == 'POST' and formid in service_forms:
form = service_forms[formid]['form']
if form.validate():
return set_loginmethod_cookie(login_registry[formid].do(form=form), formid)
elif request.method == 'POST':
abort(500)
iframe_block = {'X-Frame-Options': 'SAMEORIGIN'}
if request.is_xhr and formid == 'passwordlogin':
return render_template('loginform.html.jinja2', loginform=loginform, Markup=Markup), 200, iframe_block
else:
return render_template('login.html.jinja2', loginform=loginform, lastused=loginmethod,
service_forms=service_forms, Markup=Markup, login_registry=login_registry), 200, iframe_block
