async def decorator(*args: Any, **kwargs: Any) -> Callable:
request = __get_request(args)
jwt_token = request.cookies.get("jwt_token", "")
if not jwt_token:
return RedirectResponse(request.url_for("home"))
try:
jwt_decode(jwt_token)
except InvalidTokenError:
try:
UsersSessions.get(jwt_token=jwt_token).delete_instance()
except UsersSessions.DoesNotExist:
pass
response = RedirectResponse(request.url_for("home"))
response.delete_cookie("jwt_token")
return response
try:
UsersSessions.get(jwt_token=jwt_token)
except UsersSessions.DoesNotExist:
response = RedirectResponse(request.url)
response.delete_cookie("jwt_token")
return response
return await func(*args, **kwargs)
async def user_delete(request):
"""
Delete user
"""
u = User
i = Image
request_path_id = int(request.path_params["id"])
if request.method == "POST":
result = await i.raw(
f"SELECT path FROM image "
f"JOIN ad on ad.id = image.ad_image "
f"JOIN piccolo_user on piccolo_user.id = ad.ad_user "
f"WHERE piccolo_user.id = {request_path_id}").run()
image_list = []
for img in result:
for k, v in img.items():
image_list.append(v)
# Cloudinary image deletion when user account is deleted
# cloudinary.config(
# cloud_name="rkl",
# api_key=CLOUDINARY_API_KEY,
# api_secret=CLOUDINARY_API_SECRET
# )
# if image_list:
# public_ids = [img.split('/')[-1].split('.')[0] for img in image_list]
# cloudinary.api.delete_resources(public_ids)
# Dropzone image deletion when user account is deleted
if image_list:
for img in image_list:
os.remove(img)
await u.delete().where(u.id == request_path_id).run()
request.session.clear()
response = RedirectResponse("/", status_code=302)
response.delete_cookie("jwt")
return response
async def user_delete(request):
"""
Delete user
"""
id = request.path_params["id"]
if request.method == "POST":
# delete related user images in filesystem
async with in_transaction() as conn:
result = await conn.execute_query(f'SELECT path FROM image \
JOIN ad on ad.id = image.ad_image_id \
JOIN "user" on "user".id = ad.user_id \
WHERE "user".id = {id}')
image_list = []
for i in result:
for k, v in i.items():
image_list.append(v)
cloudinary.config(cloud_name="rkl",
api_key=CLOUDINARY_API_KEY,
api_secret=CLOUDINARY_API_SECRET)
public_ids = [img.split('/')[-1].split('.')[0] for img in image_list]
cloudinary.api.delete_resources(public_ids)
# for img in image_list:
# os.remove(img)
await User.get(id=id).delete()
request.session.clear()
response = RedirectResponse(url="/", status_code=302)
response.delete_cookie("jwt")
return response
async def delete(request):
"""
Delete user
"""
id = request.path_params["id"]
session_user = request.user.username
results = await User.get(username=session_user)
if (
request.method == "DELETE"
and results.username == session_user
or session_user == ADMIN
):
async with in_transaction() as conn:
await conn.execute_query(
f"DELETE FROM tag WHERE tag.id IN \
(SELECT question_tag.tag_id FROM question \
JOIN question_tag ON question_tag.question_id = question.id \
JOIN user ON user.id = question.user_id WHERE user.id = {id})"
)
async with in_transaction() as conn:
await conn.execute_query(
f"UPDATE question \
JOIN answer ON question.id = answer.question_id \
JOIN user on user.id = answer.ans_user_id \
SET question.accepted_answer = 0 \
WHERE user.id = {id} AND answer.is_accepted_answer = 1"
)
await User.get(id=id).delete()
# 303 status code for redirect after delete
response = RedirectResponse(url="/", status_code=303)
response.delete_cookie("jwt")
return response
else:
return Response(status_code=403)
async def login(self, request: Request, redis: Redis = Depends(get_redis)):
form = await request.form()
username = form.get("username")
password = form.get("password")
remember_me = form.get("remember_me")
admin = await self.admin_model.get_or_none(username=username)
if not admin or not check_password(password, admin.password):
return templates.TemplateResponse(
self.template,
status_code=HTTP_401_UNAUTHORIZED,
context={
"request": request,
"error": _("login_failed")
},
)
response = RedirectResponse(url=request.app.admin_path,
status_code=HTTP_303_SEE_OTHER)
if remember_me == "on":
expire = 3600 * 24 * 30
response.set_cookie("remember_me", "on")
else:
expire = 3600
response.delete_cookie("remember_me")
token = uuid.uuid4().hex
response.set_cookie(
self.access_token,
token,
expires=expire,
path=request.app.admin_path,
httponly=True,
)
await redis.set(constants.LOGIN_USER.format(token=token),
admin.pk,
expire=expire)
return response
async def delete_session(request):
if request.user.is_authenticated:
request.user.roll_session()
request.user.put()
resp = RedirectResponse(url="/", status_code=302)
resp.delete_cookie("session_id")
return resp
async def user_delete(request):
"""
Delete user
"""
id = request.path_params["id"]
if request.method == "POST":
async with in_transaction() as conn:
await conn.execute_query(
f'DELETE FROM tag WHERE tag.id IN \
(SELECT question_tag.tag_id FROM question \
JOIN question_tag ON question_tag.question_id = question.id \
JOIN "user" ON "user".id = question.user_id \
WHERE "user".id = {id})'
)
async with in_transaction() as conn:
await conn.execute_query(
f'UPDATE question SET accepted_answer = false \
FROM answer, "user" WHERE question.id = answer.question_id \
AND "user".id = {id} AND question.accepted_answer = true'
)
await User.get(id=id).delete()
if request.user.username == ADMIN:
return RedirectResponse(url="/accounts/dashboard", status_code=302)
request.session.clear()
response = RedirectResponse(url="/", status_code=302)
response.delete_cookie("jwt")
return response
async def post(self, request):
response = RedirectResponse(url=request.headers['referer'],
status_code=303)
if request.cookies.get('theme'):
response.delete_cookie('theme')
else:
response.set_cookie('theme', 'default-dark')
return response
async def logout(request):
"""
Logout user
"""
request.session.clear()
response = RedirectResponse(url="/", status_code=302)
response.delete_cookie("jwt")
return response
async def get(self, request: Request) -> RedirectResponse:
token = request.cookies.get("jwt_token")
UsersSessions.get(jwt_token=token).delete_instance()
response = RedirectResponse(request.url_for("login"), status_code=303)
response.delete_cookie("jwt_token")
return response
def logout(request: Request, ):
refresh_token: str = request.cookies.get("Refresh")
if refresh_token == None:
return {"message": "Not logged in."}
keycloak_openid.logout(refresh_token)
response = RedirectResponse(url="http://localhost:8000/users/")
response.delete_cookie("Authorization", domain="localhost")
response.delete_cookie("Refresh", domain="localhost")
return response
def logout(request: Request,
credentials: HTTPBasicCredentials = Depends(security)):
#error = 'ユーザー名かパスワードが間違ってます'
#credentials.username = None
print("credentials3")
print(credentials.username)
response = RedirectResponse(url="/")
response.delete_cookie("Authorization", domain="127.0.0.1:8000")
return response #RedirectResponse('/')
async def logout_via_azure(request: Request, redirect_url: str):
post_logout_url = f"?post_logout_redirect_uri={redirect_url}"
logout_url = oauth.azure.server_metadata.get('end_session_endpoint', None)
request.session.pop('user', None)
if logout_url:
response = RedirectResponse(url=logout_url + post_logout_url)
response.delete_cookie(key="ClientToken")
response.delete_cookie(key="ClientName")
return response
return JSONResponse(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
content={"Error": "Unable to logout, something went wrong"})
async def logout_and_remove_cookie(request: Request, current_user: schemas.NewUser = Depends(get_current_active_user), db: Session = Depends(get_db)) -> "RedirectResponse":
response = RedirectResponse(url="/login", status_code=status.HTTP_303_SEE_OTHER)
if not current_user:
return response
# usertype = crud.get_user_third_party(current_user.email)
# if usertype=="google":
# return templates.TemplateResponse("google_signout.html", {"request": request})
# else:
response.delete_cookie(key=COOKIE_AUTHORIZATION_NAME, domain=COOKIE_DOMAIN)
#crud.logged_out(current_user.email)
# return templates.TemplateResponse("logout.html",{"request":request, "instanceid":"13917092-3f6f-49e5-b39b-e21c89f24565"})
return response
async def user_delete(request):
"""
Delete user
"""
id = request.path_params["id"]
if request.method == "POST":
await User.get(id=id).delete()
if request.user.username == ADMIN:
return RedirectResponse(url="/accounts/dashboard", status_code=302)
request.session.clear()
response = RedirectResponse(url="/", status_code=302)
response.delete_cookie("jwt")
return response
async def auth_exception_handler(
request: Request,
exc: HTTP_401_UNAUTHORIZED,
) -> RedirectResponse:
"""
Whenever HTTP_401_UNAUTHORIZED is raised,
redirecting to login route, with original requested url,
and details for why original request failed.
"""
paramas = f"?next={exc.headers}&message={exc.detail}"
url = f"/login{paramas}"
response = RedirectResponse(url=url)
response.delete_cookie("Authorization")
return response
async def user_delete(request):
"""
Delete user
"""
u = User
request_path_id = request.path_params["id"]
if request.method == "POST":
await u.raw(
f"UPDATE question SET accepted_answer = false "
f"FROM answer, piccolo_user WHERE question.id = answer.question "
f"AND piccolo_user.id = {request_path_id} AND "
f"question.accepted_answer = true;").run()
await u.delete().where(u.id == request_path_id).run()
request.session.clear()
response = RedirectResponse("/", status_code=302)
response.delete_cookie("jwt")
return response
async def azure_login_callback(
request: Request,
_ = Depends(csrf_token_redirect_cookie_scheme)
):
""" Callback triggered when the user logs in to Azure's pop-up.
Receives an authentication_token from Azure which then
exchanges for an access_token. The latter is used to
gain user information from Azure's userinfo_endpoint.
Args:
request: The incoming request as redirected by Azure
"""
async with exception_handling():
code = request.query_params.get("code")
if not code:
raise AuthorizationException("Missing external authentication token")
provider = await auth_providers.get_auth_provider(config.AZURE)
# Authenticate token and get user's info from external provider
external_user = await provider.get_user(
auth_token=ExternalAuthToken(code=code)
)
# Get or create the internal user
internal_user = await db_client.get_user_by_external_sub_id(external_user)
if internal_user is None:
internal_user = await db_client.create_internal_user(external_user)
internal_auth_token = await auth_util.create_internal_auth_token(internal_user)
# Redirect the user to the home page
redirect_url = f"{config.FRONTEND_URL}?authToken={internal_auth_token}"
response = RedirectResponse(url=redirect_url)
# Delete state cookie. No longer required
response.delete_cookie(key="state")
return response
async def auth_logout():
"""Logout active user (delete their token from browser's cookies)"""
response = RedirectResponse(Config.base_url)
response.delete_cookie("sessiontoken")
response.delete_cookie("ssostate")
response.delete_cookie("ssoaction")
return response
async def auth_via_azure(request: Request):
response = RedirectResponse(request.cookies.get("Redirect-url"))
response.delete_cookie(key="Redirect-url")
token = await oauth.azure.authorize_access_token(request)
headers = {'Authorization': f'Bearer {token.get("access_token")}'}
query = 'onPremisesSamAccountName,givenName,mail,surname'
r = requests.get(f'https://graph.microsoft.com/v1.0/me?$select={query}',
headers=headers)
user = r.json()
client_user = {
"userId": user["onPremisesSamAccountName"],
"givenName": user["givenName"],
"surname": user["surname"],
"initial": f"{user['givenName'][0]}{user['surname'][0]}",
"email": user["mail"]
}
# user = await oauth.azure.parse_id_token(request, token)
response.delete_cookie(key="ClientUser")
response.set_cookie(key="ClientUser",
value=json.dumps(client_user),
max_age=3600,
expires=3600)
response.delete_cookie(key="ClientToken")
response.set_cookie(key="ClientToken",
value=token.get("access_token"),
max_age=3600,
expires=3600)
return response
async def logout(is_logged: bool = Depends(is_logged)):
response = RedirectResponse(url="/")
response.delete_cookie("session")
return response
async def route_logout_and_remove_cookie():
response = RedirectResponse(url="/")
response.delete_cookie(API_KEY_NAME, domain=COOKIE_DOMAIN)
return response
async def logout(request):
response = RedirectResponse(url='/login')
response.delete_cookie("sessionid")
return response
async def route_logout_and_remove_cookie():
response = RedirectResponse(url="/")
response.delete_cookie("Authorization", domain=getenv("WEB_HOSTNAME"))
return response
async def route_logout_and_remove_cookie():
response = RedirectResponse(url="/")
response.delete_cookie("Authorization")
return response
async def route_logout_and_remove_cookie():
response = RedirectResponse(url="/")
response.delete_cookie(config.api_key_name, domain=config.cookie_domain)
response.delete_cookie("Authorization", domain=config.cookie_domain)
return response
async def post(self, request: Request) -> Response:
if self._read_only:
return PlainTextResponse(content="Running in read only mode",
status_code=405)
# Some middleware (for example CSRF) has already awaited the request
# body, and adds it to the request.
body = request.scope.get("form")
if not body:
try:
body = await request.json()
except JSONDecodeError:
body = await request.form()
current_password = body.get("current_password", None)
new_password = body.get("new_password", None)
confirm_new_password = body.get("confirm_new_password", None)
piccolo_user = request.user.user
min_password_length = piccolo_user._min_password_length
if ((not current_password) or (not new_password)
or (not confirm_new_password)):
error = "Form is invalid. Missing one or more fields."
if body.get("format") == "html":
return self.render_template(
request,
template_context={"error": error},
min_password_length=min_password_length,
)
raise HTTPException(status_code=422, detail=error)
if len(new_password) < min_password_length:
error = (
f"Password must be at least {min_password_length} characters "
"long.")
if body.get("format") == "html":
return self.render_template(
request,
min_password_length=min_password_length,
template_context={"error": error},
)
else:
raise HTTPException(
status_code=422,
detail=error,
)
if confirm_new_password != new_password:
error = "Passwords do not match."
if body.get("format") == "html":
return self.render_template(
request,
min_password_length=min_password_length,
template_context={"error": error},
)
else:
raise HTTPException(status_code=422, detail=error)
if not await piccolo_user.login(username=piccolo_user.username,
password=current_password):
error = "Incorrect password."
if body.get("format") == "html":
return self.render_template(
request,
min_password_length=min_password_length,
template_context={"error": error},
)
raise HTTPException(detail=error, status_code=422)
await piccolo_user.update_password(user=request.user.user_id,
password=new_password)
#######################################################################
# After the password changes, we invalidate the session and
# redirect the user to the login endpoint.
session_table = self._session_table
if session_table:
# This will invalidate all of the user's sessions on all devices.
await session_table.delete().where(
session_table.user_id == piccolo_user.id)
response = RedirectResponse(url=self._login_url,
status_code=HTTP_303_SEE_OTHER)
if self._session_cookie_name:
response.delete_cookie(self._session_cookie_name)
return response
def logout(request: Request, user=Depends(crud.manager)):
response = RedirectResponse("/", status_code=302)
response.delete_cookie(key=crud.manager.cookie_name)
return response
async def logout() -> RedirectResponse:
response = RedirectResponse(url="/docs")
response.delete_cookie("Authorization", domain="localhost")
return response
async def logout(request):
r = RedirectResponse("/login", status_code=302)
r.delete_cookie("jwt_token")
return r
