Beispiel #1
0
def authorized(provider):
    provider_instance = get_provider(provider)
    if not provider_instance:
        abort(404)

    resp = provider_instance.authorized_response()
    next = _get_next(request.args.get("state"))
    _validate_next(next)
    user = models.User.login(provider, resp)
    session.create_session_token(user)
    if user.is_new:
        return redirect(url_for("auth.signup", next=next))
    return redirect(next)
Beispiel #2
0
def authorized(provider):
    provider_instance = get_provider(provider)
    if not provider_instance:
        abort(404)

    resp = provider_instance.authorized_response()
    next = _get_next(request.args.get("state"))
    _validate_next(next)
    user = models.User.login(provider, resp)
    session.create_session_token(user)
    if user.is_new:
        return redirect(url_for("auth.signup", next=next))
    return redirect(next)
Beispiel #3
0
def provider_login(provider):
    """Log in with the given provider."""
    # The next_token doesn't only store the 'next' value, but it also acts as a CSRF token.
    next = request.args.get("next") or "/"
    next_token = _save_next(next)

    provider_instance = get_provider(provider)
    if not provider_instance:
        abort(404)

    # Twitter uses OAuth 1.0a, which doesn't support the 'state' parameter, so we include it in the callback url.
    callback_state = None
    if provider == "twitter":
        callback_state = next_token

    return provider_instance.authorize(callback=url_for("auth.authorized", _external=True, provider=provider, state=callback_state), state=next_token)
Beispiel #4
0
def provider_login(provider):
    """Log in with the given provider."""
    # The next_token doesn't only store the 'next' value, but it also acts as a CSRF token.
    next = request.args.get("next") or "/"
    next_token = _save_next(next)

    provider_instance = get_provider(provider)
    if not provider_instance:
        abort(404)

    # Twitter uses OAuth 1.0a, which doesn't support the 'state' parameter, so we include it in the callback url.
    callback_state = None
    if provider == "twitter":
        callback_state = next_token

    return provider_instance.authorize(callback=url_for("auth.authorized",
                                                        _external=True,
                                                        provider=provider,
                                                        state=callback_state),
                                       state=next_token)