def signup(token):
email, key = get_email_from_signature(token, 'signup')
social_service = session.get('social.service')
social_uuid = session.get('social.uuid')
if social_service and social_uuid:
social = SocialUser.query.get((social_service, social_uuid))
if social.user_id:
social = None
else:
social = None
form = RegisterForm()
form.email.data = email
if form.validate_on_submit():
user = form.create_user()
redis.delete(key)
if social:
session.pop('social.service', None)
session.pop('social.uuid', None)
social.user_id = user.id
with db.auto_commit():
db.session.add(social)
UserSession.login(user, True)
return redirect('/')
return render_template(
'account/signup.html',
form=form,
email=email,
social=social,
)
def social_authorize(name):
social = SocialUser.handle_authorized_response(name)
if social is None:
return 'error'
if current_user and not social.user_id:
social.user_id = current_user.id
with db.auto_commit():
db.session.add(social)
if social.user_id:
user = User.cache.get(social.user_id)
UserSession.login(user, True)
next_url = session.pop('next_url', '/')
return redirect(next_url)
session['social.service'] = social.service
session['social.uuid'] = social.uuid
if name == 'google' and social.info.get('verified_email'):
email = social.info.get('email')
if email:
token = create_email_signature(email, 'signup')
url = url_for('.signup', token=token)
return redirect(url)
return 'TODO'
def login():
form = LoginForm()
if form.validate_on_submit():
UserSession.login(form.user, True)
next_url = request.args.get('next_url', '/')
return redirect(next_url)
return render_template('account/login.html', form=form)
def social_authorize(name):
social = SocialUser.handle_authorized_response(name)
if social is None:
return 'error'
if current_user and not social.user_id:
social.user_id = current_user.id
with db.auto_commit():
db.session.add(social)
if social.user_id:
user = User.cache.get(social.user_id)
UserSession.login(user, True)
next_url = session.pop('next_url', '/')
return redirect(next_url)
session['social.service'] = social.service
session['social.uuid'] = social.uuid
if name == 'google' and social.info.get('verified_email'):
email = social.info.get('email')
if email:
token = create_email_signature(email, 'signup')
url = url_for('.signup', token=token)
return redirect(url)
return 'TODO'
def signup(token):
email, key = get_email_from_signature(token, 'signup')
social_service = session.get('social.service')
social_uuid = session.get('social.uuid')
if social_service and social_uuid:
social = SocialUser.query.get((social_service, social_uuid))
if social.user_id:
social = None
else:
social = None
form = RegisterForm()
form.email.data = email
if form.validate_on_submit():
user = form.create_user()
redis.delete(key)
if social:
session.pop('social.service', None)
session.pop('social.uuid', None)
social.user_id = user.id
with db.auto_commit():
db.session.add(social)
UserSession.login(user, True)
return redirect('/')
return render_template(
'account/signup.html',
form=form,
email=email,
social=social,
)
def login(self):
user = User.query.first()
with self.app.test_request_context():
UserSession.login(user)
with self.client.session_transaction() as sess:
sess['id'] = user.id
return user
def oauth_limit_params(login, scopes):
if scopes is None:
scopes = []
user = UserSession.get_current_user()
if user:
request._current_user = user
return 'limit:sid:{0}'.format(session.get('id')), 600, 300
valid, req = oauth.verify_request(scopes)
if login and (not valid or not req.user):
raise NotAuth()
if valid:
request.oauth_client = req.access_token.client
request._current_user = req.user
key = 'limit:tok:%s' % req.access_token.access_token
return key, 600, 600
client_id = request.values.get('client_id')
if client_id:
c = OAuthClient.query.filter_by(
client_id=client_id
).first()
if not c:
description = 'Client of %s not found' % client_id
raise InvalidClient(description=description)
request.oauth_client = c
return 'limit:client:{0}'.format(c.id), 600, 600
return 'limit:ip:{0}'.format(request.remote_addr), 3600, 3600
def login_session():
if request.method == 'DELETE':
if UserSession.logout():
return '', 204
return jsonify(status='error'), 400
if request.mimetype == 'application/json':
username, password = parse_auth_headers()
else:
username = request.form.username
password = request.form.password
if not username or not password:
return jsonify(
status='error',
error_code='missing_required_field',
error_description='Username and password are required.'
), 400
# can only try login a user 5 times
prefix = 'limit:login:{0}:{1}'.format(username, request.remote_addr)
ratelimit(prefix, 5, 3600)
prefix = 'limit:login:{0}'.format(request.remote_addr)
ratelimit(prefix, 60, 3600)
if '@' in username:
user = User.cache.filter_first(email=username)
else:
user = User.cache.filter_first(username=username)
if not user or not user.check_password(password):
return handle_login_failed(username, user)
data = request.get_json()
permanent = data.get('permanent', False)
UserSession.login(user, permanent)
return jsonify(user), 201
def login_session():
if request.method == 'DELETE':
if UserSession.logout():
return '', 204
return jsonify(status='error'), 400
if request.mimetype == 'application/json':
username, password = parse_auth_headers()
else:
username = request.form.username
password = request.form.password
if not username or not password:
return jsonify(
status='error',
error_code='missing_required_field',
error_description='Username and password are required.'), 400
# can only try login a user 5 times
prefix = 'limit:login:{0}:{1}'.format(username, request.remote_addr)
ratelimit(prefix, 5, 3600)
prefix = 'limit:login:{0}'.format(request.remote_addr)
ratelimit(prefix, 60, 3600)
if '@' in username:
user = User.cache.filter_first(email=username)
else:
user = User.cache.filter_first(username=username)
if not user or not user.check_password(password):
return handle_login_failed(username, user)
data = request.get_json()
permanent = data.get('permanent', False)
UserSession.login(user, permanent)
return jsonify(user), 201
