def logout(self):
c = Config.get('aecore')
self.response.delete_cookie(
c.cookie_key.encode('utf-8'),
c.cookie_path.encode('utf-8'),
c.cookie_domain)
return self.redirect('/')
def _load_profile_class(self, provider):
try:
pkey = 'aeauth.strategies.{}'.format(provider)
profile_path = Config.get(pkey).user_profile_model
profile_class = utils.import_class(profile_path)
except AttributeError, e:
raise AttributeError("You must provide the location of "\
"the {0} user profile.".format(provider))
def handle_404(request, response, exception):
t = jinja2.get_jinja2(app=application).render_template(
'errors/404.html', **{
'exception': exception.status,
'application': Config.get('application'),
})
response.write(t)
response.set_status(exception.status_int)
def check_login(self, *args, **kwargs):
if not self.request.user:
# If handler has no login_url specified invoke a 403 error
try:
# set the redirect url to the current url.
# self.request.set_redirect_url(self.request.path)
self.redirect(Config.get('aeauth').login_url, abort=True)
except (AttributeError, KeyError), e:
self.abort(403)
def aeauth(self):
if self.request.user is not None and self.request.user.auth_ids:
userprofiles = self.request.user.get_profiles()
else:
userprofiles = None
self.render_template('demo/aeauth.html', {
"providers": Config.get('aeauth').providers,
"userprofiles": userprofiles,
})
def aecore(self):
if self.request.user is not None and self.request.user.auth_ids:
userprofiles = self.request.user.get_profiles()
else:
userprofiles = None
configs = Config.query().fetch(100)
self.render_template('demo/aecore.html', {
"session": self.request.session,
"user": self.request.user,
"userprofiles": userprofiles,
"configs": configs,
})
def render_template(self, template_name, template_values=None):
if template_values is None: template_values = {}
messages = self.get_messages()
if messages:
template_values.update({'messages': messages})
template_values.update({
'application': Config.get('application'),
'user': self.request.user,
'session': self.request.session,
})
self.response.write(self.jinja2.render_template(
template_name, **template_values))
def post(self):
post_dict = flat_dict_to_nested_dict(self.request.POST)
# confirm that required fields are provided.
# We pop the password, because we don't want to send it to
# ``get_person()``
password = post_dict.pop('password')
email = post_dict.get('email')
if not email or not password or not utils.validate_email(email):
message = u'Please provide a valid email and a password.'
self.request.add_message(message, level='error')
self.redirect(Config.get('aeauth').login_url)
user = self.request.user
# if we have a user update based on the dict and pass
if user is not None:
user.set_password(password)
# user.add_email(email)
user.put()
# otherwise create a new one.
else:
user_model = self.request.get_user_model()
user = user_model.get_or_create_by_email(email)
# if we have a user check the password
if user is not None:
if not user.check_password(password):
message = u'The password that you\'ve provided ' \
u'does not match our records. ' \
u'Please try again.'
self.request.add_message(message, level='error')
self.redirect(Config.get('aeauth').login_url)
# no User with that email create a new User
else:
user = user_model.create(email=email, password_raw=password)
redirect_url = self.request.get_redirect_url() or\
Config.get('aeauth').success_url
self.redirect(redirect_url)
def password_recovery(self):
recipient_id = self.request.POST.get('recipient_id')
if recipient_id is None: return
recipient = User.get_by_id(int(recipient_id))
token = UserToken.create(recipient.key.id(), 'password_reset').key.id()
# uses the application_title set in the config
subject = "{}: Password Assistance".format(
Config.get('application').title)
template = '/account/emails/password_reset.html'
reset_url = self.uri_for(
'account-recovery-verify', token=token, _full=True)
# Create the email
email = mail.EmailMessage()
email.sender = Config.get('application').default_from_email
email.subject = subject
email.to = '{} <{}>'.format(recipient.name, recipient.email)
email.body = self.render_template(template, {
'recipient': recipient,
'reset_url': reset_url,
})
email.send()
def _handle_request(self, provider, params=None):
provider_class = self._load_profile_class(provider)
try:
redirect_url, profile = provider_class.handle_request(self.request)
if profile is not None:
# if w have a logged in user add the auth_id.
user = self.request.user
if user is not None:
try:
user.add_auth_id(profile.key.id())
user.put()
except Exception, e:
# TODO if an exception is raised here's it's because the
# user has already create an account.
# Maybe we logout the user or migrate the old account.
pass
# else get or create a user from the auth_id
else:
user_model = self.request.get_user_model()
user = user_model.get_or_create_by_auth_id(profile.key.id())
# if the user is not an owner of the profile add their ID
if not profile.is_owner(user.key.id()):
profile.add_owner_id(user.key.id())
profile.put()
# if the user is an admin and the role hasn't been added,
# add the 'admin' role
if self._is_current_user_admin() and not user.has_role('admin'):
user.add_roll('admin')
user.put()
# TODO this should be deferred
# Update the User's master profile with the information from
# the newly created UserProfile.
master_p = user.get_master_profile()
master_p.merge_profile(profile.data)
# TODO maybe this can be removed.
# Currently this is necessary to update the session ID.
if not self.request.user:
self.request.load_user(user.key.id())
except Exception, e:
redirect_url= Config.get('aeauth').login_url
self.request.add_message(e.message, level='error')
def login(self):
providers = Config.get('aeauth').providers
self.render_template('auth/login.html', {'providers': providers})
def get_callback_url(domain, provider):
base_url = Config.get('aeauth').base_url
return u'{0}{1}/{2}/callback'.format(domain, base_url, provider)
def config(self):
key = 'aeauth.strategies.{}'.format(self.provider)
return Config.get(key)
