def user_home():
# if we already retrieved this in users or a decorator
session = sessions.get_current_session(request.environ)
access = "read"
if session.has_access("write"):
access = "write"
resp = make_response(
render_template(
"auth_home.html",
auth_user=session,
user_claims=session.claims,
login_url=sessions.LOGIN_URL,
logout_url=sessions.LOGOUT_URL,
access=access,
))
# set persistent session cookie corresponding to the id_token
key = sessions.get_cookie_name("session_id")
value = session.session_id
max_age = (sessions.EXPIRE_DAYS * 24 * 60 * 60
) # set to EXPIRE_DAYS days here (id_token expires in 1 hour)
PROXY_PREFIX = os.environ.get("PROXY_PREFIX", "")
path = "%s/" % PROXY_PREFIX
resp.set_cookie(key, value, max_age=max_age, path=path)
key = sessions.get_cookie_name("id_token")
resp.set_cookie(key, "", max_age=None, path=path)
return resp
def admin_view():
session = sessions.get_current_session(request.environ)
# if not session.has_role("admin"):
# output = (
# "You need to login as administrator <a href='%s'>Login</a>"
# % sessions.LOGIN_URL
# )
# return output
qs = request.query_string
if not isinstance(qs, str):
qs = qs.decode("utf-8")
logging.warning("AdminHandler.get: %s" % qs)
actions = {
"run_tests": run_tests,
"clear_cache": clear_cache,
"reset_stats": reset_stats,
"clear_datastore": clear_datastore,
"expired_sessions": expired_sessions,
"check_orphans": check_orphans,
"delete_orphans": delete_orphans,
}
# Handle admin commands
if qs in actions:
return actions[qs]()
elif qs != "":
raise NotImplementedError("Invalid command: %s" % qs)
# Show admin page
if session.is_user():
url = sessions.LOGOUT_URL
url_linktext = "Logout"
else:
url = sessions.LOGIN_URL
url_linktext = "Login"
env = []
for k, v in list(os.environ.items()):
env.append("%s: '%s'" % (k, v))
stats = api.get_stats()
nickname = "stranger"
if session.is_user():
nickname = session.nickname
template_values = {
"nickname": nickname,
"url": url,
"url_linktext": url_linktext,
"memcache_stats": pformat(memcache3.get_stats()),
"datastore_stats": pformat(stats),
"environment_dump": "\n".join(env),
"request_env_dump": pformat(request.environ),
}
return render_template("admin_data.html", **template_values)
def user_token():
# if we already retrieved this in users or a decorator
session = sessions.get_current_session(request.environ)
error_message = request.environ.get("ID_TOKEN_ERROR")
return render_template(
"auth_token.html",
user_claims=session.claims,
error_message=error_message,
auth_url=sessions.AUTH_URL,
logout_url=sessions.LOGOUT_URL,
FIREBASE_PROJECT_ID=os.environ.get("FIREBASE_PROJECT_ID",
"MY_PROJECT_ID"),
FIREBASE_API_KEY=os.environ.get("FIREBASE_API_KEY", "MY_API_KEY"),
FIREBASE_ID_TOKEN=sessions.get_cookie_name("id_token"),
FIREBASEJS_SDK_VERSION=os.environ.get("FIREBASEJS_SDK_VERSION",
"7.18.0"),
FIREBASEJS_UI_VERSION=os.environ.get("FIREBASEJS_UI_VERSION", "4.6.1"),
PROXY_PREFIX=os.environ.get("PROXY_PREFIX", ""),
)
def user_logout():
session = sessions.get_current_session(request.environ)
if session.is_user():
session.delete()
return redirect("/auth/?goodbye")