This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
user = User.query.filter_by(openid=resp.identity_url).first()
if user is not None:
flash(u'Successfully signed in')
g.user = user
try:
os.mkdir(os.path.join(app.config['UPLOAD_FOLDER'], str(g.user.id) ))
except Exception, error:
app.logger.info(error)
blog = Blog.query.filter_by(id=g.user.blog).first()
return redirect("http://" + blog.subdomain + "." + app.config['SERVER_NAME'])
return redirect(url_for('create_profile', next=oid.get_next_url(),
name=resp.fullname or resp.nickname,
email=resp.email))
@app.route('/create-profile', methods=['GET', 'POST'])
def create_profile():
"""
If this is the user's first login, the create_or_login function
will redirect here so that the user can set up his profile.
"""
form = {}
if g.user is not None or 'openid' not in session:
return redirect(url_for('index'))
if request.method == 'POST':
form['name'] = request.form['name']
form['email'] = request.form['email']
def create_or_login(resp):
session['openid'] = resp.identity_url
current_app.logger.debug("User: %s", current_user)
try:
user = current_app.security.auth_provider.authenticate_openid(session['openid'])
if user and _do_login(user):
flash(u'Successfully signed in')
return redirect(get_post_login_redirect())
except BadCredentialsError, UserNotFoundError:
if current_user.get_id() is not None:
# Looks like the openid token changed... not sure how, so we'll wipe it and start over
current_user['openid'] = None
security.datastore._save_model(current_user)
return redirect(url_for('login'))
return redirect(url_for('account.create_profile', next=oid.get_next_url(), name=resp.fullname or resp.name or resp.nickname, email=resp.email))
@mod.route('/logout')
def logout():
session.pop('openid', None)
logout_user()
flash(u'You were signed out')
return redirect(oid.get_next_url())
mod.record(init_blueprint)
class GoogleAuth(object):
"""Google Federated Authentication manager.
If ``install==True`` (default), it is automatically installed into the
given Flask application.
"""
def __init__(self, app, install=True, prefix=None, name='GoogleAuth'):
self.app = app
self.app.config.setdefault('GOOGLE_DOMAIN', None)
self.oid = OpenID(self.app)
self.url_prefix = prefix
self.name = name
self.blueprint = self._get_blueprint(self.name)
self.domain = self.app.config.get('GOOGLE_DOMAIN')
self._login = self.oid.loginhandler(self.__login)
self._create_or_login = self.oid.after_login(self.__create_or_login)
if install:
self.install()
def _check_auth(self):
"""Returns True if authentication is valid."""
return ('openid' in session) if self.domain else True
def __login(self):
return self.oid.try_login('https://www.google.com/accounts/o8/site-xrds?hd=%s' % self.domain)
def _before_request(self):
g.user = None
def __create_or_login(self, resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
return redirect(self.oid.get_next_url())
def _logout(self):
session.pop('openid', None)
return redirect(self.oid.get_next_url())
def _get_blueprint(self, name):
return Blueprint(
name,
__name__,
static_folder=os.path.join(current_dir, 'static'),
template_folder=os.path.join(current_dir, 'templates'),
)
def _configure_routes(self):
self.blueprint.route('/login/', methods=['GET', 'POST'])(self._login)
self.blueprint.route('/logout/', methods=['GET', 'POST'])(self._logout)
def _register_blueprint(self, **kwargs):
self.app.register_blueprint(
self.blueprint,
url_prefix=self.url_prefix,
**kwargs
)
def install(self):
"""Installs the Blueprint into the app."""
self.app.before_request(self._before_request)
self._configure_routes()
self._register_blueprint()
def required(self, f):
"""Request decorator. Forces authentication."""
@wraps(f)
def decorated(*args, **kwargs):
auth = request.authorization
if not self._check_auth():
return redirect(url_for('%s.__login' % self.blueprint.name, next=request.url))
return f(*args, **kwargs)
return decorated
class GoogleAuth(object):
"""Google Federated Authentication manager.
If ``install==True`` (default), it is automatically installed into the
given Flask application.
"""
def __init__(self, app, install=True, prefix=None, name='GoogleAuth'):
self.app = app
self.app.config.setdefault('GOOGLE_DOMAIN', None)
self.oid = OpenID(self.app)
self.url_prefix = prefix
self.name = name
self.blueprint = self._get_blueprint(self.name)
self.domain = self.app.config.get('GOOGLE_DOMAIN')
self._login = self.oid.loginhandler(self.__login)
self._create_or_login = self.oid.after_login(self.__create_or_login)
if install:
self.install()
def _check_auth(self):
"""Returns True if authentication is valid."""
return ('openid' in session) if self.domain else True
def __login(self):
return self.oid.try_login(
'https://www.google.com/accounts/o8/site-xrds?hd=%s' % self.domain)
def _before_request(self):
g.user = None
def __create_or_login(self, resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
return redirect(self.oid.get_next_url())
def _logout(self):
session.pop('openid', None)
return redirect(self.oid.get_next_url())
def _get_blueprint(self, name):
return Blueprint(
name,
__name__,
static_folder=os.path.join(current_dir, 'static'),
template_folder=os.path.join(current_dir, 'templates'),
)
def _configure_routes(self):
self.blueprint.route('/login/', methods=['GET', 'POST'])(self._login)
self.blueprint.route('/logout/', methods=['GET', 'POST'])(self._logout)
def _register_blueprint(self, **kwargs):
self.app.register_blueprint(self.blueprint,
url_prefix=self.url_prefix,
**kwargs)
def install(self):
"""Installs the Blueprint into the app."""
self.app.before_request(self._before_request)
self._configure_routes()
self._register_blueprint()
def required(self, f):
"""Request decorator. Forces authentication."""
@wraps(f)
def decorated(*args, **kwargs):
auth = request.authorization
if not self._check_auth():
return redirect(
url_for('%s.__login' % self.blueprint.name,
next=request.url))
return f(*args, **kwargs)
return decorated
