def decode(self, node, cstruct): if isinstance(cstruct, Account): return cstruct if isinstance(cstruct, basestring): return Account.by_login(cstruct) if isinstance(cstruct, dict): if cstruct.get('login'): return Account.by_login(cstruct.get('login')) return None
def decode(self, node, cstruct): if isinstance(cstruct, Account): return cstruct if isinstance(cstruct, int): return Account.by_id(cstruct) if isinstance(cstruct, dict): if cstruct.get('id'): return Account.by_id(cstruct.get('id')) return None
def check_auth(): api_key = request.headers.get('Authorization') \ or request.args.get('api_key') if session.get('id'): request.account = Account.by_id(session.get('id')) if request.account is None: del session['id'] raise Unauthorized() elif api_key is not None: request.account = Account.by_api_key(api_key) if request.account is None: raise Unauthorized() else: request.account = None
def update(id): account = object_or_404(Account.by_id(id)) authz.require(account.id==request.account.id) data = request_data() entity = accounts.save(data, account=account) db.session.commit() return jsonify(accounts.to_rest(account))
def check_auth(): api_key = request.headers.get('X-Grano-API-Key') \ or request.args.get('api_key') if session.get('id'): request.account = Account.by_id(session.get('id')) if request.account is None: del session['id'] raise Unauthorized() elif api_key is not None: request.account = Account.by_api_key(api_key) if request.account is None: raise Unauthorized() if arg_bool('api_key_cookie'): session['id'] = request.account.id else: request.account = None
def update(id): account = object_or_404(Account.by_id(id)) authz.require(account.id == request.account.id) data = request_data() account = accounts.save(data, account=account) db.session.commit() return jsonify(account)
def console_account(login='******'): account = Account.by_login(login) if account is None: account = save({ 'login': login, 'email': None, 'full_name': 'System Operations' }) return account
def basic_authentication(): """ Attempt HTTP basic authentication on a per-request basis. """ if "Authorization" in request.headers: authorization = request.headers.get("Authorization") authorization = authorization.split(" ", 1)[-1] name, password = authorization.decode("base64").split(":", 1) account = Account.by_name(name) if account is None or not account.validate_password(password) or not login_user(account): raise Unauthorized("Invalid username or password.")
def make_test_app(use_cookies=False): app.config['TESTING'] = True app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///:memory:' #import ipdb; ipdb.set_trace() from grano.model import Account db.create_all() client = app.test_client(use_cookies=use_cookies) app.test_user = Account.create(TEST_USER) db.session.commit() return client
def console_account(login='******'): """ Create the default system account. """ account = Account.by_login(login) if account is None: account = save({ 'login': login, 'email': None, 'full_name': 'System Operations' }) return account
def basic_authentication(): """ Attempt HTTP basic authentication on a per-request basis. """ if 'Authorization' in request.headers: authorization = request.headers.get('Authorization') authorization = authorization.split(' ', 1)[-1] name, password = authorization.decode('base64').split(':', 1) account = Account.by_name(name) if account is None \ or not account.validate_password(password) \ or not login_user(account): raise Unauthorized('Invalid username or password.')
def login_save(): """ Create an account based on the sign-up form. """ data = request_content(request) account = Account.by_name(data.get('name')) if not account \ or not account.validate_password(data.get('password')) \ or not login_user(account): return error_fill(login_form(), data, {'name': 'Invalid username or password!'}) flash("Welcome back, %s!" % account.display_name, 'success') return redirect(url_for('home.index'))
def register_save(): """ Create an account based on the sign-up form. """ require.account.create() data = request_content(request) context = ValidationContext() try: data = validate_account(dict(data.items()), context) account = Account.create(data) db.session.commit() flash("Welcome, %s!" % account.display_name, 'success') return redirect(url_for('home.index')) except Invalid as inv: return error_fill(register_form(), data, invalid_dict(inv))
def save(data, account=None): if account is None: account = Account() account.github_id = data.get('github_id') account.twitter_id = data.get('twitter_id') account.facebook_id = data.get('facebook_id') account.login = data.get('login') if data.get('full_name'): account.full_name = data.get('full_name') if data.get('email'): account.email = data.get('email') db.session.add(account) db.session.flush() return account
def facebook_authorized(resp): next_url = session.get('next_url', '/') if resp is None or not 'access_token' in resp: return redirect(next_url) session['facebook_token'] = (resp.get('access_token'), '') data = facebook.get('/me').data account = Account.by_facebook_id(data.get('id')) data_ = { 'full_name': data.get('name'), 'login': data.get('username'), 'email': data.get('email'), 'facebook_id': data.get('id') } account = accounts.save(data_, account=account) db.session.commit() session['id'] = account.id return redirect(next_url)
def facebook_authorized(resp): next_url = session.get('next_url', '/') if resp is None or 'access_token' not in resp: return redirect(next_url) session['facebook_token'] = (resp.get('access_token'), '') data = PROVIDERS.get('facebook').get('/me').data account = Account.by_facebook_id(data.get('id')) data_ = { 'full_name': data.get('name'), 'login': data.get('username'), 'email': data.get('email'), 'facebook_id': data.get('id') } account = accounts.save(data_, account=account) db.session.commit() session['id'] = account.id return redirect(next_url)
def twitter_authorized(resp): next_url = session.get('next_url', '/') if resp is None or 'oauth_token' not in resp: return redirect(next_url) session['twitter_token'] = (resp['oauth_token'], resp['oauth_token_secret']) provider = PROVIDERS.get('twitter') res = provider.get('users/show.json?user_id=%s' % resp.get('user_id')) account = Account.by_twitter_id(res.data.get('id')) data_ = { 'full_name': res.data.get('name'), 'login': res.data.get('screen_name'), 'twitter_id': res.data.get('id') } account = accounts.save(data_, account=account) db.session.commit() session['id'] = account.id return redirect(next_url)
def twitter_authorized(resp): next_url = session.get('next_url', '/') if resp is None or not 'oauth_token' in resp: return redirect(next_url) session['twitter_token'] = (resp['oauth_token'], resp['oauth_token_secret']) res = twitter.get('users/show.json?user_id=%s' % resp.get('user_id')) account = Account.by_twitter_id(res.data.get('id')) data_ = { 'full_name': res.data.get('name'), 'login': res.data.get('screen_name'), 'twitter_id': res.data.get('id') } account = accounts.save(data_, account=account) db.session.commit() session['id'] = account.id return redirect(next_url)
def save(data, account=None): if account is None: account = Account() account.github_id = data.get("github_id") account.twitter_id = data.get("twitter_id") account.facebook_id = data.get("facebook_id") account.login = data.get("login") if data.get("full_name"): account.full_name = data.get("full_name") if data.get("email"): account.email = data.get("email") db.session.add(account) db.session.flush() return account
def github_authorized(resp): next_url = session.get('next_url', '/') if resp is None or 'access_token' not in resp: return redirect(next_url) access_token = resp['access_token'] session['access_token'] = access_token, '' url = 'https://api.github.com/user?access_token=%s' res = requests.get(url % access_token, verify=False) data = res.json() account = Account.by_github_id(data.get('id')) data_ = { 'full_name': data.get('name'), 'login': data.get('login'), 'email': data.get('email'), 'github_id': data.get('id') } account = accounts.save(data_, account=account) db.session.commit() session['id'] = account.id return redirect(next_url)
def console_account(login="******"): """ Create the default system account. """ account = Account.by_login(login) if account is None: account = save({"login": login, "email": None, "full_name": "System Operations"}) return account
def view(id): account = object_or_404(Account.by_id(id)) return jsonify(account)
def _check(value): if context.account and context.account.name == value: return True if Account.by_name(value) is not None: return "This account name is already in use, please choose another." return True
def console_account(login='******'): account = Account.by_login(login) if account is None: account = save({'login': login, 'id': None, 'email': None}) return account
def load_account(name): return Account.by_name(name)
def view(id): account = object_or_404(Account.by_id(id)) return jsonify(accounts.to_rest(account))