def link_account():
data = verify_jwt(request.args.get("token", ""))
form = BlankForm()
uid = data["uid"]
pid = data["pid"]
email = data["email"]
provider = data["provider"]
if form.validate_on_submit():
if provider == "Google":
GoogleLinks.add(uid=uid, gid=pid)
elif provider == "GitHub":
GithubLinks.add(uid=uid, gid=pid)
db_commit()
set_user(Users.query.filter_by(id=uid).first())
flash("Your account is now connected. Welcome back!",
category="SUCCESS")
return redirect("/", code=303)
# TODO GitHub
flash_form_errors(form)
return render_template("account/link-account.html",
uid=uid,
provider=provider,
email=email,
form=form)
def get_email_from_token():
try:
return verify_jwt(request.args.get("token", ""))["email"]
except ExpiredJWT:
flash(ERROR_MESSAGES["creation_token_expired"], category="ERROR")
raise RedirectError(redirect("/signup/", code=303))
except InvalidJWT:
flash(ERROR_MESSAGES["creation_token_invalid"], category="ERROR")
raise RedirectError(redirect("/signup/", code=303))
def test_interaction():
# Ensure that the JWT created by _jwt is equivalent to the one created by jwt
tkn1 = jwt.make_jwt(testing_payload)
tkn2 = _jwt.make_jwt(testing_payload, app.secret_key)
assert tkn1 == tkn2
# Make sure that all payloads are equivalent
payload1 = jwt.verify_jwt(tkn1)
payload2 = _jwt.verify_jwt(tkn2, app.secret_key)
assert payload1 == payload2
def oauth_create_account():
if user:
return redirect(get_next_page(), code=303)
try:
data = verify_jwt(request.args.get("token", ""))
except (InvalidJWT, ExpiredJWT):
return error_page(
code=400,
message="Invalid token in request. Please contact us.",
errorname="Bad Request")
form = OAuthCreateAccountForm()
if form.email.data is None and "email" in data:
form.email.data = data["email"]
if form.username.data is None and "username" in data:
form.username.data = data["username"]
if form.real_name.data is None and "real_name" in data:
form.real_name.data = data["real_name"]
if form.validate_on_submit():
new_user = create_blank_account(form.email.data, form.username.data,
form.real_name.data,
form.subscribed.data)
if data["provider"] == "Google":
GoogleLinks.add(uid=new_user.id, gid=data["pid"])
elif data["provider"] == "GitHub":
GithubLinks.add(uid=new_user.id, gid=data["pid"])
db_commit()
set_user(new_user)
flash("Welcome!", category="SUCCESS")
return redirect(get_next_page(), code=303)
flash_form_errors(form)
form.legal_agreement.checked = False
return render_template("account/oauth-create-account.html",
active="Sign Up",
form=form,
next_page=get_next_page(),
provider=data["provider"])
def direct_login():
if user:
return redirect(get_next_page(), code=303)
try:
data = verify_jwt(request.args.get("token", ""))
except ExpiredJWT:
flash("The password reset token has expired!", category="ERROR")
return redirect("/reset-password/", code=303)
except InvalidJWT:
flash("The token provided is invalid!", category="ERROR")
return redirect("/reset-password/", code=303)
set_user(Users.query.filter_by(email=data["email"]).first())
return redirect(get_next_page(), code=303)
def authorize_google():
if user:
next_url = request.args.get("next")
if next_url is None:
try:
if 'state' in session:
state = session['state']
else:
state = request.args.get("state", "")
data = verify_jwt(state)
next_url = data.get("next", "/")
except (InvalidJWT, ExpiredJWT):
next_url = "/"
return redirect(next_url, code=303)
if 'state' not in session:
return error_page(
400,
message=
"No state was provided! Please return to /login to retrieve a valid state."
)
state = request.args.get('state', '')
sess_state = session.get('state')
del session['state']
if state != sess_state:
return error_page(
400,
message=
"The provided state is invalid! Please return to /login to retrieve a new state."
)
try:
next_url = verify_jwt(sess_state).get("next", "/")
except (InvalidJWT, ExpiredJWT):
return error_page(
400,
message=
"The provided state is invalid! Please return to /login to retrieve a new state."
)
code = request.args.get('code', '')
userinfo = google_oauth_client.get_userinfo(code)
gid = str(userinfo.id)
email = userinfo.raw["email"]
link = GoogleLinks.query.filter_by(gid=gid).first()
if link is None:
link_user = Users.query.filter_by(email=email).first()
if link_user is not None:
link_token = make_jwt({
"provider": "Google",
"pid": gid,
"email": email,
"uid": link_user.id
})
return render_template("account/link-accounts.html",
provider="Google",
matches=[(email, link_user, link_token)],
no_signup=True,
pid=gid)
else:
connect_token = make_jwt({
"provider": "Google",
"pid": gid,
"email": email,
"real_name": userinfo.raw["name"]
})
return redirect("/oauth-create-account/?next=%s&token=%s" %
(next_url, connect_token))
else:
set_user(Users.query.filter_by(id=link.uid).first_or_404())
flash("Welcome back!", category="SUCCESS")
return redirect(next_url, code=303)