def authorized(provider):
provider_instance = get_provider(provider)
if not provider_instance:
abort(404)
resp = provider_instance.authorized_response()
next = _get_next(request.args.get("state"))
_validate_next(next)
user = models.User.login(provider, resp)
session.create_session_token(user)
if user.is_new:
return redirect(url_for("auth.signup", next=next))
return redirect(next)
def authorized(provider):
provider_instance = get_provider(provider)
if not provider_instance:
abort(404)
resp = provider_instance.authorized_response()
next = _get_next(request.args.get("state"))
_validate_next(next)
user = models.User.login(provider, resp)
session.create_session_token(user)
if user.is_new:
return redirect(url_for("auth.signup", next=next))
return redirect(next)
def provider_login(provider):
"""Log in with the given provider."""
# The next_token doesn't only store the 'next' value, but it also acts as a CSRF token.
next = request.args.get("next") or "/"
next_token = _save_next(next)
provider_instance = get_provider(provider)
if not provider_instance:
abort(404)
# Twitter uses OAuth 1.0a, which doesn't support the 'state' parameter, so we include it in the callback url.
callback_state = None
if provider == "twitter":
callback_state = next_token
return provider_instance.authorize(callback=url_for("auth.authorized", _external=True, provider=provider, state=callback_state), state=next_token)
def provider_login(provider):
"""Log in with the given provider."""
# The next_token doesn't only store the 'next' value, but it also acts as a CSRF token.
next = request.args.get("next") or "/"
next_token = _save_next(next)
provider_instance = get_provider(provider)
if not provider_instance:
abort(404)
# Twitter uses OAuth 1.0a, which doesn't support the 'state' parameter, so we include it in the callback url.
callback_state = None
if provider == "twitter":
callback_state = next_token
return provider_instance.authorize(callback=url_for("auth.authorized",
_external=True,
provider=provider,
state=callback_state),
state=next_token)
