def test_redirect(self): """Tests whether on redirection the user is being redirected to the proper authentication url of Google""" with app.test_request_context(): google = get_google_auth() auth_url = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')[0] self.assertTrue(OAuth.get_auth_uri() in auth_url)
def get_google_auth(state=None, token=None): if token: return OAuth2Session(OAuth.get_client_id(), token=token) if state: return OAuth2Session(OAuth.get_client_id(), state=state, scope=OAuth.SCOPE, redirect_uri=OAuth.get_redirect_uri()) oauth = OAuth2Session(OAuth.get_client_id(), scope=OAuth.SCOPE, redirect_uri=OAuth.get_redirect_uri()) return oauth
def callback(): if login.current_user is not None and login.current_user.is_authenticated: return redirect(url_for('admin.index')) elif 'error' in request.args: if request.args.get('error') == 'access denied': login.logout_user() flash("You denied access during login.") return redirect(url_for('admin.login_view')) login.logout_user() flash("OAuth Authorization error. Please try again later.") return redirect(url_for('admin.login_view')) elif 'code' not in request.args and 'state' not in request.args: login.logout_user() return redirect(url_for('admin.login_view')) else: google = get_google_auth() state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')[1] google = get_google_auth(state=state) code_url = None if 'code' in request.args: code_url = request.args.get('code') try: token = google.fetch_token(OAuth.get_token_uri(), authorization_url=request.url, code=code_url, client_secret=OAuth.get_client_secret()) except HTTPError: flash("OAuth Authorization error. Please try again later.") return redirect(url_for('admin.login_view')) google = get_google_auth(token=token) resp = google.get(OAuth.get_user_info()) if resp.status_code == 200: user_data = resp.json() email = user_data['email'] user = DataGetter.get_user_by_email(email, no_flash=True) user = create_user_oauth(user, user_data, token=token, method='Google') if user.password is None: s = get_serializer() email = s.dumps(user.email) return redirect( url_for('admin.create_password_after_oauth_login', email=email)) else: login.login_user(user) user_logged_in(user) return redirect(intended_url()) login.logout_user() flash("OAuth Authorization error. Please try again later.") return redirect(url_for('admin.login_view'))
def login_view(self): if request.method == 'GET': google = get_google_auth() auth_url, state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline') session['oauth_state'] = state # Add Facebook Oauth 2.0 login facebook = get_facebook_auth() fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline') session['fb_oauth_state'] = state return self.render('/gentelella/admin/login/login.html', auth_url=auth_url, fb_auth_url=fb_auth_url) if request.method == 'POST': email = request.form['email'] user = DataGetter.get_user_by_email(email) if user is None: logging.info('No such user') return redirect(url_for('admin.login_view')) if user.password != generate_password_hash(request.form['password'], user.salt): logging.info('Password Incorrect') flash('Incorrect Password', 'danger') return redirect(url_for('admin.login_view')) login.login_user(user) record_user_login_logout('user_login', user) logging.info('logged successfully') user_logged_in(user) return redirect(intended_url())
def login_view(self): if request.method == 'GET': google = get_google_auth() auth_url, state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline') session['oauth_state'] = state # Add Facebook Oauth 2.0 login facebook = get_facebook_auth() fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline') session['fb_oauth_state'] = state return self.render('/gentelella/admin/login/login.html', auth_url=auth_url, fb_auth_url=fb_auth_url) if request.method == 'POST': email = request.form['email'] user = DataGetter.get_user_by_email(email) if user is None: logging.info('No such user') return redirect(url_for('admin.login_view')) if user.password != generate_password_hash(request.form['password'], user.salt): logging.info('Password Incorrect') flash('Incorrect Password', 'danger') return redirect(url_for('admin.login_view')) login.login_user(user) record_user_login_logout('user_login', user) # Store user_id in session for socketio use session['user_id'] = login.current_user.id logging.info('logged successfully') user_logged_in(user) return redirect(intended_url())
def callback(): if login.current_user is not None and login.current_user.is_authenticated: return redirect(url_for('admin.index')) elif 'error' in request.args: if request.args.get('error') == 'access denied': return 'You denied access' return 'Error encountered' elif 'code' not in request.args and 'state' not in request.args: return redirect(url_for('admin.login_view')) else: google = get_google_auth() state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')[1] google = get_google_auth(state=state) new_code = None if 'code' in request.url: code_url = (((request.url.split('&'))[1]).split('='))[1] new_code = (code_url.split('%2F'))[0] + '/' + ( code_url.split('%2F'))[1] try: token = google.fetch_token(OAuth.get_token_uri(), authorization_url=request.url, code=new_code, client_secret=OAuth.get_client_secret()) except HTTPError: return 'HTTP Error occurred' google = get_google_auth(token=token) resp = google.get(OAuth.get_user_info()) if resp.status_code == 200: user_data = resp.json() email = user_data['email'] user = DataGetter.get_user_by_email(email, no_flash=True) user = create_user_oauth(user, user_data, token=token, method='Google') if user.password is None: s = get_serializer() email = s.dumps(user.email) return redirect( url_for('admin.create_password_after_oauth_login', email=email)) else: login.login_user(user) user_logged_in(user) return redirect(intended_url()) return 'did not find user info'
def callback(): if login.current_user is not None and login.current_user.is_authenticated: return redirect(url_for('admin.index')) elif 'error' in request.args: if request.args.get('error') == 'access denied': login.logout_user() flash("You denied access during login.") return redirect(url_for('admin.login_view')) login.logout_user() flash("OAuth Authorization error. Please try again later.") return redirect(url_for('admin.login_view')) elif 'code' not in request.args and 'state' not in request.args: login.logout_user() return redirect(url_for('admin.login_view')) else: google = get_google_auth() state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')[1] google = get_google_auth(state=state) code_url = None if 'code' in request.args: code_url = request.args.get('code') try: token = google.fetch_token(OAuth.get_token_uri(), authorization_url=request.url, code=code_url, client_secret=OAuth.get_client_secret()) except HTTPError: flash("OAuth Authorization error. Please try again later.") return redirect(url_for('admin.login_view')) google = get_google_auth(token=token) resp = google.get(OAuth.get_user_info()) if resp.status_code == 200: user_data = resp.json() email = user_data['email'] user = DataGetter.get_user_by_email(email, no_flash=True) user = create_user_oauth(user, user_data, token=token, method='Google') if user.password is None: s = get_serializer() email = s.dumps(user.email) return redirect(url_for('admin.create_password_after_oauth_login', email=email)) else: login.login_user(user) user_logged_in(user) return redirect(intended_url()) login.logout_user() flash("OAuth Authorization error. Please try again later.") return redirect(url_for('admin.login_view'))
def callback(): if login.current_user is not None and login.current_user.is_authenticated: return redirect(url_for('admin.index')) elif 'error' in request.args: if request.args.get('error') == 'access denied': return 'You denied access' return 'Error encountered' elif 'code' not in request.args and 'state' not in request.args: return redirect(url_for('admin.login_view')) else: google = get_google_auth() state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')[1] google = get_google_auth(state=state) if 'code' in request.url: code_url = (((request.url.split('&'))[1]).split('='))[1] new_code = (code_url.split('%2F'))[0] + '/' + (code_url.split('%2F'))[1] try: token = google.fetch_token(OAuth.get_token_uri(), authorization_url=request.url, code=new_code, client_secret=OAuth.get_client_secret()) except HTTPError: return 'HTTP Error occurred' google = get_google_auth(token=token) resp = google.get(OAuth.get_user_info()) if resp.status_code == 200: user_data = resp.json() email = user_data['email'] user = DataGetter.get_user_by_email(email, no_flash=True) user = create_user_oauth(user, user_data, token=token, method='Google') if user.password is None: s = get_serializer() email = s.dumps(user.email) return redirect(url_for('admin.create_password_after_oauth_login', email=email)) else: login.login_user(user) user_logged_in(user) return redirect(intended_url()) return 'did not find user info'
def google_connect(): google = get_google_auth() gp_auth_url, __ = google.authorization_url(OAuth.get_auth_uri(), access_type='offline') return redirect(gp_auth_url)