def post(self):
"""Creates new user account if provided valid arguments"""
parser = reqparse.RequestParser()
parser.add_argument('email', type=UserValidator.create('unique_email'), required=True)
parser.add_argument('username', type=UserValidator.create('unique_username'))
parser.add_argument('password', type=UserValidator.create('password'))
parser.add_argument('remember', type=inputs.boolean, default=False)
args = parser.parse_args()
user_db = auth.create_user_db(
auth_id=None,
name='',
username=args.username,
email=args.email,
verified=True if not config.CONFIG_DB.verify_email else False,
password=args.password
)
user_db.put()
if config.CONFIG_DB.verify_email:
task.verify_user_email_notification(user_db)
return make_empty_ok_response()
# if users don't need to verify email, we automaticaly signin newly registered user
auth.signin_user_db(user_db, remember=args.remember)
return user_db.to_dict(include=User.get_private_properties())
def post(self):
"""Creates new user account if provided valid arguments"""
parser = reqparse.RequestParser()
parser.add_argument('email', type=UserValidator.create('unique_email'), required=True)
parser.add_argument('username', type=UserValidator.create('unique_username'))
parser.add_argument('password', type=UserValidator.create('password'))
parser.add_argument('remember', type=inputs.boolean, default=False)
args = parser.parse_args()
user_db = auth.create_user_db(
auth_id=None,
name='',
username=args.username,
email=args.email,
verified=True if not config.CONFIG_DB.verify_email else False,
password=args.password
)
user_db.put()
if config.CONFIG_DB.verify_email:
task.verify_user_email_notification(user_db)
return make_empty_ok_response()
# if users don't need to verify email, we automaticaly signin newly registered user
auth.signin_user_db(user_db, remember=args.remember)
return user_db.to_dict(include=User.get_private_properties())
def post(self):
"""Signs in existing user. Note, g.user_db is set inside parse_signin decorator"""
if g.user_db and g.user_db.verified and g.user_db.active:
auth.signin_user_db(g.user_db, remember=g.args.remember)
if g.user_db is None:
make_bad_request_exception('Seems like these credentials are invalid')
return g.user_db.to_dict(include=User.get_private_properties())
def post(self):
"""Signs in existing user. Note, g.user_db is set inside parse_signin decorator"""
if g.user_db and g.user_db.verified and g.user_db.active:
auth.signin_user_db(g.user_db, remember=g.args.remember)
if g.user_db is None:
make_bad_request_exception('Seems like these credentials are invalid')
return g.user_db.to_dict(include=User.get_private_properties())
def post(self):
"""Creates new user account if provided valid arguments"""
parser = reqparse.RequestParser()
parser.add_argument('first_name',
type=UserValidator.create('name'),
required=True)
parser.add_argument('last_name',
type=UserValidator.create('name'),
required=True)
parser.add_argument('email',
type=UserValidator.create('unique_email'),
required=True)
parser.add_argument('password',
type=UserValidator.create('password'),
required=True)
parser.add_argument('terms',
type=bool,
required=True,
help='Must agree to all terms and conditions')
args = parser.parse_args()
if not args.terms:
return ApiException.error(107)
count = 0
username = util.create_username_from_email(args.email)
while (True): # get a unique username
if User.is_username_available(username):
break
username += str(count)
count += 1
user_db = auth.create_user_db(
auth_id=None,
username=util.create_username_from_email(args.email),
email=args.email,
verified=True if not config.CONFIG_DB.verify_email else False,
password=args.password,
avatar_url=User.get_gravatar_url(args.email),
roles=[User.Roles.MEMBER],
first_name=args.first_name,
last_name=args.last_name,
)
user_db.put()
Profile.get_or_create(user_db)
if config.CONFIG_DB.verify_email:
task.verify_user_email_notification(user_db)
# sign in user
auth.signin_user_db(user_db, remember=True)
return user_db.to_dict(include=User.get_private_properties())
def post(self):
username = util.param('username') or util.param('email')
password = util.param('password')
if not username or not password:
return flask.abort(400)
if username.find('@') > 0:
user_db = model.User.get_by('email', username.lower())
else:
user_db = model.User.get_by('username', username.lower())
if user_db and user_db.password_hash == util.password_hash(user_db, password):
auth.signin_user_db(user_db)
return helpers.make_response(user_db, model.User.FIELDS)
return flask.abort(401)
def user_activate(token):
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash(u'Холбоос буруу эсвэл хугацаа нь дууссан байна.',
category='danger')
return flask.redirect(flask.url_for('welcome'))
form = UserActivateForm(obj=user_db)
if form.validate_on_submit():
form.populate_obj(user_db)
user_db.password_hash = util.password_hash(user_db, form.password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_activate.html',
title=u'Дансаа идэвхижүүлэх',
html_class='user-activate',
user_db=user_db,
form=form,
)
def user_reset(token=None):
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash(u'Холбоос буруу эсвэл хугацаа нь дууссан байна.',
category='danger')
return flask.redirect(flask.url_for('welcome'))
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
form = UserResetForm()
if form.validate_on_submit():
user_db.password_hash = util.password_hash(user_db,
form.new_password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
flask.flash(u'Таны нууц үг амжилттай солигдлоо.', category='success')
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_reset.html',
title=u'Нууц үгээ солих',
html_class='user-reset',
form=form,
user_db=user_db,
)
def post(self):
"""Signs in existing user. Note, g.user_db is set inside parse_signin decorator"""
if not g.user_db:
return ApiException.error(106) # Invalid credentials
# if not g.user_db.verified:
# return ApiException.error(105) # Email not verified
if not g.user_db.active == 1: # something other than active
return ApiException.error(
100 +
g.user_db.active) # shows error (add 100 to this property)
# everything is good; signin
auth.signin_user_db(g.user_db, remember=g.args.remember)
return g.user_db.to_dict(include=User.get_private_properties())
def post(self):
"""Sets new password given by user if he provided valid token
Notice ndb.toplevel decorator here, so we can perform asynchronous put
and signing in in parallel
"""
parser = reqparse.RequestParser()
parser.add_argument('token', type=UserValidator.create('token'))
parser.add_argument('newPassword', type=UserValidator.create('password'), dest='new_password')
args = parser.parse_args()
user_db = User.get_by('token', args.token)
user_db.password_hash = util.password_hash(args.new_password)
user_db.token = util.uuid()
user_db.verified = True
user_db.put_async()
auth.signin_user_db(user_db)
return user_db.to_dict(include=User.get_private_properties())
def post(self):
username = util.param('username') or util.param('email')
password = util.param('password')
if not username or not password:
return flask.abort(400)
if username.find('@') > 0:
user_db = model.User.get_by('email', username.lower())
else:
user_db = model.User.get_by('username', username.lower())
if user_db and user_db.password_hash == util.password_hash(
user_db, password):
auth.signin_user_db(user_db)
return helpers.make_response(user_db, model.User.FIELDS)
return flask.abort(401)
def post(self):
"""Sets new password given by user if he provided valid token
Notice ndb.toplevel decorator here, so we can perform asynchronous put
and signing in in parallel
"""
parser = reqparse.RequestParser()
parser.add_argument('token', type=UserValidator.create('token'))
parser.add_argument('newPassword', type=UserValidator.create('password'), dest='new_password')
args = parser.parse_args()
user_db = User.get_by('token', args.token)
user_db.password_hash = util.password_hash(args.new_password)
user_db.token = util.uuid()
user_db.verified = True
user_db.put_async()
auth.signin_user_db(user_db)
return user_db.to_dict(include=User.get_private_properties())
def user_reset(token=None):
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash(__('That link is either invalid or expired.'), category='danger')
return flask.redirect(flask.url_for('welcome'))
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
form = UserResetForm()
if form.validate_on_submit():
user_db.password_hash = util.password_hash(user_db, form.new_password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
flask.flash(__('Your password was changed succesfully.'), category='success')
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_reset.html',
title='Reset Password',
html_class='user-reset',
form=form,
user_db=user_db,
)
def user_activate(token):
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash(__('That link is either invalid or expired.'), category='danger')
return flask.redirect(flask.url_for('welcome'))
form = UserActivateForm(obj=user_db)
if form.validate_on_submit():
form.populate_obj(user_db)
user_db.password_hash = util.password_hash(user_db, form.password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_activate.html',
title='Activate Account',
html_class='user-activate',
user_db=user_db,
form=form,
)
def user_reset(token=None):
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash('That link is either invalid or expired.',
category='danger')
return flask.redirect(flask.url_for('welcome'))
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
form = UserResetForm()
if form.validate_on_submit():
user_db.password_hash = util.password_hash(user_db,
form.new_password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
flask.flash('Your password was changed succesfully.',
category='success')
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_reset.html',
title='Reset Password',
html_class='user-reset',
form=form,
user_db=user_db,
)
def user_activate(token):
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash('That link is either invalid or expired.',
category='danger')
return flask.redirect(flask.url_for('welcome'))
form = UserActivateForm(obj=user_db)
if form.validate_on_submit():
form.populate_obj(user_db)
user_db.password_hash = util.password_hash(user_db, form.password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_activate.html',
title='Activate Account',
html_class='user-activate',
user_db=user_db,
form=form,
)
def github_authorized():
id_token = github.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
me = github.get('user')
user_db = retrieve_user_from_github(me.json())
return auth.signin_user_db(user_db)
def gae_authorized():
gae_user = users.get_current_user()
if gae_user is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
user_db = retrieve_user_from_gae(gae_user)
return auth.signin_user_db(user_db)
def microsoft_authorized():
id_token = microsoft.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
me = microsoft.get('me')
user_db = retrieve_user_from_microsoft(me.json())
return auth.signin_user_db(user_db)
def gae_authorized():
gae_user = users.get_current_user()
if gae_user is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
user_db = retrieve_user_from_gae(gae_user)
return auth.signin_user_db(user_db)
def instagram_authorized():
response = instagram.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
user_db = retrieve_user_from_instagram(response['user'])
return auth.signin_user_db(user_db)
def linkedin_authorized():
id_token = linkedin.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
me = linkedin.get('people/~:(id,first-name,last-name,email-address)')
user_db = retrieve_user_from_linkedin(me.json())
return auth.signin_user_db(user_db)
def user_verify(token):
"""Verifies user's email by token provided in url"""
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = model.User.get_by('token', token)
if user_db and not user_db.verified:
# setting new token is necessary, so this one can't be reused
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
auth.signin_user_db(user_db)
flask.flash('Welcome on board %s!' % user_db.username)
else:
flask.flash('Sorry, activation link is either invalid or expired.')
return flask.redirect(flask.url_for('index'))
def instagram_authorized():
response = instagram.authorized_response()
if response is None:
flask.flash("You denied the request to sign in.")
return flask.redirect(util.get_next_url())
flask.session["oauth_token"] = (response["access_token"], "")
user_db = retrieve_user_from_instagram(response["user"])
return auth.signin_user_db(user_db)
def twitter_authorized():
id_token = twitter.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
response = twitter.get('account/verify_credentials.json')
user_db = retrieve_user_from_twitter(response.json())
return auth.signin_user_db(user_db)
def github_authorized():
response = github.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = github.get('user')
user_db = retrieve_user_from_github(me.data)
return auth.signin_user_db(user_db)
def user_verify(token):
"""Verifies user's email by token provided in url"""
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = model.User.get_by('token', token)
if user_db and not user_db.verified:
# setting new token is necessary, so this one can't be reused
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
auth.signin_user_db(user_db)
flask.flash('Welcome on board %s!' % user_db.username)
else:
flask.flash('Sorry, activation link is either invalid or expired.')
return flask.redirect(flask.url_for('index'))
def facebook_authorized():
id_token = facebook.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
me = facebook.get('/me?fields=id,name,email')
user_db = retrieve_user_from_facebook(me.json())
return auth.signin_user_db(user_db)
def github_authorized():
response = github.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = github.get('user')
user_db = retrieve_user_from_github(me.data)
return auth.signin_user_db(user_db)
def dropbox_authorized():
response = dropbox.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = dropbox.get('account/info')
user_db = retrieve_user_from_dropbox(me.data)
return auth.signin_user_db(user_db)
def twitter_authorized():
response = twitter.authorized_response()
if response is None:
flask.flash("You denied the request to sign in.")
return flask.redirect(util.get_next_url())
flask.session["oauth_token"] = (response["oauth_token"], response["oauth_token_secret"])
user_db = retrieve_user_from_twitter(response)
return auth.signin_user_db(user_db)
def dropbox_authorized():
response = dropbox.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = dropbox.get('account/info')
user_db = retrieve_user_from_dropbox(me.data)
return auth.signin_user_db(user_db)
def instagram_authorized():
response = instagram.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
user_db = retrieve_user_from_instagram(response['user'])
return auth.signin_user_db(user_db)
def bitbucket_authorized():
response = bitbucket.authorized_response()
if response is None:
flask.flash("You denied the request to sign in.")
return flask.redirect(util.get_next_url())
flask.session["oauth_token"] = (response["access_token"], "")
me = bitbucket.get("user")
user_db = retrieve_user_from_bitbucket(me.data)
return auth.signin_user_db(user_db)
def linkedin_authorized():
response = linkedin.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['access_token'] = (response['access_token'], '')
me = linkedin.get('people/~:(id,first-name,last-name,email-address)')
user_db = retrieve_user_from_linkedin(me.data)
return auth.signin_user_db(user_db)
def post(self):
args = parser.parse({
'username': wf.Str(missing=None),
'email': wf.Str(missing=None),
'password': wf.Str(missing=None),
})
handler = args['username'] or args['email']
password = args['password']
if not handler or not password:
return flask.abort(400)
user_db = model.User.get_by('email' if '@' in handler else 'username',
handler.lower())
if user_db and user_db.password_hash == util.password_hash(
user_db, password):
auth.signin_user_db(user_db)
return helpers.make_response(user_db, model.User.FIELDS)
return flask.abort(401)
def reddit_authorized():
response = reddit.authorized_response()
if response is None or flask.request.args.get('error'):
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = reddit.request('me')
user_db = retrieve_user_from_reddit(me.data)
return auth.signin_user_db(user_db)
def post(self):
args = parser.parse({
'username': wf.Str(missing=None),
'email': wf.Str(missing=None),
'password': wf.Str(missing=None),
})
handler = args['username'] or args['email']
password = args['password']
if not handler or not password:
return flask.abort(400)
user_db = model.User.get_by(
'email' if '@' in handler else 'username', handler.lower()
)
if user_db and user_db.password_hash == util.password_hash(user_db, password):
auth.signin_user_db(user_db)
return helpers.make_response(user_db, model.User.FIELDS)
return flask.abort(401)
def facebook_authorized():
response = facebook.authorized_response()
if response is None:
flask.flash(__('You denied the request to sign in.'))
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = facebook.get('/me?fields=name,email')
user_db = retrieve_user_from_facebook(me.data)
return auth.signin_user_db(user_db)
def reddit_authorized():
response = reddit.authorized_response()
if response is None or flask.request.args.get('error'):
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = reddit.request('me')
user_db = retrieve_user_from_reddit(me.data)
return auth.signin_user_db(user_db)
def reddit_authorized():
response = reddit.authorized_response()
if response is None or flask.request.args.get("error"):
flask.flash("You denied the request to sign in.")
return flask.redirect(util.get_next_url())
flask.session["oauth_token"] = (response["access_token"], "")
me = reddit.request("me")
user_db = retrieve_user_from_reddit(me.data)
return auth.signin_user_db(user_db)
def facebook_authorized():
response = facebook.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = facebook.get('/me?fields=name,email')
user_db = retrieve_user_from_facebook(me.data)
return auth.signin_user_db(user_db)
def linkedin_authorized():
response = linkedin.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['access_token'] = (response['access_token'], '')
me = linkedin.get('people/~:(id,first-name,last-name,email-address)')
user_db = retrieve_user_from_linkedin(me.data)
return auth.signin_user_db(user_db)
def google_authorized():
response = google.authorized_response()
if response is None:
flask.flash(__('You denied the request to sign in.'))
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = google.get('me', data={'access_token': response['access_token']})
user_db = retrieve_user_from_google(me.data)
return auth.signin_user_db(user_db)
def yahoo_authorized():
response = yahoo.authorized_response()
if response is None or flask.request.args.get('error'):
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
yahoo_guid = response['xoauth_yahoo_guid']
me = yahoo.get('%s/profile' % yahoo_guid, data={'format': 'json'})
user_db = retrieve_user_from_yahoo(me.data['profile'])
return auth.signin_user_db(user_db)
def microsoft_authorized():
response = microsoft.authorized_response()
if response is None:
flask.flash("You denied the request to sign in.")
return flask.redirect(util.get_next_url())
flask.session["oauth_token"] = (response["access_token"], "")
me = microsoft.get("me")
if me.data.get("error", {}):
return "Unknown error: error:%s error_description:%s" % (me["error"]["code"], me["error"]["message"])
user_db = retrieve_user_from_microsoft(me.data)
return auth.signin_user_db(user_db)
def yahoo_authorized():
response = yahoo.authorized_response()
if response is None or flask.request.args.get('error'):
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
yahoo_guid = response['xoauth_yahoo_guid']
me = yahoo.get('%s/profile' % yahoo_guid, data={'format': 'json'})
user_db = retrieve_user_from_yahoo(me.data['profile'])
return auth.signin_user_db(user_db)
def linkedin_authorized():
err = flask.request.args.get('error')
if err in ['user_cancelled_login', 'user_cancelled_authorize']:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
id_token = linkedin.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
me = linkedin.get('me?projection=(id,firstName,lastName)')
user_db = retrieve_user_from_linkedin(me.json())
return auth.signin_user_db(user_db)
def bitbucket_authorized():
err = flask.request.args.get('error')
if err in ['access_denied']:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
id_token = bitbucket.authorize_access_token()
if id_token is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
me = bitbucket.get('user')
user_db = retrieve_user_from_bitbucket(me.json())
return auth.signin_user_db(user_db)
def twitter_authorized():
response = twitter.authorized_response()
if response is None:
flask.flash(__('You denied the request to sign in.'))
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (
response['oauth_token'],
response['oauth_token_secret'],
)
user_db = retrieve_user_from_twitter(response)
return auth.signin_user_db(user_db)
def bitbucket_authorized():
response = bitbucket.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (
response['oauth_token'],
response['oauth_token_secret'],
)
me = bitbucket.get('user')
user_db = retrieve_user_from_bitbucket(me.data['user'])
return auth.signin_user_db(user_db)
def bitbucket_authorized():
response = bitbucket.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (
response['oauth_token'],
response['oauth_token_secret'],
)
me = bitbucket.get('user')
user_db = retrieve_user_from_bitbucket(me.data['user'])
return auth.signin_user_db(user_db)
def microsoft_authorized():
response = microsoft.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (response['access_token'], '')
me = microsoft.get('me')
if me.data.get('error', {}):
return 'Unknown error: error:%s error_description:%s' % (
me['error']['code'],
me['error']['message'],
)
user_db = retrieve_user_from_microsoft(me.data)
return auth.signin_user_db(user_db)
def azure_ad_authorized():
response = azure_ad.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url)
id_token = response['id_token']
flask.session['oauth_token'] = (id_token, '')
try:
decoded_id_token = jwt.decode(id_token, verify=False)
except (jwt.DecodeError, jwt.ExpiredSignature):
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url)
user_db = retrieve_user_from_azure_ad(decoded_id_token)
return auth.signin_user_db(user_db)
def vk_authorized():
response = vk.authorized_response()
if response is None:
flask.flash(u'You denied the request to sign in.')
return flask.redirect(util.get_next_url())
access_token = response['access_token']
flask.session['oauth_token'] = (access_token, '')
me = vk.get(
'/method/users.get',
data={
'access_token': access_token,
'format': 'json',
},
)
user_db = retrieve_user_from_vk(me.data['response'][0])
return auth.signin_user_db(user_db)
def mailru_authorized():
response = mailru.authorized_response()
if response is None:
flask.flash(u'You denied the request to sign in.')
return flask.redirect(util.get_next_url())
access_token = response['access_token']
flask.session['oauth_token'] = (access_token, '')
data = {
'method': 'users.getInfo',
'app_id': mailru.consumer_key,
'session_key': access_token,
'secure': '1',
}
data['sig'] = mailru_sig(data)
me = mailru.get('/platform/api', data=data)
user_db = retrieve_user_from_mailru(me.data[0])
return auth.signin_user_db(user_db)
def user_activate(token):
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = models.User.get_by("token", token)
if not user_db:
flask.flash("That link is either invalid or expired.", category="danger")
return flask.redirect(flask.url_for("welcome"))
form = forms.UserActivateForm(obj=user_db)
if form.validate_on_submit():
form.populate_obj(user_db)
user_db.password_hash = util.password_hash(user_db, form.password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
return auth.signin_user_db(user_db)
return flask.render_template(
"user/user_activate.html", title="Activate Account", html_class="user-activate", user_db=user_db, form=form
)
def yahoo_authorized():
response = yahoo.authorized_response()
if response is None:
flask.flash('You denied the request to sign in.')
return flask.redirect(util.get_next_url())
flask.session['oauth_token'] = (
response['oauth_token'],
response['oauth_token_secret'],
)
fields = 'guid, emails, familyName, givenName, nickname'
me = yahoo.get(
'/v1/yql',
data={
'format': 'json',
'q': 'select %s from social.profile where guid = me;' % fields,
'realm': 'yahooapis.com',
},
)
user_db = retrieve_user_from_yahoo(me.data['query']['results']['profile'])
return auth.signin_user_db(user_db)
def user_reset(token=None):
user_db = models.User.get_by("token", token)
if not user_db:
flask.flash("That link is either invalid or expired.", category="danger")
return flask.redirect(flask.url_for("welcome"))
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
form = forms.UserResetForm()
if form.validate_on_submit():
user_db.password_hash = util.password_hash(user_db, form.new_password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
flask.flash("Your password was changed succesfully.", category="success")
return auth.signin_user_db(user_db)
return flask.render_template(
"user/user_reset.html", title="Reset Password", html_class="user-reset", form=form, user_db=user_db
)
