Example #1
0
 def clear_oidc_data(self, state):
     oidc_data_cookie = self.oidc_data_cookie(state)
     response.delete_cookie(oidc_data_cookie,
                            path='/',
                            httponly=True,
                            samesite='lax',
                            secure=False if self.testing_mode else True)
Example #2
0
    def wrapper(*args, **kw):
        users = readUsers()
        cookie_session = request.get_cookie('session')
        guest_session_id = request.get_cookie("guest")
        guest_session = Session.getGuest(guest_session_id)
        private = Session.getGuest_key(guest_session_id, 'privateKey')
        user = None if guest_session is None or 'user' not in guest_session else guest_session['user']

        user_ans = session_ans = de_session = session_id = None
        try:
            if user and cookie_session and private:
                de_session = json.loads(deAES(users[user], cookie_session))
                # 第一层验证 cookie解密
                if user in users and de_session['user'] == user:
                    # 第二层验证 session
                    session_id = de_session['session_id']
                    session = Session.get(user, session_id)
                    # session 时间戳不活跃过期机制
                    if float(de_session['time']) + session_timeout > time.time() and \
                            session and session['user'] == user:
                        user_ans = user
                        session_ans = session

        except Exception:
            response.delete_cookie('guest')
            response.delete_cookie('session')
        temp = func(user=user_ans, session=session_ans, *args, **kw)
        if user_ans:
            de_session['time'] = time.time()
            de_session['session_id'] = Session.update(user, session_id, session_ans)
            encrypted = enAES(users[user], json.dumps(de_session))
            response.set_cookie("session", encrypted, path='/')
        return temp
Example #3
0
 def test_delete_cookie(self):
     response = BaseResponse()
     response.set_cookie('name', 'value')
     response.delete_cookie('name')
     cookies = [value for name, value in response.headerlist
                if name.title() == 'Set-Cookie']
     self.assertTrue('name=;' in cookies[0])
Example #4
0
def logout():
    '''
        退出
    '''
    log.info("logout")
    response.delete_cookie(key='user',secret='chermong')
    return jinja2_template('login.html')
Example #5
0
    def get_iiif_token(self):
        # This is the next step -- client requests a token to send to info.json
        # We're going to just copy it from our cookie.
        # JSONP request to get the token to send to info.json in Auth'z header

        callbackFn = request.query.get('callback', '')
        authcode = request.query.get('code', '')
        account = ''
        try:
            account = request.get_cookie(self.COOKIE_NAME_ACCOUNT, secret=self.COOKIE_SECRET)
            response.delete_cookie(self.COOKIE_NAME_ACCOUNT)
        except:
            pass
        if not account:
            data = {"error":"missingCredentials","description": "No login details received"}
        else:
            data = {"accessToken":account, "tokenType": "Bearer", "expiresIn": 3600}
            # Set the cookie for the image content
            response.set_cookie(self.COOKIE_NAME, account, secret=self.COOKIE_SECRET)
        dataStr = json.dumps(data)

        if callbackFn:
            return self.send("{0}({1});".format(callbackFn, dataStr), ct="application/javascript")
        else:
            return self.send(dataStr, ct="application/json")
Example #6
0
def destroy_session():
    token = request.get_cookie('session_token')
    if not(token):
        return
    if token in sessions:
        del(sessions[token])
    response.delete_cookie('session_token')
Example #7
0
def logout(user):
    # Test script from terminal:
    # http post localhost:8081/api/sessions/David     
    response.content_type = 'application/json'
    response.delete_cookie('session')
    response.delete_cookie('username')
    return
Example #8
0
def get_users():
    if request.method == 'OPTIONS':
        return {}


    auth = request.get_cookie('auth')
    if auth:
        user = check_auth(auth)
        if user:
            return json.dumps([{'id': user, 'email': user, 'likes': [], 'ads': []}]) #override with real data
        else:
            response.delete_cookie('auth')
            response.status = "403 Login Failed"
            return json.dumps({'message': "Login Failed"})


    email = request.query.get('email')
    password = request.query.get('password')
    result = db.key_store.get_auth(email, password)
    if result:
        response.set_cookie('auth', s.dumps(email), path="/")
        return json.dumps([{'name': 'daniel', 'likes': [], 'ads': []}]) #override with real data
    else:
        response.status = "403 Login Failed"
        return json.dumps({'message': "Login Failed"})
Example #9
0
    def log_in(self, username, password):
        """ Try to login user with provided username and password """
        logged_in = False
        # LOGGER.debug("username given = " + username)
        for user in self.values():
            # LOGGER.debug("server username = "******"password given = " + password)
                # LOGGER.debug("server password = "******"access = " + user['access'])
                break

        else:
            response.delete_cookie('current_user', path='/')
            self._current_user = self[internal_name(GUEST_USER['name'])]

        self._callbacks['update_user_panel']()

        return logged_in
Example #10
0
    def get_language(self):
        lang = [None]

        # Remove old no longer used cookie 'lang'
        if request.get_cookie('lang'):
            response.delete_cookie('lang', path="/")

        if len(request.script_name) > 3:
            lang = [request.script_name[-3:-1], self.allowed_languages[0]]
            if lang[0] not in self.allowed_languages:
                lang = [None]
            else:
                return (lang, False)

        if not lang[0] and request.get_cookie('lang'):
            lang = [request.get_cookie('lang')]
            if lang[0] not in self.allowed_languages:
                lang = [None]

        if not lang[0] and request.get_header('Accept-Language'):
            lang = request.get_header('Accept-Language')
            lang = lang.split(',')
            lang = [x.split(";")[0] for x in lang]
            lang = [x.split("-")[0] for x in lang]
            lang = [x for x in lang if x in self.allowed_languages]

        if len(lang) > 0 and lang[0]:
            lang.append(self.allowed_languages[0])
            res = []
            for l in lang:
                if not l in res:
                    res.append(l)
            return (res, True)
        else:
            return (self.allowed_languages, True)
Example #11
0
 def logout(self):
     response.delete_cookie(self.COOKIE_NAME_ACCOUNT)
     response.delete_cookie(self.COOKIE_NAME)
     response['Access-Control-Allow-Origin'] = '*'
     return self.send("<html><script>window.close();</script></html>",
                      status=401,
                      ct="text/html")
Example #12
0
    def get_language(self):
        lang = [None]

        # Remove old no longer used cookie 'lang'
        if request.get_cookie('lang'):
            response.delete_cookie('lang', path="/")

        if len(request.script_name) > 3:
            lang = [request.script_name[-3:-1], self.allowed_languages[0]]
            if lang[0] not in self.allowed_languages:
                lang = [None]
            else:
                return (lang, False)

        if not lang[0] and request.get_cookie('lang'):
            lang = [request.get_cookie('lang')]
            if lang[0] not in self.allowed_languages:
                lang = [None]

        if not lang[0] and request.get_header('Accept-Language'):
            lang = request.get_header('Accept-Language')
            lang = lang.split(',')
            lang = [x.split(";")[0] for x in lang]
            lang = [x.split("-")[0] for x in lang]
            lang = [x for x in lang if x in self.allowed_languages]

        if len(lang) > 0 and lang[0]:
            lang.append(self.allowed_languages[0])
            res = []
            for l in lang:
                if not l in res:
                    res.append(l)
            return (res, True)
        else:
            return (self.allowed_languages, True)
Example #13
0
def signin():
    # If user requested a logout, delete the cookie, and redirect to homepage
    if request.query.logout == "true":
        response.delete_cookie("account")
        redirect('/')

    return template('templates/sign_in', warning='')
Example #14
0
def action(mid=''):
	if not mid:
		# generate new ticker
		t = FussiTicker.Ticker()
	else: 
		t = FussiTicker.load(mid)
	# process action
	if request.forms.home_u:
		t.scoreHome()
	elif request.forms.home_d:
		t.scoreHome(-1)
	elif request.forms.guest_u:
		t.scoreGuest()
	elif request.forms.guest_d:
		t.scoreGuest(-1)
	elif request.forms.new:
		# Start new session
		# Not used
		response.delete_cookie("FussiTicker")
		redirect('/')
	elif request.forms.reset:
		t.reset()
	elif request.forms.start:
		t.start()
	else:
		logging.warning('No action')
	
	t.setTeams(request.forms.hteam, 'na')
	
	FussiTicker.save(t)
	logging.info('New id:' + str(t.id))
	response.set_cookie("FussiTicker", t.id)
	d = getFields(t)
	
	return template('ticker', d)
Example #15
0
def delete(user):
    username = request.get_cookie("username")
    if user:
        if user== username:
            print "HERE"
            cur.execute("DELETE FROM lab5.members WHERE username = '******';" % user)
            cur.execute("SELECT * FROM lab5.submits_user WHERE username = '******';" % user)
            submissionids = cur.fetchall()
            for s in submissionids:
                cur.execute("DELETE FROM lab5.submissions WHERE submissionid = '%s';" % s)
            cur.execute("DELETE FROM lab5.submits_user WHERE username = '******';" % user)
            cur.execute("DELETE FROM lab5.sponsors WHERE username = '******';" % user)
            cur.execute("DELETE FROM lab5.judges WHERE username = '******';" % user)
            cur.execute("SELECT * FROM lab5.discussions WHERE username = '******';" % user)
            discussions = cur.fetchall()
            for d in discussions:
                cur.execute("DELETE FROM lab5.comments WHERE discussionid = '%s';" % d)
            cur.execute("DELETE FROM lab5.discussions WHERE username = '******';" % user)
            cur.execute("DELETE FROM lab5.user_acc WHERE username = '******';" % user)

            database.commit()
            response.delete_cookie("username")
            return "%s now deleted from the Database" % user
        else:
            return "You are not logged in, in the first place <br> <a href='/'> << Go Back </a>"
Example #16
0
    def get_iiif_token(self):
        # This is the next step -- client requests a token to send to info.json
        # We're going to just copy it from our cookie.
        # JSONP request to get the token to send to info.json in Auth'z header

        callbackFn = request.query.get('callback', '')
        authcode = request.query.get('code', '')
        account = ''
        try:
            account = request.get_cookie('account', secret="abc-123-!@#")
            response.delete_cookie('account')
        except:
            pass
        if not account:
            data = {"error":"client_unauthorized","error_description": "No login details received"}
        else:
            data = {"access_token":account, "token_type": "Bearer", "expires_in": 3600}
            # Set the cookie for the image content
            response.set_cookie('loggedin', account, secret="abc-123-!@#")
        dataStr = json.dumps(data)

        if callbackFn:
            return self.send("%s(%s);" % (callbackFn, dataStr), ct="application/javascript")
        else:
            return self.send(dataStr, ct="application/json")
Example #17
0
def auth_check():
    try:
        logger.debug("check")
        expires = (datetime.today() + timedelta(minutes=3600))
        auth_cookie = request.get_cookie('AUTH_COOKIE')
        logger.debug(auth_cookie)
        if not (auth_cookie) or not (os.path.isfile("/vagrant/auth/" + auth_cookie)):
            logger.debug("no cookie, login again")
            result = {"loggedin": False, "loginpage": "/login"}
            return result

        c.execute("SELECT * FROM sxsw_users WHERE uuid=?", (auth_cookie,))
        res = c.fetchone()
        logger.debug(res)
        if res:
            logger.debug("check ok")
            response.set_cookie("AUTH_COOKIE", auth_cookie, expires=expires, domain=cookiedomain, path="/")
            result = {"user_token": res.get("user_token"),
                      "csrf_token": res.get("csrf_token"), "loggedin": True, "email": res["email"],"userid":res["userid"],"handle":res["handle"]}
        else:
            response.delete_cookie("AUTH_COOKIE")
            result = {"loggedin": False}
            logger.debug(result)
            logger.debug(result)
        return result
    except:
        logger.exception("err")
Example #18
0
    def clear(self):
        '''
        clear()
        clear all instance of session
        '''
        try:
            currentUtcTime = self.__getCurrentUtcTimeHash()

            # get cookie from current request if not exist just add it
            cookieSessionData = request.get_cookie(
                's', currentUtcTime.get('hexdigest'))

            # create session file
            if os.path.isdir(self.__sessionOption.get('data_dir')):
                sessionFile = os.path.join(
                    self.__sessionOption.get('data_dir'), cookieSessionData)

                if (os.path.isfile(sessionFile)):
                    os.remove(sessionFile)

            response.set_cookie('s', cookieSessionData, max_age=0)
            response.delete_cookie(cookieSessionData)

        except Exception as e:
            print(e)
Example #19
0
 def test_delete_cookie(self):
     response = BaseResponse()
     response.set_cookie('name', 'value')
     response.delete_cookie('name')
     cookies = [value for name, value in response.wsgiheader()
                if name.title() == 'Set-Cookie']
     self.assertTrue('name=;' in cookies[0])
Example #20
0
File: ilil.py Project: riotbib/ilil
def logout():
    login = request.get_cookie("login", secret='some-secret-key')
    if login:
        response.delete_cookie("login")
        redirect("/")
    else:
        redirect("/")
Example #21
0
def template(source, template_title="", template_description="", extension=".html", including_page=None,
             alert: Alert = None, self_stationary_page=False,  *args, **kwargs):
    d = loads(request.get_cookie("kwargs", "{}", ADMIN_COOKIE_SECRET))
    if alert:
        alert = alert.conv
    if d:
        response.delete_cookie("kwargs", path='/')
        if 'alert' in d:
            alert = loads(d['alert'])
        kwargs.update(d)

    k = {
        "title": template_title,
        "description": template_description,
        "args": args,
        "alert": alert,
        "path": request.path,
        "kwargs": kwargs
    }

    if self_stationary_page:
        return bottle.template(join("view", source + extension), **k)
    return bottle.template("view/layout/skeleton.html",
                           including_page=including_page or join("view", source + extension),
                           **k
                           )
Example #22
0
def logout():
    username = request.get_cookie("user")

    logout_user_db(username)

    response.delete_cookie("user")
    response.delete_cookie("session")
    redirect('/')
Example #23
0
def get_message(local_request):
    """
    Return currently set message and delete the cookie.

    :returns: message
    """
    response.delete_cookie(MESSAGE_KEY, path=ROOT, secret=SECRET)
    return request._message
Example #24
0
 def logout(self):
   kdict = deepcopy(config.kdict)
   username = request.get_cookie('logged-in', secret=kdict['secretKey'])
   if username:
     self.userdb.deleteUser(username)
     
   response.delete_cookie('logged-in', path='/', secret=kdict['secretKey'])
   redirect('/')
Example #25
0
 def logout(self):
     self.app.log('Logout user: %s.' % self.app.current_user)
     self.app.current_user = None
     session = Session.get(Session.session_id == self.session_id)
     session.active = False
     session.save()
     self.session_id = None
     response.delete_cookie(self.key)
Example #26
0
 def logout(self):
     self.app.log('Logout user: %s.' % self.app.current_user)
     self.app.current_user = None
     session = Session.get(Session.session_id == self.session_id)
     session.active = False
     session.save()
     self.session_id = None
     response.delete_cookie(self.key)
Example #27
0
def controller_login_sair():
    """
    Deleta o cookie
    :return:
    """
    response.delete_cookie("KIM")
    response.delete_cookie("BUMBA")
    redirect('/')
Example #28
0
def logout():
    # Logout do usuário - remove sessão ativa
    session_id = request.get_cookie(ticket.user.cookie_session_name())
    if session_id:
        ticket.user.removesession(session_id)
        response.delete_cookie(ticket.user.cookie_session_name())
        ticket.db.expire_old_sessions()
    return redirect('/login')
Example #29
0
def get_message():
    """
    Return currently set message and delete the cookie. This function is lazily
    evaluated so it's side effect of removing the cookie will only become
    effective when you actually use the message it returns.
    """
    response.delete_cookie(MESSAGE_KEY, path=ROOT, secret=SECRET)
    return request._message
Example #30
0
def signout():
    sid = request.get_cookie('sid', None)

    if sid:
        response.delete_cookie('sid')
        response.delete_cookie('username')
        query = Session.delete().where(Session.sid == sid)
        query.execute()
Example #31
0
def remmeber_me(account):
    '''记住账号'''
    remember = request.forms.get('remember')
    if remember:
        response.set_cookie("manager", account, path='/manage')
        response.set_cookie("remember", remember)
    else:
        response.delete_cookie("manager")
        response.delete_cookie("remember")
Example #32
0
 def logout(self):
     username = request.get_cookie("account", secret='some-secret-key')
     if not username:
         return self.pleaselogin()
     response.delete_cookie("account")
     return template("message",
                     title="Logged out",
                     message=username + ", you are now logged out!",
                     redirect="/")
Example #33
0
def remmeber_me(account):
    """记住账号"""
    remember = request.forms.get("remember")
    if remember:
        response.set_cookie("manager", account, path="/manage")
        response.set_cookie("remember", remember)
    else:
        response.delete_cookie("manager")
        response.delete_cookie("remember")
Example #34
0
def logout():
    """
    Logout of the system.
    """
    response.delete_cookie(TOKEN, path=COOKIE_PATH)
    return template('message',
                    message="Logged out",
                    logout_link=False,
                    start_link=False)
Example #35
0
    def signout():
        site_id = request.get_cookie('site_id', None)

        response.delete_cookie('site_id')
        response.delete_cookie('username')

        if site_id is not None:
            query = SessionModel.delete().where(SessionModel.site_id == site_id)
            query.execute()
Example #36
0
def logout(db):
    '''
    User Logout. 
    '''
    response.delete_cookie('user',
        secret=setting('cookie_key').value)
    return env.get_template('settings_login.html').render(
        auth=False,
    )
Example #37
0
    def do_logout(self, **kw):
        session = self.get_session_from_cookie()
        if session is not None:
            user = session['user']
            self.invalidate_session(session)
            response.delete_cookie('sid')
            return self.login_str % (user, 'out')

        return self.no_user_str
Example #38
0
def logout():
    """Post request for Logout; Upon login, if user submits logout form
    their session and cookie is deleted. They are then redirected to the Main Page."""
    db = COMP249Db()
    curr_user = users.session_user(db)
    if curr_user:
        users.delete_session(db, curr_user)
        response.delete_cookie(COOKIE_NAME)
    redirect('/')
Example #39
0
 def logout(self):
     response.delete_cookie(self.cookie_name,
                            domain=self.cookie_domain,
                            path=self.cookie_path)
     response['Access-Control-Allow-Origin'] = '*'
     return self.application.send(
         "<html><script>window.close();</script></html>",
         status=401,
         ct="text/html")
Example #40
0
def logout():
    """Post request for Logout; Upon login, if user submits logout form
    their session and cookie is deleted. They are then redirected to the Main Page."""
    db = COMP249Db()
    curr_user = users.session_user(db)
    if curr_user:
        users.delete_session(db, curr_user)
        response.delete_cookie(COOKIE_NAME)
    redirect('/')
    def do_logout(self, **kw):
        session = self.get_session_from_cookie()
        if session is not None:
            user = session['user']
            self.invalidate_session(session)
            response.delete_cookie('sid')
            return self.login_str % (user, 'out')

        return self.no_user_str
Example #42
0
def remmeber_me(account):
    '''记住账号'''
    remember = request.forms.get('remember')
    if remember:
        response.set_cookie("manager", account, path = '/manage')
        response.set_cookie("remember", remember)
    else:
        response.delete_cookie("manager")
        response.delete_cookie("remember")
Example #43
0
def get_session():
    session_id = request.cookies.get(SESSION_COOKIE_NAME)
    if session_id is None:
        return None
    sess = _sessions.get(session_id)
    if sess is None:
        #raise Exception("Session %s is not found" % (session_id,))
        response.delete_cookie(SESSION_COOKIE_NAME)
    return sess
Example #44
0
def logout():
    username = request.cookies.get('current_user', '0')
    session_id = request.cookies.get('current_user_type', '0')
    requests.post(
        '{target}/api/session_id/logout/{username}/{session_id}'.format(
            target=backend_str, username=username, session_id=session_id))
    response.delete_cookie('current_user')
    response.delete_cookie('current_user_type')
    redirect("/")
Example #45
0
def logout():
    """
    Logout do usuário - remove sessão ativa.
    """
    session_id = request.get_cookie(cookie_session_name())
    if session_id:
        remove_session(session_id)
        response.delete_cookie(cookie_session_name())
        expire_old_sessions()
    return redirect("/login")
Example #46
0
def logout():
    """Destroys user session and redirects to home"""
    auth = Auth()
    sid = request.get_cookie('SID')
    if sid:
        auth.kill_session(sid)
        auth.destroy()
        response.delete_cookie('SID')
    response.add_header('Location', '/')
    response.status = 302
Example #47
0
def perform_logout(db):	
	session_id = request.get_cookie("pbsession")
	if session_id is None or not is_valid_uuid(session_id, no_dashes=True):
		return
	
	# this will logout user from all browsers.. (what we want?)
	prepared = db.prepare("delete from PetBay.Session where sessionid=?")
	db.execute(prepared, (uuid.UUID(session_id),))
	
	response.delete_cookie("pbsession")
Example #48
0
    def logout(cls):
        beaker_session = request.environ["beaker.session"]

        if "cookies_value" in beaker_session:
            value = beaker_session["cookies_value"]
            response.delete_cookie("cookies_value_client")
            beaker_session.delete()
            redirect("/")
        else:
            return {}
    def logout(cls):
        beaker_session = request.environ['beaker.session']

        if 'cookies_value' in beaker_session:
            value = beaker_session['cookies_value']
            response.delete_cookie('cookies_value_client')
            beaker_session.delete()
            redirect('/')
        else:
            return {}
Example #50
0
def logout(message = False):
    auth_cookie = request.get_cookie('AUTH_COOKIE')
    logger.debug("logout")
    if auth_cookie:
        logger.debug("remove cookie:"+CONFIG.global_config.cookie_store+auth_cookie)
        rm(authdir+auth_cookie)
    response.status = 200
    response.add_header("Content-type", "application/json")
    response.delete_cookie("AUTH_COOKIE")
    return json.dumps({"result": "success", "login_status": False,"message":message})
Example #51
0
def api_logout(login_data=False, ):
    return_data = {'error': False}
    r = request #< The things I do for PEP8...
    if login_data:
        s_id = r.get_header('X-Auth-Token') or r.get_cookie('session_id')
        sessions.expire_session(s_id)
        response.delete_cookie(s_id)
    else:
        return_data['error'] = 'No session to delete'
    return return_data
Example #52
0
def delete_cookie(sid):
    db = sqlite3.connect("site.db")
    cur = db.cursor()
    cur.execute("update users set session_id=? where session_id =?", (
        None,
        sid,
    ))
    db.commit()
    db.close()
    response.delete_cookie('user')
Example #53
0
 def set_session(self):
     if self.app.current_user is not None:
         self.app.log('Setting session value for: %s.' % self.app.current_user)
         response.set_cookie(name=self.key,
                             value=self.session_id,
                             secret=self.secret,
                             path='/',
                             httponly=True)
     else:
         response.delete_cookie(self.key)
Example #54
0
 def clear_session(self):
     response.delete_cookie(self.session_cookie,
                            path='/',
                            httponly=True,
                            samesite='lax',
                            secure=False if self.testing_mode else True)
     response.delete_cookie(self.refresh_session_cookie,
                            path='/',
                            httponly=True,
                            samesite='lax',
                            secure=False if self.testing_mode else True)
Example #55
0
 def set_session(self):
     if self.app.current_user is not None:
         self.app.log('Setting session value for: %s.' %
                      self.app.current_user)
         response.set_cookie(name=self.key,
                             value=self.session_id,
                             secret=self.secret,
                             path='/',
                             httponly=True)
     else:
         response.delete_cookie(self.key)
Example #56
0
def logout(session):
    del session['name']
    response = HTTPResponse(
        body="Bye!",
        status=200,
    )
    response.delete_cookie(
        'login_redirect',
        path='/',
    )
    return response
Example #57
0
def get_cookie(cookie_name, cookie_path=None):
    message = request.get_cookie(cookie_name)

    if message:
        if cookie_path is not None:
            response.delete_cookie(cookie_name, path=cookie_path)
        else:
            response.delete_cookie(cookie_name)
        return message
    else:
        return ""