Example #1
0
def _set_response_token_cookie(token):
    """ Add a generated token cookie to the HTTP response.
    """
    site_url = urlparse.urlparse(config.get('ckan.site_url', ''))
    if site_url.scheme == 'https':
        LOG.debug("Securing CSRF token cookie for site %s", site_url)
        secure_cookies = True
    else:
        LOG.warn("Site %s is not secure! CSRF token may be exposed!", site_url)
        secure_cookies = False
    response.set_cookie(TOKEN_FIELD_NAME, token, secure=secure_cookies, httponly=True)
Example #2
0
 def submit_terms(self):
     ua = UserAgreement()
     came_from = request.params.get('came_from', h.url('/'))
     if not came_from:
         base.abort(400, _('Missing Value') + ': url')
     if h.url_is_local(came_from):
         ua.insert_new_agreement()
         response.set_cookie('wprdc_user_terms', 'true')
         return base.redirect(came_from)
     else:
         base.abort(403, _('Redirecting to external site is not allowed.'))
Example #3
0
def resource_filter_delete_cookie(resource_id):
    """
    Delete the hidden fields for this resource ID
    @param resource_id:
    @return:
    """

    cookie = resource_filter_get_cookie()
    # Remove the dictionary item for this resource ID
    cookie.pop(resource_id, None)
    # And reset the cookie
    response.set_cookie(HIDDEN_FIELDS_COOKIE_NAME, json.dumps(cookie))
Example #4
0
def resource_filter_set_cookie(resource_id, hidden_fields):
    """
    Set the resource filter hidden fields cookie
    @param resource_id:
    @param hidden_fields:
    @return:
    """

    cookie = resource_filter_get_cookie()
    cookie[resource_id] = hidden_fields

    response.set_cookie(HIDDEN_FIELDS_COOKIE_NAME, json.dumps(cookie))
Example #5
0
    def login(self):
        for cookie in request.cookies:
            value = request.cookies.get(cookie)
            response.set_cookie(cookie, value, secure=True, httponly=True)

        if 'organization_id' in session:
            g = model.Group.get(session['organization_id'])
            client = Clients.get_client(g)
            url, ht_args, state = client.create_authn_request(conf.ACR_VALUES)
            session['state'] = state
            session.save()
            if ht_args:
                toolkit.request.headers.update(ht_args)
            redirect_to(url)
        else:
            redirect_to('/')
Example #6
0
    def login(self):
        for cookie in request.cookies:
            value = request.cookies.get(cookie)
            response.set_cookie(cookie, value, secure=True, httponly=True)

        if 'organization_id' in session:
            g = model.Group.get(session['organization_id'])
            client = Clients.get_client(g)
            url, ht_args, state = client.create_authn_request(conf.ACR_VALUES)
            session['state'] = state
            session.save()
            if ht_args:
                toolkit.request.headers.update(ht_args)
            redirect_to(url)
        else:
            redirect_to('/')
Example #7
0
def check_redirect_needed(original_action, *args, **kw):
    if hasattr(request, 'blueprint'): # flask controller
        ua_dict = useragent.Parse(request.user_agent.string)
        is_flask = True
    else: # pylons controller
        ua_dict = useragent.Parse( request.user_agent if request.user_agent else '')
        is_flask = False
    os = ua_dict.get('os', {}).get('family') # type: str
    path = request.full_path if is_flask else request.path_qs
    ua_is_mobile = os and os.lower() in {'android', 'ios'}
    should_redirect = __should_redirect(path, ua_is_mobile)
    if should_redirect:
        light_url = switch_url_path(path, False)
        return redirect(light_url)
    else:
        result = original_action(*args, **kw)
        new_cookie_value = __cookie_value_to_set()
        if is_flask and new_cookie_value:
            result = make_response(result)
            result.set_cookie(FORCE_REDIRECT_COOKIE, new_cookie_value)
        if not is_flask and new_cookie_value:
            response.set_cookie(FORCE_REDIRECT_COOKIE, new_cookie_value)
        return result
Example #8
0
                #    to create a new organization or ask the admin of an existing organization to add you as a member.''' % contribute_url
                # h.flash_success(_(message), True)

                return h.redirect_to('dashboard.organizations')
            else:
                userobj = c.userobj if c.userobj else model.User.get(c.user)
                login_dict = {
                    'display_name': userobj.display_name,
                    'email': userobj.email,
                    'email_hash': userobj.email_hash,
                    'login': userobj.name
                }

                max_age = int(14 * 24 * 3600)
                response.set_cookie('hdx_login',
                                    urllib2.quote(json.dumps(login_dict)),
                                    max_age=max_age)
                if not c.user:
                    h.redirect_to(locale=None,
                                  controller='user',
                                  action='login',
                                  id=None)

                # do we need this?
                user_ref = c.userobj.get_reference_preferred_for_uri()

                _ckan_site_url = config.get('ckan.site_url', '#')
                _came_from = str(request.referrer or _ckan_site_url)

                excluded_paths = [
                    '/user/validate/', 'user/logged_in?__logins',