Example #1
0
    def initialise(self):
        """
        The application needs initialisation to load the database
        connection etc. In previous versions this was done with the
        initialisation of the class in the __init__ method. This is
        now separated into this function.
        """
        #: Check if the secret key is defined, if not raise an
        #: exception since it is required
        assert self.secret_key, 'Secret Key is not defined in config'

        #: Load the cache
        self.load_cache()

        #: Initialise the CSRF handling
        self.csrf_protection = CsrfProtect()
        self.csrf_protection.init_app(self)

        self.view_functions['static'] = self.send_static_file

        # Backend initialisation
        self.load_backend()

        #: Initialise the login handler
        login_manager = LoginManager()
        login_manager.user_loader(self._pool.get('nereid.user').load_user)
        login_manager.header_loader(
            self._pool.get('nereid.user').load_user_from_header
        )
        login_manager.token_loader(
            self._pool.get('nereid.user').load_user_from_token
        )
        login_manager.unauthorized_handler(
            self._pool.get('nereid.user').unauthorized_handler
        )
        login_manager.login_view = "nereid.website.login"
        login_manager.anonymous_user = self._pool.get('nereid.user.anonymous')
        login_manager.init_app(self)

        self.login_manager = login_manager

        # Monkey patch the url_for method from flask-login to use
        # the nereid specific url_for
        flask.ext.login.url_for = url_for

        self.template_context_processors[None].append(
            self.get_context_processors()
        )

        # Add the additional template context processors
        self.template_context_processors[None].append(
            nereid_default_template_ctx_processor
        )

        # Add template_filters registered using decorator
        for name, function in self.get_template_filters():
            self.jinja_env.filters[name] = function

        # Finally set the initialised attribute
        self.initialised = True
Example #2
0
def _get_login_manager(app):
    lm = LoginManager()
    lm.anonymous_user = AnonymousUser
    lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app)
    lm.user_loader(_user_loader)
    lm.token_loader(_token_loader)
    lm.init_app(app)
    return lm
Example #3
0
    def initialise(self):
        """
        The application needs initialisation to load the database
        connection etc. In previous versions this was done with the
        initialisation of the class in the __init__ method. This is
        now separated into this function.
        """
        #: Check if the secret key is defined, if not raise an
        #: exception since it is required
        assert self.secret_key, 'Secret Key is not defined in config'

        #: Load the cache
        self.load_cache()

        #: Initialise the CSRF handling
        self.csrf_protection = NereidCsrfProtect()
        self.csrf_protection.init_app(self)

        self.view_functions['static'] = self.send_static_file

        # Backend initialisation
        self.load_backend()

        #: Initialise the login handler
        login_manager = LoginManager()
        login_manager.user_loader(self._pool.get('nereid.user').load_user)
        login_manager.header_loader(
            self._pool.get('nereid.user').load_user_from_header)
        login_manager.token_loader(
            self._pool.get('nereid.user').load_user_from_token)
        login_manager.unauthorized_handler(
            self._pool.get('nereid.user').unauthorized_handler)
        login_manager.login_view = "nereid.website.login"
        login_manager.anonymous_user = self._pool.get('nereid.user.anonymous')
        login_manager.init_app(self)

        self.login_manager = login_manager

        # Monkey patch the url_for method from flask-login to use
        # the nereid specific url_for
        flask.ext.login.url_for = url_for

        self.template_context_processors[None].append(
            self.get_context_processors())

        # Add the additional template context processors
        self.template_context_processors[None].append(
            nereid_default_template_ctx_processor)

        # Add template_filters registered using decorator
        for name, function in self.get_template_filters():
            self.jinja_env.filters[name] = function

        # Initialize Babel
        Babel(self)

        # Finally set the initialised attribute
        self.initialised = True
def get_login_manager(app):
    lm = LoginManager(app)
    lm.session_protection = 'strong'
    lm.anonymous_user = AnonymousUser
    lm.login_view = '/login'
    lm.user_loader(load_user)
    lm.token_loader(load_token)
    lm.init_app(app)
    return lm
Example #5
0
def _get_login_manager(app):
    lm = LoginManager()
    lm.anonymous_user = AnonymousUser
    lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app)
    lm.user_loader(_user_loader)
    lm.token_loader(_token_loader)
    lm.login_message, lm.login_message_category = cv('MSG_LOGIN', app=app)
    lm.needs_refresh_message, lm.needs_refresh_message_category = cv('MSG_REFRESH', app=app)
    lm.init_app(app)
    return lm
Example #6
0
def _get_login_manager(app):
    lm = LoginManager()
    lm.anonymous_user = AnonymousUser
    lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app)
    lm.user_loader(_user_loader)
    lm.token_loader(_token_loader)
    lm.login_message, lm.login_message_category = cv('MSG_LOGIN', app=app)
    lm.needs_refresh_message, lm.needs_refresh_message_category = cv(
        'MSG_REFRESH', app=app)
    lm.init_app(app)
    return lm
Example #7
0
def _get_login_manager(app):
    lm = LoginManager()
    lm.anonymous_user = AnonymousUser
    lm.login_view = "%s.login" % cv("BLUEPRINT_NAME", app=app)
    lm.user_loader(_user_loader)
    lm.token_loader(_token_loader)

    if cv("FLASH_MESSAGES", app=app):
        lm.login_message, lm.login_message_category = cv("MSG_LOGIN", app=app)
        lm.needs_refresh_message, lm.needs_refresh_message_category = cv("MSG_REFRESH", app=app)
    else:
        lm.login_message = None
        lm.needs_refresh_message = None

    lm.init_app(app)
    return lm
Example #8
0
from flask.ext.babel import Babel, gettext
from flask import Markup

import pytz
import prefs

from database import db, create_flask_app

app = create_flask_app()
babel = Babel(app)
login_manager = LoginManager()
login_manager.init_app(app)

from controllers import threads, posts, users, applicants

login_manager.token_loader(users.token_loader)
login_manager.user_loader(users.user_loader)
login_manager.login_view = 'login'
login_manager.session_protection = 'strong'


@babel.localeselector
def get_locale():
    return 'en'  #request.accept_languages.best_match(prefs.Config.LANG_SUPPORT)


@app.route("/", defaults={'page': 1}, methods=['POST', 'GET'])
@app.route("/<int:page>", methods=['POST', 'GET'])
@login_required
def thread_list_view(page):
    if request.method == 'GET':
class AuthLoginManager(object):
    """
    Auth login manager
    """

    manager = None
    app = None
    user_cls = None
    token_cls = None
    db = None
    req_tok_type = None

    def __init__(self, app, db, user_cls, token_cls):
        """
        Constructor
        """
        self.db = db
        self.user_cls = user_cls
        self.token_cls = token_cls
        self.app = app
        self.req_tok_type = (
            app.config.get(
                'AUTH_TOKEN_TYPE',
                REQ_TOK_TYPES['header']
            )
        )
        self.manager = LoginManager()
        self.manager.request_loader(self._load_user_from_request)
        self.manager.user_loader(self._load_user)
        self.manager.token_loader(self._user_from_token)
        self.manager.unauthorized_handler(self.unauthorized)
        self.manager.init_app(self.app)
        return None

    def get_manager(self):
        """
        Get login manager
        """
        return self.manager

    def _load_user_from_request(self, request):
        """
        Callback to load a user from a Flask request object

        See:
            https://flask-login.readthedocs.org
            /en/latest/#custom-login-using-request-loader
        """
        req_token = (
            request_helpers
            .get_request_token(
                self.req_tok_type,
                request
            )
        )
        if req_token is None:
            return None
        auth_token = self.token_cls.query.filter_by(token=req_token).first()
        if auth_token is None:
            return None
        session['is_authenticated'] = True
        session['auth_token'] = auth_token.token
        return auth_token.user

    def _load_user(self, user_id):
        """
        Load a user from a user id
        """
        return self.user_cls.get(user_id)

    def _user_from_token(self, token):
        """
        Gets a user from a token
        """
        auth_token = self.token_cls.query.filter_by(token=token).first()
        if auth_token is None:
            return None
        return auth_token.user

    def unauthorized(self):
        """
        Unauthorized handler
        """
        headers = {}
        headers['Content-Type'] = "application/json"
        payload = {
            'msg': "Not authorized",
            'code': 'not_authorized'
        }
        return Response(json.dumps(payload), 401, headers)
Example #10
0
from flask.ext.babel import Babel, gettext
from flask import Markup

import pytz
import prefs

from database import db, create_flask_app

app = create_flask_app()
babel = Babel(app);
login_manager = LoginManager()
login_manager.init_app(app)

from controllers import threads, posts, users, applicants

login_manager.token_loader(users.token_loader)
login_manager.user_loader(users.user_loader)
login_manager.login_view = 'login'
login_manager.session_protection = 'strong'

@babel.localeselector
def get_locale():
    return 'en' #request.accept_languages.best_match(prefs.Config.LANG_SUPPORT)

@app.route("/", defaults={'page': 1}, methods=['POST', 'GET'])
@app.route("/<int:page>", methods=['POST', 'GET'])
@login_required
def thread_list_view(page):
    if request.method == 'GET':
        prospective_applicants = applicants.get_prospective_applicants(db.session)
        thread_list = threads.thread_list(db.session, page=page)