def remote_authorize(*args, **kwargs):
"""Login via JSON from another application.
:param string email: Email associated with user account
:param string password: Password assocaited with user account
:return bool
"""
form_class = _security.login_form
error_message = 'No credentials provided'
if request.json:
form = form_class(MultiDict(request.json))
else:
abort(403, error_message)
if form.validate_on_submit():
login_user(form.user, remember=form.remember.data)
after_this_request(_commit)
current_user = form.user
else:
abort(403, error_message)
if not hasattr(current_user, 'id'):
abort(403, error_message)
return True
def register(login_failed=False, **kwargs):
if current_user.is_authenticated():
return redirect(request.referrer or '/')
form = RegisterForm()
ds = get_extension('security', app=current_app).datastore
if form.validate_on_submit():
user = ds.create_user(
fullname=form.fullname.data,
email=form.email.data,
password=form.password.data)
ds.commit()
login_user(user)
ds.commit()
flash('Account created successfully', 'info')
return index(show_modal='profile')
if form.errors:
show_modal = 'signup'
else:
show_modal = None
return index(register_form=form, show_modal=show_modal)
def login():
if request.method == "GET":
if current_user.is_authenticated:
return redirect(url_for('main.feed'))
else:
return render_template('mod_auth/log_in.html')
elif request.method == "POST":
email = request.form['email']
password = request.form['password']
user_input = user_mongo_utils.get_user(email=email)
if user_input is None:
error = 'Please write both username and password', 'error'
return render_template('mod_auth/log_in.html', error=error)
elif user_input != None:
password_check = bcrypt.check_password_hash(
user_input.password, password)
email_check = True if user_input.email == email else False
if not email_check:
error = 'Wrong email'
return render_template('mod_auth/log_in.html', error=error)
elif not password_check:
error = 'Wrong password'
return render_template('mod_auth/log_in.html', error=error)
elif password_check and email_check:
login_user(user_input)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(current_user.id))
return redirect(url_for('main.feed'))
def post(self):
args = self.reqparse.parse_args()
user = User.authenticate(args)
if user:
login_user(user)
return dict(user=user.name()), 200
return 'Invalid username or password', 400
def new_dhbox():
users_and_passes = []
admins_and_passes = []
form = request.form
data = {key: request.form.getlist(key)[0] for key in request.form.keys()}
for key in data:
users_dict = key
users_dict = ast.literal_eval(users_dict)
users = users_dict['users']
for user in users:
if 'name' in user:
if 'email' in user: # Then is DH Box admin
name_check = User.query.filter(User.name == user['name']).first()
email_check = User.query.filter(User.name == user['email']).first()
if name_check or email_check:
print "Username taken. Already has a DH Box."
return str('failure')
admin_user = user['name']
admin_email = user['email']
admin_pass = user['pass']
admin_user_object = user_datastore.create_user(email=admin_email, name=admin_user, password=admin_pass)
db.session.commit()
login_user(admin_user_object)
the_new_dhbox = DockerBackend.setup_new_dhbox(admin_user, admin_pass, admin_email)
return str('Successfully created a new DH Box.')
def demo():
username = '******' + ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(10))
demo_user_object = user_datastore.create_user(email=username + '@demo.com', name=username, password='******')
db.session.commit()
login_user(demo_user_object)
new_dhbox = DockerBackend.demo_dhbox(username)
return redirect('/dhbox/' + username, 301)
def login():
#form = LoginForm()
rm = resources.model
form = UserLogin()
# g.last_login = ''
if form.validate_on_submit():
login_user(form.user, remember=False)
flash("Logged is successfully.")
if session['referer'] != '':
if session["referer"] == '/':
label_user = db.session.query(rm.Label).filter_by(user_id=current_user.id).first()
if label_user:
return redirect('/')
else:
return redirect('/get_label')
else:
return redirect(session['referer'])
else:
return redirect('/get_label')
else:
if request.form.getlist('btn_register'):
return redirect('/register')
if request.form.getlist('btn_return'):
return redirect('/return_label')
return render_template('register_label.html', form=form)
def load_or_creator_user(token):
'''根据token载入或创建用户
'''
import datetime
user = User.query.filter_by(uid = int(token.uid)).first()
if user is None:
print 'user is not created'
# create user
user_info = client.users.show.get(uid = token.uid)
user = User(token.uid, json.dumps(user_info), json.dumps(token))
user.active = True
user.create_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
user.last_login_time = user.create_time
db.session.add(user)
db.session.commit()
login_user(user)
else:
print 'user has been created'
# load user
user.token = json.dumps(token)
user_info = client.users.show.get(uid = token.uid)
user.info = json.dumps(user_info)
user.active = True
user.last_login_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
db.session.commit()
login_user(user)
def register(provider_id=None):
if current_user.is_authenticated():
return redirect(request.referrer or '/')
if provider_id:
provider = get_provider_or_404(provider_id)
connection_values = session.pop('failed_login_connection', None)
else:
provider = None
connection_values = None
app.logger.debug("Attemption to register with connection_values: %s" % repr(connection_values))
if connection_values is not None:
ds = app.security.datastore
fake_email = connection_values['provider_user_id'] + "*****@*****.**"
user = ds.create_user(email=fake_email, password="******")
ds.commit()
connection_values['user_id'] = user.id
connect_handler(connection_values, provider)
login_user(user)
ds.commit()
flash('Account created successfully', 'info')
return redirect(url_for('index'))
return abort(404)
def admin_view_as():
user_id = request.args.get('user_id')
u = User.query.filter_by(id=user_id).first()
if u:
logout_user()
login_user(u)
return redirect(url_for('client.home'))
def check_if_user_exists(data, *args, **kwargs):
if current_user.is_authenticated():
data["user_id"] = current_user.id
return
user_name = data.get('user_name')
user_email = data.get('user_email')
user_legacy_email = None
if 'user_legacy_email' in data:
user_legacy_email = data.get('user_legacy_email')
del data['user_legacy_email']
if not user_name:
raise ProcessingException(description=ExceptionMessages.MISSING_PARAM.format(param='user_name'), code=401)
if not user_email:
raise ProcessingException(description=ExceptionMessages.MISSING_PARAM.format(param='user_email'), code=401)
user, is_new = models.User.get_or_create_by_email(email=user_email, role_name=Constants.REVIEWER_ROLE,
user_legacy_email=user_legacy_email, name=user_name)
if not is_new:
# TODO maybe display a passwd field if user is not new?
raise ProcessingException(description=ExceptionMessages.USER_EXISTS % user_email, code=401)
db.session.add(user)
db.session.commit()
login_user(user)
if 'user_name' in data:
del data['user_name']
del data['user_email']
data['user_id'] = user.id
def login(self):
parser = self.get_parser()
parser.add_argument('phone', type=str, required=True, location='json')
parser.add_argument('password',
type=StringParam.check,
required=True,
location='json',
min=6,
max=20)
phone, password = self.get_params('phone', 'password')
password = hashlib.md5(password).hexdigest().upper()
user = user_datastore.find_user(phone=phone)
if not user or user.password != password or not (user.has_role(
RoleType.admin) or user.has_role(RoleType.student)):
self.bad_request(errorcode.INVALID_USER)
login_user(user, True)
user.last_login_time = datetime.now()
user.save()
role_name = RoleType.admin if len(
user.roles) > 1 else user.roles[0].name
return {
'id': user.id,
'role': role_name,
'chinese_name': user.chinese_name,
'english_name': user.english_name
}
def twitter_authenticated():
pincode = request.args.get('oauth_verifier')
consumer = oauth.Consumer(key=consumer_key, secret=consumer_secret)
token = oauth.Token(session['request_token']['oauth_token'],
session['request_token']['oauth_token_secret'])
client = oauth.Client(consumer, token)
body = urllib.urlencode({'oauth_callback': callback_uri, 'oauth_verifier': pincode })
resp, content = client.request(access_token_url, "POST", body=body)
if resp['status'] != '200':
raise Exception("Invalid response from Twitter."+ resp['status'])
"""
This is what you'll get back from Twitter. Note that it includes the
user's user_id and screen_name.
{
'oauth_token_secret': 'IcJXPiJh8be3BjDWW50uCY31chyhsMHEhqJVsphC3M',
'user_id': '120889797',
'oauth_token': '120889797-H5zNnM3qE0iFoTTpNEHIz3noL9FKzXiOxwtnyVOD',
'screen_name': 'heyismysiteup'
}
"""
access_token = dict(cgi.parse_qsl(content))
user = User.query.filter_by(username=access_token['screen_name']).first()
if user is None:
role = Role.query.filter(Role.name=="User").first()
user = user_datastore.create_user(username=access_token['screen_name'], email="email", password="******")
user_datastore.add_role_to_user(user, role)
user.oauth_token = access_token['oauth_token']
user.oauth_secret = access_token['oauth_token_secret']
user.social = "twitter"
db.session.commit()
login_user(user)
return redirect(url_for('blog.index'))
def login():
if request.method == 'GET':
next = request.values.get('next', '/')
return render_template('security/login.html',
next=next)
elif request.method == 'POST':
u = User(email=request.values.get('email'))
security.login_user(u)
def _authenticate(self, data_dict):
user = _security.datastore.find_user(email=data_dict["email"])
if verify_password(data_dict["password"], user.password):
login_user(user)
else:
raise t.DataError({"email": "Can't find anyone with this credentials"})
return data_dict
def post(self):
parser = request.get_json()
email = parser.get('email')
password = parser.get('password')
if email is None or password is None:
abort(400) # missing arguments
user = user_datastore.create_user(email=email,password=utils.encrypt_password(password))
login_user(user, remember = True)
return 201
def login():
form = LoginForm()
if form.validate_on_submit():
username = request.form['username']
password = request.form['password']
session['user_id'] = form.user.id
user = User.objects.filter(username=username, password=password).get()
login_user(user, remember=False)
return redirect(url_for('/user'))
return render_template('security/login_user.html', login=form)
def _authenticate(self, data_dict):
user = security.datastore.find_user(email=data_dict['email'])
if verify_password(data_dict.get('password'), user.password):
login_user(user)
else:
raise t.DataError(
{'email': "Can't find anyone with this credentials"})
return data_dict
def login_view(self):
# handle user login
form = LoginForm(request.form)
if helpers.validate_form_on_submit(form):
if form.validate():
login_user(form.user)
if current_user.is_authenticated():
return redirect(url_for('.index'))
return redirect(url_for_security('login', next=url_for('.index')))
def _authenticate(self, data_dict):
user = security.datastore.find_user(email=data_dict['email'])
if verify_password(data_dict.get('password'), user.password):
login_user(user)
else:
raise t.DataError({
'email': "Can't find anyone with this credentials"
})
return data_dict
def wechat_bind():
user = GitlabAccount.authorize(
request.values["state"],
request.values["code"]
)
logout_user()
login_user(user)
db.session.commit()
return redirect(url_for("index"))
def post(self):
args = reqparse.RequestParser() \
.add_argument('username', type=str, location='json', required=True, help="用户名不能为空") \
.add_argument("password", type=str, location='json', required=True, help="密码不能为空") \
.parse_args()
user = User.authenticate(args['username'], args['password'])
if user:
login_user(user=user)
return {"message": "登录成功", "token": user.get_auth_token()}, 200
else:
return {"message": "用户名或密码错误"}, 401
def login():
form = LoginForm()
print request.args
if form.validate_on_submit():
# login and validate the user...
login_user(form.user, remember=form.remember.data)
flash("Bienvenido!")
return redirect(form.next.data)
next_s = request.args.get("next")
if request.method == "POST":
flash(u"Contraseña o Usuario incorrecto. Intente nuevamente.")
return render_template("login.html", form=form, next=next_s)
def demo():
username = '******' + ''.join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(10))
demo_user_object = user_datastore.create_user(email=username + '@demo.com',
name=username,
password='******',
dhbox_duration=3600)
db.session.commit()
login_user(demo_user_object)
DockerBackend.demo_dhbox(username)
return redirect('/dhbox/' + username, 301)
def login():
form_class = _security.login_form
form = form_class()
if form.validate_on_submit():
login_user(form.user, remember=form.remember.data)
after_this_request(_commit)
if not request.json:
return redirect(get_post_login_redirect(form.next.data))
return render_html('content/login.html', login_user_form=form)
def user_login():
form = LoginForm()
next = request.args.get('next')
if form.validate_on_submit():
flash('Successfully logged in as %s' % form.user.username)
session['user_id'] = form.user.id
user = User.query.get(form.user.id)
login_user(user)
if next != "None":
return redirect(next)
else:
return redirect(url_for('blog.index'))
return render_template('login.html', form=form)
def login():
form_class = _security.login_form
form = form_class()
if form.validate_on_submit():
login_user(form.user, remember=form.remember.data)
after_this_request(_commit)
if not request.json:
return redirect(get_post_login_redirect(form.next.data))
return render_html('content/login.html', login_user_form=form)
def on_login_failed(sender, provider, oauth_response):
connection_values = get_connection_values_from_oauth_response(
provider, oauth_response)
connection_values['display_name'] = connection_values['display_name'][
'givenName'] + " " + connection_values['display_name']['familyName']
connection_values['full_name'] = connection_values['display_name']
session['google_id'] = connection_values['provider_user_id']
user = user_datastore.create_user(google_id=session['google_id'])
user_datastore.commit()
connection_values['user_id'] = user.id
connect_handler(connection_values, provider)
login_user(user)
db.session.commit()
return render_template('index.html')
def fb_authorized():
# check to make sure the user authorized the request
if not 'code' in request.args:
flash('You did not authorize the request')
return redirect(url_for('auth.login'))
# make a request for the access token credentials using code
redirect_uri = url_for('auth.fb_authorized', _external=True)
data = {
'code': request.args['code'],
'grant_type': 'authorization_code',
'redirect_uri': redirect_uri
}
# authorize_url = facebook.get_authorize_url(request_token)
session = facebook.get_auth_session(data=data)
# session = OAuth2Session(facebook.client_id, facebook.client_secret, access_token=data['code'])
# the "me" response
me = session.get(
'/me?locale=en_US&fields=first_name,last_name,email,about,picture'
).json()
first_name = me['first_name']
last_name = me['last_name']
password = ''.join(random.choice('abcdefghij') for _ in range(10))
id = me['id']
user_json = {
"facebook_id": id,
"name": first_name,
"lastname": last_name,
"email": '',
"username": first_name + last_name + '-' + str(ObjectId()),
"password": bcrypt.generate_password_hash(password, rounds=12),
"active": True,
"user_slug": slugify(first_name + ' ' + last_name),
"roles": [user_mongo_utils.get_role_id('individual')],
"organization": []
}
user = user_mongo_utils.get_user_by_facebook_id(id)
if user == None:
# Regiser user
user_mongo_utils.add_user(user_json)
user = user_mongo_utils.get_user_by_facebook_id(id)
# login user
login_user(user)
else:
login_user(user)
return redirect(url_for('profile.profile_settings',
username=user.username))
def register_new_user(**kwargs):
from survaider.security.controller import user_datastore
reg_dat = get_connection_values_from_oauth_response(kwargs['provider'], kwargs['oauth_response'])
user = user_datastore.create_user(email = reg_dat['email'], password = str(uuid.uuid4()))
user.metadata['full_name'] = reg_dat['full_name'] if 'full_name' in reg_dat else reg_dat['display_name'] if 'display_name' in reg_dat else None
user.save()
reg_dat['user_id'] = str(user)
connect_handler(reg_dat, kwargs['provider'])
login_user(user)
return True
def login_user_if_possible(data, *args, **kwargs):
if "user_email" in data and "user_password" in data:
email = data["user_email"]
password = data["user_password"]
user = models.User.query.filter_by(email=email).first()
if not user:
raise ProcessingException(description='unauthorized', code=401)
if not verify_password(password, user.password):
raise ProcessingException(description='unauthorized', code=401)
login_user(user)
del data["user_password"]
if 'user_name' in data:
del data['user_name']
del data['user_email']
data["user_id"] = user.id
def post(self):
parser = request.get_json()
if parser is None:
abort(400)
email = parser.get('email')
password = parser.get('password')
if email is None or password is None:
abort(400)
if user_datastore.find_user(email=email) is None:
abort(403)
user = user_datastore.find_user(email=email)
if user.verify_password(password) is False:
abort(403)
login_user(user, remember = True)
return jsonify({"message": "Login as %s" % current_user.email})
def post(self):
data = get_data()
if data is not None:
form = self.form_class(MultiDict(data))
else:
form = self.form_class()
if form.validate_on_submit():
login_user(form.user, remember=form.remember.data)
after_this_request(_commit)
# This returns the response and the status code. See function.
return authentication_response(form)
return form.as_json(), 400
def login_user_if_possible(data, *args, **kwargs):
if "user_email" in data and "user_password" in data:
email = data["user_email"]
password = data["user_password"]
user = models.User.query.filter_by(email=email).first()
if not user:
raise ProcessingException(description='unauthorized', code=401)
if not verify_password(password, user.password):
raise ProcessingException(description='unauthorized', code=401)
login_user(user)
del data["user_password"]
if 'user_name' in data:
del data['user_name']
del data['user_email']
data["user_id"] = user.id
def login():
if current_user.is_authenticated():
return redirect(request.referrer or '/')
form = LoginForm()
if form.validate_on_submit():
login_user(form.user, remember=form.remember.data)
return redirect(get_post_login_redirect())
return render_template('security/login.html',
active_nav_band = "Login",
form=form)
def post(self):
data = get_data()
if data is not None:
form = self.form_class(MultiDict(data))
else:
form = self.form_class()
if form.validate_on_submit():
login_user(form.user, remember=form.remember.data)
after_this_request(_commit)
# This returns the response and the status code. See function.
return authentication_response(form)
return form.as_json(), 400
def return_label():
'''
Retrun label
'''
rm = resources.model
fill_selects()
weather = get_weather()
if weather:
track = db.session.query(rm.Track).filter_by(id=weather.track).first()
g.session = weather.session
else:
track = False
if not track:
name = u"Трек не выбран"
else:
name = track.name
form = ReturnLabel()
if current_user.is_anonymous():
g.anonymous = 1
user_info = None
else:
g.anonymous = 0
user_info = db.session.query(rm.UserInfo).filter_by(id=current_user.user_info).first()
if form.validate_on_submit():
rf = request.form
if rf.getlist('btn_user_ok'):
login_user(form.user, remember=False)
if current_user.is_active():
g.anonymous = 0
user_info = db.session.query(rm.UserInfo).filter_by(id=current_user.user_info).first()
if rf.getlist('btn_ok'):
label=re.sub(r'(\.)+',r'',rf.getlist('label_id')[0])
label_id = db.session.query(rm.Label).filter_by(label_id=label).first()
if label_id == None:
g.label_id = 'None'
return render_template('return_label.html', form=form, weather=weather, track=name, user_info=user_info)
if label_id != None and label_id.user_id == 0:
g.label_id = 0
return render_template('return_label.html', form=form, weather=weather, track=name, user_info=user_info)
if label_id != None and label_id.user_id > 0:
# g.label_id = label_id.label_id
db.session.query(rm.Label).filter_by(label_id=label).update({'user_id':0})
db.session.commit()
return render_template('return_label.html', form=form, weather=weather, track=name, user_info=user_info)
if rf.getlist('btn_cancel'):
return redirect('/admin')
return render_template('return_label.html', form=form, weather=weather, track=name, user_info=user_info)
def fake_login():
"""
Dummy login function. Logs in any user without password.
This should only made available during development! This currently is only
added to the URL rules if the application is started manually. When running
as a WSGI app (f.ex.: behind Apache), this route is unavailable for obvious
reasons.
"""
from flask.ext.security import login_user
from flask import request
if not current_app.debug:
return 'Access Denied!', 500
usermail = request.args.get('email', '*****@*****.**')
user_query = mdl.DB.session.query(mdl.User).filter_by(email=usermail)
user = user_query.first()
if not user:
user = current_app.user_datastore.create_user(
email=usermail,
name='Fake User',
active=True,
confirmed_at=datetime.now(),
)
else:
mdl.DB.session.add(user)
if 'admin' in usermail:
role_query = mdl.DB.session.query(mdl.Role).filter_by(
name=mdl.Role.ADMIN)
try:
role = role_query.one()
except NoResultFound:
role = mdl.Role(name=mdl.Role.ADMIN)
user.roles.append(role)
elif 'staff' in usermail:
role_query = mdl.DB.session.query(mdl.Role).filter_by(name='staff')
try:
role = role_query.one()
except NoResultFound:
role = mdl.Role(name=mdl.Role.STAFF)
user.roles.append(role)
current_app.user_datastore.commit()
login_user(user)
mdl.DB.session.commit()
return redirect(url_for('root.profile'))
def authenticate():
"""
Authenticate user
email: valid, registered email address
password: valid password for email
"""
payload = get_post_payload()
email = param_required('email', payload)
password = param_required('password', payload)
user = models.User.query.filter_by(email=email).first()
if not user:
raise DbException('unknown user', 400)
if not verify_password(password, user.password):
raise DbException('invalid password', 400)
login_user(user)
return jsonify({})
def get_object(self, id):
""" overriding base get_object flow
"""
if request.json and 'token' in request.json:
token = request.json['token']
expired, invalid, instance = confirm_email_token_status(token)
confirm_user(instance)
instance.save()
login_user(instance, True)
elif current_user.is_superuser():
instance = User.query.get_or_404(id)
else:
instance = current_user
instance is None and abort(http.NOT_FOUND)
return instance
def get_object(self, id):
""" overriding base get_object flow
"""
if request.json and 'token' in request.json:
token = request.json['token']
expired, invalid, instance = confirm_email_token_status(token)
confirm_user(instance)
instance.save()
login_user(instance, True)
elif current_user.is_superuser():
instance = User.query.get_or_404(id)
else:
instance = current_user
instance is None and abort(http.NOT_FOUND)
return instance
def google_authorized():
# check to make sure the user authorized the request
if not 'code' in request.args:
flash('You did not authorize the request')
return redirect(url_for('auth.login'))
# make a request for the access token credentials using code
redirect_uri = url_for('auth.google_authorized', _external=True)
data = {
'code': request.args['code'],
'grant_type': 'authorization_code',
'redirect_uri': redirect_uri
}
g_session = google.get_auth_session(data=data, decoder=json.loads)
me = g_session.get('userinfo').json()
first_name = me['given_name']
last_name = me['family_name']
password = ''.join(random.choice('abcdefghij') for _ in range(10))
id = me['id']
user_json = {
"facebook_id": id,
"name": first_name,
"lastname": last_name,
"email": '',
"username": first_name + last_name + '-' + str(ObjectId()),
"password": bcrypt.generate_password_hash(password, rounds=12),
"active": True,
"user_slug": slugify(first_name + ' ' + last_name),
"roles": [user_mongo_utils.get_role_id('individual')],
"organization": []
}
user = user_mongo_utils.get_user_by_facebook_id(id)
if user == None:
# Regiser user
user_mongo_utils.add_user(user_json)
user = user_mongo_utils.get_user_by_facebook_id(id)
# login user
login_user(user)
else:
login_user(user)
return redirect(url_for('profile.profile_settings',
username=user.username))
def register(provider_id=None):
print 'REGISTER'
if current_user.is_authenticated():
return redirect(request.referrer or '/')
print 'HELLLLLLOOOOO'
form = RegisterForm()
if provider_id:
print provider_id
provider = get_provider_or_404(provider_id)
connection_values = session.get('failed_login_connection', None)
else:
provider = None
connection_values = None
print 'true?'
print provider
print connection_values
print form.validate_on_submit()
print form.email.data
if provider and connection_values and form.validate_on_submit():
char_set = string.ascii_uppercase + string.digits
ds = current_app.security.datastore
user = ds.create_user(email=form.email.data,
password=''.join(random.sample(
char_set * 32, 32)))
user.api_key = ''.join(random.sample(char_set * 32, 32))
ds.commit()
# See if there was an attempted social login prior to registering
# and if so use the provider connect_handler to save a connection
connection_values = session.pop('failed_login_connection', None)
if connection_values:
connection_values['user_id'] = user.id
connect_handler(connection_values, provider)
if login_user(user):
ds.commit()
flash('Account created successfully', 'info')
return redirect(url_for('profile'))
return render_template('thanks.html', user=user)
login_failed = int(request.args.get('login_failed', 0))
print "login failed? "
print login_failed
return render_template('register.html',
form=form,
provider=provider,
login_failed=login_failed,
connection_values=connection_values)
def register_new_user(**kwargs):
from survaider.security.controller import user_datastore
reg_dat = get_connection_values_from_oauth_response(
kwargs['provider'], kwargs['oauth_response'])
user = user_datastore.create_user(email=reg_dat['email'],
password=str(uuid.uuid4()))
user.metadata['full_name'] = reg_dat[
'full_name'] if 'full_name' in reg_dat else reg_dat[
'display_name'] if 'display_name' in reg_dat else None
user.save()
reg_dat['user_id'] = str(user)
connect_handler(reg_dat, kwargs['provider'])
login_user(user)
return True
def check_if_user_exists(data, *args, **kwargs):
if current_user.is_authenticated():
data["user_id"] = current_user.id
return
user_name = data.get('user_name')
user_email = data.get('user_email')
user_legacy_email = None
if 'user_legacy_email' in data:
user_legacy_email = data.get('user_legacy_email')
del data['user_legacy_email']
if not user_name:
raise ProcessingException(
description=ExceptionMessages.MISSING_PARAM.format(
param='user_name'),
code=401)
if not user_email:
raise ProcessingException(
description=ExceptionMessages.MISSING_PARAM.format(
param='user_email'),
code=401)
user, is_new = models.User.get_or_create_by_email(
email=user_email,
role_name=Constants.REVIEWER_ROLE,
user_legacy_email=user_legacy_email,
name=user_name)
if not is_new:
# TODO maybe display a passwd field if user is not new?
raise ProcessingException(description=ExceptionMessages.USER_EXISTS %
user_email,
code=401)
db.session.add(user)
db.session.commit()
login_user(user)
if 'user_name' in data:
del data['user_name']
del data['user_email']
data['user_id'] = user.id
def sign_up():
if request.method == "GET":
return render_template('mod_auth/sign_up.html')
elif request.method == "POST":
name = request.form['name']
lastname = request.form['lastname']
email = request.form["email"]
password = request.form["password"]
confirm_password = request.form['confirm_password']
user_check = user_mongo_utils.get_user(email=email)
if user_check:
error = "A user with that e-mail already exists in the database"
return render_template('mod_auth/sign_up.html', error=error)
else:
if password == confirm_password:
user_json = {
"name": name,
"lastname": lastname,
"email": email,
"username": name + lastname + '-' + str(ObjectId()),
"password": bcrypt.generate_password_hash(password,
rounds=12),
"active": True,
"user_slug": slugify(name + ' ' + lastname),
"roles": [user_mongo_utils.get_role_id('individual')],
"organization": []
}
# Regiser user
user_mongo_utils.add_user(user_json)
# login user
user_data = user_mongo_utils.get_user(email=email)
login_user(user_data)
return redirect(
url_for('profile.profile_settings',
username=user_data.username))
else:
error = "Passowrds didn't match"
return render_template('mod_auth/sign_up.html', error=error)
def new_dhbox():
data = {key: request.form.getlist(key)[0] for key in request.form.keys()}
for key in data:
users_dict = key
users_dict = ast.literal_eval(users_dict)
users = users_dict['users']
for user in users:
if 'name' in user:
if 'email' in user: # Then is DH Box admin
name_check = User.query.filter(
User.name == user['name']).first()
email_check = User.query.filter(
User.name == user['email']).first()
if name_check or email_check:
print "Username taken. Already has a DH Box."
return str('failure')
admin_user = user['name']
admin_email = user['email']
admin_pass = user['pass']
if user['duration'] == 'day':
duration = 86400
elif user['duration'] == 'week':
duration = 604800
else:
duration = 2592000
# if user['duration'] == 'week':
# duration = 604800
# elif user['duration'] == 'month':
# duration = 2592000
# else:
# duration = 13148730
admin_user_object = user_datastore.create_user(
email=user['email'],
name=user['name'],
password=user['pass'],
dhbox_duration=duration)
db.session.commit()
login_user(admin_user_object)
the_new_dhbox = DockerBackend.setup_new_dhbox(
admin_user, admin_pass, admin_email)
return str('Successfully created a new DH Box.')
def login():
"""For GET requests, display the login form. For POSTS, login the current user
by processing the form and storing the taskid."""
msg=''
form = LoginForm()
if form.validate_on_submit():
try:
user = User.query.get(int(form.userid.data))
except:
user = False
#check if task id belongs to user
try:
task_id = tasks_users.query.filter_by(task_id=form.taskid.data).first()
1/(task_id.user_id==user.id)
except:
user = False
if user:
user.authenticated = True
db.session.add(user)
db.session.commit()
#log the user in
login_user(user, remember=True)
#set up task
flask.session['taskid']=form.taskid.data
#get all buildings gids from task and storing in session
flask.session['bdg_gids'] = task.query.filter_by(id=flask.session['taskid']).first().bdg_gids
#get all img gids from task and storing in session
flask.session['img_gids'] = task.query.filter_by(id=flask.session['taskid']).first().img_ids
#flags for screened buildings
flask.session['screened'] = [False]*len(flask.session['bdg_gids'])
#language is set in babel locale in __init__.py
#get gid's of attribute values as defined in dic_attribute_value as python dictionary
dic_attribute_val_query=dic_attribute_value.query.all()#.options(load_only("gid","attribute_value"))
dic_attribute_val_py={}
for attribute in dic_attribute_val_query:
dic_attribute_val_py[attribute.attribute_value] = attribute.gid
flask.session['dic_attribute_val_py']=dic_attribute_val_py
return flask.redirect(flask.url_for("main"))
else:
msg='Wrong combination of UserID and TaskID'
return flask.render_template("index.htm", form=form,msg=msg)
def foursquare_login():
import foursquare
client = foursquare.Foursquare(
client_id=app.config['FOURSQUARE_CLIENT_ID'],
client_secret=app.config['FOURSQUARE_CLIENT_SECRET'],
redirect_uri=url_for('.foursquare_login', _external=True))
if 'error' in request.args:
flash('Foursquare login failed: {}'.format(request.args['error']))
return redirect(url_for_security('login'), 307)
elif 'code' in request.args:
access_token = client.oauth.get_token(request.args['code'])
client.set_access_token(access_token)
foursquare_user = client.users()
try:
email = foursquare_user['user']['contact']['email']
except KeyError:
app.logger.debug(
"Failed to pluck email from {}".format(foursquare_user),
exc_info=True)
flash("Couldn't determine your email address from Foursquare")
return redirect(url_for_security('login'), 307)
user = user_datastore.find_user(email=email)
if user is None:
user = user_datastore.create_user(email=email)
if user.foursquare_access_token != access_token:
user.foursquare_access_token = access_token
user_datastore.commit()
login_user(user)
# TODO: stuff next into the session, pull it back out here
declared = session.pop('FOURSQUARE_POST_LOGIN_NEXT', None)
redirect_to = get_post_login_redirect(declared=declared)
return redirect(redirect_to, 307)
else:
auth_uri = client.oauth.auth_url()
session['FOURSQUARE_POST_LOGIN_NEXT'] = request.args.get('next')
return redirect(auth_uri, 307)
def another_try(app, provider_id, oauth_response):
connect_handler = providers[provider_id].connect_handler
connection_values = connect_handler.get_connection_values(oauth_response)
user_kwargs = {
'first_name':
connection_values['display_name'],
'email':
"{}@{}".format(connection_values['provider_user_id'],
connection_values['provider_id']),
'password':
uuid.uuid4().hex,
'roles': [app.config['USER_ROLE']]
}
user = user_ds.find_user(email=user_kwargs['email']) or \
user_ds.create_user(**user_kwargs)
connection_values['user_id'] = user.id
connection_ds.create_connection(**connection_values)
connection_ds.commit()
login_user(user)
redirect('/account/')
def post(self):
"""
Registers a user.
JSON params - username (string), password (string)
Returns - form with inline errors if error, authentication response otherwise.
"""
data = get_data()
if data is not None:
form = self.form_class(MultiDict(data))
else:
form = self.form_class()
if form.validate_on_submit():
user = register_user(**form.to_dict())
form.user = user
if not _security.confirmable or _security.login_without_confirmation:
after_this_request(_commit)
login_user(user)
# This returns the response and the status code. See function.
return authentication_response(form)
return form.as_json(), 400
def register(login_failed=False, **kwargs):
if current_user.is_authenticated():
return redirect(request.referrer or '/')
form = RegisterForm()
ds = get_extension('security', app=current_app).datastore
if form.validate_on_submit():
user = ds.create_user(fullname=form.fullname.data,
email=form.email.data,
password=form.password.data)
ds.commit()
login_user(user)
ds.commit()
flash('Account created successfully', 'info')
return index(show_modal='profile')
if form.errors:
show_modal = 'signup'
else:
show_modal = None
return index(register_form=form, show_modal=show_modal)
def _login_handler(provider_id, provider_user_id, oauth_response):
"""Shared method to handle the signin process
"""
if current_user.is_authenticated():
return redirect("/")
display_name = get_display_name(provider_id)
current_app.logger.debug('Attempting login via %s with provider user '
'%s' % (display_name, provider_user_id))
try:
method = connection_datastore.get_connection_by_provider_user_id
connection = method(provider_id, provider_user_id)
user = user_datastore.with_id(connection.user_id)
if login_user(user):
redirect_url = session.pop(POST_OAUTH_LOGIN_SESSION_KEY,
get_post_login_redirect())
current_app.logger.debug('User logged in via %s. Redirecting to '
'%s' % (display_name, redirect_url))
return redirect(redirect_url)
else:
current_app.logger.info('Inactive local user attempted '
'login via %s.' % display_name)
do_flash("Inactive user", "error")
except ConnectionNotFoundError:
current_app.logger.info('Login attempt via %s failed because '
'connection was not found.' % display_name)
msg = '%s account not associated with an existing user' % display_name
do_flash(msg, 'error')
"""
except Exception, e:
current_app.logger.error('Unexpected error signing in '
'via %s: %s' % (display_name, e))
"""
social_login_failed.send(current_app._get_current_object(),
provider_id=provider_id,
oauth_response=oauth_response)
return redirect(login_manager.login_view)
def login():
form = LoginForm()
if request.method == "POST" and "username" in request.form:
username = request.form["username"]
password = request.form["password"]
remember = request.form.get("remember", "no") == "yes"
user = User.query.filter_by(username=username,
password=password).first()
# TODO Hash password for check
if user:
if login_user(user, remember=remember):
flash("Logged in!")
return redirect(request.args.get("next") or url_for("index"))
else:
flash("Sorry, but you could not log in.")
else:
flash("Invalid username.")
return render_template("login.html", form=form)
def register(provider_id=None):
if current_user.is_authenticated():
return redirect(request.referrer or '/')
form = RegisterForm()
if provider_id:
provider = get_provider_or_404(provider_id)
connection_values = session.get('failed_login_connection', None)
else:
provider = None
connection_values = None
if form.validate_on_submit():
ds = current_app.security.datastore
user = ds.create_user(email=form.email.data,
password=form.password.data)
ds.commit()
# See if there was an attempted social login prior to registering
# and if so use the provider connect_handler to save a connection
connection_values = session.pop('failed_login_connection', None)
if connection_values:
connection_values['user_id'] = user.id
connect_handler(connection_values, provider)
if login_user(user):
ds.commit()
flash('Account created successfully', 'info')
return redirect(url_for('profile'))
return render_template('thanks.html', user=user)
login_failed = int(request.args.get('login_failed', 0))
return render_template('register.html',
form=form,
provider=provider,
login_failed=login_failed,
connection_values=connection_values)
def setUp(self):
ctx = self.app.test_request_context('/')
ctx.push()
login_user(self.SHOP_OWNER_USER)
def facebook_authorized(resp):
next_url = request.args.get('next') or '/'
if resp is None or 'access_token' not in resp:
return redirect(next_url)
session['facebook_token'] = (resp['access_token'], '')
data = facebook.get('/me').data
profile_picture = 'https://graph.facebook.com/' + data[
'id'] + '/picture?width=1000'
# profile_picture = facebook.get('/me/picture').data
if 'id' in data and 'name' in data and 'email' in data and 'link' in data:
provider_user_id = data['id']
name = data['name']
username = data['username']
user_email = data['email']
profile_url = data['link']
# profile_picture = profile_picture['url']
generated_name = str(uuid.uuid1()) + '.jpg'
user = User.query.filter(User.email == user_email).first()
if not user:
user = users.create_user(name=name,
email=user_email,
password=None,
active=True)
users.commit()
current_user_id = str(user.id)
folder_path = app.config[
'UPLOADS_FOLDER'] + '/user/' + current_user_id + '/'
new_folder = os.path.dirname(folder_path)
if not os.path.exists(new_folder):
os.makedirs(new_folder)
filepath = os.path.join(folder_path, generated_name)
urllib.urlretrieve(profile_picture, filepath)
new_photo = 'user/' + current_user_id + '/' + generated_name
User.query.filter(User.id == user.id).update(
{User.photo: new_photo})
connection = Connection.query.filter(
Connection.user_id == user.id,
Connection.provider_id == 'facebook').first()
if not connection:
print "no prior connection"
connection = Connection(user=user,
provider_id='facebook',
provider_user_id=provider_user_id,
access_token=resp['access_token'],
profile_url=profile_url,
image_url=generated_name,
full_name=name,
display_name=username)
db.session.add(connection)
db.session.commit()
else:
print "updating prior connection"
connection.access_token = resp['access_token']
db.session.commit()
if connection and login_user(user):
users.commit()
return redirect(next_url)
return redirect("/login")
