def oauth_logout(): if not current_user.is_authenticated: return redirect(get_post_logout_redirect()) for key in list(session.keys()): session.pop(key) logout_user() return redirect(get_post_logout_redirect())
def confirm_email(token): """View function which handles a email confirmation request.""" expired, invalid, user = confirm_email_token_status(token) if not user or invalid: invalid = True already_confirmed = user is not None and user.confirmed_at is not None expired_and_not_confirmed = expired and not already_confirmed if expired_and_not_confirmed: send_confirmation_instructions(user) if invalid or expired_and_not_confirmed: return redirect(get_url(_security.confirm_error_view)) if confirm_user(user): after_this_request(_commit) if user != current_user: logout_user() login_user(user) return redirect(get_url(_security.post_confirm_view))
def logout(): if current_user.is_authenticated: current_app.logger.info('{} logged out'.format(current_user.username)) logout_user() return redirect(url_for('Public.index')) else: return '<h1>you are not logged in</h1>'
def webserver_logout(): logout_user() return Response( render_template( "browser/kerberos_logout.html", login_url=url_for('security.login'), ))
def protected(): print current_user.to_json() print ', '.join(['%s:%s' % item for item in current_user.__dict__.items()]) if current_user <> AnonymousUser and not current_user.is_active: logout_user() return "you've been logged out!" return "protected view!"
def test_load_permissions_on_identity_loaded(app): """Check that the needs are loaded properly in the user Identity.""" InvenioAccess(app) with app.test_request_context(): identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) assert g.identity.provides == {any_user} with app.test_request_context(): user = testutils.create_test_user('*****@*****.**') login_user(user) assert g.identity.provides == { any_user, authenticated_user, UserNeed(user.id) } logout_user() # FIXME: The user is still authenticatd when the identity loader # is called during logout. We could filter on AnonymousIdentity, but # This would be inconsistent as the UserNeed(user.id) is still there. # This will pass even if it is unexpected: # assert g.identity.provides == { # any_user, authenticated_user, UserNeed(user.id) # } # Forcing the identity to reload again cleans the mess. In practice # this won't be needed as the identity is reloaded between requests. identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) assert g.identity.provides == {any_user}
def before_request(): """Login the default user if running in desktop mode""" # Check the auth key is valid, if it's set, and we're not in server # mode, and it's not a help file request. if not config.SERVER_MODE and app.PGADMIN_INT_KEY != '' and ( ('key' not in request.args or request.args['key'] != app.PGADMIN_INT_KEY) and request.cookies.get('PGADMIN_INT_KEY') != app.PGADMIN_INT_KEY and request.endpoint != 'help.static'): abort(401) if not config.SERVER_MODE and not current_user.is_authenticated: user = user_datastore.get_user(config.DESKTOP_USER) # Throw an error if we failed to find the desktop user, to give # the sysadmin a hint. We'll continue to try to login anyway as # that'll through a nice 500 error for us. if user is None: app.logger.error( 'The desktop user %s was not found in the configuration ' 'database.' % config.DESKTOP_USER) abort(401) login_user(user) # if the server is restarted the in memory key will be lost # but the user session may still be active. Logout the user # to get the key again when login if config.SERVER_MODE and current_user.is_authenticated and \ current_app.keyManager.get() is None and \ request.endpoint not in ('security.login', 'security.logout'): logout_user()
def post(self): logout_user() return { "version": api_version, "message": "Successfully logged out", "data": {} }, 200
def confirm_change_email(token): """View function which handles a change email confirmation request. Based on confirm_email in Flask-Security.""" expired, invalid, user, new_email = ( confirm_change_email_token_status(token)) if not user or invalid: invalid = True do_flash(*get_message('INVALID_CONFIRMATION_TOKEN')) if expired: send_change_email_confirmation_instructions(user, new_email) do_flash(*(('You did not confirm your change of email within {0}. ' 'New instructions to confirm your change of email have ' 'been sent to {1}.' ).format(_security.confirm_email_within, new_email), 'error')) if invalid or expired: return redirect(url_for('home')) if user != current_user: logout_user() login_user(user) if change_user_email(user, new_email): after_this_request(_commit) msg = ('Thank you. Your change of email has been confirmed.', 'success') else: msg = ('Your change of email has already been confirmed.' 'info') do_flash(*msg) return redirect(url_for('home'))
def logout(): try: logout_user() return redirect(url_for('main.index')) except Exception as inst: message = {"result":"error"} logging.error(str(type(inst))+'\n Tipo de error: '+str(inst)+ '['+str(datetime.now())+']') return render_template('error.html')
def logout(): if current_user.is_authenticated: logout_user() if not request.is_json: return redirect(url_for('admin.index')) return '', HTTPStatus.NO_CONTENT
def logout(): """View function which handles a logout request.""" logout_user() _logger.debug('User logged out') next_url = request.args.get('next', None) post_logout_url = get_url(_security.post_logout_view) return redirect(next_url or post_logout_url)
def delete(self): args = self.parser['delete'].parse_args() if current_user.authorize(args['password']): user_store.delete_user(current_user) db.session.commit() logout_user() return {'Message': 'Account removed'} else: return errors.InvalidCredentials()
def post(self): if current_user.is_want_leave: user_datastore.delete_user(current_user) logout_user() user_datastore.commit() flash('Your account is successfully deleted!') return redirect(url_for('MainView:index')) else: flash('It is wrong approach!!!') return render_template('error/404.html')
def delete_account(): user = flask_login.current_user if request.method == 'GET': return render_template('delete-account.html', user=user) else: dbu = User.query.get(user.id) logout_user() db.session.delete(dbu) db.session.commit() return redirect('/', code=303)
def change_password(self, pk): user = self.get_one(str(pk)) form = CanellaChangePasswordForm(user=user) if form.validate_on_submit(): change_password(user, form.password.data) db.session.commit() if user.email == current_user.email: logout_user() flash(gettext('Password changed successfully')) return redirect(url_for('.index_view')) return self.render('admin/model/create.html', form=form)
def kerberos_logout(): logout_user() if 'KRB5CCNAME' in session: # Remove the credential cache cache_file_path = session['KRB5CCNAME'].split(":")[1] if path.exists(cache_file_path): remove(cache_file_path) return Response(render_template("browser/kerberos_logout.html", login_url=url_for('security.login'), ))
def logout(): id = session['session_id'] b = Borg() db_proxy = b.settings[id]['dbProxy'] db_proxy.close() del b.settings[id] session.pop(id,None) logout_user() resp_dict = {'message': 'Logged out'} resp = make_response(encode(resp_dict), OK) resp.headers['Content-type'] = 'application/json' return resp
def post(self, **kwargs): """Confirm user email.""" user = self.get_user(**kwargs) if user != current_user: logout_user() if confirm_user(user): after_this_request(_commit) return jsonify({"message": get_message("EMAIL_CONFIRMED")[0]}) else: return jsonify({"message": get_message("ALREADY_CONFIRMED")[0]})
def logout(): id = session['session_id'] b = Borg() db_proxy = b.settings[id]['dbProxy'] db_proxy.close() del b.settings[id] session.pop(id, None) logout_user() resp_dict = {'message': 'Logged out'} resp = make_response(encode(resp_dict), OK) resp.headers['Content-type'] = 'application/json' return resp
def oauth_authorize(): auth_obj = session['auth_obj'] auth_obj.set_current_source(auth_obj.source.get_source_name()) status, msg = auth_obj.login() if status: session['auth_source_manager'] = auth_obj.as_dict() if 'auth_obj' in session: session.pop('auth_obj') return redirect(get_post_login_redirect()) if 'auth_obj' in session: session.pop('auth_obj') logout_user() flash(msg, 'danger') return redirect(get_post_login_redirect())
def log_out(): utils.logout_user() token = request.args.get('token') serializer = current_app.extensions['security'].remember_token_serializer data = serializer.loads(token) user_id = data[0] #Find the User user = User.query.filter_by(id=user_id).first() user.token = None user.is_logged_in = False db.session.commit() status = True return jsonify({"success": status})
def post(self): args = self.parser['post'].parse_args() if user_store.find_user(email=args['email']): return errors.UserAlreadyExist() if args['password'] != args['confirm']: return errors.PasswordConfirmationInvalid() user = user_store.create_user(email=args['email'], password=args['password']) profile = Profile(user=user, name=args['name']) msg = send_confirmation_email(args['email'], args['name']) if msg.status_code not in [250]: return errors.CouldNotSendEmail() else: db.session.commit() logout_user() return {'user': user.email}
def destroy(user_id): """ Delete user. @login_required :param user_id: :return: """ user = users.get_or_404(user_id) if users.user_equals_me(user): users.delete_user(user) if not current_app.testing: logout_user() return {} if users.has_admin(): users.delete_user(user) return {} else: return {}, 401
def check_youckan_cookie(): # Do not interfere with authorize endpoint if request.endpoint == 'youckan.authorized': return # Force session open and close depending on the youckan session state session_cookie_name = current_app.config['YOUCKAN_SESSION_COOKIE'] logged_cookie_name = '{0}.logged'.format(current_app.config['YOUCKAN_AUTH_COOKIE']) if session_cookie_name in request.cookies and logged_cookie_name in request.cookies: session_id = request.cookies[session_cookie_name] if not current_user.is_authenticated or 'youckan.token' not in session: return youckan.authorize( callback=url_for('youckan.authorized', _external=True, _scheme='https'), state=encode_state(session_id), next=request.url.replace('http://', 'https://') ) elif current_user.is_authenticated: logout_user()
def login_users_post(): try: email = request.form.get('email') password = request.form.get('password') remember = True if request.form.get('remember') else False # Consultamos si existe un usuario ya registrado con el email. user = User.query.filter_by(email=email).first() # Verificamos si el usuario existe, encriptamos el password y lo comparamos con # el de la BD. if not user or not check_password_hash(user.password, password): # Si el usuario no existe o no coinciden los passwords flash('El usuario y/o la contraseña son incorrectos') # Error de Autenticación return redirect(url_for('auth.login_users')) # En este punto el usuario tiene los datos correctos try: # Creamos una sessión y logueamso al usuario. login_user(user, remember=remember) if current_user.has_role('cliente') or current_user.has_role( 'admin') or current_user.has_role('empleado'): flash('Bienvenido ' + current_user.name) return redirect(url_for('main.index')) else: logout_user() flash('No tienes permiso para acceder al sistema') return redirect(url_for('auth.login_users')) except: flash('Error al iniciar sesión') return redirect(url_for('auth.login_users')) except: flash('El usuario y/o la contraseña son incorrectos') return redirect(url_for('auth.login_users')) return redirect(url_for('main.index'))
def _logout(self): logout_user()
def logout(): logout_user() flash('You are logged out.', 'info') return redirect(url_for('public.home'))
def logout(): '''Perform a local logout and redirect to youckan''' session.pop('youckan.token', None) logout_user() return redirect(urljoin(current_app.config['YOUCKAN_URL'], 'logout'))
def logout(self): current_user.reset_secret() logout_user() return dict(status=200, message='You have been logged out')
def logout(): utils.logout_user() return "logged out"
def protected(): if current_user != AnonymousUser and not current_user.is_active: logout_user() return "you've been logged out!" return "Success, it's protected view!"
def logout(): logout_user() return redirect("/")
def logout(): logout_user() #flash(u'You have been signed out') flash(u'登出成功') return redirect("/login") #redirect(request.args.get('next', None))
def logout(): for token in ['twitter', 'facebook', 'google']: session.pop('{0}_oauth'.format(token), None) logout_user()
def reconnect(provider_id): """Tokens automatically refresh with login. Logs user out and starts provider login OAuth flow """ logout_user() return login(provider_id)
def logout(): logout_user() return redirect(url_for('index'))
def logout(): logout_user() return redirect(url_for('base.index'))
def logout_mturk_user(): session.clear() utils.logout_user()