def _create_identity(self): identity = Identity(user=self.user, provider=self.identity_info['provider'], identifier=self.identity_info['identifier'], data=self.identity_info['data'], multipass_data=self.identity_info['multipass_data']) logger.info('Created new identity for %s: %s', self.user, identity) del session['login_identity_info'] db.session.flush() login_user(self.user, identity) return multipass.redirect_success()
def _create_identity(self): identity = Identity(user=self.user, provider=self.identity_info['provider'], identifier=self.identity_info['identifier'], data=self.identity_info['data'], multipass_data=self.identity_info['multipass_data']) logger.info('Created new identity for %s: %s', self.user, identity) del session['login_identity_info'] db.session.flush() login_user(self.user, identity) return multipass.redirect_success()
def _reset_password(self, identity): form = ResetPasswordForm() if form.validate_on_submit(): identity.password = form.password.data flash(_("Your password has been changed successfully."), 'success') login_user(identity.user, identity) # We usually come here from a multipass login page so we should have a target url return multipass.redirect_success() form.username.data = identity.identifier return WPAuth.render_template('reset_password.html', form=form, identity=identity, widget_attrs={'username': {'disabled': True}})
def _reset_password(self, identity): form = ResetPasswordForm() if form.validate_on_submit(): identity.password = form.password.data flash(_("Your password has been changed successfully."), 'success') login_user(identity.user, identity) # We usually come here from a multipass login page so we should have a target url return multipass.redirect_success() form.username.data = identity.identifier return WPAuth.render_template('reset_password.html', form=form, identity=identity, widget_attrs={'username': {'disabled': True}})
def _process_args(self): self.identity_info = load_identity_info() if not self.identity_info or self.identity_info['indico_user_id'] is None: # Just redirect to the front page or whereever we wanted to go. # Probably someone simply used his browser's back button. flash('There is no pending login.', 'warning') return multipass.redirect_success() self.user = User.get(self.identity_info['indico_user_id']) self.emails = sorted(self.user.all_emails & set(self.identity_info['data'].getlist('email'))) self.verification_email_sent = self.identity_info.get('verification_email_sent', False) self.email_verified = self.identity_info['email_verified'] self.must_choose_email = len(self.emails) != 1 and not self.email_verified
def _process_args(self): self.identity_info = load_identity_info() if not self.identity_info or self.identity_info['indico_user_id'] is None: # Just redirect to the front page or whereever we wanted to go. # Probably someone simply used his browser's back button. flash('There is no pending login.', 'warning') return multipass.redirect_success() self.user = User.get(self.identity_info['indico_user_id']) self.emails = sorted(self.user.all_emails & set(self.identity_info['data'].getlist('email'))) self.verification_email_sent = self.identity_info.get('verification_email_sent', False) self.email_verified = self.identity_info['email_verified'] self.must_choose_email = len(self.emails) != 1 and not self.email_verified
def _process(self): login_reason = session.pop('login_reason', None) # User is already logged in if session.user is not None: multipass.set_next_url() return multipass.redirect_success() # Some clients attempt to incorrectly resolve redirections internally. # See https://github.com/indico/indico/issues/4720 for details user_agent = request.headers.get('User-Agent', '') sso_redirect = not any(s in user_agent for s in ('ms-office', 'Microsoft Office')) # If we have only one provider, and this provider is external, we go there immediately # However, after a failed login we need to show the page to avoid a redirect loop if not session.pop( '_multipass_auth_failed', False ) and 'provider' not in request.view_args and sso_redirect: single_auth_provider = multipass.single_auth_provider if single_auth_provider and single_auth_provider.is_external: multipass.set_next_url() return redirect( url_for('.login', provider=single_auth_provider.name)) # Save the 'next' url to go to after login multipass.set_next_url() # If there's a provider in the URL we start the external login process if 'provider' in request.view_args: provider = _get_provider(request.view_args['provider'], True) return provider.initiate_external_login() # If we have a POST request we submitted a login form for a local provider if request.method == 'POST': active_provider = provider = _get_provider( request.form['_provider'], False) form = provider.login_form() if form.validate_on_submit(): response = multipass.handle_login_form(provider, form.data) if response: return response # Otherwise we show the form for the default provider else: active_provider = multipass.default_local_auth_provider form = active_provider.login_form() if active_provider else None providers = list(multipass.auth_providers.values()) return render_template('auth/login_page.html', form=form, providers=providers, active_provider=active_provider, login_reason=login_reason)
def _process(self): login_reason = session.pop('login_reason', None) # User is already logged in if session.user is not None: multipass.set_next_url() return multipass.redirect_success() # If we have only one provider, and this provider is external, we go there immediately # However, after a failed login we need to show the page to avoid a redirect loop if not session.pop('_multipass_auth_failed', False) and 'provider' not in request.view_args: single_auth_provider = multipass.single_auth_provider if single_auth_provider and single_auth_provider.is_external: multipass.set_next_url() return redirect( url_for('.login', provider=single_auth_provider.name)) # Save the 'next' url to go to after login multipass.set_next_url() # If there's a provider in the URL we start the external login process if 'provider' in request.view_args: provider = _get_provider(request.view_args['provider'], True) return provider.initiate_external_login() # If we have a POST request we submitted a login form for a local provider if request.method == 'POST': active_provider = provider = _get_provider( request.form['_provider'], False) form = provider.login_form() if form.validate_on_submit(): response = multipass.handle_login_form(provider, form.data) if response: return response # Otherwise we show the form for the default provider else: active_provider = multipass.default_local_auth_provider form = active_provider.login_form() if active_provider else None providers = multipass.auth_providers.values() return render_template('auth/login_page.html', form=form, providers=providers, active_provider=active_provider, login_reason=login_reason)
def _process(self): login_reason = session.pop('login_reason', None) # User is already logged in if session.user is not None: multipass.set_next_url() return multipass.redirect_success() # If we have only one provider, and this provider is external, we go there immediately # However, after a failed login we need to show the page to avoid a redirect loop if not session.pop('_multipass_auth_failed', False) and 'provider' not in request.view_args: single_auth_provider = multipass.single_auth_provider if single_auth_provider and single_auth_provider.is_external: multipass.set_next_url() return redirect(url_for('.login', provider=single_auth_provider.name)) # Save the 'next' url to go to after login multipass.set_next_url() # If there's a provider in the URL we start the external login process if 'provider' in request.view_args: provider = _get_provider(request.view_args['provider'], True) return provider.initiate_external_login() # If we have a POST request we submitted a login form for a local provider if request.method == 'POST': active_provider = provider = _get_provider(request.form['_provider'], False) form = provider.login_form() if form.validate_on_submit(): response = multipass.handle_login_form(provider, form.data) if response: return response # Otherwise we show the form for the default provider else: active_provider = multipass.default_local_auth_provider form = active_provider.login_form() if active_provider else None providers = multipass.auth_providers.values() return render_template('auth/login_page.html', form=form, providers=providers, active_provider=active_provider, login_reason=login_reason)
def redirect_success(self): return multipass.redirect_success()
def redirect_success(self): return multipass.redirect_success()