def test_redirect(self):
     """Tests whether on redirection the user is being redirected to the proper authentication url of Facebook"""
     with app.test_request_context():
         facebook = get_facebook_auth()
         auth_url = facebook.authorization_url(FbOAuth.get_auth_uri(),
                                               access_type='offline')[0]
         self.assertTrue(FbOAuth.get_auth_uri() in auth_url)
def get_facebook_auth(state=None, token=None):
    if token:
        return OAuth2Session(FbOAuth.get_client_id(), token=token)
    if state:
        return OAuth2Session(FbOAuth.get_client_id(), state=state, scope=FbOAuth.SCOPE,
                             redirect_uri=FbOAuth.get_redirect_uri())
    oauth = OAuth2Session(FbOAuth.get_client_id(), scope=FbOAuth.SCOPE, redirect_uri=FbOAuth.get_redirect_uri())
    return oauth
def get_facebook_auth(state=None, token=None):
    if token:
        return OAuth2Session(FbOAuth.get_client_id(), token=token)
    if state:
        return OAuth2Session(FbOAuth.get_client_id(), state=state, scope=FbOAuth.SCOPE,
                             redirect_uri=FbOAuth.get_redirect_uri())
    oauth = OAuth2Session(FbOAuth.get_client_id(), scope=FbOAuth.SCOPE, redirect_uri=FbOAuth.get_redirect_uri())
    return oauth
Exemple #4
0
def facebook_callback():
    if login.current_user is not None and login.current_user.is_authenticated:
        try:
            facebook, __ = get_fb_auth()
            response = facebook.get(FbOAuth.get_user_info())
            if response.status_code == 200:
                user_info = response.json()
                update_user_details(
                    first_name=user_info['first_name'],
                    last_name=user_info['last_name'],
                    facebook_link=user_info['link'],
                    file_url=user_info['picture']['data']['url'])
        except Exception:
            pass
        try:
            if session['next_redirect']:
                return redirect(session['next_redirect'])
        except Exception:
            pass
        return redirect(url_for('admin.index'))
    elif 'error' in request.args:
        if request.args.get('error') == 'access denied':
            flash("You denied access during login.")
            return redirect(url_for('admin.login_view'))
        login.logout_user()
        flash("OAuth Authorization error. Please try again later.")
        return redirect(url_for('admin.login_view'))
    elif 'code' not in request.args and 'state' not in request.args:
        login.logout_user()
        return redirect(url_for('admin.login_view'))
    else:
        facebook, token = get_fb_auth()
        response = facebook.get(FbOAuth.get_user_info())
        if response.status_code == 200:
            user_info = response.json()
            email = user_info['email']
            user_email = DataGetter.get_user_by_email(email, no_flash=True)
            user = create_user_oauth(user_email,
                                     user_info,
                                     token=token,
                                     method='Facebook')
            if user.password is None:
                s = get_serializer()
                email = s.dumps(user.email)
                return redirect(
                    url_for('admin.create_password_after_oauth_login',
                            email=email))
            else:
                login.login_user(user)
                user_logged_in(user)
                return redirect(intended_url())
        flash("OAuth Authorization error. Please try again later.")
        login.logout_user()
        return redirect(url_for('admin.login_view'))
def get_fb_auth():
    facebook = get_facebook_auth()
    state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')[1]
    facebook = get_facebook_auth(state=state)
    if 'code' in request.url:
        code_url = (((request.url.split('&'))[0]).split('='))[1]
    try:
        token = facebook.fetch_token(FbOAuth.get_token_uri(), authorization_url=request.url,
                                     code=code_url, client_secret=FbOAuth.get_client_secret())
    except HTTPError:
        return 'HTTP Error occurred'
    return get_facebook_auth(token=token), token
    def login_view(self):
        if request.method == 'GET':
            google = get_google_auth()
            auth_url, state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')
            session['oauth_state'] = state

            # Add Facebook Oauth 2.0 login
            facebook = get_facebook_auth()
            fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
            session['fb_oauth_state'] = state
            return self.render('/gentelella/admin/login/login.html', auth_url=auth_url, fb_auth_url=fb_auth_url)
        if request.method == 'POST':
            email = request.form['email']
            user = DataGetter.get_user_by_email(email)
            if user is None:
                logging.info('No such user')
                return redirect(url_for('admin.login_view'))
            if user.password != generate_password_hash(request.form['password'], user.salt):
                logging.info('Password Incorrect')
                flash('Incorrect Password', 'danger')
                return redirect(url_for('admin.login_view'))
            login.login_user(user)
            record_user_login_logout('user_login', user)
            logging.info('logged successfully')
            user_logged_in(user)
            return redirect(intended_url())
    def login_view(self):
        if request.method == 'GET':
            google = get_google_auth()
            auth_url, state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')
            session['oauth_state'] = state

            # Add Facebook Oauth 2.0 login
            facebook = get_facebook_auth()
            fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
            session['fb_oauth_state'] = state
            return self.render('/gentelella/admin/login/login.html', auth_url=auth_url, fb_auth_url=fb_auth_url)
        if request.method == 'POST':
            email = request.form['email']
            user = DataGetter.get_user_by_email(email)
            if user is None:
                logging.info('No such user')
                return redirect(url_for('admin.login_view'))
            if user.password != generate_password_hash(request.form['password'], user.salt):
                logging.info('Password Incorrect')
                flash('Incorrect Password', 'danger')
                return redirect(url_for('admin.login_view'))
            login.login_user(user)
            record_user_login_logout('user_login', user)

            # Store user_id in session for socketio use
            session['user_id'] = login.current_user.id

            logging.info('logged successfully')
            user_logged_in(user)
            return redirect(intended_url())
def facebook_callback():
    if login.current_user is not None and login.current_user.is_authenticated:
        try:
            facebook, __ = get_fb_auth()
            response = facebook.get(FbOAuth.get_user_info())
            if response.status_code == 200:
                user_info = response.json()
                update_user_details(first_name=user_info['first_name'],
                                    last_name=user_info['last_name'],
                                    facebook_link=user_info['link'],
                                    file_url=user_info['picture']['data']['url'])
        except Exception:
            pass
        return redirect(url_for('admin.index'))
    elif 'error' in request.args:
        if request.args.get('error') == 'access denied':
            flash("You denied access during login.")
            return redirect(url_for('admin.login_view'))
        login.logout_user()
        flash("OAuth Authorization error. Please try again later.")
        return redirect(url_for('admin.login_view'))
    elif 'code' not in request.args and 'state' not in request.args:
        login.logout_user()
        return redirect(url_for('admin.login_view'))
    else:
        facebook, token = get_fb_auth()
        response = facebook.get(FbOAuth.get_user_info())
        if response.status_code == 200:
            user_info = response.json()
            email = user_info['email']
            user_email = DataGetter.get_user_by_email(email, no_flash=True)
            user = create_user_oauth(user_email, user_info, token=token, method='Facebook')
            if user.password is None:
                s = get_serializer()
                email = s.dumps(user.email)
                return redirect(url_for('admin.create_password_after_oauth_login', email=email))
            else:
                login.login_user(user)
                user_logged_in(user)
                return redirect(intended_url())
        flash("OAuth Authorization error. Please try again later.")
        login.logout_user()
        return redirect(url_for('admin.login_view'))
def facebook_callback():
    if login.current_user is not None and login.current_user.is_authenticated:
        return redirect(url_for('admin.index'))
    elif 'error' in request.args:
        if request.args.get('error') == 'access denied':
            return 'You denied access'
        return 'Error encountered'
    elif 'code' not in request.args and 'state' not in request.args:
        return redirect(url_for('admin.login_view'))
    else:
        facebook = get_facebook_auth()
        state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')[1]
        facebook = get_facebook_auth(state=state)
        if 'code' in request.url:
            code_url = (((request.url.split('&'))[0]).split('='))[1]
        try:
            token = facebook.fetch_token(FbOAuth.get_token_uri(), authorization_url=request.url,
                                         code=code_url, client_secret=FbOAuth.get_client_secret())
        except HTTPError:
            return 'HTTP Error occurred'
        facebook = get_facebook_auth(token=token)
        response = facebook.get(FbOAuth.get_user_info())
        if response.status_code == 200:
            user_info = response.json()
            email = user_info['email']
            user_email = DataGetter.get_user_by_email(email, no_flash=True)
            user = create_user_oauth(user_email, user_info, token=token, method='Facebook')
            if user.password is None:
                s = get_serializer()
                email = s.dumps(user.email)
                return redirect(url_for('admin.create_password_after_oauth_login', email=email))
            else:
                login.login_user(user)
                user_logged_in(user)
                return redirect(intended_url())
        return 'did not find user info'
 def test_redirect(self):
     """Tests whether on redirection the user is being redirected to the proper authentication url of Facebook"""
     with app.test_request_context():
         facebook = get_facebook_auth()
         auth_url = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')[0]
         self.assertTrue(FbOAuth.get_auth_uri() in auth_url)
 def connect_facebook(self):
     facebook = get_facebook_auth()
     fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
     return redirect(fb_auth_url)
 def connect_facebook(self):
     facebook = get_facebook_auth()
     fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
     return redirect(fb_auth_url)