def test_redirect(self):
"""Tests whether on redirection the user is being redirected to the proper authentication url of Facebook"""
with app.test_request_context():
facebook = get_facebook_auth()
auth_url = facebook.authorization_url(FbOAuth.get_auth_uri(),
access_type='offline')[0]
self.assertTrue(FbOAuth.get_auth_uri() in auth_url)
def get_facebook_auth(state=None, token=None):
if token:
return OAuth2Session(FbOAuth.get_client_id(), token=token)
if state:
return OAuth2Session(FbOAuth.get_client_id(), state=state, scope=FbOAuth.SCOPE,
redirect_uri=FbOAuth.get_redirect_uri())
oauth = OAuth2Session(FbOAuth.get_client_id(), scope=FbOAuth.SCOPE, redirect_uri=FbOAuth.get_redirect_uri())
return oauth
def get_facebook_auth(state=None, token=None):
if token:
return OAuth2Session(FbOAuth.get_client_id(), token=token)
if state:
return OAuth2Session(FbOAuth.get_client_id(), state=state, scope=FbOAuth.SCOPE,
redirect_uri=FbOAuth.get_redirect_uri())
oauth = OAuth2Session(FbOAuth.get_client_id(), scope=FbOAuth.SCOPE, redirect_uri=FbOAuth.get_redirect_uri())
return oauth
def facebook_callback():
if login.current_user is not None and login.current_user.is_authenticated:
try:
facebook, __ = get_fb_auth()
response = facebook.get(FbOAuth.get_user_info())
if response.status_code == 200:
user_info = response.json()
update_user_details(
first_name=user_info['first_name'],
last_name=user_info['last_name'],
facebook_link=user_info['link'],
file_url=user_info['picture']['data']['url'])
except Exception:
pass
try:
if session['next_redirect']:
return redirect(session['next_redirect'])
except Exception:
pass
return redirect(url_for('admin.index'))
elif 'error' in request.args:
if request.args.get('error') == 'access denied':
flash("You denied access during login.")
return redirect(url_for('admin.login_view'))
login.logout_user()
flash("OAuth Authorization error. Please try again later.")
return redirect(url_for('admin.login_view'))
elif 'code' not in request.args and 'state' not in request.args:
login.logout_user()
return redirect(url_for('admin.login_view'))
else:
facebook, token = get_fb_auth()
response = facebook.get(FbOAuth.get_user_info())
if response.status_code == 200:
user_info = response.json()
email = user_info['email']
user_email = DataGetter.get_user_by_email(email, no_flash=True)
user = create_user_oauth(user_email,
user_info,
token=token,
method='Facebook')
if user.password is None:
s = get_serializer()
email = s.dumps(user.email)
return redirect(
url_for('admin.create_password_after_oauth_login',
email=email))
else:
login.login_user(user)
user_logged_in(user)
return redirect(intended_url())
flash("OAuth Authorization error. Please try again later.")
login.logout_user()
return redirect(url_for('admin.login_view'))
def get_fb_auth():
facebook = get_facebook_auth()
state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')[1]
facebook = get_facebook_auth(state=state)
if 'code' in request.url:
code_url = (((request.url.split('&'))[0]).split('='))[1]
try:
token = facebook.fetch_token(FbOAuth.get_token_uri(), authorization_url=request.url,
code=code_url, client_secret=FbOAuth.get_client_secret())
except HTTPError:
return 'HTTP Error occurred'
return get_facebook_auth(token=token), token
def login_view(self):
if request.method == 'GET':
google = get_google_auth()
auth_url, state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')
session['oauth_state'] = state
# Add Facebook Oauth 2.0 login
facebook = get_facebook_auth()
fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
session['fb_oauth_state'] = state
return self.render('/gentelella/admin/login/login.html', auth_url=auth_url, fb_auth_url=fb_auth_url)
if request.method == 'POST':
email = request.form['email']
user = DataGetter.get_user_by_email(email)
if user is None:
logging.info('No such user')
return redirect(url_for('admin.login_view'))
if user.password != generate_password_hash(request.form['password'], user.salt):
logging.info('Password Incorrect')
flash('Incorrect Password', 'danger')
return redirect(url_for('admin.login_view'))
login.login_user(user)
record_user_login_logout('user_login', user)
logging.info('logged successfully')
user_logged_in(user)
return redirect(intended_url())
def login_view(self):
if request.method == 'GET':
google = get_google_auth()
auth_url, state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')
session['oauth_state'] = state
# Add Facebook Oauth 2.0 login
facebook = get_facebook_auth()
fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
session['fb_oauth_state'] = state
return self.render('/gentelella/admin/login/login.html', auth_url=auth_url, fb_auth_url=fb_auth_url)
if request.method == 'POST':
email = request.form['email']
user = DataGetter.get_user_by_email(email)
if user is None:
logging.info('No such user')
return redirect(url_for('admin.login_view'))
if user.password != generate_password_hash(request.form['password'], user.salt):
logging.info('Password Incorrect')
flash('Incorrect Password', 'danger')
return redirect(url_for('admin.login_view'))
login.login_user(user)
record_user_login_logout('user_login', user)
# Store user_id in session for socketio use
session['user_id'] = login.current_user.id
logging.info('logged successfully')
user_logged_in(user)
return redirect(intended_url())
def facebook_callback():
if login.current_user is not None and login.current_user.is_authenticated:
try:
facebook, __ = get_fb_auth()
response = facebook.get(FbOAuth.get_user_info())
if response.status_code == 200:
user_info = response.json()
update_user_details(first_name=user_info['first_name'],
last_name=user_info['last_name'],
facebook_link=user_info['link'],
file_url=user_info['picture']['data']['url'])
except Exception:
pass
return redirect(url_for('admin.index'))
elif 'error' in request.args:
if request.args.get('error') == 'access denied':
flash("You denied access during login.")
return redirect(url_for('admin.login_view'))
login.logout_user()
flash("OAuth Authorization error. Please try again later.")
return redirect(url_for('admin.login_view'))
elif 'code' not in request.args and 'state' not in request.args:
login.logout_user()
return redirect(url_for('admin.login_view'))
else:
facebook, token = get_fb_auth()
response = facebook.get(FbOAuth.get_user_info())
if response.status_code == 200:
user_info = response.json()
email = user_info['email']
user_email = DataGetter.get_user_by_email(email, no_flash=True)
user = create_user_oauth(user_email, user_info, token=token, method='Facebook')
if user.password is None:
s = get_serializer()
email = s.dumps(user.email)
return redirect(url_for('admin.create_password_after_oauth_login', email=email))
else:
login.login_user(user)
user_logged_in(user)
return redirect(intended_url())
flash("OAuth Authorization error. Please try again later.")
login.logout_user()
return redirect(url_for('admin.login_view'))
def facebook_callback():
if login.current_user is not None and login.current_user.is_authenticated:
return redirect(url_for('admin.index'))
elif 'error' in request.args:
if request.args.get('error') == 'access denied':
return 'You denied access'
return 'Error encountered'
elif 'code' not in request.args and 'state' not in request.args:
return redirect(url_for('admin.login_view'))
else:
facebook = get_facebook_auth()
state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')[1]
facebook = get_facebook_auth(state=state)
if 'code' in request.url:
code_url = (((request.url.split('&'))[0]).split('='))[1]
try:
token = facebook.fetch_token(FbOAuth.get_token_uri(), authorization_url=request.url,
code=code_url, client_secret=FbOAuth.get_client_secret())
except HTTPError:
return 'HTTP Error occurred'
facebook = get_facebook_auth(token=token)
response = facebook.get(FbOAuth.get_user_info())
if response.status_code == 200:
user_info = response.json()
email = user_info['email']
user_email = DataGetter.get_user_by_email(email, no_flash=True)
user = create_user_oauth(user_email, user_info, token=token, method='Facebook')
if user.password is None:
s = get_serializer()
email = s.dumps(user.email)
return redirect(url_for('admin.create_password_after_oauth_login', email=email))
else:
login.login_user(user)
user_logged_in(user)
return redirect(intended_url())
return 'did not find user info'
def test_redirect(self):
"""Tests whether on redirection the user is being redirected to the proper authentication url of Facebook"""
with app.test_request_context():
facebook = get_facebook_auth()
auth_url = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')[0]
self.assertTrue(FbOAuth.get_auth_uri() in auth_url)
def connect_facebook(self):
facebook = get_facebook_auth()
fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
return redirect(fb_auth_url)
def connect_facebook(self):
facebook = get_facebook_auth()
fb_auth_url, state = facebook.authorization_url(FbOAuth.get_auth_uri(), access_type='offline')
return redirect(fb_auth_url)