def login_screen_submit(): """handle the login form submit""" # try to find user by username user_details = site_user.get_by_username({ 'username': request.form.get('username')}).get() # not found so lets bail to the login screen if not user_details: flash('Failed to login with that username and password, please retry.') return redirect('/login') # now lets verify the users password, and bail if its wrong pw_hash = generate_password_hash(request.form.get('password')) if check_password_hash(pw_hash, user_details.get('password')): flash('Failed to login with that username and password, please retry.') return redirect('/login') #login user and redirect to profile login_user( User(user_details.get('user_id')) ) flash('You have successfully logged in !') site_user.update_last_login().execute({'id': user_details.get('user_id')}) # logged in but no E-Mail so lets ask the user for there email. if not user_details.get('email'): return redirect('/profile/change_email') return redirect('/profile')
def login_screen_submit(): """handle the login form submit""" # try to find user by username user_details = site_user.get_by_username({ 'email': request.form.get('username')}).get() #not found so lets bail to the login screen if not user_details: flash('Failed to login with that username and password, please retry.') return login_screen() #now lets verify the users password, and bail if its wrong pw_hash = generate_password_hash(request.form.get('password')) if check_password_hash(pw_hash, user_details.get('password')): flash('Failed to login with that username and password, please retry.') return login_screen() #login user and redirect to profile login_user( User(user_details.get('user_id')) ) flash('You have successfully logged in !') #~ session['username'] = user_details.get('username', 'anonymous') #~ session['user_id'] = str(user_details.get('user_id')) site_user.update_last_login(user_details) return redirect('/profile')
def oauth(provider, start_oauth_login=False): oauth_verify = True oauth_provider = oauth_conf.get(provider) oauth_access_type = '' oauth_approval_prompt = '' if oauth_live is False: print('offline testing') oauth_verify = False oauth_access_type = 'offline' oauth_approval_prompt = "force" os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' if start_oauth_login: oauth_session = OAuth2Session( oauth_provider.get('client_id'), scope=oauth_provider.get('scope'), redirect_uri=request.url_root + oauth_provider.get('redirect_uri')) if provider == 'facebook': oauth_session = facebook_compliance_fix(oauth_session) authorization_url, state = oauth_session.authorization_url( oauth_provider.get('auth_uri'), access_type=oauth_access_type, approval_prompt=oauth_approval_prompt) # State is used to prevent CSRF, keep this for later, make sure oauth returns to the same url. # if testing and oauth_state errors make sure you logged in with localhost and not 127.0.0.1 session['oauth_state'] = state session.modified = True return redirect(authorization_url) if session.get('oauth_state', None) is None: flash('Something went wrong, oauth session not started') return redirect('/login') # allready authorised so lets handle the callback oauth_session = OAuth2Session( oauth_provider.get('client_id'), state=session['oauth_state'], redirect_uri=request.url_root + oauth_provider.get('redirect_uri')) if provider == 'facebook': oauth_session = facebook_compliance_fix(oauth_session) # code error is todo with authorisation response oauth_session.fetch_token( oauth_provider.get('token_uri'), client_secret=oauth_provider.get('client_secret'), authorization_response=request.url, verify=oauth_verify) # Fetch a protected resource, i.e. user profile response = oauth_session.get(oauth_provider.get('user_uri')) oauth_response = response.json() oauth_id = oauth_response.get('login') or oauth_response.get('id') provider_id = oauth_lookup_id.get(provider) oauth_user = site_user.fetch_oauth_login({ 'username': oauth_id or '', 'provider': provider_id }).get() if oauth_user: user_details = site_user.get_user_details({ 'id': oauth_user.get('user_id') }).get() # we have matched a user so login and redirect if user_details: login_user(User(user_details.get('user_id'))) # no E-Mail so lets ask the user to set there email before allowing login if not user_details.get('email'): return redirect('/profile/change_email') return redirect('/profile') flash('Your new profile has been created, and your now logged in') if current_user.get_id(): # link oauth to users account site_user.create_oauth_login().execute({ 'user_id': current_user.get_id(), 'username': oauth_id or '', 'provider': provider_id}) return redirect('/profile') # create new user from oauth information new_user_details = { 'password': '******', 'profile_image': oauth_response.get('picture'), 'username': oauth_id, 'first_name': oauth_response.get('given_name') or '', 'last_name': oauth_response.get('family_name') or ''} if oauth_response.get('email'): new_user_details['email']= oauth_response.get('email') user_id = site_user.create().execute(new_user_details) # register oauth login creation site_user.create_oauth_login().execute({ 'user_id': user_id, 'username': oauth_id or '', 'provider': provider_id}) login_user(User(user_id)) site_user.update_last_login().execute({'id': user_id}) if not user_id: flash('Failed to create user') return redirect('/login') return redirect('/profile')
def oauth(provider=None): oauth_verify = True oauth_provider = oauth_conf.get('google') oauth_access_type = '' oauth_approval_prompt = '' if oauth_live is False: oauth_verify = False oauth_access_type = 'offline' oauth_approval_prompt = "force" os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' print session print provider if provider: oauth_session = OAuth2Session( oauth_provider.get('client_id'), scope=oauth_provider.get('scope'), redirect_uri=oauth_provider.get('redirect_uri')) # offline for refresh token # force to always make user click authorize #generate the google url we will use to authorize and redirect there authorization_url, state = oauth_session.authorization_url( oauth_provider.get('auth_uri'), access_type=oauth_access_type, approval_prompt=oauth_approval_prompt) print state # State is used to prevent CSRF, keep this for later, make sure oauth returns to the same url. session['oauth_state'] = state session.modified = True return redirect(authorization_url) print session #allready authorised so lets handle the callback oauth_session = OAuth2Session( oauth_provider.get('client_id'), state=session['oauth_state'], redirect_uri=oauth_provider.get('redirect_uri')) token = oauth_session.fetch_token( oauth_provider.get('token_uri'), client_secret=oauth_provider.get('client_secret'), authorization_response=request.url, verify=oauth_verify) # Fetch a protected resource, i.e. user profile r = oauth_session.get('https://www.googleapis.com/oauth2/v1/userinfo') oauth_user = r.json() #https://www.googleapis.com/auth/plus.login #https://www.googleapis.com/auth/plus.me print oauth_user user_details = site_user.get_by_email({ 'email': oauth_user.get('email') }).get() if not user_details: flash('Your new profile has been created, and your now logged in') site_user.create().execute({ 'email': oauth_user.get('email'), 'password': '******', 'profile_image': oauth_user.get('picture'), 'username': oauth_user.get('email'), 'first_name': oauth_user.get('given_name'), 'last_name': oauth_user.get('family_name')}) user_details = site_user.get_by_email({ 'email': oauth_user.get('email') }).get() user = User(user_details.get('user_id')) login_user(user) site_user.update_last_login().execute(user_details) return redirect('/profile')
def testUpdateLastLogin(self): site_user.update_last_login().execute({ 'id': '1' })