def wrapper(*args, **kwargs):
if isinstance(getattr(g, 'user', None), User):
identity_changed.send(current_app._get_current_object(),
identity=Identity(g.user.uid))
return func(*args, **kwargs)
ip = request.remote_addr
if ip.strip() in current_app.config.get("WHITE_LIST"):
key = request.values.get("_key")
user = UserCache.get(key)
if user:
g.user = user
return func(*args, **kwargs)
else:
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return jsonify(code=400, message="invalid _key and _secret")
key = request.values.get('_key')
secret = request.values.get('_secret')
path = request.path
keys = sorted(request.values.keys())
req_args = [
request.values[k] for k in keys
if str(k) not in ("_key", "_secret")
]
current_app.logger.debug('args is %s' % req_args)
user, authenticated = User.query.authenticate_with_key(
key, secret, req_args, path)
if user and authenticated:
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.uid))
return func(*args, **kwargs)
else:
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return jsonify(code=400, message="invalid _key and _secret")
def wrapper(*args, **kwargs):
if isinstance(getattr(g, 'user', None), User):
identity_changed.send(current_app._get_current_object(),
identity=Identity(g.user.uid))
return func(*args, **kwargs)
ip = request.remote_addr
if request.data:
request_args = dict()
_args = request.data.split("&")
for arg in _args:
if arg:
request_args[arg.split("=")[0]] = \
urllib.unquote(arg.split("=")[1])
else:
request_args = request.values
key = request_args.get('_key')
secret = request_args.get('_secret')
if not key and not secret and \
ip.strip() in current_app.config.get("WHITE_LIST"):
ip = ip.strip()
user = UserCache.get(ip)
if user:
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.uid))
return func(*args, **kwargs)
else:
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return abort(400, "invalid _key and _secret")
path = request.path
keys = sorted(request_args.keys())
req_args = [
request_args[k] for k in keys if str(k) not in ("_key", "_secret")
]
current_app.logger.debug('args is %s' % req_args)
user, authenticated = User.query.authenticate_with_key(
key, secret, req_args, path)
if user and authenticated:
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.get("uid")))
return func(*args, **kwargs)
else:
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return abort(400, "invalid _key and _secret")
def logout():
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return jsonify(response_dict(SUCCESS))
def logout_user():
"""logs out the current.This will alse clean up the remember me cookie if it exists """
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
_logout_user()
def logout_handler():
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for('accounts.login_handler'))
def logout():
flash(_("You are now logged out"), "success")
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for('frontend.index'))
def logout():
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
logout_user()
return redirect(request.args.get('next') or url_for('index'))
def logout():
logout_user()
for key in ("identity.name", "identiy.auth_type"):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
flash("You have been logged out.", "alert-success")
return redirect(url_for(".index"))
def logout():
"""Handle logout."""
logout_user()
identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
flash("You have been logged out.", category="success")
return redirect(url_for('blog.home'))
def logout():
logout_user()
# notify the change of role
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect("/")
def change_password():
user = None
if g.user:
user = g.user
elif 'activation_key' in request.values:
user = User.query.filter_by(
activation_key=request.values['activation_key']).first()
if user is None:
abort(403)
form = ChangePasswordForm(activation_key=user.activation_key)
if form.validate_on_submit():
user.password = form.password.data
user.activation_key = None
db.session.commit()
flash(_("Your password has been changed, "
"please log in again"), "success")
# 修改成功后,强制用户退出
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for("account.login"))
return render_template("change_password.html", form=form)
def logout():
logout_user()
for key in ['identity.name', 'identity.auth_type']:
session.pop(key, None)
identity_changed.send(app, identity=AnonymousIdentity())
return redirect(url_for('index'))
def logout():
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
flash(u'您已经登出')
return redirect(url_for('main.index'))
def logout():
#g.lock.unlock()
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for('index'))
def logout():
logout_user()
identity_changed.send(
current_app._get_current_object(),
identity=AnonymousIdentity()
)
return redirect(url_for('.home'))
def logout_handler():
logout_user()
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for('account.index_handler'))
def delete(self, id):
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
logout_user()
return jsonify_status_code(self._get_response(), http.NO_CONTENT)
def logout():
flash(u"You are logout", "success")
# Remove session keys set by Flask-Principal
for key in ('identity.id', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for('account.login'))
def load_identity():
if request.path.startswith("/static/"):
return AnonymousIdentity()
reconfig = session.get('reload_roles', False)
if reconfig:
session.pop('reload_roles')
username = session.get('user')
if not username or reconfig:
app.logger.debug("New user loaded")
if app.config['DEBUG']:
username = load_user_debug(app.config['ADMIN_USER'])
else:
username = load_user_header('REMOTE_USER')
session['user'] = username
roles = session.get('roles')
if not roles or reconfig:
user = User.query.filter_by(name=username).first()
if not user:
g.user = '******'
return AnonymousIdentity()
roles = [role.name for role in user.roles] if user.active else []
app.logger.debug("New roles loaded: %s", roles)
session['roles'] = roles
session['active'] = user.active
user_groups = [x.group_name for x in user.groups]
app.logger.debug("New group ACL loaded: %s->%s", username, user_groups)
session['groups'] = user_groups
identity = Identity(username)
if session.get('active'):
for role in roles:
identity.provides.add(RoleNeed(role))
# Do we really want a Need() per group? Better to do it ourselves
# for group in session.get('groups', []):
# identity.provides.add(RoleNeed(group))
g.user = username
g.roles = roles
return identity
def _post_logout(self):
try:
logout_user()
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return Response.success()
except Exception as ex:
logger.error(ex)
abort(500)
def logout():
# Remove session keys set by Flask-Principal
for key in ('identity.id', 'identity.auth_type'):
del session[key]
identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
logout_user()
return NO_CONTENT
def logout():
if 'user' in session:
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
for key in ('user', 'openid', 'identity.name', 'identity.auth_type'):
session.pop(key, None)
flash(u'Logged out')
return redirect(url_for('home.index'))
def logout():
# Remove the user information from the session
logout_user()
# Remove session keys set by Flask-Principal
for key in ('identity.name', 'identity.auth_type', 'hippo_user', 'crumbs'):
session.pop(key, None)
# Tell Flask-Principal the user is anonymous
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(request.args.get('next') or '/')
def logout():
anon = AnonymousIdentity()
identity_changed.send(current_app._get_current_object(), identity=anon)
g.user = None
# next_url = request.referrer
# next_url = "%s?next=%s" % (url_for("account.login"), next_url)
# current_app.logger.info(next_url)
# if next_url:
# return redirect(next_url)
return redirect(url_for('account.login'))
def logout():
logout_user()
# Remove session keys set by Flask-Principal
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
# Tell Flask-Principal the user is anonymous
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return redirect(url_for('index'))
def logout():
for value in ('identity.name', 'identity.auth_type'):
session.pop(value, None)
identity_changed.send(app, identity=AnonymousIdentity())
logout_user()
redirect_url = find_redirect(POST_LOGOUT_KEY)
logger.debug(DEBUG_LOGOUT % redirect_url)
return redirect(redirect_url)
def signout(self):
from flask import session
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
self.remove_logged_user()
def logout():
# Remove the user information from the session
logout_user()
# Remove session keys set by Flask-Principal
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
flash(u"你已登出。", "successfully")
return redirect(request.args.get('next') or url_for('home.index'))
def logout():
logout_user()
# Remove session keys set by Flask-Principal
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
# Tell Flask-Principal the user is anonymous
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
flash('You have been logged out', 'success')
return redirect(url_for('accounts.login'))
def logout():
app.logger.info('user logout : ' + g.user.username)
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),identity=AnonymousIdentity())
flash('You were logged out.','info')
return redirect(url_for('auth.login'))
