def auth_logout():
""" Method to log out from the application. """
if not authenticated():
return flask.redirect(flask.url_for('index'))
FAS.logout()
flask.flash('You have been logged out')
return flask.redirect(flask.url_for('index'))
def auth_logout():
""" Method to log out from the application. """
if not flask.g.fas_user:
return flask.redirect(flask.url_for("index"))
FAS.logout()
flask.flash("You have been logged out")
return flask.redirect(flask.url_for("index"))
def auth_logout():
""" Method to log out from the application. """
if not authenticated():
return flask.redirect(flask.url_for('index'))
FAS.logout()
flask.flash('You have been logged out')
return flask.redirect(flask.url_for('index'))
def logout():
auth = APP.config.get('PAGURE_AUTH', None)
if auth in ['fas', 'openid']:
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
elif auth == 'local':
import pagure.ui.login as login
login.logout()
def logout():
auth = APP.config.get('PAGURE_AUTH', None)
if auth in ['fas', 'openid']:
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
elif auth == 'local':
import pagure.ui.login as login
login.logout()
def logout():
auth = APP.config.get("PAGURE_AUTH", None)
if auth in ["fas", "openid"]:
if hasattr(flask.g, "fas_user") and flask.g.fas_user is not None:
FAS.logout()
elif auth == "local":
import pagure.ui.login as login
login.logout()
def auth_logout():
""" Log out if the user is logged in other do nothing.
Return to the index page at the end.
"""
next_url = flask.url_for('index')
if APP.config.get('MM_AUTHENTICATION', None) == 'fas':
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.flash("You are no longer logged-in")
elif APP.config.get('MM_AUTHENTICATION', None) == 'local':
login.logout()
return flask.redirect(next_url)
def auth_logout():
""" Log out if the user is logged in other do nothing.
Return to the index page at the end.
"""
next_url = flask.url_for('index')
if APP.config.get('MM_AUTHENTICATION', None) == 'fas':
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.flash("You are no longer logged-in")
elif APP.config.get('MM_AUTHENTICATION', None) == 'local':
login.logout()
return flask.redirect(next_url)
def admin_session_timedout():
''' Check if the current user has been authenticated for more than what
is allowed (defaults to 15 minutes).
If it is the case, the user is logged out and the method returns True,
otherwise it returns False.
'''
timedout = False
if not authenticated():
return True
if (datetime.datetime.utcnow() - flask.g.fas_user.login_time) > \
APP.config.get('ADMIN_SESSION_LIFETIME',
datetime.timedelta(minutes=15)):
timedout = True
FAS.logout()
return timedout
def auth_login(): # pragma: no cover
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, list):
admins = set(admins)
else: # pragma: no cover
admins = set([admins])
if APP.config.get('PAGURE_AUTH', None) in ['fas', 'openid']:
groups = set()
if not APP.config.get('ENABLE_GROUP_MNGT', False):
groups = [
group.group_name
for group in pagure.lib.search_groups(SESSION,
group_type='user')
]
groups = set(groups).union(admins)
return FAS.login(return_url=return_point, groups=groups)
elif APP.config.get('PAGURE_AUTH', None) == 'local':
form = pagure.login_forms.LoginForm()
return flask.render_template(
'login/login.html',
next_url=return_point,
form=form,
)
def build_app(app):
app.register_blueprint(auth_bundle)
app.register_blueprint(home_bundle)
app.register_blueprint(api_bundle)
app.register_blueprint(profile_bundle)
app.register_blueprint(content_bundle)
app.register_blueprint(search_bundle)
# Config to Flask from objects
# app.config.from_object('fedora_college.core.ProductionConfig')
app.config.from_object('fedora_college.core.config.DevelopmentConfig')
db.init_app(app)
# FAS OpenID Instance
with app.app_context():
whooshalchemy.whoosh_index(app, Content)
whooshalchemy.whoosh_index(app, Media)
DebugToolbarExtension(app)
admin = Admin(app, 'Auth', index_view=FedoraAdminIndexView())
admin.add_view(FedoraModelView(UserProfile, db.session))
admin.add_view(FedoraModelView(Content, db.session))
admin.add_view(FedoraModelView(Media, db.session))
admin.add_view(FedoraModelView(Tags, db.session))
admin.add_view(
FedoraFileView(current_app.config['STATIC_FOLDER'],
name='Static Files'))
current_app.config['fas'] = FAS(app)
def auth_login(): # pragma: no cover
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for("index")
if "next" in flask.request.args:
if is_safe_url(flask.request.args["next"]):
return_point = flask.request.args["next"]
if authenticated():
return flask.redirect(return_point)
admins = APP.config["ADMIN_GROUP"]
if isinstance(admins, list):
admins = set(admins)
else: # pragma: no cover
admins = set([admins])
if APP.config.get("PAGURE_AUTH", None) in ["fas", "openid"]:
groups = set()
if not APP.config.get("ENABLE_GROUP_MNGT", False):
groups = [group.group_name for group in pagure.lib.search_groups(SESSION, group_type="user")]
groups = set(groups).union(admins)
return FAS.login(return_url=return_point, groups=groups)
elif APP.config.get("PAGURE_AUTH", None) == "local":
form = pagure.login_forms.LoginForm()
return flask.render_template("login/login.html", next_url=return_point, form=form)
def auth_login(): # pragma: no cover
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, basestring):
admins = set([admins])
else: # pragma: no cover
admins = set(admins)
if APP.config.get('PAGURE_AUTH', None) in ['fas', 'openid']:
return FAS.login(return_url=return_point, groups=admins)
elif APP.config.get('PAGURE_AUTH', None) == 'local':
form = pagure.login_forms.LoginForm()
return flask.render_template(
'login/login.html',
next_url=return_point,
form=form,
)
def auth_login(): # pragma: no cover
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, basestring):
admins = set([admins])
else: # pragma: no cover
admins = set(admins)
if APP.config.get('PAGURE_AUTH', None) in ['fas', 'openid']:
return FAS.login(return_url=return_point, groups=admins)
elif APP.config.get('PAGURE_AUTH', None) == 'local':
form = pagure.login_forms.LoginForm()
return flask.render_template(
'login/login.html',
next_url=return_point,
form=form,
)
def auth_login(): # pragma: no cover
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, list):
admins = set(admins)
else: # pragma: no cover
admins = set([admins])
if APP.config.get('PAGURE_AUTH', None) in ['fas', 'openid']:
groups = set()
if not APP.config.get('ENABLE_GROUP_MNGT', False):
groups = [
group.group_name
for group in pagure.lib.search_groups(
SESSION, group_type='user')
]
groups = set(groups).union(admins)
return FAS.login(return_url=return_point, groups=groups)
elif APP.config.get('PAGURE_AUTH', None) == 'local':
form = pagure.login_forms.LoginForm()
return flask.render_template(
'login/login.html',
next_url=return_point,
form=form,
)
def auth_logout(): # pragma: no cover
""" Method to log out from the application. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if not authenticated():
return flask.redirect(return_point)
if APP.config.get('PAGURE_AUTH', None) == 'fas':
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.flash("You are no longer logged-in")
elif APP.config.get('PAGURE_AUTH', None) == 'local':
login.logout()
return flask.redirect(return_point)
def logout(): # pragma: no cover
''' Log out if the user is logged in other do nothing.
Return to the index page at the end.
'''
next_url = None
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
next_url = flask.request.args['next']
if not next_url or next_url == flask.url_for('.login'):
next_url = flask.url_for('.index')
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.flash('You are no longer logged-in')
return flask.redirect(next_url)
def logout(): # pragma: no cover
''' Log out if the user is logged in other do nothing.
Return to the index page at the end.
'''
next_url = None
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
next_url = flask.request.args['next']
if not next_url or next_url == flask.url_for('.login'):
next_url = flask.url_for('.index')
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.flash('You are no longer logged-in')
return flask.redirect(next_url)
def build_app(app):
app.register_blueprint(auth_bundle)
app.register_blueprint(home_bundle)
# Config to Flask from objects
#app.config.from_object('fedora_college.core.ProductionConfig')
app.config.from_object('fedora_college.core.config.DevelopmentConfig')
# FAS OpenID Instance
with app.app_context():
current_app.config['fas'] = FAS(app)
def admin_session_timedout():
''' Check if the current user has been authenticated for more than what
is allowed (defaults to 15 minutes).
If it is the case, the user is logged out and the method returns True,
otherwise it returns False.
'''
timedout = False
if not authenticated():
return True
login_time = flask.g.fas_user.login_time
# This is because flask_fas_openid will store this as a posix timestamp
if not isinstance(login_time, datetime.datetime):
login_time = datetime.datetime.utcfromtimestamp(login_time)
if (datetime.datetime.utcnow() - login_time) > \
APP.config.get('ADMIN_SESSION_LIFETIME',
datetime.timedelta(minutes=15)):
timedout = True
FAS.logout()
return timedout
def auth_login():
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
return FAS.login(return_url=return_point)
def auth_login():
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
return FAS.login(return_url=return_point)
def auth_login():
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for("index")
if "next" in flask.request.args:
return_point = flask.request.args["next"]
if flask.g.fas_user:
return flask.redirect(return_point)
return FAS.login(return_url=return_point)
def auth_login(): # pragma: no cover
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
auth = APP.config.get('PAGURE_AUTH', None)
if not authenticated() and auth == 'oidc':
# If oidc is used and user hits this endpoint, it will redirect
# to IdP with destination=<pagure>/login?next=<location>
# After confirming user identity, the IdP will redirect user here
# again, but this time oidc.user_loggedin will be True and thus
# execution will go through the else clause, making the Pagure
# authentication machinery pick the user up
if not oidc.user_loggedin:
return oidc.redirect_to_auth_server(flask.request.url)
else:
flask.session['oidc_logintime'] = time.time()
fas_user_from_oidc()
set_user()
if authenticated():
return flask.redirect(return_point)
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, list):
admins = set(admins)
else: # pragma: no cover
admins = set([admins])
if auth in ['fas', 'openid']:
groups = set()
if not APP.config.get('ENABLE_GROUP_MNGT', False):
groups = [
group.group_name
for group in pagure.lib.search_groups(SESSION,
group_type='user')
]
groups = set(groups).union(admins)
ext_committer = set(APP.config.get('EXTERNAL_COMMITTER', {}))
groups = set(groups).union(ext_committer)
return FAS.login(return_url=return_point, groups=groups)
elif auth == 'local':
form = pagure.login_forms.LoginForm()
return flask.render_template(
'login/login.html',
next_url=return_point,
form=form,
)
def auth_login():
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
groups = APP.config['ADMIN_GROUP']
if isinstance(groups, basestring):
groups = [groups]
groups = groups[:]
groups.append('provenpackager')
return FAS.login(return_url=return_point, groups=groups)
def auth_login():
next_url = None
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
next_url = flask.request.args['next']
if not next_url or next_url == flask.url_for('.auth_login'):
next_url = flask.url_for('.index')
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
return safe_redirect_back(next_url)
else:
groups = APP.config['FEDORA_ELECTIONS_ADMIN_GROUP'][:]
if isinstance(groups, basestring):
groups = [groups]
groups.extend(models.get_groups(SESSION))
return FAS.login(return_url=next_url, groups=groups)
def auth_login():
""" Method to log into the application using FAS OpenID. """
return_point = flask.url_for('index')
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
return_point = flask.request.args['next']
if authenticated():
return flask.redirect(return_point)
groups = APP.config['ADMIN_GROUP']
if isinstance(groups, basestring):
groups = [groups]
groups = groups[:]
groups.append('provenpackager')
return FAS.login(
return_url=return_point, groups=groups)
def auth_login():
next_url = None
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
next_url = flask.request.args['next']
if not next_url or next_url == flask.url_for('.auth_login'):
next_url = flask.url_for('.index')
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
return safe_redirect_back(next_url)
else:
groups = APP.config['FEDORA_ELECTIONS_ADMIN_GROUP'][:]
if isinstance(groups, basestring):
groups = [groups]
groups.extend(models.get_groups(SESSION))
return FAS.login(return_url=next_url, groups=groups)
def login(): # pragma: no cover
''' Login mechanism for this application.
'''
next_url = None
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
next_url = flask.request.args['next']
if not next_url or next_url == flask.url_for('.login'):
next_url = flask.url_for('.index')
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
return flask.redirect(next_url)
else:
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, six.string_types): # pragma: no cover
admins = set([admins])
else:
admins = set(admins)
groups = list(admins)[:]
reviewers = APP.config['REVIEW_GROUP']
if isinstance(reviewers, six.string_types): # pragma: no cover
reviewers = set([reviewers])
else:
reviewers = set(reviewers)
groups.extend(reviewers)
voters = APP.config['WEIGHTED_GROUP']
if isinstance(voters, six.string_types): # pragma: no cover
voters = set([voters])
else:
voters = set(voters)
groups.extend(voters)
return FAS.login(return_url=next_url, groups=groups)
def login(): # pragma: no cover
''' Login mechanism for this application.
'''
next_url = None
if 'next' in flask.request.args:
if is_safe_url(flask.request.args['next']):
next_url = flask.request.args['next']
if not next_url or next_url == flask.url_for('.login'):
next_url = flask.url_for('.index')
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
return flask.redirect(next_url)
else:
admins = APP.config['ADMIN_GROUP']
if isinstance(admins, six.string_types): # pragma: no cover
admins = set([admins])
else:
admins = set(admins)
groups = list(admins)[:]
reviewers = APP.config['REVIEW_GROUP']
if isinstance(reviewers, six.string_types): # pragma: no cover
reviewers = set([reviewers])
else:
reviewers = set(reviewers)
groups.extend(reviewers)
voters = APP.config['WEIGHTED_GROUP']
if isinstance(voters, six.string_types): # pragma: no cover
voters = set([voters])
else:
voters = set(voters)
groups.extend(voters)
return FAS.login(return_url=next_url, groups=groups)
def auth_login(): # pragma: no cover
""" Login mechanism for this application.
"""
next_url = flask.url_for('index')
if 'next' in flask.request.values:
next_url = flask.request.values['next']
if next_url == flask.url_for('auth_login'):
next_url = flask.url_for('index')
if APP.config.get('MM_AUTHENTICATION', None) == 'fas':
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
return flask.redirect(next_url)
else:
return FAS.login(return_url=next_url,
groups=APP.config['ADMIN_GROUP'])
elif APP.config.get('MM_AUTHENTICATION', None) == 'local':
form = forms.LoginForm()
return flask.render_template(
'login.html',
next_url=next_url,
form=form,
)
def auth_login(): # pragma: no cover
""" Login mechanism for this application.
"""
next_url = flask.url_for('index')
if 'next' in flask.request.values:
next_url = flask.request.values['next']
if next_url == flask.url_for('auth_login'):
next_url = flask.url_for('index')
if APP.config.get('MM_AUTHENTICATION', None) == 'fas':
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
return flask.redirect(next_url)
else:
return FAS.login(
return_url=next_url,
groups=APP.config['ADMIN_GROUP'])
elif APP.config.get('MM_AUTHENTICATION', None) == 'local':
form = forms.LoginForm()
return flask.render_template(
'login.html',
next_url=next_url,
form=form,
)
# https://github.com/miguelgrinberg/Flask-Migrate/issues/61#issuecomment-208131722
metadata = MetaData(
naming_convention={
'ix': 'ix_%(column_0_label)s', # index
'uq': 'uq_%(table_name)s_%(column_0_name)s', # unique
'ck': 'ck_%(table_name)s_%(column_0_name)s', # check
'fk':
'fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s', # foreign key
'pk': 'pk_%(table_name)s' # primary key
})
bootstrap = Bootstrap()
mail = Mail()
moment = Moment()
db = SQLAlchemy(metadata=metadata)
ma = Marshmallow()
pagedown = PageDown()
oauth = OAuth()
fas = FAS(Flask(__name__))
babel = Babel()
cache = Cache()
cache_control = FlaskCacheControl()
compress = Compress()
qrcode = QRcode()
login_manager = LoginManager()
login_manager.session_protection = 'strong' # 会话安全等级
login_manager.login_view = 'auth.login' # 登陆页endpoint
login_manager.login_message = lazy_gettext(
'Please log in to access this page.') # 惰性求值
MAIL_HANDLER.setLevel(logging.ERROR)
if not APP.debug:
APP.logger.addHandler(MAIL_HANDLER)
# Log to stderr as well
STDERR_LOG = logging.StreamHandler(sys.stderr)
STDERR_LOG.setLevel(logging.INFO)
APP.logger.addHandler(STDERR_LOG)
LOG = APP.logger
if APP.config.get('MM_AUTHENTICATION') == 'fas':
# Use FAS for authentication
try:
from flask_fas_openid import FAS
FAS = FAS(APP)
except ImportError:
APP.logger.exception("Couldn't import flask-fas-openid")
import mirrormanager2
import mirrormanager2.lib as mmlib
import mirrormanager2.forms as forms
import mirrormanager2.login_forms as login_forms
import mirrormanager2.lib.model as model
SESSION = mmlib.create_session(APP.config['DB_URL'])
def is_mirrormanager_admin(user):
""" Is the user a mirrormanager admin.
"""
def auth_logout():
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.g.fas_user = None
flask.flash('You have been logged out')
return safe_redirect_back()
from bs4 import BeautifulSoup
from flask import Flask, render_template, request, url_for, session, redirect
from flask import abort
from flask_fas_openid import fas_login_required, FAS
from util import RegexConverter, map_name_aliases, get_arrow_dates
fn_search_regex = "(.*?)\.([0-9]{4}\-[0-9]{2}\-[0-9]{2})\-.*?\..*?\.(.*)"
import config
__version__ = "0.0.0"
user_sessions = dict()
app = Flask("mote")
fas = FAS(app)
app.secret_key = ''.join(random.SystemRandom().choice(string.uppercase +
string.digits)
for _ in xrange(20))
app.config['FAS_OPENID_ENDPOINT'] = 'http://id.fedoraproject.org/'
app.config['FAS_CHECK_CERT'] = True
cwd = os.getcwd()
app.url_map.converters['regex'] = RegexConverter
if config.use_mappings_github == True:
name_mappings = requests.get(
"https://raw.githubusercontent.com/fedora-infra/mote/master/name_mappings.json"
).text
category_mappings = requests.get(
"https://raw.githubusercontent.com/fedora-infra/mote/master/category_mappings.json"
).text
def auth_logout():
if hasattr(flask.g, 'fas_user') and flask.g.fas_user is not None:
FAS.logout()
flask.g.fas_user = None
flask.flash('You have been logged out')
return safe_redirect_back()
