def login_user(form_data) -> Result: # import pdb; pdb.set_trace() try: data = Login(**form_data) except ValidationError as e: errors = {x["loc"][0]: x["msg"] for x in e.errors()} return Result(errors=errors) _login_user(models.User.get(data.email)) return Result(data=data)
def signup_user(form_data) -> Result: try: data = User(**form_data) except ValidationError as e: errors = {x["loc"][0]: x["msg"] for x in e.errors()} return Result(errors=errors) user = models.User.create( full_name=data.full_name, email=data.email, password=data.password.get_secret_value(), ) _login_user(user) return Result(data=data)
def login_user(user, remember=None): """Perform the login routine. If SECURITY_TRACKABLE is used, make sure you commit changes after this request (i.e. ``app.security.datastore.commit()``). :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False`` """ if remember is None: remember = config_value('DEFAULT_REMEMBER_ME') if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: remote_addr = request.remote_addr or None # make sure it is None old_current_login, new_current_login = (user.current_login_at, _security.datetime_factory()) old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return True
def login_user(user, remember=False, provider=None): assert user.is_active logged_in = _login_user(user, remember) assert logged_in, 'Not logged in for unknown reason' session.pop('auth_provider', None) remote_addr = _userflow.request_utils.get_remote_addr() ua_info = _userflow.request_utils.get_ua_info() if _userflow.request_utils.geoip: geoip_info = _userflow.request_utils.get_geoip_info() else: geoip_info = None if _datastore.track_login_model: track_login = _datastore.create_track_login( time=datetime.utcnow(), remote_addr=remote_addr, geoip_info=geoip_info, ua_info=ua_info, ) _datastore.put(track_login) after_this_request(lambda r: _datastore.commit()) signals.logged_in.send(app=current_app._get_current_object(), user=user, remote_addr=remote_addr, geoip_info=geoip_info, ua_info=ua_info) return user.get_auth_token()
def login_user(user, remember=None): """Performs the login routine. :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False`` """ if remember is None: remember = config_value('DEFAULT_REMEMBER_ME') if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: if 'X-Forwarded-For' in request.headers: remote_addr = request.headers.getlist("X-Forwarded-For")[0].rpartition(' ')[-1] else: remote_addr = request.remote_addr or 'untrackable' old_current_login, new_current_login = user.current_login_at, datetime.utcnow() old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip or new_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return True
def login_user(user:t.Type["User"], remember:bool=False, duration:t.Optional[t.Type["timedelta"]]=None, force:bool=False, fresh:bool=True ) -> bool: """ Logs a user in. You should pass the actual user object to this. If the user's `is_active` property is ``False``, they will not be logged in unless `force` is ``True``. This will return ``True`` if the log in attempt succeeds, and ``False`` if it fails (i.e. because the user is inactive). :param user: The user object to log in. :type user: object :param remember: Whether to remember the user after their session expires. Defaults to ``False``. :type remember: bool :param duration: The amount of time before the remember cookie expires. If ``None`` the value set in the settings is used. Defaults to ``None``. :type duration: :class:`datetime.timedelta` :param force: If the user is inactive, setting this to ``True`` will log them in regardless. Defaults to ``False``. :type force: bool :param fresh: setting this to ``False`` will log in the user with a session marked as not "fresh". Defaults to ``True``. :type fresh: bool """ return _login_user(user, remember=remember, duration=duration, force=force, fresh=fresh)
def login_user(user, remember=None): """Performs the login routine. :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False`` """ if remember is None: remember = config_value('DEFAULT_REMEMBER_ME') if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: if 'X-Forwarded-For' in request.headers: remote_addr = request.headers.getlist( "X-Forwarded-For")[0].rpartition(' ')[-1] else: remote_addr = request.remote_addr or 'untrackable' old_current_login, new_current_login = user.current_login_at, datetime.utcnow( ) old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip or new_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return True
def login_user(user, remember=None): """Performs the login routine. :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False`` """ if remember is None: remember = config_value("DEFAULT_REMEMBER_ME") if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: remote_addr = request.remote_addr or None # make sure it is None and not '' old_current_login, new_current_login = user.current_login_at, datetime.utcnow() old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return True
def login_user( user: "******", remember: t.Optional[bool] = None, authn_via: t.Optional[t.List[str]] = None, ) -> bool: """Perform the login routine. If *SECURITY_TRACKABLE* is used, make sure you commit changes after this request (i.e. ``app.security.datastore.commit()``). :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. If ``None`` use value of SECURITY_DEFAULT_REMEMBER_ME :param authn_via: A list of strings denoting which mechanism(s) the user authenticated with. These should be one or more of ["password", "sms", "authenticator", "email"] or other 'auto-login' mechanisms. :return: True if user successfully logged in. """ if remember is None: remember = config_value("DEFAULT_REMEMBER_ME") if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: remote_addr = request.remote_addr or None # make sure it is None old_current_login, new_current_login = ( user.current_login_at, config_value("DATETIME_FACTORY")(), ) old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) session["fs_cc"] = "set" # CSRF cookie session["fs_paa"] = time.time() # Primary authentication at - timestamp identity_changed.send( current_app._get_current_object(), # type: ignore identity=Identity(user.fs_uniquifier), ) user_authenticated.send( current_app._get_current_object(), # type: ignore user=user, authn_via=authn_via, ) return True
def login_user(user, remember=None, authn_via=None): """Perform the login routine. If *SECURITY_TRACKABLE* is used, make sure you commit changes after this request (i.e. ``app.security.datastore.commit()``). :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False`` :param authn_via: A list of strings denoting which mechanism(s) the user authenticated with. These should be one or more of ["password", "sms", "authenticator", "email"] or other 'auto-login' mechanisms. """ if remember is None: remember = config_value("DEFAULT_REMEMBER_ME") if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: remote_addr = request.remote_addr or None # make sure it is None old_current_login, new_current_login = ( user.current_login_at, _security.datetime_factory(), ) old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) session["fs_cc"] = "set" # CSRF cookie session["fs_paa"] = time.time() # Primary authentication at - timestamp identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) user_authenticated.send(current_app._get_current_object(), user=user, authn_via=authn_via) return True
def login_user(user, **kwargs): """Perform the login routine. If SECURITY_TRACKABLE is used, make sure you commit changes after this request (i.e. ``app.security.datastore.commit()``). :param user: The user to login """ if 'remember' in kwargs: warnings.warn( "Remember me support has been removed.", DeprecationWarning ) if not _login_user(user, False): # pragma: no cover return False if _security.trackable: remote_addr = request.remote_addr or None # make sure it is None old_current_login, new_current_login = ( user.current_login_at, _security.datetime_factory() ) old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return True
def login_user(user, remember=None): """Perform the login routine. If SECURITY_TRACKABLE is used, make sure you commit changes after this request (i.e. ``app.security.datastore.commit()``). :param user: The user to login :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False`` """ if remember is None: remember = config_value('DEFAULT_REMEMBER_ME') if not _login_user(user, remember): # pragma: no cover return False if _security.trackable: remote_addr = request.remote_addr or None # make sure it is None old_current_login, new_current_login = ( user.current_login_at, _security.datetime_factory() ) old_current_ip, new_current_ip = user.current_login_ip, remote_addr user.last_login_at = old_current_login or new_current_login user.current_login_at = new_current_login user.last_login_ip = old_current_ip user.current_login_ip = new_current_ip user.login_count = user.login_count + 1 if user.login_count else 1 _datastore.put(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return True
def login_user(app, db, payload): logout_user(db) fernet = Fernet(app.config["SECRET_KEY"]) b64_string = base64.urlsafe_b64decode((payload + "===").encode("utf8")) payload_data = json.loads(fernet.decrypt(b64_string)) if "new_user" in payload_data: user = User(email=payload_data["new_user"], active=True) now = datetime.utcnow() token = LoginToken(guid=str(uuid.uuid4()), user=user, created_at=now, expires_at=now, consumed_at=now) db.session.add(user) db.session.add(token) db.session.commit() _login_user(token.user) session["token_guid"] = token.guid return user else: # Existing user - find valid login token token = LoginToken.query.get(payload_data["token_guid"]) if not token: flash("No token found", "error") elif token.user.id != payload_data["user_id"]: flash("Invalid token data", "error") app.logger.warn("Invalid token data: ", token, token.guid, token.user.id, payload_data["user_id"]) elif token.consumed_at: flash("Token already used", "error") app.logger.warn("Token already used: ", token, token.guid, token.consumed_at) elif datetime.utcnow() >= token.expires_at: flash("Token expired", "error") app.logger.warn("Token expired: ", token, token.guid, token.expires_at, datetime.utcnow(), token.created_at) else: token.consumed_at = datetime.utcnow() token.user.active = True db.session.add(token) db.session.add(token.user) db.session.commit() _login_user(token.user) session["token_guid"] = token.user.login_tokens[-1].guid return token.user return None