def function(*args, **kwargs): u = current_user() if u is None or not u.is_admin(): # 用户非管理员 return redirect(url_for('topic.index')) else: # 用户是管理员, 扔给路由函数处理 return f(*args, **kwargs)
def save_verifier(token, verifier, *args, **kwargs): print 'verifiersetter' tok = RequestToken.query.filter_by(token=token).first() tok.verifier = verifier['oauth_verifier'] tok.user = current_user() db.session.add(tok) db.session.commit() return tok
def home(): if request.method == 'POST': username = request.form.get('username') user = User.query.filter_by(username=username).first() if not user: user = User(username=username) db.session.add(user) db.session.commit() session['id'] = user.id return redirect('/') user = current_user() if user: clients = OAuth2Client.query.filter_by(user_id=user.id).all() else: clients = [] return render_template('home.html', user=user, clients=clients)
def authorize(*args, **kwargs): print 'authorize_handler' user = current_user() print args print kwargs #if not user: # print 'not user' # return redirect('/') if request.method == 'GET': print kwargs client_key = kwargs.get('resource_owner_key') client = Client.query.filter_by(client_key=client_key).first() kwargs['client'] = client kwargs['user'] = user return render_template('authorize.html', **kwargs) confirm = request.form.get('confirm', 'no') return confirm == 'yes'
def authorize(): user = current_user() # if user log status is not true (Auth server), then to log it in if not user: return redirect(url_for('website.routes.home', next=request.url)) if request.method == 'GET': try: grant = authorization.validate_consent_request(end_user=user) except OAuth2Error as error: return error.error return render_template('authorize.html', user=user, grant=grant) if not user and 'username' in request.form: username = request.form.get('username') user = User.query.filter_by(username=username).first() if request.form['confirm']: grant_user = user else: grant_user = None return authorization.create_authorization_response(grant_user=grant_user)
def client(): try: user = current_user() if not user: return redirect(url_for('login')) client = Client.query.filter_by(user_id=user.id).first() if client is None: item = Client( client_key=gen_salt(40), client_secret=gen_salt(50), _redirect_uris='http://localhost:8000/authorized', user_id=user.id, ) db.session.add(item) db.session.commit() return jsonify(client_key=item.client_key, client_secret=item.client_secret) else: return jsonify(client_key=client.client_key, client_secret=client.client_secret) except Exception as e: flash(e.message) return redirect(url_for('login'))
def authorize(*args, **kwargs): # pylint: disable=unused-argument """ This endpoint asks user if he grants access to his data to the requesting application. """ # TODO: improve implementation. This implementation is broken because we # don't use cookies, so there is no session which client could carry on. # OAuth2 server should probably be deployed on a separate domain, so we # can implement a login page and store cookies with a session id. # ALTERNATIVELY, authorize page can be implemented as SPA (single page # application) from flask_login import login_user user = current_user() if request.method == 'GET': try: grant = oauth2.validate_consent_request(end_user=user) except OAuth2Error as error: return error.error return render_template('authorize.html', user=user, grant=grant) if not user and 'username' in request.form: username = request.form.get('username') password = request.form.get('password') user = User.find_with_password(username, password) if user: login_user(user) if request.form['confirm']: grant_user = user else: grant_user = None with db.session.begin(): response = oauth2.create_authorization_response(grant_user=grant_user) return response or None
def require_admin(): u = current_user() # u 不存在或者不是管理员 if u is None or not u.is_admin(): flask.abort(404)
def request_token(): u = current_user() print u is None print 'request_token_handler' return {}