def lookup_current_user():
"""
If there's a userid in the session, retrieve the user object and add
to the request namespace object g.
"""
g.user = None
g.usersession = None
if 'sessionid' in session:
usersession = UserSession.authenticate(buid=session['sessionid'])
g.usersession = usersession
if usersession:
usersession.access()
db.session.commit() # Save access
g.user = usersession.user
else:
session.pop('sessionid', None)
# Transition users with 'userid' to 'sessionid'
if 'userid' in session:
if not g.usersession:
user = User.get(userid=session['userid'])
if user:
usersession = UserSession(user=user)
usersession.access()
db.session.commit() # Save access
g.usersession = usersession
g.user = user
session['sessionid'] = usersession.buid
session.pop('userid', None)
# This will be set to True downstream by the requires_login decorator
g.login_required = False
def lookup_current_user():
"""
If there's a userid in the session, retrieve the user object and add
to the request namespace object g.
"""
g.user = None
g.usersession = None
if 'sessionid' in session:
usersession = UserSession.authenticate(buid=session['sessionid'])
g.usersession = usersession
if usersession:
usersession.access()
db.session.commit() # Save access
g.user = usersession.user
else:
session.pop('sessionid', None)
# Transition users with 'userid' to 'sessionid'
if 'userid' in session:
if not g.usersession:
user = User.get(userid=session['userid'])
if user:
usersession = UserSession(user=user)
usersession.access()
db.session.commit() # Save access
g.usersession = usersession
g.user = user
session['sessionid'] = usersession.buid
session.pop('userid', None)
# This will be set to True downstream by the requires_login decorator
g.login_required = False
def login_internal(user):
g.user = user
usersession = UserSession(user=user)
usersession.access()
session['sessionid'] = usersession.buid
session.permanent = True
autoset_timezone(user)
user_login.send(user)
def login_internal(user):
g.user = user
usersession = UserSession(user=user)
usersession.access()
session['sessionid'] = usersession.buid
session.permanent = True
autoset_timezone(user)
user_login.send(user)
def _load_user(self):
"""
If there's a buid in the session, retrieve the user object and add
to the request namespace object g.
"""
add_auth_attribute('user', None)
add_auth_attribute('session', None)
lastuser_cookie = {}
lastuser_cookie_headers = {
} # Ignored for now, intended for future changes
# Migrate data from Flask cookie session
if 'sessionid' in session:
lastuser_cookie['sessionid'] = session.pop('sessionid')
if 'userid' in session:
lastuser_cookie['userid'] = session.pop('userid')
if 'lastuser' in request.cookies:
try:
lastuser_cookie, lastuser_cookie_headers = lastuser_oauth.serializer.loads(
request.cookies['lastuser'], return_header=True)
except itsdangerous.BadSignature:
lastuser_cookie = {}
if 'sessionid' in lastuser_cookie:
add_auth_attribute(
'session',
UserSession.authenticate(buid=lastuser_cookie['sessionid']))
if current_auth.session:
current_auth.session.access()
db.session.commit() # Save access
add_auth_attribute('user', current_auth.session.user)
# Transition users with 'userid' to 'sessionid'
if not current_auth.session and 'userid' in lastuser_cookie:
add_auth_attribute('user',
User.get(buid=lastuser_cookie['userid']))
if current_auth.is_authenticated:
add_auth_attribute('session',
UserSession(user=current_auth.user))
current_auth.session.access()
db.session.commit() # Save access
if current_auth.session:
lastuser_cookie['sessionid'] = current_auth.session.buid
else:
lastuser_cookie.pop('sessionid', None)
if current_auth.is_authenticated:
lastuser_cookie['userid'] = current_auth.user.buid
else:
lastuser_cookie.pop('userid', None)
lastuser_cookie['updated_at'] = utcnow().isoformat()
add_auth_attribute('cookie', lastuser_cookie)
# This will be set to True downstream by the requires_login decorator
add_auth_attribute('login_required', False)
def login_internal(user):
g.user = user
usersession = UserSession(user=user)
usersession.access()
g.lastuser_cookie['sessionid'] = usersession.buid
g.lastuser_cookie['userid'] = user.userid
session.permanent = False
autoset_timezone(user)
user_login.send(user)
def login_internal(user):
g.user = user
usersession = UserSession(user=user)
usersession.access()
g.lastuser_cookie['sessionid'] = usersession.buid
g.lastuser_cookie['userid'] = user.buid
session.permanent = False
autoset_timezone(user)
user_login.send(user)
def login_internal(user):
add_auth_attribute('user', user)
usersession = UserSession(user=user)
usersession.access()
add_auth_attribute('session', usersession)
current_auth.cookie['sessionid'] = usersession.buid
current_auth.cookie['userid'] = user.buid
session.permanent = True
autoset_timezone(user)
user_login.send(user)
def login_internal(user):
add_auth_attribute('user', user)
usersession = UserSession(user=user)
usersession.access()
add_auth_attribute('session', usersession)
current_auth.cookie['sessionid'] = usersession.buid
current_auth.cookie['userid'] = user.buid
session.permanent = True
autoset_timezone(user)
user_login.send(user)
def lookup_current_user():
"""
If there's a buid in the session, retrieve the user object and add
to the request namespace object g.
"""
g.user = None
g.usersession = None
lastuser_cookie = {}
lastuser_cookie_headers = {
} # Ignored for now, intended for future changes
# Migrate data from Flask cookie session
if 'sessionid' in session:
lastuser_cookie['sessionid'] = session.pop('sessionid')
if 'userid' in session:
lastuser_cookie['userid'] = session.pop('userid')
if 'lastuser' in request.cookies:
try:
lastuser_cookie, lastuser_cookie_headers = lastuser_oauth.serializer.loads(
request.cookies['lastuser'], return_header=True)
except itsdangerous.BadSignature:
lastuser_cookie = {}
if 'sessionid' in lastuser_cookie:
g.usersession = UserSession.authenticate(
buid=lastuser_cookie['sessionid'])
if g.usersession:
g.usersession.access()
db.session.commit() # Save access
g.user = g.usersession.user
# Transition users with 'userid' to 'sessionid'
if not g.usersession and 'userid' in lastuser_cookie:
g.user = User.get(buid=lastuser_cookie['userid'])
if g.user:
g.usersession = UserSession(user=g.user)
g.usersession.access()
db.session.commit() # Save access
if g.usersession:
lastuser_cookie['sessionid'] = g.usersession.buid
else:
lastuser_cookie.pop('sessionid', None)
if g.user:
lastuser_cookie['userid'] = g.user.buid
else:
lastuser_cookie.pop('userid', None)
g.lastuser_cookie = lastuser_cookie
# This will be set to True downstream by the requires_login decorator
g.login_required = False
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
# Check if http referrer and given client id match a registered client
if ('client_id' in request.values and 'session' in request.values
and request.referrer):
client_cred = AuthClientCredential.get(request.values['client_id'])
if client_cred is not None and get_scheme_netloc(
client_cred.auth_client.website) == get_scheme_netloc(
request.referrer):
if UserSession.authenticate(
buid=request.values['session']) is not None:
return f(*args, **kwargs)
# If we didn't get a valid client_id and session, maybe there's a user?
if current_auth.is_authenticated:
return f(*args, **kwargs)
# If user is not logged in, check for client credentials in the request authorization header.
# If no error reported, call the function, else return error.
result = _client_login_inner()
if result is None:
return f(*args, **kwargs)
else:
return result
def lookup_current_user():
"""
If there's a userid in the session, retrieve the user object and add
to the request namespace object g.
"""
g.user = None
g.usersession = None
lastuser_cookie = {}
lastuser_cookie_headers = {} # Ignored for now, intended for future changes
# Migrate data from Flask cookie session
if 'sessionid' in session:
lastuser_cookie['sessionid'] = session.pop('sessionid')
if 'userid' in session:
lastuser_cookie['userid'] = session.pop('userid')
if 'lastuser' in request.cookies:
try:
lastuser_cookie, lastuser_cookie_headers = lastuser_oauth.serializer.loads(
request.cookies['lastuser'], return_header=True)
except itsdangerous.BadSignature:
lastuser_cookie = {}
if 'sessionid' in lastuser_cookie:
g.usersession = UserSession.authenticate(buid=lastuser_cookie['sessionid'])
if g.usersession:
g.usersession.access()
db.session.commit() # Save access
g.user = g.usersession.user
# Transition users with 'userid' to 'sessionid'
if not g.usersession and 'userid' in lastuser_cookie:
g.user = User.get(userid=lastuser_cookie['userid'])
if g.user:
g.usersession = UserSession(user=g.user)
g.usersession.access()
db.session.commit() # Save access
if g.usersession:
lastuser_cookie['sessionid'] = g.usersession.buid
else:
lastuser_cookie.pop('sessionid', None)
if g.user:
lastuser_cookie['userid'] = g.user.userid
else:
lastuser_cookie.pop('userid', None)
g.lastuser_cookie = lastuser_cookie
# This will be set to True downstream by the requires_login decorator
g.login_required = False
def _load_user(self):
"""
If there's a buid in the session, retrieve the user object and add
to the request namespace object g.
"""
add_auth_attribute('user', None)
add_auth_attribute('session', None)
lastuser_cookie = {}
lastuser_cookie_headers = {} # Ignored for now, intended for future changes
# Migrate data from Flask cookie session
if 'sessionid' in session:
lastuser_cookie['sessionid'] = session.pop('sessionid')
if 'userid' in session:
lastuser_cookie['userid'] = session.pop('userid')
if 'lastuser' in request.cookies:
try:
lastuser_cookie, lastuser_cookie_headers = lastuser_oauth.serializer.loads(
request.cookies['lastuser'], return_header=True)
except itsdangerous.BadSignature:
lastuser_cookie = {}
if 'sessionid' in lastuser_cookie:
add_auth_attribute('session', UserSession.authenticate(buid=lastuser_cookie['sessionid']))
if current_auth.session:
current_auth.session.access()
db.session.commit() # Save access
add_auth_attribute('user', current_auth.session.user)
# Transition users with 'userid' to 'sessionid'
if not current_auth.session and 'userid' in lastuser_cookie:
add_auth_attribute('user', User.get(buid=lastuser_cookie['userid']))
if current_auth.is_authenticated:
add_auth_attribute('session', UserSession(user=current_auth.user))
current_auth.session.access()
db.session.commit() # Save access
if current_auth.session:
lastuser_cookie['sessionid'] = current_auth.session.buid
else:
lastuser_cookie.pop('sessionid', None)
if current_auth.is_authenticated:
lastuser_cookie['userid'] = current_auth.user.buid
else:
lastuser_cookie.pop('userid', None)
add_auth_attribute('cookie', lastuser_cookie)
# This will be set to True downstream by the requires_login decorator
add_auth_attribute('login_required', False)
def session_verify(authtoken, args, files=None):
sessionid = args['sessionid']
session = UserSession.authenticate(buid=sessionid)
if session and session.user == authtoken.user:
session.access(client=authtoken.client)
db.session.commit()
return {
'active': True,
'sessionid': session.buid,
'userid': session.user.userid,
'sudo': session.has_sudo,
}
else:
return {'active': False}
def session_verify(authtoken, args, files=None):
sessionid = args['sessionid']
session = UserSession.authenticate(buid=sessionid)
if session and session.user == authtoken.user:
session.access(client=authtoken.client)
db.session.commit()
return {
'active': True,
'sessionid': session.buid,
'userid': session.user.userid,
'sudo': session.has_sudo,
}
else:
return {'active': False}
def decorated_function(*args, **kwargs):
g.login_required = True
# Check if http referrer and given client id match a registered client
if 'client_id' in request.values and 'session' in request.values and request.referrer:
client_cred = ClientCredential.get(request.values['client_id'])
if client_cred is not None and get_scheme_netloc(client_cred.client.website) == get_scheme_netloc(request.referrer):
if UserSession.authenticate(buid=request.values['session']) is not None:
return f(*args, **kwargs)
# If we didn't get a valid client_id and session, maybe there's a user?
if g.user is not None:
return f(*args, **kwargs)
# If user is not logged in, check for client credentials in the request authorization header.
# If no error reported, call the function, else return error.
result = _client_login_inner()
if result is None:
return f(*args, **kwargs)
else:
return result
