def persona_login(): # Must have the assertion. if 'assertion' not in request.form: abort(400) location = app.config['SERVER_NAME'] if location is None: # Do a best guess effort of the localhost and port number. location = ':'.join(['localhost', str(app.config['SERVER_PORT'])]) # Send the assertion to Mozilla's verifier service. assertion_info = { 'assertion': request.form['assertion'], 'audience': location, } r = requests.post('https://verifier.login.persona.org/verify', data=assertion_info, verify=True) if not r.ok: print('Failed to post to Persona.') abort(500) data = r.json() if data.get('status') == 'okay': user = app.user_storage.find_by_email(data['email']) if user is None: # Generate a password that the Persona user will not be told about. # This is to help prevent hackers from logging in using an empty # password hash of a Persona user. password = util.generate_password() pwhash = security.generate_password_hash(password) user = User( data['email'], # Use the email as the username. data['email'], 'persona', pwhash) app.user_storage.create(user) login_user(user) return jsonify({ # Pass back whatever redirect was provided. 'next': request.form.get('next') }) else: abort(401)
def persona_login(): # Must have the assertion. if 'assertion' not in request.form: abort(400) location = app.config['SERVER_NAME'] if location is None: # Do a best guess effort of the localhost and port number. location = ':'.join(['localhost', str(app.config['SERVER_PORT'])]) # Send the assertion to Mozilla's verifier service. assertion_info = { 'assertion': request.form['assertion'], 'audience': location, } r = requests.post('https://verifier.login.persona.org/verify', data=assertion_info, verify=True) if not r.ok: print('Failed to post to Persona.') abort(500) data = r.json() if data.get('status') == 'okay': user = app.user_storage.find_by_email(data['email']) if user is None: # Generate a password that the Persona user will not be told about. # This is to help prevent hackers from logging in using an empty # password hash of a Persona user. password = util.generate_password() pwhash = security.generate_password_hash(password) user = User(data['email'], # Use the email as the username. data['email'], 'persona', pwhash) app.user_storage.create(user) login_user(user) return jsonify({ # Pass back whatever redirect was provided. 'next': request.form.get('next') }) else: abort(401)
def add_user(): if current_user.name != app.config['ADMINISTRATOR']: flash('You don\'t have permission to do that.') return redirect(url_for('index')) form = AddUserForm() if form.validate_on_submit(): password = util.generate_password() pwhash = security.generate_password_hash(password) user = User(form.username.data, '', # Email is not used. 'password', pwhash) app.user_storage.create(user) return render_template('user_confirmation.html', username=form.username.data, password=password) return render_template('add_user.html', form=form)
def add_user(): if current_user.name != app.config['ADMINISTRATOR']: flash('You don\'t have permission to do that.') return redirect(url_for('index')) form = AddUserForm() if form.validate_on_submit(): password = util.generate_password() pwhash = security.generate_password_hash(password) user = User( form.username.data, '', # Email is not used. 'password', pwhash) app.user_storage.create(user) return render_template('user_confirmation.html', username=form.username.data, password=password) return render_template('add_user.html', form=form)