Exemple #1
0
def auth_handler():
    # The request has to have an assertion for us to verify
    if 'assertion' not in request.form:
        return jsonify(ok=False, message="Assertion parameter missing")

    # Send the assertion to Mozilla's verifier service.
    data = dict(assertion=request.form['assertion'],
                audience=config.persona_audience)
    resp = requests.post(config.persona_verifier, data=data, verify=True)

    # Did the verifier respond?
    if resp.ok:
        # Parse the response
        verification_data = resp.json()
        if verification_data['status'] == 'okay':
            email = verification_data['email']
            session['email'] = email
            session['logged_in'] = True

            user = User.get_by_email(email)
            if user is None:
                user = User.new_user(email)

            if user.pulse_users:
                return jsonify(ok=True, redirect='/')

            return jsonify(ok=True, redirect='/register')

    # Oops, something failed. Abort.
    error_msg = "Couldn't connect to the Persona verifier ({0})".format(
        config.persona_verifier)
    logging.error(error_msg)
    return jsonify(ok=False, message=error_msg)
Exemple #2
0
def inject_user():
    """Injects a user and configuration in templates' context."""
    cur_user = User.get_by_email(session.get('email'))
    if cur_user and cur_user.pulse_users:
        pulse_user = cur_user.pulse_users[0]
    else:
        pulse_user = None
    return dict(cur_user=cur_user, pulse_user=pulse_user, config=config,
                session=session)
Exemple #3
0
def load_user():
    """Loads the currently logged-in user (if any) to the request context."""

    # Check if fake account is set and load user.
    if fake_account:
        load_fake_account(fake_account)

    email = session.get('email')
    if not email:
        g.user = None
    else:
        g.user = User.get_by_email(session.get('email'))
        if not g.user:
            g.user = User.new_user(email)