def auth_handler():
# The request has to have an assertion for us to verify
if 'assertion' not in request.form:
return jsonify(ok=False, message="Assertion parameter missing")
# Send the assertion to Mozilla's verifier service.
data = dict(assertion=request.form['assertion'],
audience=config.persona_audience)
resp = requests.post(config.persona_verifier, data=data, verify=True)
# Did the verifier respond?
if resp.ok:
# Parse the response
verification_data = resp.json()
if verification_data['status'] == 'okay':
email = verification_data['email']
session['email'] = email
session['logged_in'] = True
user = User.get_by_email(email)
if user is None:
user = User.new_user(email)
if user.pulse_users:
return jsonify(ok=True, redirect='/')
return jsonify(ok=True, redirect='/register')
# Oops, something failed. Abort.
error_msg = "Couldn't connect to the Persona verifier ({0})".format(
config.persona_verifier)
logging.error(error_msg)
return jsonify(ok=False, message=error_msg)
def inject_user():
"""Injects a user and configuration in templates' context."""
cur_user = User.get_by_email(session.get('email'))
if cur_user and cur_user.pulse_users:
pulse_user = cur_user.pulse_users[0]
else:
pulse_user = None
return dict(cur_user=cur_user, pulse_user=pulse_user, config=config,
session=session)
def load_user():
"""Loads the currently logged-in user (if any) to the request context."""
# Check if fake account is set and load user.
if fake_account:
load_fake_account(fake_account)
email = session.get('email')
if not email:
g.user = None
else:
g.user = User.get_by_email(session.get('email'))
if not g.user:
g.user = User.new_user(email)