def login():
if not auth_enabled:
abort(404)
data = json.loads(request.data)
if data.get('guest', None) is True:
try:
user = User.guest()
except AuthenticationError:
abort(403, "Error: guests users are not allowed.")
except AllUnauthorizedError:
abort(403, "Error: you have not any role for this cluster")
else:
try:
user = User.user(data['username'],
data['password'])
except AuthenticationError:
abort(403, "Error: your login / password doesn't match.")
except AllUnauthorizedError:
abort(403, "Error: you have not any role for this cluster")
token = user.generate_auth_token()
resp = {
'id_token': token,
'username': user.username,
'role': user.role,
'restricted_views': user.restricted_views()
}
return jsonify(resp)
def add_cardbox():
if not request.is_json:
abort(404)
# already returns dictionary
payload = request.get_json()
req = ('username', 'password', 'tags', 'content', 'name')
if not payload or not all(r in payload for r in req):
abort(404)
if User.exists(db, payload['username']):
user = User.fetch(db, payload['username'])
if not user.check_password(payload['password']):
abort(404)
new_box = CardBox(CardBox.gen_card_id(),
name=payload['name'],
owner=user._id,
rating=0,
tags=payload['tags'],
content=payload['content'])
new_box.store(db)
user.cardboxs.append(new_box._id)
user.store(db)
return 'OK'
def login():
if not auth_enabled:
abort(404)
data = json.loads(request.data)
if data.get('guest', None) is True:
try:
user = User.guest()
except AuthenticationError:
abort(403, "Guests users are not allowed.")
except AllUnauthorizedError:
abort(403, "You do not have any role for this cluster")
else:
try:
user = User.user(data['login'], data['password'])
except AuthenticationError:
abort(403, "Your login / password doesn't match.")
except AllUnauthorizedError:
abort(403, "You do not have any role for this cluster")
token = user.generate_auth_token()
resp = {
'id_token': token,
'login': user.login,
'role': user.role,
'name': user.get_user_name(),
'restricted_views': user.restricted_views()
}
return jsonify(resp)
def registrate():
form = RegForm()
if request.method == 'GET':
return render_template("registrate.html", myForm=form)
else:
if not form.validate():
return render_template("registrate.html", myForm=form)
user = User()
user.__enter__()
status = user.sign_up( request.form['username'],
request.form['email'])
if status == '200 OK':
session['email'] = request.form["email"]
response = make_response("logged in")
expires = datetime.now()
expires += timedelta(minutes=5)
response.set_cookie('emailCookie', session['email'], expires=expires)
return redirect('/index')
elif status == '500 already existed':
return redirect('/registrate')
else:
return redirect('/registrate')
def cse():
dossiers_cse = DossierCSE.objects()
role_anonyme = user_datastore.find_role('CSE-Anonyme')
users_cse_anonyme = [user.prenom + ' ' + user.nom for user in User.objects(roles=role_anonyme)]
role_dossier = user_datastore.find_role('CSE-Dossier')
users_cse_dossier = [user.prenom + ' ' + user.nom for user in User.objects(roles=role_dossier)]
return render_template('cse.html', dossiers_cse=dossiers_cse, users_cse_anonyme=users_cse_anonyme, users_cse_dossier=users_cse_dossier)
def register():
form = RegisterForm()
if form.validate_on_submit():
User.add(form.email.data, form.password.data)
flash('Sad se možete prijaviti', category='success')
return redirect(url_for('login'))
return render_template('register.html', form=form)
def login():
if request.method == "GET":
if current_user.is_authenticated:
return redirect(url_for('index'))
return render_template('web/login.html')
else:
if current_user.is_authenticated:
return redirect(url_for('index'))
username = request.form['username']
pw = request.form['password']
user = appDB.users.find_one({'_id': username})
if user:
myuser = User.query_user(user['_id'])
if check_password(myuser.pw_hash, pw):
login_user(myuser)
return redirect(url_for('index'))
else:
flash("Incorrect username/password, please try again")
return render_template('web/login.html')
else:
pw_hash = generate_password_hash(pw)
myuser = User(username, pw_hash, [])
appDB.users.insert_one({"_id": myuser.id, \
"password": myuser.pw_hash, \
"history": []})
login_user(myuser)
return redirect(url_for('index'))
def load_user(id):
res = db.get_db().query("select * from users where id='" + str(id) + "'")
if len(res) == 1:
user = User(res[0][0], res[0][1])
user.is_authenticated = True
return user
else:
return None
def sign_up():
if current_user.is_authenticated():
return redirect(url_for('home'))
if request.method == 'POST':
user = User(request.form['username'], request.form['name'])
mongo.db.participants.insert(user.save_participant())
login_user(user)
return redirect(url_for('home', username=user.username))
return render_template('signup.html')
def request_login():
if request.form['password'] == get_login_pass_hash():
if request.form['remember'] == "true":
login_user(User(1), remember=True)
else:
login_user(User(1))
return 'ok'
else:
return 'no'
def facebook_auth(resp):
if resp is None:
flash('You denied the request to sign in.')
return redirect(request.args.get('next') or url_for('show_landing'))
user = User(username=resp['screen_name'], name=resp['screen_name'],
token=resp['oauth_token'], secret=resp['oauth_token_secret'])
login_user(user)
user.user_id = session['user_id']
users.append(user)
mongo.db.participants.insert(user.save_participant())
return redirect(request.args.get('next') or url_for('home', username=user.username))
def login():
data = json.loads(request.data)
if data.get('guest', None) == True:
user = User.guest()
else:
try:
user = User.user(data['username'], data['password'])
except AuthenticationError:
abort(403)
token = user.generate_auth_token()
resp = {'id_token': token, 'username': user.username, 'role': user.role}
return jsonify(resp)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm(db)
if form.validate_on_submit():
user = User.fetch(db, form.username.data)
if not user.check_password(form.password.data):
flash('You shall not password.', 'error')
return redirect(url_for('login'))
login_user(user)
flash('Login successful!')
# flask_login.LoginManager sets 'next' url Argument by default.
next_page = request.args.get('next')
# Additional check if address is relative (no netloc component).
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('login.html', form=form)
def accept(self):
self.user = User(self.ui.login.text(),
self.ui.password.text())
if not self.parent().db.is_user_exists(self.user.login, self.user.password):
self.setWindowTitle('Ошибка авторизации')
else:
QDialog.accept(self)
def _validate_and_log_user(form):
if form.validate_on_submit():
mongo_user = mongo.db.users.find_one({'email': form.email.data})
if mongo_user and bcrypt.check_password_hash(mongo_user['password'], form.password.data):
login_user(User(mongo_user), remember=form.remember_me.data)
else:
flash('Utilisateur ou mot de passe non valide.')
def __init__(self, url, user=None):
"""Open a new session to URL with the specified USER.
USER must be an object that implements the
'csvn.auth.User' interface."""
if user is None:
user = User()
self.pool = Pool()
self.iterpool = Pool()
self.url = RepositoryURI(url)
self.user = user
self.client = POINTER(svn_client_ctx_t)()
svn_client_create_context(byref(self.client), self.pool)
self.user.setup_auth_baton(pointer(self.client.contents.auth_baton))
self._as_parameter_ = POINTER(svn_ra_session_t)()
svn_client_open_ra_session(byref(self._as_parameter_), url,
self.client, self.pool)
self.client[0].log_msg_func2 = \
svn_client_get_commit_log2_t(self._log_func_wrapper)
self.client[0].log_msg_baton2 = c_void_p()
self._log_func = None
def login():
if request.method == 'GET':
return '''
<form action='login' method='POST'>
<input type='text' name='email' id='email' placeholder='email'></input>
<input type='password' name='pw' id='pw' placeholder='password'></input>
<input type='submit' name='submit'></input>
</form>
'''
email = request.form['email']
if request.form['pw'] == users[email]['pw']:
user = User()
user.id = email
flask_login.login_user(user)
return redirect(url_for('protected'))
return 'Bad login'
def request_loader(request):
username = request.form.get('username')
res = db.get_db().query("select * from users where username='******'")
if len(res) == 1:
user = User(res[0][0], res[0][1])
return user
else:
return None
def view(id):
try:
note = Note.get(id=id)
if note is not None:
return render_template('note.html', note=note, users=User.all(sortby=User.name), books=Book.all(sortby=Book.title), notation=NOTATION)
else:
raise('note not found')
except:
flash('Not found note', 'warning')
return redirect(url_for('notes'))
def login_handler():
if request.method == 'POST':
if validate_user(request.form['username'], request.form['password']):
login_user(User(request.form['username'], True))
return redirect(url_for('quiz_page'))
else:
return render_template(
'quiz-login.html',
message="Incorrect User/Password combination")
return render_template('quiz-login.html', message=None)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User()
form.populate_obj(user)
login_user(user)
flash('Logged in successfully.')
return redirect(url_for('homepage'))
return render_template('login.html', form=form)
def accept(self):
user = User(self.ui.login.text(), self.ui.password.text())
if len(
reader.select_from_where(
'*', 'Пользователи', '''логин = '{}'
and пароль = '{}' '''.format(
user.login, user.password))) != 1:
self.setWindowTitle('Ошибка авторизации')
else:
QDialog.accept(self)
def addusers():
authusers = [{"id": 1, "username": '******', "password": ''}]
users = []
for user in authusers:
users.append(User(user["id"], user["username"], user["password"]))
for user in users:
print(user)
save_to(user, db)
def show_user(_id):
user = User.fetch(db, _id)
if not user:
flash('Invalid User Name.'
'Be the first User to have this name! :D', 'error')
return redirect(url_for('index'))
if user._id == current_user._id:
return render_template('show_user_myself.html', user=user)
return render_template('show_user.html', user=user)
def admin(id=None):
if id:
user = User.objects.get(id=id)
raw_user = user.to_mongo()
raw_user.pop('roles')
user_form = UserForm(request.form, roles=[r.name for r in user.roles], **raw_user)
title_aside = u'Modifier l\'utilisateur'
else:
user = User()
user_form = UserForm()
title_aside = u'Créer un utilisateur'
if user_form.associations.data:
user_form.associations.choices = make_choices(user_form.associations_choices, selected=user_form.associations.data, name='Associations')
if user_form.roles.data:
user_form.roles.choices = make_choices(user_form.roles_choices, selected=user_form.roles.data, name=u'Rôles')
if user_form.validate_on_submit():
user.email = user_form.email.data
user.nom = user_form.nom.data
user.prenom = user_form.prenom.data
if user_form.password.data:
user.password = encrypt_password(user_form.password.data)
roles_list = [user_datastore.find_or_create_role(role_name).to_dbref() for role_name in user_form.roles.data]
user.roles = roles_list
user.associations = user_form.associations.data
user.save()
if id:
return redirect('/admin')
def pretty_dict(_dict, key):
return ', '.join([getattr(r, key) for r in _dict])
users = User.objects()
return render_template('admin.html', users=users, arrow=arrow, user_form=user_form, title_aside=title_aside, pretty_dict=pretty_dict)
def signin():
form = LoginForm()
err = None
if request.method == 'GET':
user_email = session.get('email') or request.cookies.get('emailCookie')
if user_email:
return redirect('/index')
return render_template('login.html', myForm=form)
if form.validate_on_submit():
user = User()
user.__enter__()
res = user.sign_in(request.form['email'])
print(res)
if int(res):
session['email'] = request.form["email"]
response = make_response(redirect('/index'))
expires = datetime.now() + timedelta(minutes=15)
response.set_cookie('emailCookie', session['email'], expires=expires)
return response
err = 'Not correct email'
return render_template('login.html', myForm=form, err=err)
def login():
if not auth_enabled:
abort(404)
data = json.loads(request.data)
if data.get('guest', None) == True:
user = User.guest()
else:
try:
user = User.user(data['username'],
data['password'])
except AuthenticationError:
abort(403)
token = user.generate_auth_token()
resp = {
'id_token': token,
'username': user.username,
'role': user.role,
'restricted_views': user.restricted_views()
}
return jsonify(resp)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.get(form.email.data)
if user is not None and check_password_hash(user.password, form.password.data):
login_user(user, form.remember_me.data)
next = request.args.get('next')
if next is None or not next.startswith('/'):
next = url_for('index')
identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
flash('Uspješno ste se prijavili!', category='success')
return redirect(next)
flash('Neispravno korisničko ime ili zaporka!', category='warning')
return render_template('login.html', form=form)
def twitter_auth(resp):
if resp is None:
flash('You denied the request to sign in.')
return redirect(request.args.get('next') or url_for('show_landing'))
stored_user = mongo.db.participants.find_one({'username': resp['screen_name']})
if stored_user:
new_user = False
user = User(username=resp['screen_name'],
token=resp['oauth_token'], secret=resp['oauth_token_secret'])
user.load_participant(stored_user)
else:
new_user = True
user = User(username=resp['screen_name'], name=resp['screen_name'],
token=resp['oauth_token'], secret=resp['oauth_token_secret'])
mongo.db.participants.insert(user.save_participant())
login_user(user)
if new_user:
return redirect(url_for('startpage', username=user.username))
else:
return redirect(request.args.get('next') or url_for('home', username=user.username))
def main():
global app
specfile = "./apis/api.yaml"
specurl = "file://" + abspath(specfile)
specdict = read_yaml_file(specfile)
openapi_spec = create_spec(specdict, spec_url=specurl)
openapi_middleware = FalconOpenAPIMiddleware.from_spec(openapi_spec)
app = API(middleware=[openapi_middleware])
auth_server = Auth()
user_server = User()
app.add_route('/user', user_server)
app.add_route('/token', auth_server)
def admin_login():
if request.method == "POST":
user = User.get(request.form["username"])
if user is not None:
pass_hash = hash_pass(request.form["password"])
if user.password == pass_hash:
login_user(user)
flash("Logged in successfully.")
nexturl = request.args.get("next")
if not utils.is_safe_url(nexturl):
return abort(400)
return redirect(nexturl or url_for("admin_index"))
return render_template(
"admin/login.html",
message="Error: Incorrect username and/or password.",
message_style="error")
return render_template("admin/login.html")
def __init__(self, path, create=False, user=None):
"""Open the repository at PATH. If create is True,
create a new repository.
If specified, user must be a csvn.auth.User instance.
"""
if user is None:
user = User()
self.pool = Pool()
self.iterpool = Pool()
self._as_parameter_ = POINTER(svn_repos_t)()
self.user = user
if create:
svn_repos_create(byref(self._as_parameter_), path,
None, None, None, None, self.pool)
else:
svn_repos_open(byref(self._as_parameter_), path, self.pool)
self.fs = _fs(self)
def register():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = RegistrationForm(db)
if form.validate_on_submit():
user = User(form.username.data)
user.set_password(form.password.data)
user.store(db)
flash("Accont creation successful."
"Welcome to our happy lil' community!")
return redirect(url_for('login'))
return render_template('register.html', form=form)
def loadUser(self, username, password):
from auth import User
try:
api = WaApiClient(self.getSetting('Client ID'),
self.getSetting('Client secret'))
api.authenticate_with_contact_credentials(username, password)
contact = api.execute_request('Contacts/me')
id = contact['Id']
user = User(username)
user.id = id
user.groups = []
user.firstName = contact['FirstName']
user.lastName = contact['LastName']
contact = api.execute_request('Contacts/' + str(id))
fieldValues = contact['FieldValues']
approved = False
groupList = []
for fieldValueItem in fieldValues:
if fieldValueItem['FieldName'] == 'Group participation':
groupList = fieldValueItem['Value']
break
for group in groupList:
user.groups.append(group['Label'])
logger.debug(f"Authenticating {username}")
logger.debug(user.groups)
return user
except HTTPError as err:
logger.debug("HTTPError Validating User: "******"Unhandled Error Validating User:", exc_info=True)
raise
return None
import sqlite3
import traceback
from flask import Flask, g, render_template, request, Response
from auth import User, handle_login, handle_logout, login_required
def default_config():
return dict(SECRET_KEY=os.urandom(128), DEBUG=True)
app = Flask(__name__)
app.config.update(default_config())
app.config.from_pyfile('config.py')
app.config['USERS'] = {x[0]: User(*x) for x in app.config['USERS']}
def connect_db():
db = sqlite3.connect(app.config['DB_PATH'])
# db = sqlite3.connect(
# 'file:/%s?mode=ro'.format(app.config['DB_PATH']), uri=True
# )
db.row_factory = sqlite3.Row
db.cursor().execute('PRAGMA foreign_keys=ON')
return db
def get_db():
db = getattr(g, '_database', None)
if db is None:
def save_user_in_mongo(**kwargs):
new_user = MongoUser.create_user(kwargs['username'], kwargs['password1'], kwargs['email'])
new_user.first_name = kwargs.get('first_name')
new_user.last_name = kwargs.get('last_name')
new_user.save()
return new_user
def __init__(self): User.__init__(self)
def data(request):
print "-------------------------------------------------"
str = request.body
incomingData = json.loads(request.POST['JSONdata'])
print incomingData
for key, values in incomingData.iteritems():
dataType = key;
if (key == "SMS"):
print "---------------- SMS ----------------"
#s.user_id = values['user_id']
for item in values:
for inboxORsent, msgs in item.iteritems():
if (inboxORsent == "inbox"):
print"------its inbox data-----------"
for msg in msgs:
s = sms()
print "----------------- one msg --------------------"
#for msgKey, msgValue in msg.iteritems():
print "----------"
s.smsType = "inbox"
s.toRfrom = msg['phone']
s.body = msg['body']
DBSession.add(s)
#print "key is " + msgKey
#print "vale is " + msgValue
elif(inboxORsent == "sent"):
print"------its sent data-----------"
for msg in msgs:
s = sms()
print "----------------- one msg --------------------"
s.smsType == "inbox"
s.toRfrom = msg['phone']
s.body = msg['body']
DBSession.add(s)
elif (key == "Contacts"):
print "-----------------------------------contacts -------------------"
for contact in values:
c=contacts()
#print "--------------------------------------------- contact 1 ---------------------------------------------------------------------"
for DetailsKey, DetailsValue in contact.iteritems():
p=phoneNumbers()
if(DetailsKey == "Phone"):
for phoneType, phoneNumber in DetailsValue.iteritems():
if(phoneType == "Mobile"):
p.contactName=contact['name']
p.contacType= "Mobile"
p.number = phoneNumber
elif(phoneType == "Home"):
p.contactName=contact['name']
p.contacType= "Home"
p.number = phoneNumber
elif(phoneType == "Work"):
p.contactName=contact['name']
p.contacType= "Work"
p.number = phoneNumber
elif(phoneType == "Work Fax"):
p.contactName=contact['name']
p.contacType= "Work Fax "
p.number = phoneNumber
elif(phoneType == "Home Fax"):
p.contactName=contact['name']
p.contacType= "Home Fax"
p.number = phoneNumber
elif(phoneType == "Pager"):
p.contactName=contact['name']
p.contacType= "Pager"
p.number = phoneNumber
elif(phoneType == "other"):
p.contactName=contact['name']
p.contacType= "other"
p.number = phoneNumber
elif(phoneType == "Custom"):
p.contactName=contact['name']
p.contacType= "Custom"
p.number = phoneNumber
elif(phoneType == "Callback"):
p.contactName=contact['name']
p.contacType= "Callback"
p.number = phoneNumber
elif(phoneType == "Car"):
p.contactName=contact['name']
p.contacType= "Car"
p.number = phoneNumber
elif(phoneType == "Comapany Main"):
p.contactName=contact['name']
p.contacType= "Company Main"
p.number = phoneNumber
elif(phoneType == "ISDN"):
p.contactName=contact['name']
p.contacType= "ISDN"
p.number = phoneNumber
elif(phoneType == "Main"):
p.contactName=contact['name']
p.contacType= "Main"
p.number = phoneNumber
elif(phoneType == "Other Fax"):
p.contactName=contact['name']
p.contacType= "Other Fax"
p.number = phoneNumber
elif(phoneType == "Radio"):
p.contactName=contact['name']
p.contacType= "Radio"
p.number = phoneNumber
elif(phoneType == "Telex"):
p.contactName=contact['name']
p.contacType= "Telex"
p.number = phoneNumber
elif(phoneType == "TTY TDO"):
p.contactName=contact['name']
p.contacType= "TTY TDO"
p.number = phoneNumber
elif(phoneType == "Work Mobile"):
p.contactName=contact['name']
p.contacType= "Work Mobile"
p.number = phoneNumber
elif(phoneType == "Work Pager"):
p.contactName=contact['name']
p.contacType= "Work Pager"
p.number = phoneNumber
elif(phoneType == "Assistant"):
p.contactName=contact['name']
p.contacType= "Assistant"
p.number = phoneNumber
elif(phoneType == "MMS"):
p.contactName=contact['name']
p.contacType= "MMS"
p.number = phoneNumber
DBSession.add(p)
if(DetailsKey == "Email"):
c.email=contact['Email']
for emailType, emailAddress in DetailsValue.iteritems():
if(emailType == "Home"):
c.emailType="Home"
elif(emailType == "Work"):
c.emailType="Work"
elif(emailType == "Other"):
c.emailType="Other"
if(DetailsKey == "name"):
c.emailType=DetailsValue
if(DetailsKey == "Address"):
for address in DetailsValue:
print "address"
for addressField, fieldValue in address.iteritems():
print addressField + ": "+ fieldValue
DBSession.add(c)
elif (values == 'location'):
print "-------- location --------"
l = location()
l.longitude = float(incomingData['longitude'])
l.latitude = float(incomingData['latitude'])
l.user_id = 'ifrah'
DBSession.add(l)
elif (key == 'UserSettings'):
print "------ setting ----------"
U = User()
U.user_id = values['Email']
U.password = hashlib.sha1(values['ServerPassword']).hexdigest()
U.appPassword = values['AppPassword']
DBSession.add(U)
sims = registeredSims()
sims.user_id = values['Email']
sims.sim1 = values['Sim1']
sims.sim2 = values['Sim2']
DBSession.add(sims)
elif (key == 'adminSettings'):
for adminKey, adminValue in values.iteritems():
print adminKey
if(adminValue == False):
print "Admin Disabled"
return{ }
def __init__(self):
User.__init__(self)
def user_loader(email):
user = User()
return user
def get_password(username):
user = User().get_user(username)
user['username'] = username
g.user = user.copy()
g.user['password'] = ''
return user.get('password')
