def needs_login(**kwargs):
if not current_user.is_authenticated():
nex = kwargs.get(
'next',
request.values.get(
'next', url_for('quokka.modules.accounts.profile_edit')))
return redirect(url_for_security('login', next=nex))
def when_reset_password_sent(sender, token, user, **extra):
reset_link = url_for_security('reset_password', token=token, _external=True)
send_mail.delay(
recipient=user.email,
subject=app.config['SECURITY_EMAIL_SUBJECT_PASSWORD_RESET'],
template='reset_instructions',
user=user,
reset_link=reset_link
)
def when_confirm_instructions_sent(sender, token, user, **extra):
confirmation_link = url_for_security('confirm_email', token=token, _external=True)
send_mail.delay(
recipient=user.email,
subject=app.config['EMAIL_SUBJECT_CONFIRM'],
template='confirmation_instructions',
user=user,
confirmation_link=confirmation_link
)
def needs_login(**kwargs):
if not current_user.is_authenticated():
nex = kwargs.get(
'next',
request.values.get(
'next',
url_for('quokka.modules.accounts.profile_edit')
)
)
return redirect(url_for_security('login', next=nex))
def when_password_changed(sender, user, **extra):
forgot_link = url_for_security('forgot_password', _external=True)
send_mail.delay(
recipient=user.email,
subject=app.config['EMAIL_SUBJECT_PASSWORD_CHANGE_NOTICE'],
template='change_notice',
user=user,
forgot_link=forgot_link
)
def foursquare_login():
import foursquare
client = foursquare.Foursquare(
client_id=app.config['FOURSQUARE_CLIENT_ID'],
client_secret=app.config['FOURSQUARE_CLIENT_SECRET'],
redirect_uri=url_for('.foursquare_login', _external=True))
if 'error' in request.args:
flash('Foursquare login failed: {}'.format(request.args['error']))
return redirect(url_for_security('login'), 307)
elif 'code' in request.args:
access_token = client.oauth.get_token(request.args['code'])
client.set_access_token(access_token)
foursquare_user = client.users()
try:
email = foursquare_user['user']['contact']['email']
except KeyError:
app.logger.debug(
"Failed to pluck email from {}".format(foursquare_user),
exc_info=True)
flash("Couldn't determine your email address from Foursquare")
return redirect(url_for_security('login'), 307)
user = user_datastore.find_user(email=email)
if user is None:
user = user_datastore.create_user(email=email)
if user.foursquare_access_token != access_token:
user.foursquare_access_token = access_token
user_datastore.commit()
login_user(user)
# TODO: stuff next into the session, pull it back out here
declared = session.pop('FOURSQUARE_POST_LOGIN_NEXT', None)
redirect_to = get_post_login_redirect(declared=declared)
return redirect(redirect_to, 307)
else:
auth_uri = client.oauth.auth_url()
session['FOURSQUARE_POST_LOGIN_NEXT'] = request.args.get('next')
return redirect(auth_uri, 307)
def foursquare_login():
import foursquare
client = foursquare.Foursquare(
client_id=app.config['FOURSQUARE_CLIENT_ID'],
client_secret=app.config['FOURSQUARE_CLIENT_SECRET'],
redirect_uri=url_for('.foursquare_login', _external=True))
if 'error' in request.args:
flash('Foursquare login failed: {}'.format(request.args['error']))
return redirect(url_for_security('login'), 307)
elif 'code' in request.args:
access_token = client.oauth.get_token(request.args['code'])
client.set_access_token(access_token)
foursquare_user = client.users()
try:
email = foursquare_user['user']['contact']['email']
except KeyError:
app.logger.debug(
"Failed to pluck email from {}".format(foursquare_user),
exc_info=True)
flash("Couldn't determine your email address from Foursquare")
return redirect(url_for_security('login'), 307)
user = user_datastore.find_user(email=email)
if user is None:
user = user_datastore.create_user(email=email)
if user.foursquare_access_token != access_token:
user.foursquare_access_token = access_token
user_datastore.commit()
login_user(user)
# TODO: stuff next into the session, pull it back out here
declared = session.pop('FOURSQUARE_POST_LOGIN_NEXT', None)
redirect_to = get_post_login_redirect(declared=declared)
return redirect(redirect_to, 307)
else:
auth_uri = client.oauth.auth_url()
session['FOURSQUARE_POST_LOGIN_NEXT'] = request.args.get('next')
return redirect(auth_uri, 307)
def confirm_email(token):
"""View function which handles a email confirmation request."""
expired, invalid, user = confirm_email_token_status(token)
if not user or invalid:
invalid = True
do_flash(*get_message('INVALID_CONFIRMATION_TOKEN'))
if expired:
send_confirmation_instructions(user)
do_flash(*get_message('CONFIRMATION_EXPIRED', email=user.email,
within=_security.confirm_email_within))
if invalid or expired:
return redirect(get_url(_security.confirm_error_view) or
url_for_security('send_confirmation'))
if user.confirmed_at is not None:
do_flash(*get_message('ALREADY_CONFIRMED'))
return redirect(get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
if request.json:
form_data = MultiDict(request.json)
else:
form_data = request.form
form = forms.ConfirmEmailForm(form_data)
if form.validate_on_submit():
user.password = form.password.data
confirm_user(user) # this saves 'user'
if user != current_user:
logout_user()
login_user(user)
do_flash(*get_message('EMAIL_CONFIRMED'))
return redirect(get_url(_security.post_confirm_view) or
get_url(_security.post_login_view))
return render_template('security/confirm.html',
token=token,
confirm_form=form,
**_ctx('change_password')
)
def _handle_view(self, name, *args, **kwargs):
if not current_user.is_authenticated():
return redirect(url_for_security('login', next="/admin"))
if not self.is_accessible():
return self.render("admin/denied.html")
def _handle_view(self, name, *args, **kwargs):
if not current_user.is_authenticated():
return redirect(url_for_security('login', next="/admin"))
if not self.is_accessible():
return self.render("admin/denied.html")
def needs_login(self, **kwargs):
if not current_user.is_authenticated():
next = kwargs.get('next', request.values.get('next', '/cart'))
return redirect(url_for_security('login', next=next))
def needs_login(self, **kwargs):
if not current_user.is_authenticated():
next = kwargs.get('next', request.values.get('next', '/cart'))
return redirect(url_for_security('login', next=next))
def __init__(self, *args, **kwargs):
super(RegisterForm, self).__init__(*args, **kwargs)
if not self.next.data:
self.next.data = request.args.get('next',
url_for_security('login'))
