def referral_login(email=None, password=None, remember=None, refer=None, *args, **kwargs):
# pylint: disable=unused-argument
"""
This endpoint is the landing page for the logged-in user
"""
if email is None:
email = request.form.get('email', None)
if password is None:
password = request.form.get('password', None)
if remember is None:
remember = request.form.get('remember', None)
remember = remember in ['true', 'on']
if refer is None:
refer = flask.request.args.get('next', request.form.get('next', None))
if refer in ['origin']:
refer = request.referrer
if refer is not None:
if not _is_safe_url(refer):
log.error('User gave insecure next URL: %r' % (refer,))
refer = None
failure_refer = 'frontend.home'
user = User.find(email=email, password=password)
redirect = _url_for(failure_refer)
if user is not None:
if True not in [user.in_alpha, user.in_beta, user.is_staff, user.is_admin]:
log.warning(
'User %r had a valid login, but is not a staff or beta member.',
)
redirect = _url_for(failure_refer)
else:
status = login_user(user, remember=remember)
if status:
# User logged in organically.
log.info(
'Logged in User (remember = %s): %r'
% (
remember,
user,
)
)
create_session_oauth2_token()
if refer is not None:
log.info('Sending user to requested next: %r' % (refer,))
redirect = refer
else:
log.warning('Username or password unrecognized.')
redirect = _url_for(failure_refer)
else:
log.warning('Username or password unrecognized.')
redirect = _url_for(failure_refer)
return flask.redirect(redirect)
def referral_logout(refer=None, *args, **kwargs):
# pylint: disable=unused-argument
"""
This endpoint is the landing page for the logged-in user
"""
if refer is None:
refer = flask.request.args.get('next', request.form.get('next', None))
if refer in ['origin']:
refer = request.referrer
if refer is not None:
if not _is_safe_url(refer):
log.error('User gave insecure next URL: %r' % (refer,))
refer = None
# Delete the Oauth2 token for this session
log.info('Logging out User: %r' % (current_user,))
delete_session_oauth2_token()
logout_user()
if refer is None:
redirect = _url_for('frontend.home')
else:
redirect = refer
return flask.redirect(redirect)
def user_login(email=None,
password=None,
remember=None,
refer=None,
*args,
**kwargs):
# pylint: disable=unused-argument
"""
This endpoint is the landing page for the logged-in user
"""
if email is None:
email = request.form.get('email', None)
if password is None:
password = request.form.get('password', None)
if remember is None:
remember = request.form.get('remember', None)
remember = remember in ['true', 'on']
if refer is None:
refer = flask.request.args.get('next')
if refer is not None:
if not _is_safe_url(refer):
refer = None
failure_refer = 'backend.home'
user = User.find(email=email, password=password)
redirect = _url_for(failure_refer)
if user is not None:
if True not in [
user.in_alpha, user.in_beta, user.is_staff, user.is_admin
]:
flash(
'Your login was correct, but Wildbook is in BETA at the moment and is invite-only.',
'danger',
)
redirect = _url_for(failure_refer)
else:
status = login_user(user, remember=remember)
if status:
# User logged in organically.
log.info('Logged in User (remember = %s): %r' % (
remember,
user,
))
flash('Logged in successfully.', 'success')
create_session_oauth2_token()
if refer is not None:
redirect = refer
else:
flash(
'We could not log you in, most likely due to your account being disabled. Please speak to a staff member.',
'danger',
)
redirect = _url_for(failure_refer)
else:
flash('Username or password unrecognized.', 'danger')
redirect = _url_for(failure_refer)
return flask.redirect(redirect)