def clear_oidc_data(self, state):
oidc_data_cookie = self.oidc_data_cookie(state)
response.delete_cookie(oidc_data_cookie,
path='/',
httponly=True,
samesite='lax',
secure=False if self.testing_mode else True)
def wrapper(*args, **kw):
users = readUsers()
cookie_session = request.get_cookie('session')
guest_session_id = request.get_cookie("guest")
guest_session = Session.getGuest(guest_session_id)
private = Session.getGuest_key(guest_session_id, 'privateKey')
user = None if guest_session is None or 'user' not in guest_session else guest_session['user']
user_ans = session_ans = de_session = session_id = None
try:
if user and cookie_session and private:
de_session = json.loads(deAES(users[user], cookie_session))
# 第一层验证 cookie解密
if user in users and de_session['user'] == user:
# 第二层验证 session
session_id = de_session['session_id']
session = Session.get(user, session_id)
# session 时间戳不活跃过期机制
if float(de_session['time']) + session_timeout > time.time() and \
session and session['user'] == user:
user_ans = user
session_ans = session
except Exception:
response.delete_cookie('guest')
response.delete_cookie('session')
temp = func(user=user_ans, session=session_ans, *args, **kw)
if user_ans:
de_session['time'] = time.time()
de_session['session_id'] = Session.update(user, session_id, session_ans)
encrypted = enAES(users[user], json.dumps(de_session))
response.set_cookie("session", encrypted, path='/')
return temp
def test_delete_cookie(self):
response = BaseResponse()
response.set_cookie('name', 'value')
response.delete_cookie('name')
cookies = [value for name, value in response.headerlist
if name.title() == 'Set-Cookie']
self.assertTrue('name=;' in cookies[0])
def logout():
'''
退出
'''
log.info("logout")
response.delete_cookie(key='user',secret='chermong')
return jinja2_template('login.html')
def get_iiif_token(self):
# This is the next step -- client requests a token to send to info.json
# We're going to just copy it from our cookie.
# JSONP request to get the token to send to info.json in Auth'z header
callbackFn = request.query.get('callback', '')
authcode = request.query.get('code', '')
account = ''
try:
account = request.get_cookie(self.COOKIE_NAME_ACCOUNT, secret=self.COOKIE_SECRET)
response.delete_cookie(self.COOKIE_NAME_ACCOUNT)
except:
pass
if not account:
data = {"error":"missingCredentials","description": "No login details received"}
else:
data = {"accessToken":account, "tokenType": "Bearer", "expiresIn": 3600}
# Set the cookie for the image content
response.set_cookie(self.COOKIE_NAME, account, secret=self.COOKIE_SECRET)
dataStr = json.dumps(data)
if callbackFn:
return self.send("{0}({1});".format(callbackFn, dataStr), ct="application/javascript")
else:
return self.send(dataStr, ct="application/json")
def destroy_session():
token = request.get_cookie('session_token')
if not(token):
return
if token in sessions:
del(sessions[token])
response.delete_cookie('session_token')
def logout(user):
# Test script from terminal:
# http post localhost:8081/api/sessions/David
response.content_type = 'application/json'
response.delete_cookie('session')
response.delete_cookie('username')
return
def get_users():
if request.method == 'OPTIONS':
return {}
auth = request.get_cookie('auth')
if auth:
user = check_auth(auth)
if user:
return json.dumps([{'id': user, 'email': user, 'likes': [], 'ads': []}]) #override with real data
else:
response.delete_cookie('auth')
response.status = "403 Login Failed"
return json.dumps({'message': "Login Failed"})
email = request.query.get('email')
password = request.query.get('password')
result = db.key_store.get_auth(email, password)
if result:
response.set_cookie('auth', s.dumps(email), path="/")
return json.dumps([{'name': 'daniel', 'likes': [], 'ads': []}]) #override with real data
else:
response.status = "403 Login Failed"
return json.dumps({'message': "Login Failed"})
def log_in(self, username, password):
""" Try to login user with provided username and password """
logged_in = False
# LOGGER.debug("username given = " + username)
for user in self.values():
# LOGGER.debug("server username = "******"password given = " + password)
# LOGGER.debug("server password = "******"access = " + user['access'])
break
else:
response.delete_cookie('current_user', path='/')
self._current_user = self[internal_name(GUEST_USER['name'])]
self._callbacks['update_user_panel']()
return logged_in
def get_language(self):
lang = [None]
# Remove old no longer used cookie 'lang'
if request.get_cookie('lang'):
response.delete_cookie('lang', path="/")
if len(request.script_name) > 3:
lang = [request.script_name[-3:-1], self.allowed_languages[0]]
if lang[0] not in self.allowed_languages:
lang = [None]
else:
return (lang, False)
if not lang[0] and request.get_cookie('lang'):
lang = [request.get_cookie('lang')]
if lang[0] not in self.allowed_languages:
lang = [None]
if not lang[0] and request.get_header('Accept-Language'):
lang = request.get_header('Accept-Language')
lang = lang.split(',')
lang = [x.split(";")[0] for x in lang]
lang = [x.split("-")[0] for x in lang]
lang = [x for x in lang if x in self.allowed_languages]
if len(lang) > 0 and lang[0]:
lang.append(self.allowed_languages[0])
res = []
for l in lang:
if not l in res:
res.append(l)
return (res, True)
else:
return (self.allowed_languages, True)
def logout(self):
response.delete_cookie(self.COOKIE_NAME_ACCOUNT)
response.delete_cookie(self.COOKIE_NAME)
response['Access-Control-Allow-Origin'] = '*'
return self.send("<html><script>window.close();</script></html>",
status=401,
ct="text/html")
def get_language(self):
lang = [None]
# Remove old no longer used cookie 'lang'
if request.get_cookie('lang'):
response.delete_cookie('lang', path="/")
if len(request.script_name) > 3:
lang = [request.script_name[-3:-1], self.allowed_languages[0]]
if lang[0] not in self.allowed_languages:
lang = [None]
else:
return (lang, False)
if not lang[0] and request.get_cookie('lang'):
lang = [request.get_cookie('lang')]
if lang[0] not in self.allowed_languages:
lang = [None]
if not lang[0] and request.get_header('Accept-Language'):
lang = request.get_header('Accept-Language')
lang = lang.split(',')
lang = [x.split(";")[0] for x in lang]
lang = [x.split("-")[0] for x in lang]
lang = [x for x in lang if x in self.allowed_languages]
if len(lang) > 0 and lang[0]:
lang.append(self.allowed_languages[0])
res = []
for l in lang:
if not l in res:
res.append(l)
return (res, True)
else:
return (self.allowed_languages, True)
def signin():
# If user requested a logout, delete the cookie, and redirect to homepage
if request.query.logout == "true":
response.delete_cookie("account")
redirect('/')
return template('templates/sign_in', warning='')
def action(mid=''):
if not mid:
# generate new ticker
t = FussiTicker.Ticker()
else:
t = FussiTicker.load(mid)
# process action
if request.forms.home_u:
t.scoreHome()
elif request.forms.home_d:
t.scoreHome(-1)
elif request.forms.guest_u:
t.scoreGuest()
elif request.forms.guest_d:
t.scoreGuest(-1)
elif request.forms.new:
# Start new session
# Not used
response.delete_cookie("FussiTicker")
redirect('/')
elif request.forms.reset:
t.reset()
elif request.forms.start:
t.start()
else:
logging.warning('No action')
t.setTeams(request.forms.hteam, 'na')
FussiTicker.save(t)
logging.info('New id:' + str(t.id))
response.set_cookie("FussiTicker", t.id)
d = getFields(t)
return template('ticker', d)
def delete(user):
username = request.get_cookie("username")
if user:
if user== username:
print "HERE"
cur.execute("DELETE FROM lab5.members WHERE username = '******';" % user)
cur.execute("SELECT * FROM lab5.submits_user WHERE username = '******';" % user)
submissionids = cur.fetchall()
for s in submissionids:
cur.execute("DELETE FROM lab5.submissions WHERE submissionid = '%s';" % s)
cur.execute("DELETE FROM lab5.submits_user WHERE username = '******';" % user)
cur.execute("DELETE FROM lab5.sponsors WHERE username = '******';" % user)
cur.execute("DELETE FROM lab5.judges WHERE username = '******';" % user)
cur.execute("SELECT * FROM lab5.discussions WHERE username = '******';" % user)
discussions = cur.fetchall()
for d in discussions:
cur.execute("DELETE FROM lab5.comments WHERE discussionid = '%s';" % d)
cur.execute("DELETE FROM lab5.discussions WHERE username = '******';" % user)
cur.execute("DELETE FROM lab5.user_acc WHERE username = '******';" % user)
database.commit()
response.delete_cookie("username")
return "%s now deleted from the Database" % user
else:
return "You are not logged in, in the first place <br> <a href='/'> << Go Back </a>"
def get_iiif_token(self):
# This is the next step -- client requests a token to send to info.json
# We're going to just copy it from our cookie.
# JSONP request to get the token to send to info.json in Auth'z header
callbackFn = request.query.get('callback', '')
authcode = request.query.get('code', '')
account = ''
try:
account = request.get_cookie('account', secret="abc-123-!@#")
response.delete_cookie('account')
except:
pass
if not account:
data = {"error":"client_unauthorized","error_description": "No login details received"}
else:
data = {"access_token":account, "token_type": "Bearer", "expires_in": 3600}
# Set the cookie for the image content
response.set_cookie('loggedin', account, secret="abc-123-!@#")
dataStr = json.dumps(data)
if callbackFn:
return self.send("%s(%s);" % (callbackFn, dataStr), ct="application/javascript")
else:
return self.send(dataStr, ct="application/json")
def auth_check():
try:
logger.debug("check")
expires = (datetime.today() + timedelta(minutes=3600))
auth_cookie = request.get_cookie('AUTH_COOKIE')
logger.debug(auth_cookie)
if not (auth_cookie) or not (os.path.isfile("/vagrant/auth/" + auth_cookie)):
logger.debug("no cookie, login again")
result = {"loggedin": False, "loginpage": "/login"}
return result
c.execute("SELECT * FROM sxsw_users WHERE uuid=?", (auth_cookie,))
res = c.fetchone()
logger.debug(res)
if res:
logger.debug("check ok")
response.set_cookie("AUTH_COOKIE", auth_cookie, expires=expires, domain=cookiedomain, path="/")
result = {"user_token": res.get("user_token"),
"csrf_token": res.get("csrf_token"), "loggedin": True, "email": res["email"],"userid":res["userid"],"handle":res["handle"]}
else:
response.delete_cookie("AUTH_COOKIE")
result = {"loggedin": False}
logger.debug(result)
logger.debug(result)
return result
except:
logger.exception("err")
def clear(self):
'''
clear()
clear all instance of session
'''
try:
currentUtcTime = self.__getCurrentUtcTimeHash()
# get cookie from current request if not exist just add it
cookieSessionData = request.get_cookie(
's', currentUtcTime.get('hexdigest'))
# create session file
if os.path.isdir(self.__sessionOption.get('data_dir')):
sessionFile = os.path.join(
self.__sessionOption.get('data_dir'), cookieSessionData)
if (os.path.isfile(sessionFile)):
os.remove(sessionFile)
response.set_cookie('s', cookieSessionData, max_age=0)
response.delete_cookie(cookieSessionData)
except Exception as e:
print(e)
def test_delete_cookie(self):
response = BaseResponse()
response.set_cookie('name', 'value')
response.delete_cookie('name')
cookies = [value for name, value in response.wsgiheader()
if name.title() == 'Set-Cookie']
self.assertTrue('name=;' in cookies[0])
def logout():
login = request.get_cookie("login", secret='some-secret-key')
if login:
response.delete_cookie("login")
redirect("/")
else:
redirect("/")
def template(source, template_title="", template_description="", extension=".html", including_page=None,
alert: Alert = None, self_stationary_page=False, *args, **kwargs):
d = loads(request.get_cookie("kwargs", "{}", ADMIN_COOKIE_SECRET))
if alert:
alert = alert.conv
if d:
response.delete_cookie("kwargs", path='/')
if 'alert' in d:
alert = loads(d['alert'])
kwargs.update(d)
k = {
"title": template_title,
"description": template_description,
"args": args,
"alert": alert,
"path": request.path,
"kwargs": kwargs
}
if self_stationary_page:
return bottle.template(join("view", source + extension), **k)
return bottle.template("view/layout/skeleton.html",
including_page=including_page or join("view", source + extension),
**k
)
def logout():
username = request.get_cookie("user")
logout_user_db(username)
response.delete_cookie("user")
response.delete_cookie("session")
redirect('/')
def get_message(local_request):
"""
Return currently set message and delete the cookie.
:returns: message
"""
response.delete_cookie(MESSAGE_KEY, path=ROOT, secret=SECRET)
return request._message
def logout(self):
kdict = deepcopy(config.kdict)
username = request.get_cookie('logged-in', secret=kdict['secretKey'])
if username:
self.userdb.deleteUser(username)
response.delete_cookie('logged-in', path='/', secret=kdict['secretKey'])
redirect('/')
def logout(self):
self.app.log('Logout user: %s.' % self.app.current_user)
self.app.current_user = None
session = Session.get(Session.session_id == self.session_id)
session.active = False
session.save()
self.session_id = None
response.delete_cookie(self.key)
def logout(self):
self.app.log('Logout user: %s.' % self.app.current_user)
self.app.current_user = None
session = Session.get(Session.session_id == self.session_id)
session.active = False
session.save()
self.session_id = None
response.delete_cookie(self.key)
def controller_login_sair():
"""
Deleta o cookie
:return:
"""
response.delete_cookie("KIM")
response.delete_cookie("BUMBA")
redirect('/')
def logout():
# Logout do usuário - remove sessão ativa
session_id = request.get_cookie(ticket.user.cookie_session_name())
if session_id:
ticket.user.removesession(session_id)
response.delete_cookie(ticket.user.cookie_session_name())
ticket.db.expire_old_sessions()
return redirect('/login')
def get_message():
"""
Return currently set message and delete the cookie. This function is lazily
evaluated so it's side effect of removing the cookie will only become
effective when you actually use the message it returns.
"""
response.delete_cookie(MESSAGE_KEY, path=ROOT, secret=SECRET)
return request._message
def signout():
sid = request.get_cookie('sid', None)
if sid:
response.delete_cookie('sid')
response.delete_cookie('username')
query = Session.delete().where(Session.sid == sid)
query.execute()
def remmeber_me(account):
'''记住账号'''
remember = request.forms.get('remember')
if remember:
response.set_cookie("manager", account, path='/manage')
response.set_cookie("remember", remember)
else:
response.delete_cookie("manager")
response.delete_cookie("remember")
def logout(self):
username = request.get_cookie("account", secret='some-secret-key')
if not username:
return self.pleaselogin()
response.delete_cookie("account")
return template("message",
title="Logged out",
message=username + ", you are now logged out!",
redirect="/")
def remmeber_me(account):
"""记住账号"""
remember = request.forms.get("remember")
if remember:
response.set_cookie("manager", account, path="/manage")
response.set_cookie("remember", remember)
else:
response.delete_cookie("manager")
response.delete_cookie("remember")
def logout():
"""
Logout of the system.
"""
response.delete_cookie(TOKEN, path=COOKIE_PATH)
return template('message',
message="Logged out",
logout_link=False,
start_link=False)
def signout():
site_id = request.get_cookie('site_id', None)
response.delete_cookie('site_id')
response.delete_cookie('username')
if site_id is not None:
query = SessionModel.delete().where(SessionModel.site_id == site_id)
query.execute()
def logout(db):
'''
User Logout.
'''
response.delete_cookie('user',
secret=setting('cookie_key').value)
return env.get_template('settings_login.html').render(
auth=False,
)
def do_logout(self, **kw):
session = self.get_session_from_cookie()
if session is not None:
user = session['user']
self.invalidate_session(session)
response.delete_cookie('sid')
return self.login_str % (user, 'out')
return self.no_user_str
def logout():
"""Post request for Logout; Upon login, if user submits logout form
their session and cookie is deleted. They are then redirected to the Main Page."""
db = COMP249Db()
curr_user = users.session_user(db)
if curr_user:
users.delete_session(db, curr_user)
response.delete_cookie(COOKIE_NAME)
redirect('/')
def logout(self):
response.delete_cookie(self.cookie_name,
domain=self.cookie_domain,
path=self.cookie_path)
response['Access-Control-Allow-Origin'] = '*'
return self.application.send(
"<html><script>window.close();</script></html>",
status=401,
ct="text/html")
def logout():
"""Post request for Logout; Upon login, if user submits logout form
their session and cookie is deleted. They are then redirected to the Main Page."""
db = COMP249Db()
curr_user = users.session_user(db)
if curr_user:
users.delete_session(db, curr_user)
response.delete_cookie(COOKIE_NAME)
redirect('/')
def do_logout(self, **kw):
session = self.get_session_from_cookie()
if session is not None:
user = session['user']
self.invalidate_session(session)
response.delete_cookie('sid')
return self.login_str % (user, 'out')
return self.no_user_str
def remmeber_me(account):
'''记住账号'''
remember = request.forms.get('remember')
if remember:
response.set_cookie("manager", account, path = '/manage')
response.set_cookie("remember", remember)
else:
response.delete_cookie("manager")
response.delete_cookie("remember")
def get_session():
session_id = request.cookies.get(SESSION_COOKIE_NAME)
if session_id is None:
return None
sess = _sessions.get(session_id)
if sess is None:
#raise Exception("Session %s is not found" % (session_id,))
response.delete_cookie(SESSION_COOKIE_NAME)
return sess
def logout():
username = request.cookies.get('current_user', '0')
session_id = request.cookies.get('current_user_type', '0')
requests.post(
'{target}/api/session_id/logout/{username}/{session_id}'.format(
target=backend_str, username=username, session_id=session_id))
response.delete_cookie('current_user')
response.delete_cookie('current_user_type')
redirect("/")
def logout():
"""
Logout do usuário - remove sessão ativa.
"""
session_id = request.get_cookie(cookie_session_name())
if session_id:
remove_session(session_id)
response.delete_cookie(cookie_session_name())
expire_old_sessions()
return redirect("/login")
def logout():
"""Destroys user session and redirects to home"""
auth = Auth()
sid = request.get_cookie('SID')
if sid:
auth.kill_session(sid)
auth.destroy()
response.delete_cookie('SID')
response.add_header('Location', '/')
response.status = 302
def perform_logout(db):
session_id = request.get_cookie("pbsession")
if session_id is None or not is_valid_uuid(session_id, no_dashes=True):
return
# this will logout user from all browsers.. (what we want?)
prepared = db.prepare("delete from PetBay.Session where sessionid=?")
db.execute(prepared, (uuid.UUID(session_id),))
response.delete_cookie("pbsession")
def logout(cls):
beaker_session = request.environ["beaker.session"]
if "cookies_value" in beaker_session:
value = beaker_session["cookies_value"]
response.delete_cookie("cookies_value_client")
beaker_session.delete()
redirect("/")
else:
return {}
def logout(cls):
beaker_session = request.environ['beaker.session']
if 'cookies_value' in beaker_session:
value = beaker_session['cookies_value']
response.delete_cookie('cookies_value_client')
beaker_session.delete()
redirect('/')
else:
return {}
def logout(message = False):
auth_cookie = request.get_cookie('AUTH_COOKIE')
logger.debug("logout")
if auth_cookie:
logger.debug("remove cookie:"+CONFIG.global_config.cookie_store+auth_cookie)
rm(authdir+auth_cookie)
response.status = 200
response.add_header("Content-type", "application/json")
response.delete_cookie("AUTH_COOKIE")
return json.dumps({"result": "success", "login_status": False,"message":message})
def api_logout(login_data=False, ):
return_data = {'error': False}
r = request #< The things I do for PEP8...
if login_data:
s_id = r.get_header('X-Auth-Token') or r.get_cookie('session_id')
sessions.expire_session(s_id)
response.delete_cookie(s_id)
else:
return_data['error'] = 'No session to delete'
return return_data
def delete_cookie(sid):
db = sqlite3.connect("site.db")
cur = db.cursor()
cur.execute("update users set session_id=? where session_id =?", (
None,
sid,
))
db.commit()
db.close()
response.delete_cookie('user')
def set_session(self):
if self.app.current_user is not None:
self.app.log('Setting session value for: %s.' % self.app.current_user)
response.set_cookie(name=self.key,
value=self.session_id,
secret=self.secret,
path='/',
httponly=True)
else:
response.delete_cookie(self.key)
def clear_session(self):
response.delete_cookie(self.session_cookie,
path='/',
httponly=True,
samesite='lax',
secure=False if self.testing_mode else True)
response.delete_cookie(self.refresh_session_cookie,
path='/',
httponly=True,
samesite='lax',
secure=False if self.testing_mode else True)
def set_session(self):
if self.app.current_user is not None:
self.app.log('Setting session value for: %s.' %
self.app.current_user)
response.set_cookie(name=self.key,
value=self.session_id,
secret=self.secret,
path='/',
httponly=True)
else:
response.delete_cookie(self.key)
def logout(session):
del session['name']
response = HTTPResponse(
body="Bye!",
status=200,
)
response.delete_cookie(
'login_redirect',
path='/',
)
return response
def get_cookie(cookie_name, cookie_path=None):
message = request.get_cookie(cookie_name)
if message:
if cookie_path is not None:
response.delete_cookie(cookie_name, path=cookie_path)
else:
response.delete_cookie(cookie_name)
return message
else:
return ""
