def login_event():
if 'code' in request.args:
code = LoginCode.query.filter_by(code=request.args['code']).first()
if code and not code.user:
if not g.user:
return login(scope=code.scope, next=get_current_url())
# Check for scope expansion
has_scope = set(g.user.lastuser_token_scope.split(' '))
need_scope = set(code.scope.split(' '))
if '' in need_scope:
need_scope.remove('')
if need_scope - has_scope != set([]):
# Need additional scope. Send user to Lastuser for access rights
return login(scope=code.scope, next=get_current_url())
code.user = g.user
db.session.commit()
# Redirect to event website
if urlparse.urlsplit(code.return_url).query:
return redirect(code.return_url + '&code=' + code.code, code=302)
else:
return redirect(code.return_url + '?code=' + code.code, code=302)
elif code:
db.session.delete(code)
db.session.commit()
abort(403)
def login_event():
if 'code' in request.args:
code = LoginCode.query.filter_by(code=request.args['code']).first()
if code and not code.user:
if not g.user:
return login(scope=code.scope, next=get_current_url())
# Check for scope expansion
has_scope = set(g.user.lastuser_token_scope.split(' '))
need_scope = set(code.scope.split(' '))
if '' in need_scope:
need_scope.remove('')
if need_scope - has_scope != set([]):
# Need additional scope. Send user to Lastuser for access rights
return login(scope=code.scope, next=get_current_url())
code.user = g.user
db.session.commit()
# Redirect to event website
if urlparse.urlsplit(code.return_url).query:
return redirect(code.return_url + '&code=' + code.code,
code=302)
else:
return redirect(code.return_url + '?code=' + code.code,
code=302)
elif code:
db.session.delete(code)
db.session.commit()
abort(403)
def decorated_function(*args, **kwargs):
if current_auth.is_anonymous:
return redirect(url_for('login', next=get_current_url()))
has_scope = set(current_auth.user.lastuser_token_scope.split(' '))
need_scope = set(scope)
if need_scope - has_scope != set([]):
# Need additional scope. Send user to Lastuser for access rights
return login(scope=' '.join(scope), next=get_current_url())
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.user is None:
return redirect(url_for('login', next=get_current_url()))
has_scope = set(g.user.lastuser_token_scope.split(' '))
need_scope = set(scope)
if need_scope - has_scope != set([]):
# Need additional scope. Send user to Lastuser for access rights
return login(scope=' '.join(scope), next=get_current_url())
return f(*args, **kwargs)
def test_get_current_url(self):
with self.app.test_request_context('/'):
self.assertEqual(get_current_url(), '/')
with self.app.test_request_context('/?q=hasgeek'):
self.assertEqual(get_current_url(), '/?q=hasgeek')
self.app.config['SERVER_NAME'] = 'example.com'
with self.app.test_request_context('/somewhere', environ_overrides={'HTTP_HOST': 'example.com'}):
self.assertEqual(get_current_url(), '/somewhere')
with self.app.test_request_context('/somewhere', environ_overrides={'HTTP_HOST': 'sub.example.com'}):
self.assertEqual(get_current_url(), 'http://sub.example.com/somewhere')
def decorated_function(*args, **kwargs):
g.login_required = True
if g.user is None:
flash(u"You need to be logged in for that page", "info")
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.user is None:
session["next"] = get_current_url()
if "message" in request.args and request.args["message"]:
flash(request.args["message"], "info")
return redirect(url_for("login"))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.lastuserinfo is None:
if not self._login_handler:
abort(403)
return redirect(url_for(self._login_handler.__name__,
next=get_current_url()))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.user is None:
session['next'] = get_current_url()
if 'message' in request.args and request.args['message']:
flash(request.args['message'], 'info')
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
if not current_auth.is_authenticated:
flash(_("You need to be logged in for that page"), 'info')
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
if not current_auth.is_authenticated:
flash(_(u"You need to be logged in for that page"), 'info')
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
g.login_required = True
if g.user is None:
flash(u"You need to be logged in for that page", "info")
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
if not current_auth.is_authenticated:
session['next'] = get_current_url()
if 'message' in request.args and request.args['message']:
flash(request.args['message'], 'info')
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.lastuserinfo is None:
if not self._login_handler:
abort(403)
return redirect(
url_for(self._login_handler.__name__,
next=get_current_url()))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
g.login_required = True
if g.user is None:
session['next'] = get_current_url()
if 'message' in request.args and request.args['message']:
flash(request.args['message'], 'info')
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
if not current_auth.is_authenticated:
session['next'] = get_current_url()
if 'message' in request.args and request.args['message']:
flash(request.args['message'], 'info')
return redirect(url_for('login'))
return f(*args, **kwargs)
def test_get_current_url(self):
with self.app.test_request_context('/'):
assert get_current_url() == '/'
with self.app.test_request_context('/?q=hasgeek'):
assert get_current_url() == '/?q=hasgeek'
self.app.config['SERVER_NAME'] = 'example.com'
with self.app.test_request_context(
'/somewhere', environ_overrides={'HTTP_HOST': 'example.com'}
):
assert get_current_url() == '/somewhere'
with self.app.test_request_context(
'/somewhere', environ_overrides={'HTTP_HOST': 'sub.example.com'}
):
assert get_current_url() == 'http://sub.example.com/somewhere'
def decorated_function(*args, **kwargs):
g.login_required = True
if hasattr(g, 'lastuserinfo') and g.lastuserinfo is None:
if not self._login_handler:
abort(403)
return redirect(url_for(self._login_handler.__name__,
next=get_current_url()))
signal_before_wrapped_view.send(f)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
# If the user's not logged in, log them in
if g.lastuserinfo is None:
if not self._login_handler:
abort(403)
return redirect(
url_for(self._login_handler.__name__,
next=get_current_url()))
# If the user is logged in, check if they have the required scope.
# If not, send them off to Lastuser for the additional scope.
existing = g.lastuserinfo.token_scope.split(' ')
for item in scope:
if item not in existing:
required = set(self._login_handler().get(
'scope', 'id').split(' '))
required.update(scope)
return self._login_handler_internal(
scope=' '.join(required), next=get_current_url())
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
g.login_required = True
if g.lastuserinfo is None:
if not self._login_handler:
abort(403)
return redirect(
url_for(self._login_handler.__name__,
next=get_current_url()))
signal_before_wrapped_view.send(f)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
# If the user is not logged in, require login first
if not current_auth.is_authenticated:
flash(_("You need to be logged in for that page"), 'info')
session['next'] = get_current_url()
return redirect(url_for('login'))
# If the user has not authenticated in some time, ask for the password again
if not current_auth.session.has_sudo:
# If the user doesn't have a password, ask them to set one first
if not current_auth.user.pw_hash:
flash(
_(
"This operation requires you to confirm your password. However,"
" your account does not have a password, so you must set one"
" first"
),
'info',
)
session['next'] = get_current_url()
return redirect(url_for('change_password'))
# A future version of this form may accept password or 2FA (U2F or TOTP)
form = PasswordForm(edit_user=current_auth.user)
if form.validate_on_submit():
# User has successfully authenticated. Update their sudo timestamp and
# reload the page with a GET request, as the wrapped view may need to
# render its own form
current_auth.session.set_sudo()
db.session.commit()
return redirect(request.url, code=303)
return render_form(
form=form,
title=_("Confirm with your password to proceed"),
formid='password',
submit=_("Confirm"),
ajax=False,
template='account_formlayout.html.jinja2',
)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
# If the user's not logged in, log them in
if g.lastuserinfo is None:
if not self._login_handler:
abort(403)
return redirect(url_for(self._login_handler.__name__, next=get_current_url()))
# If the user is logged in, check if they have the required scope.
# If not, send them off to Lastuser for the additional scope.
existing = g.lastuserinfo.token_scope.split(" ")
for item in scope:
if item not in existing:
required = set(self._login_handler().get("scope", "id").split(" "))
required.update(scope)
return self._login_handler_internal(scope=" ".join(required), next=get_current_url())
return f(*args, **kwargs)
def test_get_current_url(self):
with self.app.test_request_context('/'):
self.assertEqual(get_current_url(), '/')
with self.app.test_request_context('/?q=hasgeek'):
self.assertEqual(get_current_url(), '/?q=hasgeek')
def decorated_function(*args, **kwargs):
if g.user is None:
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.user is None:
flash(u"You need to be logged in for that page", "info")
session["next"] = get_current_url()
return redirect(url_for("login"))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if g.user is None:
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
add_auth_attribute('login_required', True)
if not current_auth.is_authenticated:
session['next'] = get_current_url()
return redirect(url_for('login'))
return f(*args, **kwargs)