def login_user(form_data) -> Result:
# import pdb; pdb.set_trace()
try:
data = Login(**form_data)
except ValidationError as e:
errors = {x["loc"][0]: x["msg"] for x in e.errors()}
return Result(errors=errors)
_login_user(models.User.get(data.email))
return Result(data=data)
def signup_user(form_data) -> Result:
try:
data = User(**form_data)
except ValidationError as e:
errors = {x["loc"][0]: x["msg"] for x in e.errors()}
return Result(errors=errors)
user = models.User.create(
full_name=data.full_name,
email=data.email,
password=data.password.get_secret_value(),
)
_login_user(user)
return Result(data=data)
def login_user(user, remember=None):
"""Perform the login routine.
If SECURITY_TRACKABLE is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set.
Defaults to ``False``
"""
if remember is None:
remember = config_value('DEFAULT_REMEMBER_ME')
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (user.current_login_at,
_security.datetime_factory())
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def login_user(user, remember=False, provider=None):
assert user.is_active
logged_in = _login_user(user, remember)
assert logged_in, 'Not logged in for unknown reason'
session.pop('auth_provider', None)
remote_addr = _userflow.request_utils.get_remote_addr()
ua_info = _userflow.request_utils.get_ua_info()
if _userflow.request_utils.geoip:
geoip_info = _userflow.request_utils.get_geoip_info()
else:
geoip_info = None
if _datastore.track_login_model:
track_login = _datastore.create_track_login(
time=datetime.utcnow(),
remote_addr=remote_addr,
geoip_info=geoip_info,
ua_info=ua_info,
)
_datastore.put(track_login)
after_this_request(lambda r: _datastore.commit())
signals.logged_in.send(app=current_app._get_current_object(), user=user,
remote_addr=remote_addr, geoip_info=geoip_info, ua_info=ua_info)
return user.get_auth_token()
def login_user(user, remember=None):
"""Performs the login routine.
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set. Defaults to ``False``
"""
if remember is None:
remember = config_value('DEFAULT_REMEMBER_ME')
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
if 'X-Forwarded-For' in request.headers:
remote_addr = request.headers.getlist("X-Forwarded-For")[0].rpartition(' ')[-1]
else:
remote_addr = request.remote_addr or 'untrackable'
old_current_login, new_current_login = user.current_login_at, datetime.utcnow()
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip or new_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def login_user(user:t.Type["User"],
remember:bool=False,
duration:t.Optional[t.Type["timedelta"]]=None,
force:bool=False,
fresh:bool=True
) -> bool:
"""
Logs a user in. You should pass the actual user object to this. If the
user's `is_active` property is ``False``, they will not be logged in
unless `force` is ``True``.
This will return ``True`` if the log in attempt succeeds, and ``False`` if
it fails (i.e. because the user is inactive).
:param user: The user object to log in.
:type user: object
:param remember: Whether to remember the user after their session expires.
Defaults to ``False``.
:type remember: bool
:param duration: The amount of time before the remember cookie expires. If
``None`` the value set in the settings is used. Defaults to ``None``.
:type duration: :class:`datetime.timedelta`
:param force: If the user is inactive, setting this to ``True`` will log
them in regardless. Defaults to ``False``.
:type force: bool
:param fresh: setting this to ``False`` will log in the user with a session
marked as not "fresh". Defaults to ``True``.
:type fresh: bool
"""
return _login_user(user, remember=remember, duration=duration, force=force, fresh=fresh)
def login_user(user, remember=None):
"""Performs the login routine.
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set. Defaults to ``False``
"""
if remember is None:
remember = config_value('DEFAULT_REMEMBER_ME')
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
if 'X-Forwarded-For' in request.headers:
remote_addr = request.headers.getlist(
"X-Forwarded-For")[0].rpartition(' ')[-1]
else:
remote_addr = request.remote_addr or 'untrackable'
old_current_login, new_current_login = user.current_login_at, datetime.utcnow(
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip or new_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def login_user(user, remember=None):
"""Performs the login routine.
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set. Defaults to ``False``
"""
if remember is None:
remember = config_value("DEFAULT_REMEMBER_ME")
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None and not ''
old_current_login, new_current_login = user.current_login_at, datetime.utcnow()
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
return True
def login_user(
user: "******",
remember: t.Optional[bool] = None,
authn_via: t.Optional[t.List[str]] = None,
) -> bool:
"""Perform the login routine.
If *SECURITY_TRACKABLE* is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set.
If ``None`` use value of SECURITY_DEFAULT_REMEMBER_ME
:param authn_via: A list of strings denoting which mechanism(s) the user
authenticated with.
These should be one or more of ["password", "sms", "authenticator", "email"] or
other 'auto-login' mechanisms.
:return: True if user successfully logged in.
"""
if remember is None:
remember = config_value("DEFAULT_REMEMBER_ME")
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at,
config_value("DATETIME_FACTORY")(),
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
session["fs_cc"] = "set" # CSRF cookie
session["fs_paa"] = time.time() # Primary authentication at - timestamp
identity_changed.send(
current_app._get_current_object(), # type: ignore
identity=Identity(user.fs_uniquifier),
)
user_authenticated.send(
current_app._get_current_object(), # type: ignore
user=user,
authn_via=authn_via,
)
return True
def login_user(user, remember=None, authn_via=None):
"""Perform the login routine.
If *SECURITY_TRACKABLE* is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set.
Defaults to ``False``
:param authn_via: A list of strings denoting which mechanism(s) the user
authenticated with.
These should be one or more of ["password", "sms", "authenticator", "email"] or
other 'auto-login' mechanisms.
"""
if remember is None:
remember = config_value("DEFAULT_REMEMBER_ME")
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at,
_security.datetime_factory(),
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
session["fs_cc"] = "set" # CSRF cookie
session["fs_paa"] = time.time() # Primary authentication at - timestamp
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
user_authenticated.send(current_app._get_current_object(),
user=user,
authn_via=authn_via)
return True
def login_user(user, **kwargs):
"""Perform the login routine.
If SECURITY_TRACKABLE is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
"""
if 'remember' in kwargs:
warnings.warn(
"Remember me support has been removed.",
DeprecationWarning
)
if not _login_user(user, False): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at, _security.datetime_factory()
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def login_user(user, remember=None):
"""Perform the login routine.
If SECURITY_TRACKABLE is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set.
Defaults to ``False``
"""
if remember is None:
remember = config_value('DEFAULT_REMEMBER_ME')
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at, _security.datetime_factory()
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def login_user(app, db, payload):
logout_user(db)
fernet = Fernet(app.config["SECRET_KEY"])
b64_string = base64.urlsafe_b64decode((payload + "===").encode("utf8"))
payload_data = json.loads(fernet.decrypt(b64_string))
if "new_user" in payload_data:
user = User(email=payload_data["new_user"], active=True)
now = datetime.utcnow()
token = LoginToken(guid=str(uuid.uuid4()),
user=user,
created_at=now,
expires_at=now,
consumed_at=now)
db.session.add(user)
db.session.add(token)
db.session.commit()
_login_user(token.user)
session["token_guid"] = token.guid
return user
else: # Existing user - find valid login token
token = LoginToken.query.get(payload_data["token_guid"])
if not token:
flash("No token found", "error")
elif token.user.id != payload_data["user_id"]:
flash("Invalid token data", "error")
app.logger.warn("Invalid token data: ", token, token.guid,
token.user.id, payload_data["user_id"])
elif token.consumed_at:
flash("Token already used", "error")
app.logger.warn("Token already used: ", token, token.guid,
token.consumed_at)
elif datetime.utcnow() >= token.expires_at:
flash("Token expired", "error")
app.logger.warn("Token expired: ",
token, token.guid, token.expires_at,
datetime.utcnow(), token.created_at)
else:
token.consumed_at = datetime.utcnow()
token.user.active = True
db.session.add(token)
db.session.add(token.user)
db.session.commit()
_login_user(token.user)
session["token_guid"] = token.user.login_tokens[-1].guid
return token.user
return None
