def signup(): if 'openid' not in session: abort(403) form = OpenIdSignupForm(next=request.args.get("next"), username=request.args.get("name"), email=request.args.get("email")) if form.validate_on_submit(): user = User(openid=session.pop('openid')) form.populate_obj(user) db.session.add(user) db.session.commit() session.permanent = True identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome, %%s") % user.username, "success") next_url = form.next.data or \ url_for("user.posts", username=user.username) return redirect(next_url) return render_template("openid/signup.html", form=form)
def login(): # TODO: make this do better auth, it needs to set a cookie for a period of # time if request.method == 'POST': form = LoginForm.from_flat(request.form) if form.validate(): user = User.query.filter_by( username=request.form['username']).first() if user == None: form['username'].add_error( 'Username %s not found' % form['username'].value) gen = Generator() return render_template("admin/login.html", form=form, html=gen) if user.check_password(request.form['password']): # set up identity identity_changed.send(identity=Identity(user)) if request.is_xhr: return render_template("user_actions.html") if request.args: return redirect(request.args.get('next')) else: return redirect('/') else: gen = Generator() return render_template("admin/login.html", form=form, html=gen) form = LoginForm() gen = Generator() return render_template("admin/login.html", form=form, html=gen, **request.args)
def login(): form = LoginForm(login=request.args.get("login", None), next=request.args.get("next", None)) # TBD: ensure "next" field is passed properly if form.validate_on_submit(): user, authenticated = \ User.query.authenticate(form.login.data, form.password.data) if user and authenticated: # Flask-Login login_user(user, remember = form.remember.data) # change identity identity=Identity(user.username) identity_changed.send(current_app._get_current_object(), identity = identity) # next_url next_url = form.next.data if not next_url or next_url == 'home.index': next_url = url_for('user.posts', username=user.username) flash(u"登录成功", "successfully") return redirect(next_url) else: flash(u"账号或密码错误", "error") return render_template("account/login.html", form=form)
def login(): if g.user: return redirect(url_for('user.profile', username=g.user.username)) form = LoginForm(next=request.args.get('next', None)) if form.validate_on_submit(): user, authenticated = \ User.query.authenticate(form.login.data, form.password.data) if user and authenticated: session.permanent = form.remember.data identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) next_url = form.next.data if not next_url or next_url == request.script_root + request.path: next_url = url_for('user.profile', username=user.username) return redirect(next_url) else: flash(_(u'Wrong username or password.'), 'error') return render_template('account/login.html', form=form)
def signup(): form = SignupForm(next=request.args.get('next', None)) if form.validate_on_submit(): code = UserCode.query.filter_by(code=form.code.data).first() if code: user = User(role=code.role) form.populate_obj(user) db.session.add(user) db.session.delete(code) db.session.commit() identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome, %(name)s", name=user.nickname), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for('frontend.people', username=user.username) return redirect(next_url) else: form.code.errors.append(_("Code is not allowed")) return render_template("account/signup.html", form=form)
def login(): form = LoginForm(login=request.args.get("login", None), next=request.args.get("next", None)) if form.validate_on_submit(): user, authenticated = User.query.authenticate(form.login.data, form.password.data) if user and authenticated: session.permanent = form.remember.data identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome back, %(name)s", name=user.username), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for("frontend.blog", username=user.username) return redirect(next_url) else: flash(_("Sorry, invalid login"), "error") return render_template("account/login.html", form=form)
def signup(): form = SignupForm(next=request.args.get("next", None)) if form.validate_on_submit(): code = UserCode.query.filter_by(code=form.code.data).first() if code: user = User(role=code.role) form.populate_obj(user) db.session.add(user) db.session.delete(code) db.session.commit() identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome, %(name)s", name=user.nickname), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for("frontend.blog", username=user.username) return redirect(next_url) else: form.code.errors.append(_("Code is not allowed")) return render_template("account/signup.html", form=form)
def login(): form = LoginForm(login=request.args.get('login', None), next=request.args.get('next', None)) if form.validate_on_submit(): user, authenticated = User.query.authenticate(form.login.data, form.password.data) if user and authenticated: session.permanent = form.remember.data identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome back, %(name)s", name=user.username), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for('frontend.people', username=user.username) return redirect(next_url) else: flash(_("Sorry, invalid login"), "error") return render_template("account/login.html", form=form)
def login(): gen = Generator() if request.method == "POST": form = LoginForm.from_flat(request.form) if form.validate(): user = User.query.filter_by(username=request.form["username"]).first() if user != None: if not user.activestatus: form.add_error( """Username %s need to be activated before 1st login. It can only be activated with the link sent to email of this username.""" % form["username"].value ) form.add_error(url_for("admin.activatelogin", _external=True)) return render_template("admin/login.html", form=form, html=gen) if user.check_password(request.form["password"]): save_identity(user) identity_changed.send(cockerel.webapp.app, identity=Identity(user.username)) if "next" in request.args: return redirect(request.args.get("next")) else: return redirect(url_for("frontend.index")) form.add_error("Invalid username %s or password." % form["username"].value) return render_template("admin/login.html", form=form, html=gen) else: return render_template("admin/login.html", form=form, html=gen) form = LoginForm() return render_template("admin/login.html", form=form, html=gen, **request.args)
def login(): form = LoginForm(login=request.args.get("login", None), next=request.args.get("next", None)) # TBD: ensure "next" field is passed properly if form.validate_on_submit(): user, authenticated = \ User.query.authenticate(form.login.data, form.password.data) if user and authenticated: # Flask-Login login_user(user, remember=form.remember.data) # change identity identity = Identity(user.username) identity_changed.send(current_app._get_current_object(), identity=identity) # next_url next_url = form.next.data if not next_url or next_url == 'home.index': next_url = url_for('user.posts', username=user.username) flash(u"登录成功", "successfully") return redirect(next_url) else: flash(u"账号或密码错误", "error") return render_template("account/login.html", form=form)
def post(self): form = LoginForm(request.form) if form.validate(): try: response = self.rest.getWithAuth( form.username.data, form.password.data ) data = json.loads(response) identity = Identity(data['username']) identity_changed.send(app, identity=identity) session['user.username'] = data['username'] session['user.password'] = form.password.data session['user.email'] = data['email'] flash("Successfully logged in!", 'success') return redirect(url_for('session')) except Unauthorized: flash("Invalid credentials!", 'error') return render_template('auth/login.html', form=form)
def n(): i = mkadmin() identity_changed.send(app, identity=i) with admin_denied.require(): pass return Response("OK")
def login(): if request.method == 'POST': username = request.form.get('username') #check username #...... identity_changed.send(current_app._get_current_object(), identity=Identity(username)) return 'login and identity' return u"""
def register(): if g.user: return 'is logined' source = session.get('source') app = session.get('app') username = session.get('username') if source and username and app: token = session['oauth_token'] secret = session['oauth_token_secret'] if source=='sina': api_key, api_secret, callback = sina_api[app] auth = sina.OAuthHandler(api_key, api_secret, callback) auth.setToken(token, secret) #elif source=='qq': # api_key, api_secret, callback = qq_api # auth = qq.OAuthHandler(api_key, api_secret, callback) # auth.setToken(token, secret) # 创建shorten while True: code = shorten(str(datetime.now())) if User.query.filter_by(shorten=code).count()==0: break email = '*****@*****.**' % code user = User(nickname=username, email=email, shorten=code) user.password = email user.profile = UserProfile() update_profile(source, user, auth) db.session.add(user) db.session.commit() # login identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) user.bind(source, app, token, secret) return redirect(url_for('%s.post' % app)) else: return redirect(url_for('frontend.login'))
def callback(source, app): verifier = request.args.get('oauth_verifier', '') #oauth_token = request.args.get('oauth_token','') if source == 'sina': try: api_key, api_secret, callback = sina_api[app] except: abort(404) auth = sina.OAuthHandler(api_key, api_secret, callback) token_string = sina.oauth.OAuthToken.from_string( session['oauth_token']) #elif source=='qq': # api_key, api_secret, callback = qq_api # auth = qq.OAuthHandler(api_key, api_secret, callback) # token_string = qq.oauth.OAuthToken.from_string(session['oauth_token']) auth.set_req_token(token_string) token = auth.get_access_token(verifier) session['oauth_token'] = token.key session['oauth_token_secret'] = token.secret auth.setToken(token.key, token.secret) if source == 'sina': username = auth.get_username() #elif source=='qq': # username = auth.get_username() else: username = '' session['source'] = source session['app'] = app session['username'] = username if not g.user: mapper = UserMapper.query.filter(db.and_(UserMapper.source==source, UserMapper.app==app, UserMapper.access_token==token.key))\ .first() if mapper: # login identity_changed.send(current_app._get_current_object(), identity=Identity(mapper.user.id)) else: return redirect(url_for('auth.register')) g.user.bind(source, app, token.key, token.secret) # update profile update_profile(source, g.user, auth) return redirect(url_for('%s.index' % app))
def logout(): flash(_("You are now logged out"),"success") identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) next_url = request.args.get('next','') if not next_url or next_url == request.path: next_url = url_for("frontend.index") return redirect(next_url)
def l(): s = [] if not admin_or_editor: s.append("not admin") i = Identity('ali') identity_changed.send(app, identity=i) if admin_or_editor: s.append("now admin") return Response('\n'.join(s))
def callback(source, app): verifier = request.args.get('oauth_verifier','') #oauth_token = request.args.get('oauth_token','') if source=='sina': try: api_key, api_secret, callback = sina_api[app] except: abort(404) auth = sina.OAuthHandler(api_key, api_secret, callback) token_string = sina.oauth.OAuthToken.from_string(session['oauth_token']) #elif source=='qq': # api_key, api_secret, callback = qq_api # auth = qq.OAuthHandler(api_key, api_secret, callback) # token_string = qq.oauth.OAuthToken.from_string(session['oauth_token']) auth.set_req_token(token_string) token = auth.get_access_token(verifier) session['oauth_token'] = token.key session['oauth_token_secret'] = token.secret auth.setToken(token.key, token.secret) if source=='sina': username = auth.get_username() #elif source=='qq': # username = auth.get_username() else: username = '' session['source'] = source session['app'] = app session['username'] = username if not g.user: mapper = UserMapper.query.filter(db.and_(UserMapper.source==source, UserMapper.app==app, UserMapper.access_token==token.key))\ .first() if mapper: # login identity_changed.send(current_app._get_current_object(), identity=Identity(mapper.user.id)) else: return redirect(url_for('auth.register')) g.user.bind(source, app, token.key, token.secret) # update profile update_profile(source, g.user, auth) return redirect(url_for('%s.index' % app))
def logout(): # Remove the user information from the session logout_user() # Remove session keys set by Flask-Principal for key in ('identity.name', 'identity.auth_type'): session.pop(key, None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash(u"你已登出。", "successfully") return redirect(request.args.get('next') or url_for('home.index'))
def index(): if request.method == 'POST': if 'signIn' in request.form: passed, errors = validate_signin_form(request.form) if not passed: return render_template('index.html', signInErrors=errors, riverId=request.form.get('riverId')) identity_changed.send(current_app._get_current_object(), identity=Identity(request.form.get('riverId'))) return redirect(url_for('gatewaymanager')) if 'signOut' in request.form: identity_changed.send(current_app._get_current_object(), identity=Identity('guest')) return render_template('index.html')
def register(): if g.user: return 'is logined' source = session.get('source') app = session.get('app') username = session.get('username') if source and username and app: token = session['oauth_token'] secret = session['oauth_token_secret'] if source == 'sina': api_key, api_secret, callback = sina_api[app] auth = sina.OAuthHandler(api_key, api_secret, callback) auth.setToken(token, secret) #elif source=='qq': # api_key, api_secret, callback = qq_api # auth = qq.OAuthHandler(api_key, api_secret, callback) # auth.setToken(token, secret) # 创建shorten while True: code = shorten(str(datetime.now())) if User.query.filter_by(shorten=code).count() == 0: break email = '*****@*****.**' % code user = User(nickname=username, email=email, shorten=code) user.password = email user.profile = UserProfile() update_profile(source, user, auth) db.session.add(user) db.session.commit() # login identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) user.bind(source, app, token, secret) return redirect(url_for('%s.post' % app)) else: return redirect(url_for('frontend.login'))
def authenticate(**userdata): form = LoginForm(**userdata) if form.validate(): user, authenticated = User.query.authenticate(form.username.data, form.password.data) if user and authenticated: session.permanent = True identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return 'User authenticate' else: raise ValidationError('Invalid login') raise ValidationError(str(form.errors))
def logout(): next_url = request.args.get('next', '') session.pop('oauth_token') session.pop('oauth_token_secret') identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) if not next_url: next_url = url_for('frontend.index') return redirect(next_url)
def logout(): flash(_("You are now logged out"), "success") identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) next_url = request.args.get('next', '') if not next_url or next_url == request.path: next_url = url_for("frontend.index") return redirect(next_url)
def logout(): next_url = request.args.get('next','') session.pop('oauth_token') session.pop('oauth_token_secret') identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) if not next_url: next_url = url_for('frontend.index') return redirect(next_url)
def login(): form = LoginForm(request.form, next=request.args.get('next','')) if form.validate_on_submit(): user = User.query.filter(User.name==form.name.data).first() if user and user.check_password(form.password.data): identity_changed.send(current_app._get_current_object(), identity=Identity(user.pk)) flash(u"登录成功") return redirect(request.args.get("next") or url_for("index")) flash(u"登录失败, 请重新登录") return render_template("admin/login.html", form=form)
def login(): form = LoginForm(request.form, next=request.args.get('next', '')) if form.validate_on_submit(): user = User.query.filter(User.name == form.name.data).first() if user and user.check_password(form.password.data): identity_changed.send(current_app._get_current_object(), identity=Identity(user.pk)) flash(u"登录成功") return redirect(request.args.get("next") or url_for("index")) flash(u"登录失败, 请重新登录") return render_template("admin/login.html", form=form)
def create_or_login(rsp): session['openid'] = rsp.identity_url user = User.query.filter_by(openid=rsp.identity_url).first() if user is not None: flash(_('Successfully signed in'), 'success') identity_changed.send(current_app._get_current_object(), identity=Identity(user.pk)) return redirect(oid.get_next_url()) return redirect(url_for('create_profile', next=oid.get_next_url(), nickname=rsp.nickname or rsp.fullname, email=rsp.email))
def login(): """用户登录 """ form = LoginForm() if form.validate_on_submit(): user = User.query.get_by_account(form.account.data) login_user(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return redirect(request.args.get('next') or url_for('user.index')) return render_template('user/login.html', form=form)
def delete(): # confirm password & recaptcha form = DeleteAccountForm() if form.validate_on_submit(): db.session.delete(g.user) db.session.commit() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash(_("Your account has been deleted"), "success") return redirect(url_for("frontend.index")) return render_template("account/delete_account.html", form=form)
def create_or_login(response): openid = response.identity_url user, authenticated = \ User.query.authenticate_openid(response.email, openid) next_url = session.pop('next', None) if user is None: session['openid'] = openid username = response.fullname or response.nickname if username: username = slugify(username.replace("-", "_")) return redirect( url_for("openid.signup", next=next_url, name=username, email=response.email)) if authenticated: session.permanent = True identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome back, %%s") % user.username, "success") if next_url is None: next_url = url_for('user.posts', username=user.username) return redirect(next_url) # user already exists, so login and attach openid session['openid'] = openid flash( _("You already have an account with us. " "Please login with your email address so your " "OpenID can be attached to your user account"), "success") return redirect(url_for('account.login', login=response.email))
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] if password == username + "_secret": identity = Identity(username) identity_changed.send(app, identity=identity) return redirect(session['redirected_from']) else: return abort(401) else: return Response(''' <form action="" method="post"> <p><input type=text name=username> <p><input type=password name=password> <p><input type=submit value=Login> </form> ''')
def create_or_login(response): openid = response.identity_url user, authenticated = \ User.query.authenticate_openid(response.email, openid) next_url = session.pop('next', None) if user is None: session['openid'] = openid username = response.fullname or response.nickname if username: username = slugify(username.replace("-", "_")) return redirect(url_for("openid.signup", next=next_url, name=username, email=response.email)) if authenticated: session.permanent = True identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome back, %%s") % user.username, "success") if next_url is None: next_url = url_for('user.posts', username=user.username) return redirect(next_url) # user already exists, so login and attach openid session['openid'] = openid flash(_("You already have an account with us. " "Please login with your email address so your " "OpenID can be attached to your user account"), "success") return redirect(url_for('account.login', login=response.email))
def signup(): form = SignupForm(next=request.args.get("next")) if form.validate_on_submit(): user = User() form.populate_obj(user) user.save() # Flask-Login login_user(user) # Flask-principal identity_changed.send(current_app._get_current_object(), identity=Identity(user.username)) flash(u"欢迎, %s" % user.username, "successfully") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for('user.posts', username=user.username) return redirect(next_url) return render_template("account/signup.html", form=form)
def login(): form = LoginForm(login=request.args.get("login", None), next=request.args.get("next", None)) # TBD: ensure "next" field is passed properly if form.validate_on_submit(): user, authenticated = User.query.authenticate(form.login.data, form.password.data) if user and authenticated: session.permanent = form.remember.data identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) # check if openid has been passed in openid = session.pop("openid", None) if openid: user.openid = openid db.session.commit() flash( _("Your OpenID has been attached to your account. " "You can now sign in with your OpenID."), "success", ) else: flash(_("Welcome back, %(name)s", name=user.username), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for("user.posts", username=user.username) return redirect(next_url) else: flash(_("Sorry, invalid login"), "error") return render_template("account/login.html", form=form)
def login(): if request.method == 'GET': return Response(''' <form name="login" action="" method="post"> username:<input name="username" type="text"/><br/> password:<input name="password" type="password"/><br/> <input type="submit" value="login"/> ''') else: username = request.form['username'] #password = request.form['password'] #用户认证 #认证成功后发信号通知pincipal identity = Identity(username) identity_changed.send(app, identity=identity) redirected_from = session.get('redirected_from') print redirected_from, url_for('login') if redirected_from and not redirected_from.endswith(url_for('login')): #如果有记录来源页且来源页非登录页,则转向到来源页 return redirect(redirected_from) #否则转向到首页 return redirect(url_for('index'))
def create_profile(): if g.user is not None or 'openid' not in session: return redirect(url_for('home.index')) form = SignupForm( next=oid.get_next_url, nickname=request.values.get('nickname', None), email=request.values.get('email', None), ) if form.validate_on_submit(): user = User(openid=session['openid']) user.init_optional() form.populate_obj(user) user.save() identity_changed.send(current_app._get_current_object(), identity=Identity(user.pk)) flash(_('Profile successfully created'), 'success') return redirect(oid.get_next_url()) return render_template('account/create_profile.html', form=form)
def signup(): form = SignupForm(next=request.args.get("next")) if form.validate_on_submit(): user = User() form.populate_obj(user) db.session.add(user) db.session.commit() identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome, %(name)s", name=user.username), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for("user.posts", username=user.username) return redirect(next_url) return render_template("account/signup.html", form=form)
def index(): captchas = CaptchasDotNet(client='demo', secret='secret', alphabet='abcdefghkmnopqrstuvwxyz', letters=6, width=330, height=80) captchas_data = { 'captchas_random':captchas.random(), 'captchas_image':captchas.image(), 'captchas_audio':captchas.audio_url() } if request.method == 'POST': if 'signIn' in request.form: passed, errors = validate_signin_form(request.form) if not passed: return render_template('index.html', signInErrors=errors, riverId=request.form.get('riverId'), captchas_data=captchas_data) identity_changed.send(current_app._get_current_object(), identity=Identity(request.form.get('riverId'))) return redirect(url_for('user_home')) if 'signOut' in request.form: identity_changed.send(current_app._get_current_object(), identity=Identity('guest')) if 'signUp' in request.form: passed, errors = validate_signup_form(request.form, captchas) if not passed: return render_template('index.html', signUpErrors=errors, riverId=request.form.get('riverId'), emailaddress=request.form.get('emailaddress'), captchas_data=captchas_data) identity_changed.send(current_app._get_current_object(), identity=Identity(request.form.get('riverId'))) return redirect(url_for('user_home')) return render_template('index.html', captchas_data=captchas_data)
def e(): i = mkadmin() identity_changed.send(app, identity=i) with admin_permission.require(): return Response('hello')
def f(): i = mkadmin() identity_changed.send(app, identity=i) with admin_or_editor.require(): return Response('hello')
def logout(): identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash(u'已登出', 'success') return redirect(url_for('index'))
def j(): i = Identity('james') identity_changed.send(app, identity=i) with admin_permission.require(403): with editor_permission.require(403): pass
def logout(): session.pop('openid', None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash(_('You have been signed out'), 'success') return redirect(oid.get_next_url())
def login_view(req): username = req.form.get('username') identity_changed.send(current_app._get_current_object(), identity=Identity(username))