def POST(self):
"""Overrides `account_login` and infogami.login to prevent users from
logging in with Open Library username and password if the
payload is json. Instead, if login attempted w/ json
credentials, requires Archive.org s3 keys.
"""
from openlibrary.plugins.openlibrary.code import BadRequest
d = simplejson.loads(web.data())
access = d.get('access', None)
secret = d.get('secret', None)
test = d.get('test', False)
# Try S3 authentication first, fallback to infogami user, pass
if access and secret:
audit = audit_accounts(None,
None,
require_link=True,
s3_access_key=access,
s3_secret_key=secret,
test=test)
error = audit.get('error')
if error:
raise olib.code.BadRequest(error)
web.setcookie(config.login_cookie_name,
web.ctx.conn.get_auth_token())
# Fallback to infogami user/pass
else:
from infogami.plugins.api.code import login as infogami_login
infogami_login().POST()
def POST(self):
i = web.input(username="",
connect=None,
password="",
remember=False,
redirect='/',
test=False,
access=None,
secret=None)
email = i.username # XXX username is now email
audit = audit_accounts(email,
i.password,
require_link=True,
s3_access_key=i.access,
s3_secret_key=i.secret,
test=i.test)
error = audit.get('error')
if error:
return self.render_error(error, i)
expires = (i.remember and 3600 * 24 * 7) or ""
web.setcookie(config.login_cookie_name,
web.ctx.conn.get_auth_token(),
expires=expires)
blacklist = [
"/account/login", "/account/password", "/account/email",
"/account/create"
]
if i.redirect == "" or any([path in i.redirect for path in blacklist]):
i.redirect = "/"
raise web.seeother(i.redirect)
def POST(self):
"""Overrides `account_login` and infogami.login to prevent users from
logging in with Open Library username and password if the
payload is json. Instead, if login attempted w/ json
credentials, requires Archive.org s3 keys.
"""
from openlibrary.plugins.openlibrary.code import BadRequest
d = simplejson.loads(web.data())
access = d.get('access', None)
secret = d.get('secret', None)
test = d.get('test', False)
# Try S3 authentication first, fallback to infogami user, pass
if access and secret:
audit = audit_accounts(None, None, require_link=True,
s3_access_key=access,
s3_secret_key=secret, test=test)
error = audit.get('error')
if error:
raise olib.code.BadRequest(error)
web.setcookie(config.login_cookie_name, web.ctx.conn.get_auth_token())
# Fallback to infogami user/pass
else:
from infogami.plugins.api.code import login as infogami_login
infogami_login().POST()
def POST(self):
"""When the user attempts a login, an audit is performed to determine
whether their account is already linked (in which case we can
proceed to log the user in), whether there is an error
authenticating their account, or whether a /account/connect
must first performed.
Note: Emails are case sensitive behind the scenes and
functions which require them as lower will make them so
"""
i = web.input(email='', password='')
test = i.get('test', '').lower() == 'true'
email = i.get('email')
password = i.get('password')
result = audit_accounts(email, password, test=test)
return delegate.RawText(json.dumps(result), content_type="application/json")
def POST(self):
"""When the user attempts a login, an audit is performed to determine
whether their account is already linked (in which case we can
proceed to log the user in), whether there is an error
authenticating their account, or whether a /account/connect
must first performed.
Note: Emails are case sensitive behind the scenes and
functions which require them as lower will make them so
"""
i = web.input(email='', password='')
test = i.get('test', '').lower() == 'true'
email = i.get('email')
password = i.get('password')
result = audit_accounts(email, password, test=test)
return delegate.RawText(simplejson.dumps(result),
content_type="application/json")
def POST_login(self, i):
i = web.input(username="", password="", remember=False, redirect='')
audit = audit_accounts(i.username, i.password)
errors = self.error_check(audit, i)
if errors:
return errors
blacklist = ["/account/login", "/account/password", "/account/email",
"/account/create"]
if i.redirect == "" or any([path in i.redirect for path in blacklist]):
i.redirect = "/"
expires = (i.remember and 3600 * 24 * 7) or ""
web.setcookie(config.login_cookie_name, web.ctx.conn.get_auth_token(),
expires=expires)
raise web.seeother(i.redirect)
def POST(self):
i = web.input(username="", connect=None, password="", remember=False,
redirect='/', test=False, access=None, secret=None)
email = i.username # XXX username is now email
audit = audit_accounts(email, i.password, require_link=True,
s3_access_key=i.access,
s3_secret_key=i.secret, test=i.test)
error = audit.get('error')
if error:
return self.render_error(error, i)
expires = (i.remember and 3600 * 24 * 7) or ""
web.setcookie(config.login_cookie_name, web.ctx.conn.get_auth_token(),
expires=expires)
blacklist = ["/account/login", "/account/password", "/account/email",
"/account/create"]
if i.redirect == "" or any([path in i.redirect for path in blacklist]):
i.redirect = "/"
raise web.seeother(i.redirect)
def POST(self):
"""Overrides `account_login` and infogami.login to prevent users from
logging in with Open Library username and password if the
payload is json. Instead, if login attempted w/ json
credentials, requires Archive.org s3 keys.
"""
d = simplejson.loads(web.data())
access = d.get('access', None)
secret = d.get('secret', None)
test = d.get('test', False)
audit = audit_accounts(None,
None,
require_link=True,
s3_access_key=access,
s3_secret_key=secret,
test=test)
error = audit.get('error')
if error:
raise BadRequest(error)
web.setcookie(config.login_cookie_name, web.ctx.conn.get_auth_token())
def POST(self):
i = web.input(
username="",
connect=None,
password="",
remember=False,
redirect='/',
test=False,
access=None,
secret=None,
)
email = i.username # XXX username is now email
audit = audit_accounts(
email,
i.password,
require_link=True,
s3_access_key=i.access or web.ctx.env.get('HTTP_X_S3_ACCESS'),
s3_secret_key=i.secret or web.ctx.env.get('HTTP_X_S3_SECRET'),
test=i.test,
)
error = audit.get('error')
if error:
return self.render_error(error, i)
expires = 3600 * 24 * 365 if i.remember else ""
web.setcookie('pd',
int(audit.get('special_access')) or '',
expires=expires)
web.setcookie(config.login_cookie_name,
web.ctx.conn.get_auth_token(),
expires=expires)
blacklist = [
"/account/login",
"/account/create",
]
if i.redirect == "" or any([path in i.redirect for path in blacklist]):
i.redirect = "/account/loans"
raise web.seeother(i.redirect)