def load_user(self, raise_error=True): username = getattr(self, 'username', None) token = getattr(self, 'token', None) if not username or not token: return invalid('Invalid token', raise_error=raise_error) usr = user.get_by_username(username) seed = '%s%s' % (usr.id, usr.modified.isoformat()) if not usr: return invalid('Invalid token', raise_error=raise_error) serializer = app.session_interface.get_serializer(app) try: token = serializer.loads(token, max_age=3600) except itsdangerous.BadData: if raise_error: raise return False if token != seed: return invalid('Invalid token', raise_error=raise_error) return usr
def validate_token(token, raise_error=True): if not token: return invalid('Invalid token', raise_error=raise_error) token = token.split('.') if len(token) < 2: return invalid('Invalid token', raise_error=raise_error) username = token[0] token = '.'.join(token[1:]) usr = user.get_by_username(username) if not usr: return invalid('Invalid token', raise_error=raise_error) serializer = app.session_interface.get_serializer(app) try: token = serializer.loads(token, max_age=3600) except itsdangerous.BadData: if raise_error: raise return False if token != '%s%s' % (usr.id, usr.modified.isoformat()): return invalid('Invalid token', raise_error=raise_error) return usr
def login(data): data = data or dict() usr = user.get_by_username(data.get('login')) if not usr: usr = user.get_by_email(data.get('login')) if not usr: raise ValidationError('Invalid login or password') if not user.verify_password(usr, data.get('password')): raise ValidationError('Invalid login or password') remember = parse_boolean(data.get('remember')) login_user(usr, remember=remember) confirm_login() return usr
def view(username): usr = current_user._get_current_object() profile_usr = user.get_by_username(username) if not profile_usr: return "Unknown user: %s" % username, 404 campaigns = list() for ca in sorted(profile_usr.campaigns, key=lambda x: x.campaign.name): c = ca.campaign end_time = calendar.timegm(c.end.timetuple()) * 1000 # TODO :: This shoudl be comming from c.to_dict() <*****@*****.**> campaign = dict(id=c.id, name=c.name, end=end_time, role=ca.role) campaigns.append(campaign) context = dict( title="%s's Poold.In profile." % username, profile_user=profile_usr, about=profile_usr.about if hasattr(profile_usr, 'about') else None, campaigns=campaigns, is_user=usr == profile_usr) return render_template('profile/view.html', **context)
def view(username): usr = current_user._get_current_object() profile_usr = user.get_by_username(username) if not profile_usr: return "Unknown user: %s" % username, 404 campaigns = list() for ca in sorted(profile_usr.campaigns, key=lambda x: x.campaign.name): c = ca.campaign end_time = calendar.timegm(c.end.timetuple()) * 1000 # TODO :: This shoudl be comming from c.to_dict() <*****@*****.**> campaign = dict(id=c.id, name=c.name, end=end_time, role=ca.role) campaigns.append(campaign) context = dict(title="%s's Poold.In profile." % username, profile_user=profile_usr, about=profile_usr.about if hasattr(profile_usr, 'about') else None, campaigns=campaigns, is_user=usr == profile_usr) return render_template('profile/view.html', **context)