def loginpersona():
"""Taken mostly from mozilla quickstart """
dolog("INFO", "loginpersona")
# The request has to have an assertion for us to verify
if 'assertion' not in request.form:
abort(400)
# Send the assertion to Mozilla's verifier service.
audience = "http://%s" % app.config['www_server_name']
data = {'assertion': request.form['assertion'], 'audience': audience}
resp = requests.post(
'https://verifier.login.persona.org/verify', data=data, verify=True)
# Did the verifier respond?
if resp.ok:
# Parse the response
verification_data = json.loads(resp.content)
dolog("INFO", "Verified persona:%s" % repr(verification_data))
# Check if the assertion was valid
if verification_data['status'] == 'okay':
# Log the user in by setting a secure session cookie
# session.update({'email': verification_data['email']})
auth.after_authentication(verification_data['email'], 'persona')
return resp.content
# Oops, something failed. Abort.
abort(500)
def create_or_login(resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
"""
auth.after_authentication(resp.identity_url, 'openid')
return redirect(auth.oid.get_next_url())