def POST(self, backend, association_id=None): strategy = self.strategy user = self.get_current_user() strategy.disconnect(user=user, association_id=association_id) url = self.data.get('next') or \ strategy.setting('DISCONNECT_REDIRECT_URL') or \ strategy.setting('LOGIN_REDIRECT_URL') return web.seeother(url)
def _auth(self, backend): # Save any defined next value into session strategy = self.strategy # Save extra data into session. for field_name in strategy.setting('FIELDS_STORED_IN_SESSION', []): if field_name in self.data: self.session[field_name] = self.data[field_name] if 'next' in self.data: # Check and sanitize a user-defined GET/POST next field value redirect_uri = self.data['next'] if strategy.setting('SANITIZE_REDIRECTS', True): redirect_uri = sanitize_redirect(web.ctx.host, redirect_uri) self.session['next'] = redirect_uri or \ strategy.setting('LOGIN_REDIRECT_URL') return strategy.start()
def _complete(self, backend, *args, **kwargs): strategy = self.strategy # pop redirect value before the session is trashed on login() redirect_value = self.session.get('next', '') or \ self.data.get('next', '') url = strategy.setting('LOGIN_REDIRECT_URL') user = self.get_current_user() is_authenticated = user_is_authenticated(user) if not is_authenticated: user = None if self.session.get('partial_pipeline'): data = self.session.pop('partial_pipeline') kwargs = kwargs.copy() kwargs.setdefault('user', user) idx, xargs, xkwargs = strategy.from_session(data, request=web.ctx, *args, **kwargs) if xkwargs.get('backend', '') == backend: user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=web.ctx, *args, **kwargs) else: user = strategy.complete(user=user, request=web.ctx, *args, **kwargs) if isinstance(user, web.Storage): return user if is_authenticated: if not user: url = redirect_value or strategy.setting('LOGIN_REDIRECT_URL') else: url = redirect_value or \ strategy.setting('NEW_ASSOCIATION_REDIRECT_URL') or \ strategy.setting('LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new flag before login() resets the instance is_new = getattr(user, 'is_new', False) self.login_user(user) # user.social_user is the used UserSocialAuth instance defined # in authenticate process social_user = user.social_user # store last login backend name in session self.session['social_auth_last_login_backend'] = \ social_user.provider # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting('NEW_USER_REDIRECT_URL') if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or \ strategy.setting('LOGIN_REDIRECT_URL') else: url = strategy.setting('INACTIVE_USER_URL') or \ strategy.setting('LOGIN_ERROR_URL') or \ strategy.setting('LOGIN_URL') else: url = strategy.setting('LOGIN_ERROR_URL') or \ strategy.setting('LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '%s=%s' % ('next', redirect_value) return web.seeother(url)