コード例 #1
0
    def set_token(self, gameMode, player1, player2):
        print("\n" * 100)
        tokens = []

        # Spectate a game
        if (gameMode == 3):
            p1Token = util.generate_token(tokens)
            p2Token = util.generate_token(tokens)

        else:
            print("\nSelect a token: ")
            print(
                "A token is a letter (A to Z) that will be used to mark your moves on the board. \n"
            )

            # Play against a friend
            if (gameMode == 2):
                p1Token = util.get_token_input(player1.name, tokens)
                p2Token = util.get_token_input(player2.name, tokens)

            # Play against AI
            else:
                p1Token = util.get_token_input(player1.name, tokens)
                p2Token = util.generate_token(tokens)

        player1.token = p1Token
        player2.token = p2Token
コード例 #2
0
ファイル: app.py プロジェクト: CaiZhongda/meetings
  def post(self):
    form = forms.InvitationForm(self)
    if form.validate():
      token = util.generate_token(32)
      invitation = {
        'inviter': self.current_user._id,
        'room': self.room._id,
        'name': form.name.data,
        'email': form.email.data,
        'token': token,
        'created_at': datetime.datetime.utcnow(),
        'status': InvitationStatus.PENDING,
      }
      self.db.invitations.insert(invitation)
      self.application.mail_queue.put({
        'to': form.email.data,
        'subject': 'Meetings invitation from %s' % self.current_user.name,
        'text': '''
Hi, %(receiver)s

%(sender)s invites you to %(room)s. Click the following link to accept this
invitation.

%(invitation_link)s
        ''' % {
        'receiver': form.name.data,
        'sender': self.current_user.name,
        'room': self.room.name,
        'invitation_link': self.request.protocol + "://" + self.request.host +
                           self.reverse_url('invitation') + '?token=' + token
        }
      })
      self.redirect(self.reverse_url('room', self.room._id))
    else:
      self.render('new_invitation.html', form=form, room=self.room)
コード例 #3
0
def fconnect():
    """Handle facebook OAuth login
        GET /auth/fconnect
        If user does not exists create a new user.
    """
    # userinfo has email, username, and access token
    userinfo = json.loads(request.data)
    user_access_token = userinfo.get('access_token')

    # To verify user's access token, we need to get our app token first.
    url = ('https://graph.facebook.com/oauth/access_token?'
           'client_id={}&client_secret={}'
           '&grant_type=client_credentials'.format(
               config.FACEBOOK_CLIENT_ID, config.FACEBOOK_CLIENT_SECRET))
    try:
        h = httplib2.Http()
        result = h.request(url, 'GET')[1]
        app_token = re.search(r'(access_token=)(.+?$)', result).group(2)

        print app_token

        # Using app token, we can verify user's access token
        url = ('https://graph.facebook.com/debug_token'
               '?input_token={}&access_token={}'.format(
                   user_access_token, app_token))

        h = httplib2.Http()
        result = json.loads(h.request(url, 'GET')[1])
        user_data = result.get("data")

        # If the user's token is valid to the app token,
        # Facecook api returns the variable 'is_valid' with True
        if not user_data.get("is_valid"):
            response = make_response(
                json.dumps("User access token is not valid"), 401)
            flash("Facebook connection Error.")
            response.headers['Content-Type'] = 'application/json'
            return response

        email = userinfo.get('email')
        user = User.get_by_email(session, email.strip())

        # Create and store a new user if there is no user exist
        if not user:
            user = User(email=email)
            session.add(user)
            session.commit()

        expire_time, token = generate_token(user)
        flash("Successfully logged in with Facebook")
        response = make_response(redirect(url_for('basic.showMain')), 200)
        response.set_cookie('token', value=token)
        response.set_cookie('expire_time', value=str(expire_time))
        return response
    except:
        response = make_response(json.dumps("User access token is not valid"),
                                 401)
        flash("Facebook connection Error.")
        response.headers['Content-Type'] = 'application/json'
        return response
コード例 #4
0
def sign_in():
    data = request.data
    dataDict = json.loads(data)
    user_location = dataDict['location']
    session_token = util.generate_token()
    auth_code = dataDict['auth_code']
    credentials = util.google_auth_user(auth_code)
    user_email = credentials.id_token['email']
    user_obj = User.create_user(user_email, user_location, auth_code, credentials.refresh_token, credentials.access_token)
    user_obj.session_token = session_token
    user_obj.save()
    return jsonify({'session_token': user_obj.session_token, 'user_email': user_email})
コード例 #5
0
ファイル: __init__.py プロジェクト: cydrobolt/jaxbin
def create_bin():
    bin_data = request.form["binData"]
    bin_id = generate_token(6)

    Bin.create(
        p_id = bin_id,
        content = bin_data
    )

    if not bin_data:
        abort(400, "Invalid Request")

    return bin_id
コード例 #6
0
ファイル: user.py プロジェクト: ra1993/transitbuddy_backend
    def get_token(self):
        
        repeat = True
        self.token = generate_token()

        with sqlite3.connect(self.dbpath) as conn:
            cur = conn.cursor()

           
            while repeat is True:
                sql = f"""SELECT pk FROM {self.tablename} WHERE token == ?"""
                cur.execute(sql, (self.token,))
                instance = cur.fetchone()

                if instance is None:
                    repeat = False
                else:
                    self.token = generate_token()
            
            sql = f"""UPDATE {self.tablename} SET token = "{self.token}"
                WHERE pk = {self.pk}"""
            cur.execute(sql)
コード例 #7
0
ファイル: app.py プロジェクト: CaiZhongda/meetings
 def post(self):
   form = forms.RoomForm(self)
   if form.validate():
     room = Model(owner=self.current_user._id,
                  admins=[self.current_user._id],
                  members=[self.current_user._id],
                  topic='',
                  current_users=[self.current_user._id])
     form.populate_obj(room)
     room.token = util.generate_token(32)
     self.db.rooms.insert(room)
     self.redirect(self.reverse_url('room', room._id))
   else:
     self.render('new.html', form=form)
コード例 #8
0
 def post(self):
     form = forms.RoomForm(self)
     if form.validate():
         room = Model(owner=self.current_user._id,
                      admins=[self.current_user._id],
                      members=[self.current_user._id],
                      topic='',
                      current_users=[self.current_user._id])
         form.populate_obj(room)
         room.token = util.generate_token(32)
         self.db.rooms.insert(room)
         self.redirect(self.reverse_url('room', room._id))
     else:
         self.render('new.html', form=form)
コード例 #9
0
ファイル: app.py プロジェクト: tusharsadhwani/chat_api
def login():
    '''Logs a user in by username and password, and returns an access token'''
    required_args = ('username', 'password')
    if any(arg not in request.args for arg in required_args):
        return abort(401)

    username = request.args['username'].lower()
    password = request.args['password']

    print(username, password)

    query = cursor.execute(
        """
        SELECT password
        FROM users
        WHERE username = ?;
        """, (username, ))
    result = query.fetchone()
    if result is None:
        return jsonify(error=404, message="Invalid username or password")

    db_password = result[0]
    print(db_password)
    if password != db_password:
        return jsonify(error=404, message="Invalid password")

    query = cursor.execute(
        """
        SELECT verified
        FROM users
        WHERE username = ?;
        """, (username, ))
    verified = bool(query.fetchone()[0])

    if not verified:
        return jsonify(error=401, message="Your email isn't verified yet")

    new_token = util.generate_token()
    cursor.execute(
        """
        UPDATE users
        SET token = ?
        WHERE username = ?;
        """, (new_token, username))
    conn.commit()

    return jsonify(token=new_token, message="Successfully logged in")
コード例 #10
0
    def post(self):
        form = forms.InvitationForm(self)
        if form.validate():
            token = util.generate_token(32)
            invitation = {
                'inviter': self.current_user._id,
                'room': self.room._id,
                'name': form.name.data,
                'email': form.email.data,
                'token': token,
                'created_at': datetime.datetime.utcnow(),
                'status': InvitationStatus.PENDING,
            }
            self.db.invitations.insert(invitation)
            self.application.mail_queue.put({
                'to':
                form.email.data,
                'subject':
                'Meetings invitation from %s' % self.current_user.name,
                'text':
                '''
Hi, %(receiver)s

%(sender)s invites you to %(room)s. Click the following link to accept this
invitation.

%(invitation_link)s
        ''' % {
                    'receiver':
                    form.name.data,
                    'sender':
                    self.current_user.name,
                    'room':
                    self.room.name,
                    'invitation_link':
                    self.request.protocol + "://" + self.request.host +
                    self.reverse_url('invitation') + '?token=' + token
                }
            })
            self.redirect(self.reverse_url('room', self.room._id))
        else:
            self.render('new_invitation.html', form=form, room=self.room)
コード例 #11
0
ファイル: app.py プロジェクト: tusharsadhwani/chat_api
def signup():
    '''Creates a new user via email, username and password'''
    required_args = ('name', 'email', 'username', 'password')
    if any(arg not in request.args for arg in required_args):
        return abort(401)

    name = request.args['name']
    email = request.args['email']
    username = request.args['username'].lower()
    password = request.args['password']

    query = cursor.execute(
        """
        SELECT COUNT(*)
        FROM users
        WHERE username = ?;
        """, (username, ))
    if db.exists(query):
        return jsonify(error=401,
                       message="User with this username already exists")

    config = configparser.ConfigParser()
    config.read('./.settings')

    domain = config['settings']['domain'].rstrip('/')
    verification_code = util.generate_token()
    link = f'{domain}/verify?token={verification_code}'
    try:
        verify.send_verification_email(email, link)
    except httplib2.ServerNotFoundError:
        return jsonify(error=404, message="Unable to reach Server")

    cursor.execute(
        """
        INSERT INTO users (
            id, name, email, username, password, verification_code)
        VALUES (?, ?, ?, ?, ?, ?);
        """, (random.randrange(100_001, 1_000_000), name, email, username,
              password, verification_code))
    conn.commit()

    return jsonify(success=True, message="Verification email sent")
コード例 #12
0
def user_login():
    if request.method == 'GET':
        name = 'app2'
        token = generate_token(name)
        generate_pub_rsa_key()
        _file = os.path.realpath('./' + '/token.ini')
        pub_filename = os.path.realpath('rsa.pub.key')
        with open(pub_filename, 'r') as fp:
            secrete = change_str(user_pub_add_salt(fp, UAER_KEY))
        data = {
            'name': 'less',
            'age': 34,
            'sex': 'w',
            'uuid': uuid.uuid4(),
            'token': token,
            'secrete': secrete
        }
        info = f"{name}: {token}\n"
        logger.info(info)
        with open(_file, 'w+') as fp:
            print('进来了')
            fp.write(info)
        logger.info(data)
        return data
コード例 #13
0
def login(cached_email=None):
    """Render login page and handle login form data.
        Requests:
            GET /auth/login
            POST /auth/login
    """
    if request.method == 'GET':
        csrf_token = generate_csrf_token()
        response = make_response(
            render_template('login.html',
                            cached_email=cached_email,
                            client_id=CLIENT_ID,
                            csrf_token=csrf_token))
        # Store the csrf_token in the browser cookie.
        response.set_cookie('csrf_token', value=csrf_token)
        return response

    # Form fields:
    #     email: user email, required
    #     password: user password, required
    if request.method == 'POST':
        # Check csrf token
        cookie_csrf_token = request.cookies.get('csrf_token')
        form_csrf_token = request.form.get('_csrf_token')

        # CSRF attack detected!
        if cookie_csrf_token != form_csrf_token:
            flash("Please use proper login.")
            return render_template('login.html',
                                   cached_email=cached_email,
                                   client_id=CLIENT_ID,
                                   csrf_token="")

        # Get user data from login form.
        email = request.form.get('email')
        password = request.form.get('password')

        # User must fill the email and password field.
        if not (email and password):
            flash("Please fill the form. ")
            return render_template('login.html', cached_email=email)

        # Find user in the database by email.
        user = User.get_by_email(session, email.strip())
        # User does not exists.
        if not user:
            flash("Invalid email address or password. ")
            return render_template('login.html', cached_email=email)

        # User exist, but Password does not.
        # The user have logged in with OAuth
        if not user.password:
            flash("You've signed up with social service. ")
            return render_template('login.html', cached_email=email)

        # Password incorrect.
        if not check_password(password, user.password, user.salt):
            flash("Invalid email address or password. ")
            return render_template('login.html', cached_email=email)

        # Generate JSON web token for user.
        # As long as client has non-expired and valid token,
        #     they do not need to login again.
        expire_time, token = generate_token(user)
        response = make_response(redirect(url_for('basic.showMain')))
        # Store the token in the browser cookie.
        response.set_cookie('token', value=token)
        response.set_cookie('expire_time', value=str(expire_time))
        return response
コード例 #14
0
def fconnect():
    """Handle facebook OAuth login
        GET /auth/fconnect
        If user does not exists create a new user.
    """
    # userinfo has email, username, and access token
    userinfo = json.loads(request.data)
    user_access_token = userinfo.get('access_token')

    # To verify user's access token, we need to get our app token first.
    url = ('https://graph.facebook.com/oauth/access_token?'
           'client_id={}&client_secret={}'
           '&grant_type=client_credentials'
           .format(config.FACEBOOK_CLIENT_ID,
                   config.FACEBOOK_CLIENT_SECRET))
    try:
        h = httplib2.Http()
        result = h.request(url, 'GET')[1]
        app_token = re.search(r'(access_token=)(.+?$)', result).group(2)

        print app_token

        # Using app token, we can verify user's access token
        url = ('https://graph.facebook.com/debug_token'
               '?input_token={}&access_token={}'
               .format(user_access_token, app_token))

        h = httplib2.Http()
        result = json.loads(h.request(url, 'GET')[1])
        user_data = result.get("data")

        # If the user's token is valid to the app token,
        # Facecook api returns the variable 'is_valid' with True
        if not user_data.get("is_valid"):
            response = make_response(
                json.dumps("User access token is not valid"), 401
            )
            flash("Facebook connection Error.")
            response.headers['Content-Type'] = 'application/json'
            return response

        email = userinfo.get('email')
        user = User.get_by_email(session, email.strip())

        # Create and store a new user if there is no user exist
        if not user:
            user = User(email=email)
            session.add(user)
            session.commit()

        expire_time, token = generate_token(user)
        flash("Successfully logged in with Facebook")
        response = make_response(
            redirect(url_for('basic.showMain')), 200
        )
        response.set_cookie('token', value=token)
        response.set_cookie('expire_time', value=str(expire_time))
        return response
    except:
        response = make_response(
            json.dumps("User access token is not valid"), 401
        )
        flash("Facebook connection Error.")
        response.headers['Content-Type'] = 'application/json'
        return response
コード例 #15
0
def gconnect():
    """Handle Google OAuth login.
        GET /auth/gconnect
        If user does not exists create a new user.
    """

    # Check csrf token
    cookie_csrf_token = request.cookies.get('csrf_token')
    if request.args.get('_csrf_token') != cookie_csrf_token:
        flash("Please use proper authentication.")
        response = make_response(json.dumps('Fail to connect'), 401)
        response.headers['Content-Type'] = 'application/json'
        return response

    # code is a return value from front-end google + oauth API
    code = request.data
    try:
        # Create oauth login flow based on client_secret.json
        # Please make sure that you have downloaded and placed
        #     client_secret.json properly. Please read README file.
        oauth_flow = flow_from_clientsecrets('settings/client_secret.json',
                                             scope='')
        oauth_flow.redirect_uri = 'postmessage'
        credentials = oauth_flow.step2_exchange(code)
    except FlowExchangeError:
        flash("Google plus connection Error.")
        response = make_response(json.dumps('Fail to upgrade'), 401)
        response.headers['Content-Type'] = 'application/json'
        return response
    # Get an access_token from Goolge OAuth provider
    access_token = credentials.access_token
    url = ('https://www.googleapis.'
           'com/oauth2/v1/tokeninfo?access_token=%s' % access_token)
    h = httplib2.Http()
    result = json.loads(h.request(url, 'GET')[1])
    if result.get('error') is not None:
        flash("Google plus connection Error.")
        response = make_response(json.dumps(result.get('error')), 500)
        response.headers['Content-Type'] = 'application/json'
        return response

    # Get user id stored in Google
    gplus_id = credentials.id_token['sub']
    if result['user_id'] != gplus_id:
        flash("Google plus connection Error.")
        response = make_response(json.dumps("Token's user ID doesn't match"),
                                 401)
        response.headers['Content-Type'] = 'application/json'
        return response

    # Make sure client id is correct
    if result['issued_to'] != CLIENT_ID:
        response = make_response(json.dumps("Token's client ID doesn't match"),
                                 401)
        flash("Google plus connection Error.")
        response.headers['Content-Type'] = 'application/json'
        return response

    # Retrieve user info. stored in Google
    userinfo_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
    params = {'access_token': credentials.access_token, 'alt': 'json'}
    answer = requests.get(userinfo_url, params=params)

    data = json.loads(answer.text)
    email = data['email']
    user = User.get_by_email(session, email.strip())

    # If user does not exist, create a new user
    if not user:
        user = User(email=email)

    session.add(user)
    session.commit()

    # Generate JSON web token for user.
    # As long as client has non-expired and valid token,
    #     they do not need to login again.
    flash("Successfully logged in with Google +")
    expire_time, token = generate_token(user)
    response = make_response(redirect(url_for('basic.showMain')))
    # Store the JSON web token and Google + access token in the browser cookie.
    response.set_cookie('token', value=token)
    response.set_cookie('expire_time', value=str(expire_time))
    response.set_cookie('gplus_token', value=access_token)
    return response
コード例 #16
0
ファイル: callcenter.py プロジェクト: caseysoftware/workshop
 def get(self):
     params = {
         "token": util.generate_token(ACCOUNT_SID, AUTH_TOKEN, APP_SID)
     }
     self.response.out.write(render_template("index.html", params))
コード例 #17
0
ファイル: example.py プロジェクト: oz123/peewee-session
from peewee import SqliteDatabase

db = SqliteDatabase('test.db')

CONFIG = {'db': db}

app = bottle.app()
app.config.update(CONFIG)

session_plugin = PeeweeSessionPlugin(cookie_lifetime='10 seconds',
                                     db_conn=db,
                                     cookie_secret='very-s3kr3t-s4lt')

app.install(session_plugin)

csrf_token = generate_token(20)

username = "******"
PASSWORD = "******"


class User:
    @staticmethod
    def verify_password(user, password):
        if user == username and password == PASSWORD:
            return True
        else:
            return False


login_required = authenticator(session_plugin.session_manager,
コード例 #18
0
def signup():
    """Render login page and handle login form data.
        Requests:
            GET /auth/signup
            POST /auth/signup
    """
    if request.method == 'GET':
        csrf_token = generate_csrf_token()
        response = make_response(
            render_template('signup.html', client_id=CLIENT_ID))
        # Store the csrf_token in the browser cookie.
        response.set_cookie('csrf_token', value=csrf_token)
        return response

    # Form fields:
    #     email: user email, required
    #     password: user password, required
    #     confirm: user confirm password, required
    # User email, and hashed password and salt are stored when login succeed.
    if request.method == 'POST':
        # Check csrf token
        cookie_csrf_token = request.cookies.get('csrf_token')
        form_csrf_token = request.form.get('_csrf_token')

        # CSRF attack detected!
        if cookie_csrf_token != form_csrf_token:
            flash("Please use proper signup.")
            return render_template('signup.html',
                                   client_id=CLIENT_ID,
                                   csrf_token="")

        # Get user data from login form.
        email = request.form.get('email')
        password = request.form.get('password')
        confirm = request.form.get('confirm')
        # User must fill the email and password field.
        if not (email and password and confirm):
            flash("Please fill the form. ")
            return render_template('signup.html', cached_email=email)

        # Password field and confirm fields must be the same.
        if not (password == confirm):
            flash("Confirm password has to be the same as password")
            return render_template('signup.html', cached_email=email)

        # Find user in the database by email.
        user = User.get_by_email(session, email.strip())
        # User already exist, remind user that.
        if user:
            if user.password:
                flash("Such user already exist. Please login")
                return render_template('signup.html', cached_email=email)
        # Create a new user object
        else:
            user = User(email=email.strip())
        # Store encrypted password and salt in the database
        user.password, user.salt = encrypt_password(password)
        session.add(user)
        session.commit()

        # Generate JSON web token for user.
        # As long as client has non-expired and valid token,
        #     they do not need to login again.
        expire_time, token = generate_token(user)
        response = make_response(redirect(url_for('basic.showMain')))
        # Store the token in the browser cookie.
        response.set_cookie('token', value=token)
        response.set_cookie('expire_time', value=str(expire_time))
        return response
コード例 #19
0
def postform():
    """Form POST endpoint for all form variations."""

    input = request.form
    mode = input["mode"]
    email = input["email"]
    passwd = input.get("passwd")
    token = input.get("token")

    u = db.get_user_by_email(email)

    errmsg = ""
    if not email:
        errmsg = "Email is missing"

    elif mode == "login":
        if not u or not account.check_password(u.password, passwd):
            errmsg = "Invalid login credentials"
        else:
            account.build_session(u, is_permanent=True)

            log.info(f"LOGIN OK {email}")

            # you should redirect to real ui...
            return redirect("/api/me")

    elif mode == "signup":
        if u:
            errmsg = f"Account exists already {email}"
        elif passwd != input.get("passwd2"):
            errmsg = f"Passwords differ"
        else:
            errmsg = account.check_password_validity(passwd)
            if not errmsg:
                # create new user
                u = db.User()
                u.email = email
                u.first_name = input["firstname"]
                u.last_name = input["lastname"]
                u.password = account.hash_password(passwd)
                u.role = 'editor'  # set default to what makes sense to your app
                u.save(force_insert=True)

                account.new_signup_steps(u)
                account.build_session(u, is_permanent=True)

                log.info(f"SIGNUP OK {email}")

                # you should redirect to real ui...
                return redirect("/api/me")

    elif mode == "forgot":
        # request a new password
        if u:
            # generate an expiring token and store in redis
            token = str(util.generate_token())
            data = {"uid": f"{u.id}", "ip": get_ip()}
            expire_secs = 60 * 60  # 1h
            red.set_keyval(token, data, expire_secs)

            # email the link to the user
            link = f"DOMAIN/auth/reset?token={token}"
            errmsg = f"Server should now send a reset email to {email}..."
            log.info(f"password reset link = {link}")

        else:
            errmsg = f"Unknown account {email}"

    elif mode == "reset":
        # reset a password
        data = red.get_keyval(token)
        if data:
            try:
                u = db.get_user(data["uid"])

                # extra security: make sure ip addresses match, only the
                # requester can use the link
                if get_ip() != data["ip"]:
                    errmsg = "Invalid IP"

                elif passwd != input.get("passwd2"):
                    errmsg = "Passwords differ"

                else:
                    # ok, reset the password
                    u.password = account.hash_password(passwd)
                    u.save()
                    account.build_session(u, is_permanent=True)

                    # security: disable link from further use
                    red.delete_key(token)

                    log.info(f"PASSWD RESET OK {email}")
                    return redirect("/api/me")

            except:
                log.error(f"no user {value}")
                errmsg = "Invalid token"
        else:
            errmsg = "Invalid token"

    if errmsg:
        log.warn(errmsg)

    return render_template('auth.html',
                           mode=mode,
                           email=email,
                           err=errmsg,
                           token=token)
コード例 #20
0
def signup():
    """Render login page and handle login form data.
        Requests:
            GET /auth/signup
            POST /auth/signup
    """
    if request.method == 'GET':
        csrf_token = generate_csrf_token()
        response = make_response(
            render_template('signup.html', client_id=CLIENT_ID)
        )
        # Store the csrf_token in the browser cookie.
        response.set_cookie('csrf_token', value=csrf_token)
        return response

    # Form fields:
    #     email: user email, required
    #     password: user password, required
    #     confirm: user confirm password, required
    # User email, and hashed password and salt are stored when login succeed.
    if request.method == 'POST':
        # Check csrf token
        cookie_csrf_token = request.cookies.get('csrf_token')
        form_csrf_token = request.form.get('_csrf_token')

        # CSRF attack detected!
        if cookie_csrf_token != form_csrf_token:
            flash("Please use proper signup.")
            return render_template('signup.html',
                                   client_id=CLIENT_ID, csrf_token="")

        # Get user data from login form.
        email = request.form.get('email')
        password = request.form.get('password')
        confirm = request.form.get('confirm')
        # User must fill the email and password field.
        if not (email and password and confirm):
            flash("Please fill the form. ")
            return render_template('signup.html', cached_email=email)

        # Password field and confirm fields must be the same.
        if not (password == confirm):
            flash("Confirm password has to be the same as password")
            return render_template('signup.html', cached_email=email)

        # Find user in the database by email.
        user = User.get_by_email(session, email.strip())
        # User already exist, remind user that.
        if user:
            if user.password:
                flash("Such user already exist. Please login")
                return render_template('signup.html', cached_email=email)
        # Create a new user object
        else:
            user = User(email=email.strip())
        # Store encrypted password and salt in the database
        user.password, user.salt = encrypt_password(password)
        session.add(user)
        session.commit()

        # Generate JSON web token for user.
        # As long as client has non-expired and valid token,
        #     they do not need to login again.
        expire_time, token = generate_token(user)
        response = make_response(redirect(url_for('basic.showMain')))
        # Store the token in the browser cookie.
        response.set_cookie('token', value=token)
        response.set_cookie('expire_time', value=str(expire_time))
        return response
コード例 #21
0
def gconnect():
    """Handle Google OAuth login.
        GET /auth/gconnect
        If user does not exists create a new user.
    """

    # Check csrf token
    cookie_csrf_token = request.cookies.get('csrf_token')
    if request.args.get('_csrf_token') != cookie_csrf_token:
        flash("Please use proper authentication.")
        response = make_response(json.dumps('Fail to connect'), 401)
        response.headers['Content-Type'] = 'application/json'
        return response

    # code is a return value from front-end google + oauth API
    code = request.data
    try:
        # Create oauth login flow based on client_secret.json
        # Please make sure that you have downloaded and placed
        #     client_secret.json properly. Please read README file.
        oauth_flow = flow_from_clientsecrets('settings/client_secret.json',
                                             scope='')
        oauth_flow.redirect_uri = 'postmessage'
        credentials = oauth_flow.step2_exchange(code)
    except FlowExchangeError:
        flash("Google plus connection Error.")
        response = make_response(json.dumps('Fail to upgrade'), 401)
        response.headers['Content-Type'] = 'application/json'
        return response
    # Get an access_token from Goolge OAuth provider
    access_token = credentials.access_token
    url = ('https://www.googleapis.'
           'com/oauth2/v1/tokeninfo?access_token=%s'
           % access_token)
    h = httplib2.Http()
    result = json.loads(h.request(url, 'GET')[1])
    if result.get('error') is not None:
        flash("Google plus connection Error.")
        response = make_response(
            json.dumps(result.get('error')), 500
        )
        response.headers['Content-Type'] = 'application/json'
        return response

    # Get user id stored in Google
    gplus_id = credentials.id_token['sub']
    if result['user_id'] != gplus_id:
        flash("Google plus connection Error.")
        response = make_response(
            json.dumps("Token's user ID doesn't match"), 401
        )
        response.headers['Content-Type'] = 'application/json'
        return response

    # Make sure client id is correct
    if result['issued_to'] != CLIENT_ID:
        response = make_response(
            json.dumps("Token's client ID doesn't match"), 401
        )
        flash("Google plus connection Error.")
        response.headers['Content-Type'] = 'application/json'
        return response

    # Retrieve user info. stored in Google
    userinfo_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
    params = {'access_token': credentials.access_token, 'alt': 'json'}
    answer = requests.get(userinfo_url, params=params)

    data = json.loads(answer.text)
    email = data['email']
    user = User.get_by_email(session, email.strip())

    # If user does not exist, create a new user
    if not user:
        user = User(email=email)

    session.add(user)
    session.commit()

    # Generate JSON web token for user.
    # As long as client has non-expired and valid token,
    #     they do not need to login again.
    flash("Successfully logged in with Google +")
    expire_time, token = generate_token(user)
    response = make_response(redirect(url_for('basic.showMain')))
    # Store the JSON web token and Google + access token in the browser cookie.
    response.set_cookie('token', value=token)
    response.set_cookie('expire_time', value=str(expire_time))
    response.set_cookie('gplus_token', value=access_token)
    return response
コード例 #22
0
 def get(self):
     params = {
         "token": util.generate_token(ACCOUNT_SID, AUTH_TOKEN, APP_SID)
     }
     self.response.out.write(render_template("index.html", params))
コード例 #23
0
def login(cached_email=None):
    """Render login page and handle login form data.
        Requests:
            GET /auth/login
            POST /auth/login
    """
    if request.method == 'GET':
        csrf_token = generate_csrf_token()
        response = make_response(
            render_template('login.html', cached_email=cached_email,
                            client_id=CLIENT_ID, csrf_token=csrf_token)
        )
        # Store the csrf_token in the browser cookie.
        response.set_cookie('csrf_token', value=csrf_token)
        return response

    # Form fields:
    #     email: user email, required
    #     password: user password, required
    if request.method == 'POST':
        # Check csrf token
        cookie_csrf_token = request.cookies.get('csrf_token')
        form_csrf_token = request.form.get('_csrf_token')

        # CSRF attack detected!
        if cookie_csrf_token != form_csrf_token:
            flash("Please use proper login.")
            return render_template('login.html', cached_email=cached_email,
                                   client_id=CLIENT_ID, csrf_token="")

        # Get user data from login form.
        email = request.form.get('email')
        password = request.form.get('password')

        # User must fill the email and password field.
        if not (email and password):
            flash("Please fill the form. ")
            return render_template('login.html', cached_email=email)

        # Find user in the database by email.
        user = User.get_by_email(session, email.strip())
        # User does not exists.
        if not user:
            flash("Invalid email address or password. ")
            return render_template('login.html', cached_email=email)

        # User exist, but Password does not.
        # The user have logged in with OAuth
        if not user.password:
            flash("You've signed up with social service. ")
            return render_template('login.html', cached_email=email)

        # Password incorrect.
        if not check_password(password, user.password, user.salt):
            flash("Invalid email address or password. ")
            return render_template('login.html', cached_email=email)

        # Generate JSON web token for user.
        # As long as client has non-expired and valid token,
        #     they do not need to login again.
        expire_time, token = generate_token(user)
        response = make_response(redirect(url_for('basic.showMain')))
        # Store the token in the browser cookie.
        response.set_cookie('token', value=token)
        response.set_cookie('expire_time', value=str(expire_time))
        return response