def link_account(): data = verify_jwt(request.args.get("token", "")) form = BlankForm() uid = data["uid"] pid = data["pid"] email = data["email"] provider = data["provider"] if form.validate_on_submit(): if provider == "Google": GoogleLinks.add(uid=uid, gid=pid) elif provider == "GitHub": GithubLinks.add(uid=uid, gid=pid) db_commit() set_user(Users.query.filter_by(id=uid).first()) flash("Your account is now connected. Welcome back!", category="SUCCESS") return redirect("/", code=303) # TODO GitHub flash_form_errors(form) return render_template("account/link-account.html", uid=uid, provider=provider, email=email, form=form)
def serve_create_account_request(): if user: return redirect(get_next_page(), code=303) try: email = get_email_from_token() except RedirectError as e: return e.response u = Users.query.filter_by(email=email).first() if u: set_user(u) flash( "Welcome back! This email address already owns an account. If you wish to add/change your password, go to the Edit Profile page.", category="SUCCESS") return redirect(get_next_page(), code=303) form = CreateAccountForm() if form.validate_on_submit(): return serve_create_account(form) form.legal_agreement.checked = False flash_form_errors(form) return render_template("account/create-account.html", active="Sign Up", form=form, email=email, next_page=get_next_page())
def update_user(uid, **kwargs): user = Users.query.filter_by(id=uid).first() # TODO handle email change if "username" in kwargs: user.username = kwargs.pop("username") if "desc" in kwargs: user.desc = kwargs.pop("desc") if "real_name" in kwargs: user.real_name = kwargs.pop("real_name") if "npass" in kwargs: user.password_hash = pass_hash(kwargs.pop("npass"), user.salt) user.revoke_tokens_before = get_time() set_user(user) if "subscribed" in kwargs: user.subscribed = kwargs.pop("subscribed") if kwargs: logger.warn("WARNING update_user not complete: %s" % kwargs) db_commit()
def serve_change_password(form): password = form.password.data user.password_hash = pass_hash(password, user.salt) user.permissions.revoke_tokens_before = get_time() db_commit() set_user(user._get_current_object()) flash("Your account password has been updated!", category="SUCCESS") return redirect("/edit-profile/", code=303)
def serve_login(form, use_username, reauth): if use_username: user = Users.query.filter_by(username = form.username.data).first() else: user = Users.query.filter_by(email = form.email.data).first() if not reauth: flash("Welcome back!", category = "SUCCESS") set_user(user) return redirect(get_next_page(), code = 303)
def oauth_create_account(): if user: return redirect(get_next_page(), code=303) try: data = verify_jwt(request.args.get("token", "")) except (InvalidJWT, ExpiredJWT): return error_page( code=400, message="Invalid token in request. Please contact us.", errorname="Bad Request") form = OAuthCreateAccountForm() if form.email.data is None and "email" in data: form.email.data = data["email"] if form.username.data is None and "username" in data: form.username.data = data["username"] if form.real_name.data is None and "real_name" in data: form.real_name.data = data["real_name"] if form.validate_on_submit(): new_user = create_blank_account(form.email.data, form.username.data, form.real_name.data, form.subscribed.data) if data["provider"] == "Google": GoogleLinks.add(uid=new_user.id, gid=data["pid"]) elif data["provider"] == "GitHub": GithubLinks.add(uid=new_user.id, gid=data["pid"]) db_commit() set_user(new_user) flash("Welcome!", category="SUCCESS") return redirect(get_next_page(), code=303) flash_form_errors(form) form.legal_agreement.checked = False return render_template("account/oauth-create-account.html", active="Sign Up", form=form, next_page=get_next_page(), provider=data["provider"])
def direct_login(): if user: return redirect(get_next_page(), code=303) try: data = verify_jwt(request.args.get("token", "")) except ExpiredJWT: flash("The password reset token has expired!", category="ERROR") return redirect("/reset-password/", code=303) except InvalidJWT: flash("The token provided is invalid!", category="ERROR") return redirect("/reset-password/", code=303) set_user(Users.query.filter_by(email=data["email"]).first()) return redirect(get_next_page(), code=303)
def serve_create_account(form): try: email = get_email_from_token() except RedirectError as e: return e.response username = form.username.data real_name = form.real_name.data password = form.password.data subscribed = form.subscribed.data user = create_account(email, username, real_name, password, subscribed) flash("Your new account has been created. Welcome to CS Center!", category="SUCCESS") set_user(user) return redirect(get_next_page(), code=303)
def logout(): set_user(None) flash("You are now logged out. See you later!", category = "SUCCESS") return redirect(get_next_page(), code = 303)
def authorize_google(): if user: next_url = request.args.get("next") if next_url is None: try: if 'state' in session: state = session['state'] else: state = request.args.get("state", "") data = verify_jwt(state) next_url = data.get("next", "/") except (InvalidJWT, ExpiredJWT): next_url = "/" return redirect(next_url, code=303) if 'state' not in session: return error_page( 400, message= "No state was provided! Please return to /login to retrieve a valid state." ) state = request.args.get('state', '') sess_state = session.get('state') del session['state'] if state != sess_state: return error_page( 400, message= "The provided state is invalid! Please return to /login to retrieve a new state." ) try: next_url = verify_jwt(sess_state).get("next", "/") except (InvalidJWT, ExpiredJWT): return error_page( 400, message= "The provided state is invalid! Please return to /login to retrieve a new state." ) code = request.args.get('code', '') userinfo = google_oauth_client.get_userinfo(code) gid = str(userinfo.id) email = userinfo.raw["email"] link = GoogleLinks.query.filter_by(gid=gid).first() if link is None: link_user = Users.query.filter_by(email=email).first() if link_user is not None: link_token = make_jwt({ "provider": "Google", "pid": gid, "email": email, "uid": link_user.id }) return render_template("account/link-accounts.html", provider="Google", matches=[(email, link_user, link_token)], no_signup=True, pid=gid) else: connect_token = make_jwt({ "provider": "Google", "pid": gid, "email": email, "real_name": userinfo.raw["name"] }) return redirect("/oauth-create-account/?next=%s&token=%s" % (next_url, connect_token)) else: set_user(Users.query.filter_by(id=link.uid).first_or_404()) flash("Welcome back!", category="SUCCESS") return redirect(next_url, code=303)