def callback_handling():
env = os.environ
code = request.args.get('code')
json_header = {'content-type': 'application/json'}
token_url = "https://{domain}/oauth/token".format(domain='zmarlin.eu.auth0.com')
token_payload = {
'client_id': globals.AUTH0_CLIENT_ID,
'client_secret': globals.AUTH0_CLIENT_SECRET,
'redirect_uri': globals.REDIRECT_URI , #'http://192.168.80.237:5011',
'code': code,
'grant_type': 'authorization_code'
}
token_info = requests.post(token_url, data=json.dumps(token_payload), headers=json_header).json()
user_url = "https://{domain}/userinfo?access_token={access_token}" \
.format(domain='zmarlin.eu.auth0.com', access_token=token_info['access_token'])
user_info = requests.get(user_url).json()
log.info(user_info)
if user_info :
user = um.add_user(user_info["name"],"")
user.set_id_token(token_info["id_token"])
login_user(user, remember=True)
# We're saving all user information into the session
#session['profile'] = user_info
# Redirect to the User logged in page that you want here
# In our case it's /dashboard
return flask.redirect(globals.get_full_url("/ui/index"))
def login():
# Here we use a class of some kind to represent and validate our
# client-side form data. For example, WTForms is a library that will
# handle this for us.
error = ""
auth_type = global_context["auth_type"]
if request.method == "GET":
if auth_type == "local":
return render_template('auth/login.html', error=error, global_context=global_context)
elif auth_type == "auth0":
state = globals.APP_INSTANCE+":123456"
return render_template('auth/auth0login.html', global_context=global_context ,
auth_client_id=globals.AUTH0_CLIENT_ID,
redirect_uri = globals.REDIRECT_URI,
state=state)
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if auth_type == "local":
user = um.get_user(username)
if user:
if user.check_password(password):
# Login and validate the user.
login_user(user, remember=True)
log.info("User %s logged in successfully . Using %s" % (username, auth_type))
flask.flash('Logged in successfully.')
next = flask.request.args.get('next')
return flask.redirect(next or globals.get_full_url("/ui/index"))
else:
log.info("User %s used wrong password . Using %s" % (username, auth_type))
return render_template('auth/login.html', error=error, global_context=global_context)
def login():
# Here we use a class of some kind to represent and validate our
# client-side form data. For example, WTForms is a library that will
# handle this for us.
error = ""
auth_type = global_context["auth_type"]
if request.method == "GET":
if auth_type == "local":
return render_template('auth/login.html',
error=error,
global_context=global_context)
elif auth_type == "auth0":
state = globals.APP_INSTANCE + ":123456"
return render_template('auth/auth0login.html',
global_context=global_context,
auth_client_id=globals.AUTH0_CLIENT_ID,
redirect_uri=globals.REDIRECT_URI,
state=state)
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if auth_type == "local":
user = um.get_user(username)
if user:
if user.check_password(password):
# Login and validate the user.
login_user(user, remember=True)
log.info("User %s logged in successfully . Using %s" %
(username, auth_type))
flask.flash('Logged in successfully.')
next = flask.request.args.get('next')
return flask.redirect(next
or globals.get_full_url("/ui/index"))
else:
log.info("User %s used wrong password . Using %s" %
(username, auth_type))
return render_template('auth/login.html',
error=error,
global_context=global_context)
def callback_handling():
env = os.environ
code = request.args.get('code')
json_header = {'content-type': 'application/json'}
token_url = "https://{domain}/oauth/token".format(
domain='zmarlin.eu.auth0.com')
token_payload = {
'client_id': globals.AUTH0_CLIENT_ID,
'client_secret': globals.AUTH0_CLIENT_SECRET,
'redirect_uri': globals.REDIRECT_URI, #'http://192.168.80.237:5011',
'code': code,
'grant_type': 'authorization_code'
}
token_info = requests.post(token_url,
data=json.dumps(token_payload),
headers=json_header).json()
user_url = "https://{domain}/userinfo?access_token={access_token}" \
.format(domain='zmarlin.eu.auth0.com', access_token=token_info['access_token'])
user_info = requests.get(user_url).json()
log.info(user_info)
if user_info:
user = um.add_user(user_info["name"], "")
user.set_id_token(token_info["id_token"])
login_user(user, remember=True)
# We're saving all user information into the session
#session['profile'] = user_info
# Redirect to the User logged in page that you want here
# In our case it's /dashboard
return flask.redirect(globals.get_full_url("/ui/index"))
def logout():
# user = current_user
logout_user()
return flask.redirect(globals.get_full_url("/ui/login"))
def logout():
# user = current_user
logout_user()
return flask.redirect(globals.get_full_url("/ui/login"))
def init_app_components():
# uri root prefix
global root_uri, http_server_port
global app, global_context
global mqtt, sync_async_client, conf, conf_path, bf_containers
logging.config.dictConfig(configs.log.config)
log.info("Checking firewall configuration")
log.info(Tools.open_port_in_firewall())
# Injecting root uri prefix
mod_auth.url_prefix = root_uri
login_manager.login_view = globals.get_full_url("/ui/login")
log.debug("Login view url = %s" % login_manager.login_view)
blackflow_ex.blackflow_bp.url_prefix = root_uri
# Check and init application/service ID (sid)
if not conf["system"]["sid"]:
# the id is base on MAC address , which means it may not be unique
sid = gen_sid()
conf["system"]["sid"] = sid
utils.save_config(conf_path, conf)
else:
sid = conf["system"]["sid"]
# Flask init
app = Flask(__name__)
secret_key = ""
try:
secret_file = open("secret.db", "r")
secret_key = secret_file.read()
secret_file.close()
except IOError:
import os
secret_file = open("secret.db", "w")
secret_key = str(os.urandom(24))
secret_file.write(secret_key)
secret_file.close()
# app.secret_key = '\xb5\xd4\xa1\xa5_\xc9\x07"\xaa\xb5\x1d1\xea\xd0\x08\\\xe9\x0b\x056\xf9J\x8f\xd0'
app.secret_key = secret_key
app.config['SESSION_TYPE'] = 'filesystem'
app.config['SESSION_FILE_DIR'] = '/tmp/'
app.config['SESSION_COOKIE_NAME'] = 'bflowctr'
app.config['LOGIN_DISABLED'] = conf["system"]["ui_security_disabled"]
# app.config['APPLICATION_ROOT'] = root_uri
app.register_blueprint(mod_auth)
app.register_blueprint(blackflow_ex.blackflow_bp)
login_manager.init_app(app)
http_server_port = conf["system"]["http_server_port"]
# Influx DB
# Mqtt Adapter
mqtt = MqttAdapter(conf["mqtt"]["client_id"])
mqtt.set_mqtt_params(conf["mqtt"]["client_id"], conf["mqtt"]["username"],
conf["mqtt"]["password"],
conf["mqtt"]["global_topic_prefix"],
conf["mqtt"]["enable_sys"])
mqtt.set_global_context(global_context)
try:
if mqtt.connect(conf["mqtt"]["host"], int(conf["mqtt"]["port"])):
mqtt.start()
else:
global_context['mqtt_conn_status'] = "offline"
log.error("application can't connect to message broker.")
except Exception as ex:
global_context['mqtt_conn_status'] = "offline"
log.error("application can't connect to message broker.")
log.error(ex)
# Sync async which implement sync service invocation over async
sync_async_client = SyncToAsyncMsgConverter(mqtt)
mqtt.set_message_handler(sync_async_client.on_message)
auth_ex.global_context = global_context
if global_context["auth_type"] == "local":
auth_ex.um.load_from_storage()
bf_containers = ServiceDiscovery(sync_async_client)
blackflow_ex.global_context = global_context
blackflow_ex.sync_async_client = sync_async_client
blackflow_ex.svc_discovery = bf_containers
def root_page():
return redirect(globals.get_full_url("/ui/index"))