예제 #1
0
파일: oauth.py 프로젝트: yamini16/VB_UI
    def authorize(self):
        code = request.args.get('code')
        if not code:
            abort(403)

        d = self.exchange_code_to_token(code)

        token = d.get('access_token')
        refresh_token = d.get('refresh_token')
        expires_in = d.get('expires_in')

        user = self.load_user(token)

        email = user.get('email')
        id = user.get('id')

        f = self.app.view_functions.get(self.current.next_endpoint)

        if getattr(f, '_herokai_only', False) and not utils.is_herokai(email):
            abort(401)

        self.current.logged_in = True
        self.current.token = token
        self.current.id = id
        self.current.username = email
        self.current.refresh_token = refresh_token
        self.current.expires_in = expires_in
        self.current.expiry_time = utils.utc_timestamp() + expires_in

        return redirect(self.current.next_url)
예제 #2
0
파일: api.py 프로젝트: yamini16/VB_UI
    def authenticate(self, username, password):
        """

        """
        r = build_client()
        resp = r.get('/account', auth=(username, password))
        if resp.status_code != 200:
            current_app.logger.info(
                    'API Auth: Call to /account returned %s' % resp.status_code)
            current_app.logger.info(
                    'API Auth: %s' % json.dumps(resp.json()))
            abort(401)

        f = self.app.view_functions.get(request.endpoint)

        email = resp.json().get('email')

        if getattr(f, '_herokai_only', False) and not utils.is_herokai(email):
            current_app.logger.info(
                    'API Auth: Non-Herokai attempting to access Herokai Only')
            abort(401)

        g._herokuauth_api_user = username
        g._herokuauth_api_pass = password
        g._herokuauth_api_account = resp.json()
예제 #3
0
파일: oauth.py 프로젝트: yamini16/VB_UI
    def login(self):

        def auth():
            self.current.next_endpoint = request.endpoint
            self.current.next_url = request.url or "/"
            return self.oauth.authorize(callback=url_for('heroku_auth_login'))

        if request.endpoint in ([
            "heroku_auth_login",
            "heroku_auth_logout",
            "heroku_auth_redirect",
            None
            ]):
            return None

        if not self.current.valid:
            return auth()

        f = self.app.view_functions.get(request.endpoint)

        if self.current.logged_in:
            if getattr(f, '_herokai_only', False) and not utils.is_herokai(self.current.username):
                abort(401)
            return None

        return auth()