def app_login(): """这是app端登陆的方法。app端发送取得的token,这里再取到用户信息进去注册或者登陆""" access_token = request.json.get('access_token') userid = request.json.get('userid') appkey = current_app.config['APPKEY_QQ_MOBILE'] userInfoUrl = str.format('https://graph.qq.com/user/get_user_info?oauth_consumer_key={0}&access_token={1}&openid={2}&format=json', appkey, access_token, userid) print userInfoUrl res = requests.get(str.format('https://graph.qq.com/user/get_user_info?oauth_consumer_key={0}&access_token={1}&openid={2}&format=json', appkey, access_token, userid)) resJson = res.json() if resJson['ret'] != 0: return jsonres(rv=resJson) userinfo = resJson security = current_app.extensions['security'] datastore = security.datastore user = datastore.find_user(openid=userid, provider='qq') if user is None: user = datastore.create_user(openid=userid, provider='qq', nickname=userinfo['nickname'], avatar=userinfo['figureurl_qq_1'], bind_remind=0) datastore.commit() else: # 这里把user的openid当成password了~其实这个passwd谁也不知道~只是后面用业生成token时,如果password为空,security里生成token会报错 if user.password is None: user.password = userid datastore.commit() pass # print 'user :'******'is here' login_user(user) # print user.get_auth_token() loginRes = dict(authentication_token=user.get_auth_token(), nickname=(user.nickname or user.email), avatar=user.avatar) return jsonres(rv=dict(user=loginRes))
def Login(): # print 'Headers' # for key, value in request.headers.items(): # print key, value # print request.json['username'] # for key, value in request.values.items(): # print 'keys', key # print 'values', value, '#' * 20 # print '=' * 50 # if request.form.get('username') and request.form.get('password'): if request.json['username'] and request.json['password']: # username = request.form.get('username') username = request.json['username'] # password = request.form.get('password') password = request.json['password'] user = Users.objects(username=username).first() if user is None: return jsonify({'code': 4000, 'message': 'Username or password is wrong!'}) if not user.password == hashpasswd(password): return jsonify({'code': 4000, 'message': 'Username or password is wrong!'}) login_user(user) print 'Login successfully', '#' * 100 time_ = int(time.time()) token = jwt.encode({'time': time_}, Config.TOKEN_KEY, algorithm='HS256') return jsonify({'code': 2000, 'token': token}) else: return jsonify({'code': 6000, 'message': 'Username or password is wrong!'})
def _create_deposit(user, schema_name, metadata=None, experiment=None, publish=False): """ Create a new deposit for given user and schema name e.g cms-analysis-v0.0.1, with minimal metadata defined for this schema type. """ with app.test_request_context(): # create schema for record create_schema('records/{}'.format(schema_name), is_deposit=False, experiment='CMS') # create schema for deposit schema = create_schema('deposits/records/{}'.format(schema_name), experiment=experiment) metadata = metadata or minimal_metadata(jsonschemas_host, 'deposits/records/{}'.format(schema_name)) login_user(user) id_ = uuid4() deposit_minter(id_, metadata) deposit = Deposit.create(metadata, id_=id_) if publish: deposit.publish() _, record = deposit.fetch_published() RecordIndexer().index(record) current_search.flush_and_refresh('records') current_search.flush_and_refresh(schema.index_name) return Deposit.get_record(deposit.id)
def register(): try: data = registerSchema.validate(request.json) except SchemaError as e: error = { 'code': 'auth.register.invalid', 'message': 'Invalid data for register', 'details': str(e) } return jsonify(error=error), 403 if User.by_username(request.json['username']).count() > 0: error = { 'code': 'auth.register.username_taken', 'message': 'Username already taken' } return jsonify(error=error), 403 if User.by_email(request.json['email']).count() > 0: error = { 'code': 'auth.register.email_in_use', 'message': 'A user with the supplied email already exists' } return jsonify(error=error), 403 user = userstore.create_user(**data) session.add(user) session.commit() login_user(user, True) auth_token = user.get_auth_token() return jsonify(user=user.as_personal_json(), auth_token=auth_token), 201
def test_basic_workflow(app, db, users, deposit): """Test simple deposit publishing workflow.""" with app.test_request_context(environ_base={'REMOTE_ADDR': '127.0.0.1'}): datastore = app.extensions['security'].datastore login_user(datastore.get_user(users[0]['email'])) deposit.files['one.txt'] = BytesIO(b'Test') deposit.files['two.txt'] = BytesIO(b'Test2') deposit = deposit.publish() # Should create one SIP, one RecordSIP and two SIPFiles assert SIP.query.count() == 1 assert RecordSIP.query.count() == 1 assert SIPFile.query.count() == 2 sip = SIP.query.one() assert sip.user_id == users[0]['id'] assert sip.agent['email'] == users[0]['email'] assert sip.agent['ip_address'] == '127.0.0.1' assert len(sip.sip_files) == 2 assert sip.sip_files[0].sip_id == sip.id assert sip.sip_files[1].sip_id == sip.id # Publishing the second time shuld create a new SIP and new RecordSIP # but no new SIPFiles. This is under assumption that users cannot # upload new files to the already published deposit. deposit = deposit.edit() deposit['title'] = 'New Title' deposit = deposit.publish() assert SIP.query.count() == 2 assert RecordSIP.query.count() == 2 assert SIPFile.query.count() == 2 # Fetch the last RecordSIP and make sure, that # the corresponding SIP doesn't have any files recsip = RecordSIP.query.order_by(RecordSIP.created.desc()).first() assert not recsip.sip.sip_files
def user_box(the_user): which_user = User.query.filter(User.name == str(the_user)).first() if current_user.__name__ is 'AnonymousUser': return redirect(url_for("index")) if which_user is None or current_user is None: return redirect(url_for("index")) login_user(which_user) email_domain = which_user.email.split("@", 1)[1] if email_domain == 'demo.com': demo = True else: demo = False try: port_4000 = urllib2.urlopen(str(request.url) + '/website') port_4000 = True print "port 4000 website found" except Exception: print "no port 4000 site" port_4000 = False time_left = which_user.dhbox_duration - DockerBackend.how_long_up(which_user.name) time_left = DockerBackend.display_time(time_left) resp = make_response(render_template('dhbox.html', user=the_user, apps=filter(lambda app: app.get('hide', False) != True, all_apps), demo=demo, time_left=time_left, bootstrap_container='container-fluid', fixed_scroll='fixed_scroll', port_4000=port_4000 ) ) return resp
def logged_user_fixture(app, client, user_fixture): """Find user and log in it.""" with app.app_context(): datastore = app.extensions['security'].datastore user = datastore.find_user(email='*****@*****.**') login_user(user) return user
def permission(self): invitekey = request.args.get(INVITE_KEY_URLARG, None) if invitekey: permitted = True invite = Invite.query.filter_by(invitekey=invitekey).one() user = localuser2user(invite.user) if current_user != user: # log out and in automatically # see https://flask-security-too.readthedocs.io/en/stable/api.html#flask_security.login_user logout_user() login_user(user) db.session.commit() flash('you have been automatically logged in as {}'.format(current_user.name)) # at this point, if current_user has the target user (may have been changed by invitekey) # check role permissions, permitted = True (from above) unless determined otherwise roles_accepted = MEETINGS_MEMBER_ROLES allowed = False for role in roles_accepted: if current_user.has_role(role): allowed = True break if not allowed: permitted = False # no rsvpkey, not permitted else: permitted = False return permitted
def test_cleanup_indexed_deposits(app, db, es, locations, users, deposit_metadata, sip_metadata_types): with app.test_request_context(): datastore = app.extensions['security'].datastore login_user(datastore.get_user(users[0]['email'])) id_ = uuid4() depid = zenodo_deposit_minter(id_, deposit_metadata) ZenodoDeposit.create(deposit_metadata, id_=id_) # Emulate a database "failure", which would wipe any models in the session db.session.remove() current_search.flush_and_refresh(index='deposits') # Deposit has been indexed in ES, but not commimted in DB assert PersistentIdentifier.query.filter( PersistentIdentifier.pid_type == depid.pid_type, PersistentIdentifier.pid_value == depid.pid_value).count() == 0 assert (RecordsSearch(index='deposits').get_record(id_).execute()[0] ._deposit.id == depid.pid_value) cleanup_indexed_deposits.apply() current_search.flush_and_refresh(index='deposits') assert PersistentIdentifier.query.filter( PersistentIdentifier.pid_type == depid.pid_type, PersistentIdentifier.pid_value == depid.pid_value).count() == 0 assert len(RecordsSearch(index='deposits').get_record(id_).execute()) == 0
def demonstration(): username = '******' + ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(10)) demo_user_object = user_datastore.create_user(email=username + '@demo.com', name=username, password='******', dhbox_duration=3600) db.session.commit() login_user(demo_user_object) DockerBackend.demo_dhbox(username) return redirect('/dhbox/' + username)
def new_dhbox(): data = {key: request.form.getlist(key)[0] for key in request.form.keys()} for key in data: users_dict = key users_dict = ast.literal_eval(users_dict) users = users_dict['users'] for user in users: if 'name' in user: if 'email' in user: # Then is DH Box admin name_check = User.query.filter(User.name == user['name']).first() email_check = User.query.filter(User.name == user['email']).first() if name_check or email_check: print "Username taken. Already has a DH Box." return str('failure') admin_user = user['name'] admin_email = user['email'] admin_pass = user['pass'] if user['duration'] == 'day': duration = 86400 elif user['duration'] == 'week': duration = 604800 else: duration = 2592000 # if user['duration'] == 'week': # duration = 604800 # elif user['duration'] == 'month': # duration = 2592000 # else: # duration = 13148730 admin_user_object = user_datastore.create_user(email=user['email'], name=user['name'], password=user['pass'], dhbox_duration=duration) db.session.commit() login_user(admin_user_object) the_new_dhbox = DockerBackend.setup_new_dhbox(admin_user, admin_pass, admin_email) return str('Successfully created a new DH Box.')
def test_account_setup(app, example_cern, models_fixture): """Test account setup after login.""" with app.test_client() as c: ioc = app.extensions['oauthlib.client'] # Ensure remote apps have been loaded (due to before first request) resp = c.get(url_for('invenio_oauthclient.login', remote_app='cern')) assert resp.status_code == 302 example_response, example_token, example_account_info = example_cern mock_response(app.extensions['oauthlib.client'], 'cern', example_token) mock_remote_get(ioc, 'cern', example_response) resp = c.get(url_for( 'invenio_oauthclient.authorized', remote_app='cern', code='test', state=get_state('cern'))) assert resp.status_code == 302 assert resp.location == ('http://localhost/account/settings/' 'linkedaccounts/') assert len(g.identity.provides) == 7 datastore = app.extensions['invenio-accounts'].datastore user = datastore.find_user(email='*****@*****.**') assert user with app.test_request_context(): resp = disconnect_handler(ioc.remote_apps['cern']) assert resp.status_code >= 300 login_user(user) assert len(g.identity.provides) == 7 disconnect_handler(ioc.remote_apps['cern'])
def post(self): """ 登录 --- tags: - login parameters: - in: formData name: username type: string required: true - in: formData name: password type: string required: true responses: 200: description: 用户登录 schema: id: User properties: id: type: string description: 用户id default: Steven Wilson name: code """ args = parser.parse_args() try: if not all([args['username'], args['password']]): raise Exception('Incorrect username or password.') users = Users.query.filter_by(username=args['username']).first() # print('status:', users.verify_password(args['password'])) # if not users or not users.verify_password(args['password']): if not users: raise Exception('Incorrect username or password.') else: if not users.verify_password(args['password']): raise Exception('Incorrect username or password.') else: login_user(users, True) token = users.generate_auth_token() # token = create_token(users.id, users.username) data = { 'token': token, 'id': users.id, 'username': users.username, 'email': users.email, 'mobile': users.mobile, 'department': users.department, 'job': users.job, 'location': users.location, 'sex': users.sex, 'remarks': users.remarks } session[token] = True except Exception as e: return set_return_val(False, {}, str(e), 1301), 400 return set_return_val(True, data, 'login successful', 1300)
def test_project_publish_with_workflow(api_app, users, api_project, es): """Test publish a project with a workflow.""" project, video_1, video_2 = api_project prepare_videos_for_publish([video_1, video_2]) project_depid = project['_deposit']['id'] project_id = str(project.id) video_1_depid = video_1['_deposit']['id'] video_1_id = str(video_1.id) video_2_depid = video_2['_deposit']['id'] receiver_id = 'test_project_publish_with_workflow' workflow_receiver_video_failing(api_app, db, video_1, receiver_id=receiver_id) headers = [('Content-Type', 'application/json')] payload = json.dumps(dict(somekey='somevalue')) with mock.patch('invenio_indexer.tasks.index_record.delay') \ as mock_indexer, \ api_app.test_request_context(headers=headers, data=payload): event = Event.create(receiver_id=receiver_id) db.session.add(event) event.process() # check video and project are indexed assert mock_indexer.called is True ids = get_indexed_records_from_mock(mock_indexer) assert video_1_id == ids[0] assert project_id == ids[1] db.session.commit() # check tasks status is propagated to video and project video_1 = deposit_video_resolver(video_1_depid) expected = {u'add': u'SUCCESS', u'failing': u'FAILURE'} assert video_1['_cds']['state'] == expected assert video_1.project['_cds']['state'] == expected events = get_deposit_events(deposit_id=video_1_depid) assert len(events) == 1 def check(project_status, video_1_status, video_2_status): project = deposit_project_resolver(project_depid) video_1 = deposit_video_resolver(video_1_depid) video_2 = deposit_video_resolver(video_2_depid) assert project.status == project_status assert video_1.status == video_1_status assert video_2.status == video_2_status check('draft', 'draft', 'draft') login_user(User.query.get(users[0])) video_2 = deposit_video_resolver(video_2_depid) video_2.publish() check('draft', 'draft', 'published') project = deposit_project_resolver(project_depid) project.publish() check('published', 'published', 'published')
def test_sync_records_with_deposits(app, db, location, users, project_deposit_metadata, video_deposit_metadata): """Test sync records with deposits task.""" # create a project project = Project.create(project_deposit_metadata) project_deposit_metadata['report_number'] = ['123'] # create new video video_deposit_metadata['_project_id'] = project['_deposit']['id'] deposit = Video.create(video_deposit_metadata) depid = deposit['_deposit']['id'] # insert objects inside the deposit ObjectVersion.create(deposit.files.bucket, "obj_1").set_location("mylocation1", 1, "mychecksum1") ObjectVersion.create(deposit.files.bucket, "obj_2").set_location("mylocation2", 1, "mychecksum2") ObjectVersion.create(deposit.files.bucket, "obj_3").set_location("mylocation3", 1, "mychecksum3") obj_4 = ObjectVersion.create(deposit.files.bucket, "obj_4").set_location("mylocation4", 1, "mychecksum4") # publish login_user(User.query.get(users[0])) prepare_videos_for_publish([deposit]) deposit = deposit.publish() _, record = deposit.fetch_published() assert deposit.is_published() is True # add a new object ObjectVersion.create(deposit.files.bucket, "obj_new").set_location("mylocation_new", 1, "mychecksum") # modify obj_1 ObjectVersion.create(deposit.files.bucket, "obj_new").set_location("mylocation2.1", 1, "mychecksum2.1") # delete obj_3 ObjectVersion.delete(deposit.files.bucket, "obj_3") # remove obj_4 obj_4.remove() # check video and record files = ['obj_1', 'obj_2', 'obj_3', 'obj_4'] edited_files = ['obj_1', 'obj_2', 'obj_3', 'obj_new'] check_deposit_record_files(deposit, edited_files, record, files) # try to sync deposit and record sync_records_with_deposit_files.s(deposit_id=depid).apply_async() # get deposit and record deposit = deposit_video_resolver(depid) _, record = deposit.fetch_published() assert deposit.is_published() is True # check that record and deposit are sync re_edited_files = edited_files + ['obj_4'] check_deposit_record_files(deposit, edited_files, record, re_edited_files)
def test_create_deposit_with_empty_schema_returns_wrong_schema_error( app, users, location, jsonschemas_host): with app.test_request_context(): metadata = {'$schema': ''} login_user(users['superuser']) id_ = uuid4() with raises(WrongJSONSchemaError): Deposit.create(metadata, id_=id_)
def login_user(self, **kwargs) -> str: data = filter_by_keys(kwargs, auth_login_sw_model.keys()) user = self.auth_user_login_serializer.load(data) token = generate_login_token(user) # TODO: Pending to testing whats happen if add a new field in user model when a user is logged flask_security.login_user(user) return token
def test_create_deposit_with_non_object_data_returns_wrong_schema_error( app, users, location, jsonschemas_host): with app.test_request_context(): metadata = 5 login_user(users['superuser']) id_ = uuid4() with raises(EmptyDepositError): Deposit.create(metadata, id_=id_)
def test_only_videos(db, api_project, users): """Test only videos.""" login_user(User.query.get(users[0])) (project, video_1, video_2) = api_project prepare_videos_for_publish([video_1, video_2]) for i, video in enumerate([video_1, video_2]): video = video.publish() check_deposit(video, 'CERN-MOVIE-2017-1-{}'.format(i + 1))
def test_account_setup(app_rest, example_cern_openid_rest, models_fixture): """Test account setup after login.""" with app_rest.test_client() as c: ioc = app_rest.extensions['oauthlib.client'] # Ensure remote apps have been loaded (due to before first request) resp = c.get( url_for('invenio_oauthclient.rest_login', remote_app='cern_openid')) assert resp.status_code == 302 example_response, example_token, example_account_info = \ example_cern_openid_rest mock_response(app_rest.extensions['oauthlib.client'], 'cern_openid', example_token) mock_remote_get(ioc, 'cern_openid', example_response) resp = c.get( url_for('invenio_oauthclient.rest_authorized', remote_app='cern_openid', code='test', state=get_state('cern_openid'))) assert resp.status_code == 302 expected_url_args = { "message": "Successfully authorized.", "code": 200, } check_response_redirect_url_args(resp, expected_url_args) assert len(g.identity.provides) == 3 datastore = app_rest.extensions['invenio-accounts'].datastore user = datastore.find_user(email='*****@*****.**') user.password = hash_password("1234") assert user with app_rest.test_request_context(): resp = disconnect_rest_handler(ioc.remote_apps['cern_openid']) assert resp.status_code >= 300 # simulate login (account_info fetch) g.oauth_logged_in_with_remote = ioc.remote_apps['cern_openid'] login_user(user) assert len(g.identity.provides) == 3 logout_user() assert len(g.identity.provides) == 1 assert "cern_resource" not in session assert OAUTHCLIENT_CERN_OPENID_SESSION_KEY not in session # Login again to test the disconnect handler g.oauth_logged_in_with_remote = ioc.remote_apps['cern_openid'] login_user(user) assert len(g.identity.provides) == 3 disconnect_rest_handler(ioc.remote_apps['cern_openid'])
def callback(): # Get authorization code Google sent back to you code = request.args.get("code") current_app.logger.debug('CODE IS: %s' %code) # Find out what URL to hit to get tokens that allow you to ask for # things on behalf of a user google_provider_cfg = get_google_provider_cfg() token_endpoint = google_provider_cfg["token_endpoint"] # Prepare and send a request to get tokens! Yay tokens! token_url, headers, body = client.prepare_token_request( token_endpoint, authorization_response=request.url, redirect_url=request.base_url, code=code ) token_response = requests.post( token_url, headers=headers, data=body, auth=(_clientId, _clientSecret) ) # Parse the tokens! client.parse_request_body_response(json.dumps(token_response.json())) # Now that you have tokens (yay) let's find and hit the URL # from Google that gives you the user's profile information, # including their Google profile image and email userinfo_endpoint = google_provider_cfg["userinfo_endpoint"] current_app.logger.debug('USR_NFO_EPT: %s' %userinfo_endpoint) uri, headers, body = client.add_token(userinfo_endpoint) userinfo_response = requests.get(uri, headers=headers, data=body) # You want to make sure their email is verified. # The user authenticated with Google, authorized your # app, and now you've verified their email through Google! if userinfo_response.json().get("email_verified"): unique_id = userinfo_response.json()["sub"] users_email = userinfo_response.json()["email"] picture = userinfo_response.json()["picture"] users_name = userinfo_response.json()["given_name"] if users_email is not None: user = User.query.filter(func.lower(User.email) == func.lower(users_email)).one_or_none() if user is None: password = ''.join(choice(ascii_uppercase + ascii_lowercase + digits) for _ in range(16)) user = register_user(password=password, email=users_email.lower(), active=True, confirmed_at=datetime.now()) login_user(user, remember=False) else: return "User email not available or not verified by Google.", 400 return redirect('/')
def depid(app, users, db): """New deposit with files.""" record = {'title': {'title': 'fuu'}} with app.test_request_context(): login_user(User.query.get(users[0])) deposit = Deposit.create(record) deposit.commit() db.session.commit() return deposit['_deposit']['id']
def test_project_and_videos(db, api_project, users): """Test project and video.""" login_user(User.query.get(users[0])) (project, video_1, video_2) = api_project prepare_videos_for_publish([video_1, video_2]) project = project.publish() check_deposit(project, 'CERN-MOVIE-2017-1') for i, video in enumerate(record_video_resolver_sorted(project.video_ids)): check_deposit(video, 'CERN-MOVIE-2017-1-{}'.format(i + 1))
def test_dataset(app, users, minimal_record_model, recid_pid): """Testing the dumping of files in Open Access datasets.""" with app.test_request_context(): datastore = app.extensions['security'].datastore login_user(datastore.get_user(users[0]['email'])) assert minimal_record_model['access_right'] == 'open' minimal_record_model['resource_type'] = dict(type='dataset') minimal_record_model['method'] = 'microscopic supersampling' minimal_record_model['_files'] = [ { 'bucket': '22222222-2222-2222-2222-222222222222', 'version_id': '11111111-1111-1111-1111-111111111111', 'file_id': '22222222-3333-4444-5555-666666666666', 'checksum': 'md5:11111111111111111111111111111111', 'key': 'test', 'size': 4, 'type': 'txt', }, { 'bucket': '22222222-2222-2222-2222-222222222222', 'version_id': '11111111-1111-1111-1111-111111111112', 'file_id': '22222222-3333-4444-5555-666666666667', 'checksum': 'md5:11111111111111111111111111111112', 'key': 'test2', 'size': 1000000, 'type': 'pdf', }, ] data, err = schemaorg.Dataset().dump( dict(metadata=minimal_record_model)) assert not err assert data['distribution'] == [{ u'@type': u'DataDownload', u'contentUrl': u'https://localhost/api/files/' u'22222222-2222-2222-2222-222222222222/test', u'encodingFormat': u'txt' }, { u'@type': u'DataDownload', u'contentUrl': u'https://localhost/api/files/' u'22222222-2222-2222-2222-222222222222/test2', u'encodingFormat': u'pdf' }] assert data['measurementTechnique'] == 'microscopic supersampling' for right in ['closed', 'embargoed', 'restricted']: minimal_record_model['access_right'] = right data, err = schemaorg.Dataset().dump( dict(metadata=minimal_record_model)) assert not err assert 'distribution' not in data
def draft_json(running_app, client, minimal_record, users, headers): """RDM Draft fixture.""" login_user(users[0], remember=True) login_user_via_session(client, email=users[0].email) response = client.post( "/records", json=minimal_record, headers=headers ) return response.json
def wrapper(*args, **kwargs): token = request.headers.get("authorization") if not token.startswith("Bearer "): raise Unauthorized( "You must include an authorization token to continue") token = token[len("Bearer "):] user, payload = User.decode_auth_token(token) login_user(user) return fn(*args, **kwargs)
def test_project_permissions(es, location, deposit_metadata, users): """Test deposit permissions.""" deposit = Project.create(deposit_metadata) deposit.commit() user = User.query.get(users[0]) login_user(user) assert not has_update_permission(user, deposit) deposit['_access'] = {'update': [user.id]} assert has_update_permission(user, deposit)
def post(self): """ Create a new user --- tags: - users parameters: - in: body required: true schema: type: object properties: name: type: string email: type: string example: '*****@*****.**' password: type: string responses: 200: schema: type: object properties: message: type: string 400: schema: type: object properties: error: type: string """ data = request.get_json() # Validate email r = re.compile("[^@]+@[^@]+\.[^@]+") if not r.match(data['email']): return {'error': "Invalid email"}, 400 # Check if already in use user = user_datastore.find_user(email=data['email']) if user is not None: return {'error': "User already exists"}, 400 email = data['email'] password = bcrypt.hashpw(data['password'].encode('utf-8'), bcrypt.gensalt(12)) user = user_datastore.create_user(email=email, password=password) db.session.flush() db.session.commit() flask_security.login_user(user) return {'message': "User created"}, 200
def test_cli_action_allow(app, script_info, community, authenticated_user, db): runner = CliRunner() app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv( 'SQLALCHEMY_DATABASE_URI', 'sqlite://') role = community[1].roles[0] current_datastore.add_role_to_user(authenticated_user, role) read_need = action_factory(COMMUNITY_READ, parameter=True) login_user(authenticated_user) assert not Permission(read_need(community[0])).allows(g.identity)
def login_request_and_session(user, client): """Logs in the user in the current request AND the current session. We want to login without posting to 'ldap-login/', so that we don't depend on LDAP for tests. We want to be logged in on both the current request and the current session because a request context is pushed by the client fixture and the client needs to have its session logged in. """ login_user(user, remember=True) login_user_via_session(client, email=user.email)
def test_login_audit_columns(self, app): with app.test_request_context(): alice = users.get_user("alice") login_count = alice.login_count login_user(alice) # time is frozen, so it should work assert alice.last_login_at == datetime.utcnow() assert alice.login_count == login_count + 1
def login_user(self, user, remember): """ Login user :param user: :param remember: :return: """ login_user(user, remember=remember) db.session.commit() return True
def deposit(app, es, users, location, db): """New deposit with files.""" record = {'title': 'fuu'} with app.test_request_context(): login_user(users[0]) deposit = Deposit.create(record) deposit.commit() db.session.commit() sleep(2) return deposit
def login_custom(): user = app.security.datastore.find_user(email=e) login_user(user) @after_this_request def save_user(response): app.security.datastore.commit() return response return redirect("/")
def sigin(): phone = request.json.get("phone") password = request.json.get("password") remeber_me = request.json.get('remeber_me') user = User.query.filter_by(phone = phone).first() if user is not None and verify_password(password,user.password): login_user(user, remeber_me) g.user = user return jsonify({'user_id':user.id,'token':user.get_auth_token()}),201 return jsonify(401)
def test_create_permission_factory(logged_in, allowed, create_user, request_ctx): user = create_user() if logged_in: login_user(user) record = {} permission = CreatePermission.create(record) assert permission.can() == allowed
def test_default_sls_handler(appctx, users): """Test default SLS handler.""" with appctx.test_request_context(): user = User.query.filter_by(email='*****@*****.**').one() login_user(user) assert current_user.is_authenticated # call the SLS handler next_url = default_sls_handler(None, '/foo') assert not current_user.is_authenticated assert next_url == '/foo'
def client_with_credentials(db, client, user, role): """Log in a user to the client.""" current_datastore.add_role_to_user(user, role) action = current_access.actions["superuser-access"] db.session.add(ActionUsers.allow(action, user_id=user.id)) login_user(user, remember=True) login_user_via_session(client, email=user.email) return client
def test_create_deposit_with_empty_schema_raises_DepositValidationError( app, users, location, jsonschemas_host): metadata = {'$schema': ''} with app.test_request_context(): login_user(users['superuser']) id_ = uuid4() with raises(DepositValidationError): Deposit.create(metadata, id_=id_)
def deposit(app, es, users, locations, deposit_metadata, sip_metadata_types): """New deposit with files.""" with app.test_request_context(): datastore = app.extensions['security'].datastore login_user(datastore.get_user(users[0]['email'])) id_ = uuid4() zenodo_deposit_minter(id_, deposit_metadata) deposit = Deposit.create(deposit_metadata, id_=id_) db_.session.commit() current_search.flush_and_refresh(index='deposits') return deposit
def test_dataset(app, users, minimal_record_model, recid_pid): """Testing the dumping of files in Open Access datasets.""" with app.test_request_context(): datastore = app.extensions['security'].datastore login_user(datastore.get_user(users[0]['email'])) assert minimal_record_model['access_right'] == 'open' minimal_record_model['resource_type'] = dict(type='dataset') minimal_record_model['method'] = 'microscopic supersampling' minimal_record_model['_files'] = [ { 'bucket': '22222222-2222-2222-2222-222222222222', 'version_id': '11111111-1111-1111-1111-111111111111', 'file_id': '22222222-3333-4444-5555-666666666666', 'checksum': 'md5:11111111111111111111111111111111', 'key': 'test', 'size': 4, 'type': 'txt', }, { 'bucket': '22222222-2222-2222-2222-222222222222', 'version_id': '11111111-1111-1111-1111-111111111112', 'file_id': '22222222-3333-4444-5555-666666666667', 'checksum': 'md5:11111111111111111111111111111112', 'key': 'test2', 'size': 1000000, 'type': 'pdf', }, ] data, err = schemaorg.Dataset().dump( dict(metadata=minimal_record_model)) assert not err assert data['distribution'] == [ { u'@type': u'DataDownload', u'contentUrl': u'https://localhost/api/files/' u'22222222-2222-2222-2222-222222222222/test', u'fileFormat': u'txt' }, { u'@type': u'DataDownload', u'contentUrl': u'https://localhost/api/files/' u'22222222-2222-2222-2222-222222222222/test2', u'fileFormat': u'pdf' } ] assert data['measurementTechnique'] == 'microscopic supersampling' for right in ['closed', 'embargoed', 'restricted']: minimal_record_model['access_right'] = right data, err = schemaorg.Dataset().dump( dict(metadata=minimal_record_model)) assert not err assert 'distribution' not in data
def test_create_deposit_with_empty_schema_raises_DepositValidationError(app, users, location, jsonschemas_host): metadata = {'$schema': ''} with app.test_request_context(): login_user(users['superuser']) id_ = uuid4() with raises(DepositValidationError): Deposit.create(metadata, id_=id_)
def deposit(app, es, users, location): """New deposit with files.""" record = { 'title': 'fuu' } with app.test_request_context(): login_user(users[0]) deposit = Deposit.create(record) deposit.commit() db_.session.commit() sleep(2) return deposit
def openid_login(provider): """Return OAuth2 login view for the given provider. :param provider: OAuth2 provider. """ # get parser for provider parser = eval(str.format('{0}_parser', provider.lower())) code = request.args.get('code') oauth_kwargs = current_app.config[str.format('OAUTH_{0}', provider.upper())] c = Client(**oauth_kwargs) # get request token c.request_token(parser=parser, redirect_uri=current_app.config['KINORSI_SERVER_HOST'], grant_type='authorization_code', code=code) if hasattr(c, 'error') and c.error != 0: current_app.logger.info(c.error_description) return redirect(url_for_security('login')) else: session[u'access_token'] = c.access_token session[u'refresh_token'] = c.refresh_token session[u'expires_in'] = c.expires_in # get open id res = c.request("/oauth2.0/me", parser=parser) res['oauth_consumer_key'] = res['client_id'] # get nickname. user_info = c.request('/user/get_user_info?' + urllib.urlencode(res), method='GET', parser=parser) # 看看是不是已经在数据库中了,没有就写一个 security = current_app.extensions['security'] datastore = security.datastore user = datastore.find_user(openid=res['openid'], provider=provider.lower()) if user is None: user = datastore.create_user(openid=res['openid'], provider=provider.lower(), nickname=user_info['nickname'], avatar=user_info['figureurl_qq_1']) datastore.commit() else: pass #print 'user :'******'is here' login_user(user) next_url = get_url(request.args.get('next')) or get_url(request.form.get('next')) \ or current_app.extensions['security'].post_login_view or '' # 如果用户没有绑定,可以让用户尝试进行首次的帐号绑定。如果不绑也可以在以后再绑 # 2014-12-5 先去掉绑定功能。不然似乎有点复杂过头了。 if user.bind_username is None and user.bind_email is None and (user.bind_remind is None or user.bind_remind ): form_class = _security.login_form form = form_class() form.next.data = next_url return render_template('security/bind_user.html', bind_form=form) return redirect(next_url)
def test_created_by_population(app, db, users): """Test created_by gets populated correctly.""" record = { 'title': 'fuu' } deposit = Deposit.create(record) assert 'created_by' not in deposit['_deposit'] with app.test_request_context(): login_user(users[0]) deposit = Deposit.create(record) assert deposit['_deposit']['created_by'] == users[0].id
def deposit(app, es, users, location): """New deposit with files.""" record = { 'title': 'fuu' } with app.test_request_context(): datastore = app.extensions['security'].datastore login_user(datastore.find_user(email=users[0]['email'])) deposit = Deposit.create(record) deposit.commit() db.session.commit() sleep(2) return deposit
def login(): form = LoginForm(request.form) if request.method == 'POST': if form.validate_on_submit(): login_user(form.user) after_this_request(_commit) flash("You are now logged in.", 'success') if request.args.get("next"): return redirect(request.args.get("next")) else: return redirect(url_for('public.overview')) else: flash_errors(form) return render_template("public/login.html", form=form)
def test_created_by_population(api, users): """Test created_by gets populated correctly.""" record = { 'title': 'fuu' } deposit = Deposit.create(record) assert 'created_by' not in deposit['_deposit'] with api.test_request_context(): datastore = api.extensions['security'].datastore login_user(datastore.find_user(email=users[0]['email'])) deposit = Deposit.create(record) assert deposit['_deposit']['created_by'] == users[0]['id']
def test_create_deposit_with_wrong_schema_raises_DepositValidationError(app, users, location, jsonschemas_host): metadata = { '$schema': 'https://{}/schemas/deposits/records/non-existing-schema.json'.format( jsonschemas_host) } with app.test_request_context(): login_user(users['superuser']) id_ = uuid4() with raises(DepositValidationError): Deposit.create(metadata, id_=id_)
def login(): """直接使用flask-security的工具方法完成登陆验证""" username = request.json.get('username', '') passwd = request.json.get('password', '') security = current_app.extensions['security'] datastore = security.datastore user = datastore.get_user(username) if not verify_and_update_password(passwd, user): return jsonres(metacode=401, msg=u'用户不在在或密码不正确') login_user(user) loginRes = dict(authentication_token=user.get_auth_token(), nickname=(user.nickname or user.email), avatar=user.avatar) return jsonres(rv=dict(user=loginRes))
def on_login_failed(sender, provider, oauth_response): """ This gets called when a user tries a social login and it is not associated with a 'connection' to any social provider. We will attempt to create a new account for the user. """ print "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" connection_values = get_connection_values_from_oauth_response(provider, oauth_response) print "provider:", provider print connection_values provider_id = connection_values.get('provider_id', None) full_name = connection_values['full_name'] if type(full_name) == type({}): # Google returns dictionary full_name = full_name.get("givenName","") + " "+ full_name.get("familyName","") uid = connection_values['provider_user_id'] email = connection_values.get('provider_email', None) if provider_id == 'facebook': if not email: email = "*****@*****.**" % (uid, full_name.replace(' ', '_')) elif provider_id == 'twitter': if not email: uname = connection_values['display_name'].replace(' ','_') uname = uname.replace('@','') email = "*****@*****.**" % (uid, uname) elif provider_id == 'google': if not email: email = "*****@*****.**" % (uid, full_name.replace(' ', '_')) else: print "***** Unknown provider id" print "**** Getting user" user = findOrAddUser(email, full_name) #db.session.commit() connection_values['user_id'] = user.id # Todo: add connection object to remember this # provider info for this user... #connect_handler(connection_values, provider) login_user(user) #db.session.commit() """ ds = current_app.security.datastore user = ds.create_user( ... ) #fill in relevant stuff here ds.commit() connection_values['user_id'] = user.id connect_handler(connection_values, provider) login_user(user) db.commit() """ return render_template("worldviews.html")
def login_view(self): if request.method=='GET' and current_user.is_authenticated(): return redirect(url_for('.index')) # handle user login form = LoginForm(request.form) if helpers.validate_form_on_submit(form): user = authenticate(username=form.email.data, password=form.password.data) if user: if user.has_role('admin'): if login_user(user): user.save() #This is to make sure the track changes occur return redirect(url_for('.index')) else: self._template_args['error'] = "User is not active or could not be logged in." else: self._template_args['error'] = "User has insufficient privilege." else: self._template_args['error'] = "Invalid user and/or password" self._template_args['form'] = form return self.render('admin/login.html')
def login(): user = user_datastore.get_user(session.get('userinfo', {}).get( 'email', session['id_token'].get('sub'))) if not user: user = create_user(session.get('userinfo')) user_name = getattr(user, 'name') if user_name is None: user_name = session.get('userinfo', {}).get('name') user.name = user_name db.session.commit() login_user(user) return redirect(url_for('.details'))
def on_login_failed(sender, provider, oauth_response): connection_values = get_connection_values_from_oauth_response(provider, oauth_response) ds = current_app.extensions['security'].datastore chars = string.ascii_letters + string.digits + '!@#$%^&*()' random.seed = (os.urandom(1024)) user_kwargs = dict(username = connection_values['display_name'] or \ "_".join(connection_values['full_name'].split()) or \ connection_values['email'].split("@")[1], # have to get a silly email address email = connection_values['email'] or "*****@*****.**", password = ''.join(random.choice(chars) for i in range(10))) user = ds.create_user(**user_kwargs) #fill in relevant stuff here ds.commit() connection_values['user_id'] = user.id connect_handler(connection_values, provider) login_user(user) current_app.extensions['sqlalchemy'].db.session.commit() return redirect(url_for('main.home'))
def login(): try: data = loginSchema.validate(request.json) except SchemaError as e: error = {"code": "auth.login.invalid", "message": "Invalid data for login", "details": str(e)} return jsonify(error=error), 403 no_match_error = {"code": "auth.login.no_match", "message": "The supplied email and password is invalid"} user = User.query.filter_by(email=data["email"]) if user.count() != 1: return jsonify(error=no_match_error), 401 user = user.one() if not verify_password(data["password"], user.password): return jsonify(error=no_match_error), 401 login_user(user, True) auth_token = user.get_auth_token() return jsonify(user=user.as_personal_json(), auth_token=auth_token), 200
def deposit(app, es, users, location): """New deposit with files.""" record = dict( title='Test title', creators=[ dict(name='Doe, John', affiliation='Atlantis'), dict(name='Smith, Jane', affiliation='Atlantis') ], description='Test Description', publication_date='2013-05-08', access_right='open' ) with app.test_request_context(): datastore = app.extensions['security'].datastore login_user(datastore.get_user(users[0]['email'])) deposit = Deposit.create(record) deposit.commit() db_.session.commit() current_search.flush_and_refresh(index='deposits') return deposit
def oauth_authenticate(client_id, user, require_existing_link=False, remember=False): """Authenticate an oauth authorized callback.""" # Authenticate via the access token (access token used to get user_id) if login_user(user): if require_existing_link: account = RemoteAccount.get(user.id, client_id) if account is None: logout_user() return False return True return False
def login(): """ Flask-Login. """ if g.user.is_authenticated: return redirect(url_for('webuiview.index')) login_form = LoginForm() if login_form.validate_on_submit(): username = login_form.username.data user = api.usercontrol.get_by_name(username) if user is None: return redirect(url_for('webuiview.login')) if api.usercontrol.check_user_pass(user, login_form.password.data): login_user(user, remember=True) security.datastore.commit() flash("Logged in!", "success") return redirect(url_for('webuiview.index')) else: flash("Cannot login...", "error") return render_template('login.html', title='Sign In', form=login_form)
def question_create(product_id): ctx = dict() ctx['product'] = facades.ProductFacade(instance_id=product_id).get_local_instance() product = get_product_by_id(product_id) question_action.init_form(product, **request.form) if request.method == 'GET' and current_user.is_authenticated: question_action.iform.email.data = current_user.email ctx['action'] = question_action ctx['form'] = question_action.iform if request.method == 'POST' and question_action.iform.validate(): payload = {key: value for key, value in request.form.iteritems()} question = create_question(payload.get('email'), product_id, int(payload.get('product_variants')), payload.get('question_text')) if not current_user.is_authenticated and question.user.password is None: login_user(question.user) schedule_question_notification_email_to_shop.delay(question.id) return generate_success_response_from_obj(question, 'question') return render_template('question-create.html', **ctx)