def cleanupAssociations(self): try: return OpenIDAssociation.query.filter( OpenIDAssociation.lifetime < int(time()) ).delete() finally: db_session.commit()
def first_login(): with open(os.path.join(app.config['BASEDIR'], "allowed_openids")) as f: allowed_openids = [x.strip() for x in f.readlines()] with open(os.path.join(app.config['BASEDIR'], "allowed_emails")) as f: allowed_emails = [x.strip() for x in f.readlines()] if g.user is not None or 'openid' not in session: return redirect(url_for('.login')) if request.method == 'POST': if 'cancel' in request.form: del session['openid'] flash(u'Login was aborted') return redirect(url_for('general.login')) if (session['openid'] not in allowed_openids) and (request.form["email"] not in allowed_emails): flash(u"Unauthorized user.") del session['openid'] return redirect(url_for('general.logout')) db_session.add(User(request.form['name'], session['openid'], request.form["email"])) db_session.commit() flash(u'Successfully created profile and logged in!') return redirect(oid.get_next_url()) return render_template('general/first_login.html', next=oid.get_next_url(), openid=session['openid'])
def cleanupNonces(self): try: return OpenIDUserNonce.query.filter( OpenIDUserNonce.timestamp <= int(time() - nonce.SKEW) ).delete() finally: db_session.commit()
def removeAssociation(self, server_url, handle): try: return OpenIDAssociation.query.filter( (OpenIDAssociation.server_url == server_url) & (OpenIDAssociation.handle == handle) ).delete() finally: db_session.commit()
def storeAssociation(self, server_url, association): assoc = OpenIDAssociation( server_url=server_url, handle=association.handle, secret=association.secret.encode('base64'), issued=association.issued, lifetime=association.lifetime, assoc_type=association.assoc_type ) db_session.add(assoc) db_session.commit()
def profile(): name = g.user.name if request.method == 'POST': name = request.form['name'].strip() if not name: flash(u'Error: a name is required') else: g.user.name = name db_session.commit() flash(u'User profile updated') return redirect(url_for('.index')) return render_template('general/profile.html', name=name)
def useNonce(self, server_url, timestamp, salt): if abs(timestamp - time()) > nonce.SKEW: return False rv = OpenIDUserNonce.query.filter( (OpenIDUserNonce.server_url == server_url) & (OpenIDUserNonce.timestamp == timestamp) & (OpenIDUserNonce.salt == salt) ).first() if rv is not None: return False rv = OpenIDUserNonce(server_url=server_url, timestamp=timestamp, salt=salt) db_session.add(rv) db_session.commit() return True
def create_or_login(resp): with open(os.path.join(app.config['BASEDIR'], "allowed_openids")) as f: allowed_openids = [x.strip() for x in f.readlines()] session['openid'] = resp.identity_url #if session['openid'] not in allowed_openids: # flash(u"Unauthorized user.") # del session['openid'] # return redirect(url_for('general.logout')) user = g.user or User.query.filter_by(openid=resp.identity_url).first() if user is None: print "\n\n\n resp email: {} \n\n\n".format(resp.email) return redirect(url_for('.first_login', next=oid.get_next_url(), name=resp.fullname or resp.nickname, email=resp.email)) if user.openid != resp.identity_url: user.openid = resp.identity_url db_session.commit() flash(u'OpenID identity changed') else: flash(u'Successfully signed in!') return redirect(oid.get_next_url())