def first_login():
with open(os.path.join(app.config['BASEDIR'], "allowed_openids")) as f:
allowed_openids = [x.strip() for x in f.readlines()]
with open(os.path.join(app.config['BASEDIR'], "allowed_emails")) as f:
allowed_emails = [x.strip() for x in f.readlines()]
if g.user is not None or 'openid' not in session:
return redirect(url_for('.login'))
if request.method == 'POST':
if 'cancel' in request.form:
del session['openid']
flash(u'Login was aborted')
return redirect(url_for('general.login'))
if (session['openid'] not in allowed_openids) and (request.form["email"] not in allowed_emails):
flash(u"Unauthorized user.")
del session['openid']
return redirect(url_for('general.logout'))
db_session.add(User(request.form['name'], session['openid'], request.form["email"]))
db_session.commit()
flash(u'Successfully created profile and logged in!')
return redirect(oid.get_next_url())
return render_template('general/first_login.html',
next=oid.get_next_url(),
openid=session['openid'])
def create_or_login(resp):
with open(os.path.join(app.config['BASEDIR'], "allowed_openids")) as f:
allowed_openids = [x.strip() for x in f.readlines()]
session['openid'] = resp.identity_url
#if session['openid'] not in allowed_openids:
# flash(u"Unauthorized user.")
# del session['openid']
# return redirect(url_for('general.logout'))
user = g.user or User.query.filter_by(openid=resp.identity_url).first()
if user is None:
print "\n\n\n resp email: {} \n\n\n".format(resp.email)
return redirect(url_for('.first_login', next=oid.get_next_url(),
name=resp.fullname or resp.nickname, email=resp.email))
if user.openid != resp.identity_url:
user.openid = resp.identity_url
db_session.commit()
flash(u'OpenID identity changed')
else:
flash(u'Successfully signed in!')
return redirect(oid.get_next_url())
def login():
""" Does the login via OpenID. Has to call into `oid.try_login`
to start the OpenID machinery.
"""
# APW: ENABLE THIS TO ACCEPT ALL OpenID Providers
# -> You have to create logos for all of them though!
#providers = COMMON_PROVIDERS
providers = {"google" : COMMON_PROVIDERS["google"]}
if g.user is not None:
return redirect(url_for('general.index'))
if 'cancel' in request.form:
flash(u'Cancelled. The OpenID was not changed.')
return redirect(oid.get_next_url())
openid = request.values.get('openid')
if not openid:
openid = COMMON_PROVIDERS.get(request.args.get('provider'))
if openid:
return oid.try_login(openid, ask_for=['email', 'fullname', 'nickname'])
error = oid.fetch_error()
if error:
flash(u'Error: ' + error)
return render_template('general/login.html', next=oid.get_next_url(), providers=providers)