async def oauth_redirect():
twitch = OAuth2Session(OAUTH_CLIENT_ID,
state=session["oauth_state"],
redirect_uri=OAUTH_REDIRECT_URL)
token: OAuth2Token = await twitch.fetch_token(
"https://id.twitch.tv/oauth2/token",
include_client_id=True,
client_secret=OAUTH_CLIENT_SECRET,
authorization_response=request.url.replace("http://", "https://"),
)
resp = await twitch.get(
"https://api.twitch.tv/helix/users",
headers={
"client-id": OAUTH_CLIENT_ID,
"authorization": f"Bearer "
f"{token.get('access_token')}",
},
)
if resp.status == 200:
body = await resp.json()
user = body["data"][0]
username = user["login"]
log.info(f"Logging in as user {username}")
login_user(AuthUser(username))
return redirect(url_for("index"))
async def auth():
data = await request.json
user_id = str(uuid.uuid4())[:8]
u = User(user_id)
u.name = data['login'] or 'Anonymous' + user_id
login_user(u)
authorized_users.add(u)
return {}
async def login() -> Any:
if await current_user.is_authenticated:
return redirect(url_for("ux.index"))
if request.method == "GET":
fluent = get_injector(["login"])
return await render_template("login.html", **{"_": fluent.format_value})
else:
resources = [
"login"
]
fluent = get_injector(resources)
form = await request.form
username = form.get("username")
password = form.get("password")
if username is None or password is None:
await flash(fluent._("form-missing-data"))
return redirect(url_for("ux.login"))
async with app.acquire_db() as con:
await con.execute("""
SELECT
id,
password_hash
FROM
users
WHERE LOWER(username) = ?;
""", username.lower())
user_data = await con.fetchone()
if not user_data:
await flash(fluent._("invalid-credentials"))
return redirect(url_for("ux.login"))
try:
hasher.verify(user_data["password_hash"], password)
except VerifyMismatchError:
await flash(fluent._("invalid-credentials"))
return redirect(url_for("ux.login"))
if hasher.check_needs_rehash(user_data["password_hash"]):
async with app.acquire_db() as con:
await con.execute("""
UPDATE
users
SET
password_hash=?
WHERE username=?;
""", hasher.hash(password), username)
remember = form.get("remember", False)
login_user(User(user_data["id"]), remember=remember)
return redirect(url_for("ux.index"))
async def auth_login():
"""User login"""
data = await request.json
user_id = str(uuid.uuid4())[:8]
user = User(user_id)
user._name = data['login'] or f'Anonymous{user_id}'
user.queue = asyncio.Queue()
login_user(user, True)
authorized_users.add(user)
return jsonify({'id': user_id, 'name': await user.name}), 200
async def login():
if request.method == "GET":
return await render_template("auth/login.html")
else:
username = request.values.get("username", None)
password = reqest.values.get("password", None)
if username is None or password is None:
abort(401)
else:
user = User.get_by_username(username)
if user.verify_password(password):
login_user(user)
else:
abort(403)
async def login():
if await current_user.is_authenticated:
return redirect(url_for("ux.index"))
if request.method == "GET":
return await render_template("login.html")
else:
form = await request.form
username = form.get("username")
password = form.get("password")
if username is None or password is None:
return abort(400, "Login Form missing required data.")
async with app.db_pool.acquire() as con:
user_data = await con.fetchrow(
"""
SELECT
id,
password_hash
FROM
users
WHERE LOWER(username) = $1;
""", username.lower())
if not user_data:
return abort(401, "Invalid username and password combination.")
try:
hasher.verify(user_data["password_hash"], password)
except VerifyMismatchError:
return abort(401, "Invalid username and password combination.")
if hasher.check_needs_rehash(user_data["password_hash"]):
async with app.db_pool.acquire() as con:
await con.execute(
"""
UPDATE
users
SET
password_hash=$1
WHERE username=$2;
""", hasher.hash(password), username)
remember = form.get("remember", False)
login_user(User(user_data["id"]), remember=remember)
return redirect(url_for("ux.index"))
async def login_post():
form = LoginForm()
if form["guest"].data:
log.info("Logging in as a guest")
login_user(AuthUser("guest"))
return redirect(url_for("index"))
else:
github = OAuth2Session(OAUTH_CLIENT_ID,
redirect_uri=OAUTH_REDIRECT_URL)
authorization_url, state = github.authorization_url(
"https://id.twitch.tv/oauth2/authorize")
# State is used to prevent CSRF, keep this for later.
session["oauth_state"] = state
return redirect(authorization_url)
async def try_login_user(username: str, password: str, remember_me: bool):
"""
Try to login a user
"""
# find the user
check_user = await User.find_one({"username": username})
if check_user is None:
raise AuthenticationError("Wrong username")
if not await asyncio.get_event_loop().run_in_executor(
None, verify_password_for_user, check_user, password):
raise AuthenticationError("Wrong password")
login_user(UserProxy.from_db(check_user), remember_me)
async def login():
if request.method == "POST":
username = (await request.form)['username']
password = (await request.form).get('password', '')
user = await check_user(username, password)
if user:
login_user(AuthUser(user.id))
return redirect(url_for("portal.portal"))
await flash("username or password incorrect", "red")
if (await current_user.is_authenticated):
# if user is already logged in redirect to portal
return redirect(url_for("portal.portal"))
return await render_template("login.jinja2")
async def do_signup():
if await current_user.is_authenticated:
return {"error": "Can't signup while still logged in."}, 403
msg = await request.json
payload = signup_schema.load(msg)
if not await auth.verify_signup_code(payload["token"]):
return {"error": "Invalid signup code."}, 401
# create a new user TODO: proper error checking and nicer response
new_user = await auth.add_blank_user(payload["username"], payload["password"])
# login user (so subsequent api calls will still work)
quart_auth.login_user(auth.UserProxy.from_db(new_user))
return '', 201
