def login_url_generation(app):
PROTECTED = "http://localhost/protected"
assert login_url("login", PROTECTED) == "/login?next=%2Fprotected"
assert (login_url("https://auth.localhost/login", PROTECTED) ==
"https://auth.localhost/login?next=http%3A%2F%2Flocalhost%2Fprotected")
assert (login_url("/login?affil=cgnu", PROTECTED) ==
"/login?affil=cgnu&next=%2Fprotected")
def login_url_generation(app):
PROTECTED = "http://localhost/protected"
assert login_url("login", PROTECTED) == "/login?next=%2Fprotected"
assert (
login_url("https://auth.localhost/login", PROTECTED) ==
"https://auth.localhost/login?next=http%3A%2F%2Flocalhost%2Fprotected")
assert (login_url("/login?affil=cgnu",
PROTECTED) == "/login?affil=cgnu&next=%2Fprotected")
def test_login_url_generation(self):
PROTECTED = "http://localhost/protected"
self.assertEqual("/login?n=%2Fprotected", login_url("/login", PROTECTED, "n"))
self.assertEqual("/login?next=%2Fprotected", login_url("/login", PROTECTED))
expected = "https://auth.localhost/login" + "?next=http%3A%2F%2Flocalhost%2Fprotected"
self.assertEqual(expected, login_url("https://auth.localhost/login", PROTECTED))
self.assertEqual("/login?affil=cgnu&next=%2Fprotected", login_url("/login?affil=cgnu", PROTECTED))
def test_login_url_generation(self):
PROTECTED = 'http://localhost/protected'
self.assertEqual('/login?n=%2Fprotected', login_url('/login',
PROTECTED, 'n'))
self.assertEqual('/login?next=%2Fprotected', login_url('/login',
PROTECTED))
expected = 'https://auth.localhost/login' + \
'?next=http%3A%2F%2Flocalhost%2Fprotected'
self.assertEqual(expected,
login_url('https://auth.localhost/login', PROTECTED))
self.assertEqual('/login?affil=cgnu&next=%2Fprotected',
login_url('/login?affil=cgnu', PROTECTED))
def unauthorized_handler():
user_unauthorized.send(
user_unauthorized.send(current_app._get_current_object()))
url = URLObject(login_url(login_manager.login_view, request.url))
prev_param = make_next_param(url.without_query(), request.referrer or '/')
return redirect(
url.add_query_param('prev',
prev_param).add_query_param('mode', 'action'))
def unauthorized_call():
#TODO: smellin code this should be in a utility
best_match = request.accept_mimetypes.best_match(['application/json','text/html'])
if request.mimetype =='application/json' or best_match == 'application/json':
return abort(401,'Unauthorized call please provide the proper credentials' )
return redirect(login_url(login_manager.login_view, request.url))
def test_login_url_generation_with_view(self):
app = Flask(__name__)
login_manager = LoginManager()
login_manager.init_app(app)
@app.route("/login")
def login():
return ""
with app.test_request_context():
self.assertEqual("/login?next=%2Fprotected", login_url("login", "/protected"))
def decorated_view(*args, **kwargs):
if not current_user.is_authenticated():
return current_app.login_manager.unauthorized()
try:
if current_user.is_admin():
return fn(*args, **kwargs)
except AttributeError:
pass
user_unauthorized.send(current_app._get_current_object())
flash("Admin login required for this page","error")
return redirect(login_url(current_app.login_manager.login_view,request.url))
def unauthorized_handler(cls):
"""
This is called when the user is required to log in.
If the request is XHR, then a JSON message with the status code 401
is sent as response, else a redirect to the login page is returned.
"""
if request.is_xhr:
rv = jsonify(message="Bad credentials")
rv.status_code = 401
return rv
return redirect(login_url(current_app.login_manager.login_view, request.url))
def test_login_url_generation_with_view(self):
app = Flask(__name__)
login_manager = LoginManager()
login_manager.init_app(app)
@app.route('/login')
def login():
return ''
with app.test_request_context():
self.assertEqual('/login?next=%2Fprotected',
login_url('login', '/protected'))
def decorated_view(*args, **kwargs):
if not current_user.is_authenticated():
return current_app.login_manager.unauthorized()
try:
if current_user.is_admin():
return fn(*args, **kwargs)
except AttributeError:
pass
user_unauthorized.send(current_app._get_current_object())
flash("Admin login required for this page", "error")
return redirect(
login_url(current_app.login_manager.login_view, request.url))
def unauthorized_handler(cls):
"""
This is called when the user is required to log in.
If the request is XHR, then a JSON message with the status code 401
is sent as response, else a redirect to the login page is returned.
"""
if request.is_xhr:
rv = jsonify(message="Bad credentials")
rv.status_code = 401
return rv
return redirect(
login_url(current_app.login_manager.login_view, request.url))
def decorated_view(*args, **kwargs):
if not current_user.is_authenticated():
return redirect(
login_url(current_app.config[LOGIN_VIEW_KEY], request.url))
if perm.can():
return fn(*args, **kwargs)
logger.debug('Identity does not provide all of the '
'following roles: %s' % [r for r in roles])
do_flash(FLASH_PERMISSIONS, 'error')
return redirect(request.referrer or '/')
def forward_to_login():
try:
# find the auth service location
login_endpoint = 'http://' + service_location_by_name(
auth_service_name())
# redirect the user to the endpoint with a way to redirect them back
return redirect(login_url(login_endpoint, request.url))
# if the auth service does not exist
except:
# send an unauthorized error code
abort(401)
def decorated_view(*args, **kwargs):
if not current_user.is_authenticated():
return redirect(
login_url(current_app.config[LOGIN_VIEW_KEY], request.url))
if perm.can():
return fn(*args, **kwargs)
logger.debug('Identity does not provide all of the '
'following roles: %s' % [r for r in roles])
do_flash(FLASH_PERMISSIONS, 'error')
return redirect(request.referrer or '/')
def register_teaminvite():
tid, ip = setup_log_vars()
lggr = setup_local_logger(tid, ip)
MAM = MainModel(tid=tid, ip=ip)
logout_user()
if current_user.is_authenticated:
# BUG: avispa_auth.teaminvite2 does not exist!!
return redirect(
url_for('avispa_auth.teaminvite2',
h=request.args.get('h'),
t=request.args.get('t'),
k=request.args.get('k'),
e=request.args.get('e'),
_external=True,
_scheme=URL_SCHEME))
else:
result = MAM.select_user_doc_view('auth/userbyemail',
request.args.get('e'))
if result:
flash(
request.args.get('e') + " already exists. Please log in.",
'UI')
a = url_for('avispa_auth.login',
_external=True,
_scheme=URL_SCHEME)
b = url_for('avispa_auth.teaminvite2',
h=request.args.get('h'),
t=request.args.get('t'),
k=request.args.get('k'),
e=request.args.get('e'),
_external=True,
_scheme=URL_SCHEME)
return redirect(login_url(a, b))
else:
return redirect(
url_for('avispa_auth.register_get',
h=request.args.get('h'),
t=request.args.get('t'),
k=request.args.get('k'),
e=request.args.get('e'),
_external=True,
_scheme=URL_SCHEME))
def login():
form = LoginForm(request.form)
form_url = login_url('.login', request.args.get('next'))
if request.method == 'POST' and form.validate():
user = User.query.filter(User.username == form.username.data).first()
if user is None or not user.authenticate(form.password.data):
flash('Wrong username or password')
elif not login_user(user):
flash('Sorry, this account is inactive.')
else:
flash('Hi {0}!'.format(user.username))
url = request.args.get('next') or DEFAULT_REDIRECT_TO
return redirect(url)
return render_template('auth/login.html', form=form, form_url=form_url)
def login():
form = LoginForm(request.form)
form_url = login_url('.login', request.args.get('next'))
if request.method == 'POST' and form.validate():
user = User.query.filter(User.username == form.username.data).first()
if user is None or not user.authenticate(form.password.data):
flash('Wrong username or password')
elif not login_user(user):
flash('Sorry, this account is inactive.')
else:
flash('Hi {0}!'.format(user.username))
url = request.args.get('next') or DEFAULT_REDIRECT_TO
return redirect(url)
return render_template('auth/login.html', form=form, form_url=form_url)
def unauthorized():
if request.method == 'GET':
flash('Please log in to access this page')
return redirect(login_url('auth.login', request.url))
else:
return dict(error=True, message="Please log in for access."), 403
def unauthorized():
flash('You need to sign in to access this page', 'danger')
return redirect(login_url(url_for('login'), request.url))
def test_login_url_no_next_url(self):
self.assertEqual(login_url("/foo"), "/foo")
def unauthorized():
if request.is_xhr or not _login_manager.login_view:
abort(401)
return redirect(login_url(_login_manager.login_view, request.url))
print(user.password)
print(form.password.data)
if user.password != form.password.data:
return render_template('login.html',
form=form,
error="Wrong username or password")
else:
login_user(user)
return redirect(url_for('index'))
return render_template('login.html', form=form)
login_url('/login')
#Logout
@app.route('/logout/')
@login_required
def logout():
logout_user()
return redirect(url_for('login'))
'''
Routes
'''
def unauthorized_handler():
user_unauthorized.send(user_unauthorized.send(current_app._get_current_object()))
url = URLObject(login_url(login_manager.login_view, request.url))
prev_param = make_next_param(url.without_query(), request.referrer or "/")
return redirect(url.add_query_param("prev", prev_param).add_query_param("mode", "action"))
def decorated_view(*args, **kwargs):
if app.login_manager._login_disabled:
return func(*args, **kwargs)
elif not current_user.is_authenticated():
return jsonify({'redirect': login_url(url_for('user.login'), request.url)})
return func(*args, **kwargs)
def login_url(self):
return login_url(self.login_manager.login_view,
request.url)
def unauthorized():
if request.method == 'GET':
flash('Please log in to access this page')
return redirect(login_url('auth.login', request.url))
else:
return dict(error=True, message="Please log in for access."), 403
def test_login_url_no_next_url(self):
self.assertEqual(login_url('/foo'), '/foo')
def login_url(self):
return login_url(self.login_manager.login_view, request.url)
if form.validate_on_submit():
user = Advertiser.objects(email=form.email.data).first()
print(user.password)
print(form.password.data)
if user.password != form.password.data:
return render_template('login.html', form=form, error="Wrong username or password")
else:
login_user(user)
return redirect(url_for('index'))
return render_template('login.html', form=form)
login_url('/login')
#Logout
@app.route('/logout/')
@login_required
def logout():
logout_user()
return redirect(url_for('login'))
'''
Routes
'''
#Index
@app.route('/')
def unauthorized():
flash('You need to sign in to access this page', 'danger')
return redirect(login_url(url_for('login'), request.url))
