def link_account():
data = verify_jwt(request.args.get("token", ""))
form = BlankForm()
uid = data["uid"]
pid = data["pid"]
email = data["email"]
provider = data["provider"]
if form.validate_on_submit():
if provider == "Google":
GoogleLinks.add(uid=uid, gid=pid)
elif provider == "GitHub":
GithubLinks.add(uid=uid, gid=pid)
db_commit()
set_user(Users.query.filter_by(id=uid).first())
flash("Your account is now connected. Welcome back!",
category="SUCCESS")
return redirect("/", code=303)
# TODO GitHub
flash_form_errors(form)
return render_template("account/link-account.html",
uid=uid,
provider=provider,
email=email,
form=form)
def serve_create_account_request():
if user:
return redirect(get_next_page(), code=303)
try:
email = get_email_from_token()
except RedirectError as e:
return e.response
u = Users.query.filter_by(email=email).first()
if u:
set_user(u)
flash(
"Welcome back! This email address already owns an account. If you wish to add/change your password, go to the Edit Profile page.",
category="SUCCESS")
return redirect(get_next_page(), code=303)
form = CreateAccountForm()
if form.validate_on_submit():
return serve_create_account(form)
form.legal_agreement.checked = False
flash_form_errors(form)
return render_template("account/create-account.html",
active="Sign Up",
form=form,
email=email,
next_page=get_next_page())
def update_user(uid, **kwargs):
user = Users.query.filter_by(id=uid).first()
# TODO handle email change
if "username" in kwargs:
user.username = kwargs.pop("username")
if "desc" in kwargs:
user.desc = kwargs.pop("desc")
if "real_name" in kwargs:
user.real_name = kwargs.pop("real_name")
if "npass" in kwargs:
user.password_hash = pass_hash(kwargs.pop("npass"), user.salt)
user.revoke_tokens_before = get_time()
set_user(user)
if "subscribed" in kwargs:
user.subscribed = kwargs.pop("subscribed")
if kwargs:
logger.warn("WARNING update_user not complete: %s" % kwargs)
db_commit()
def serve_change_password(form):
password = form.password.data
user.password_hash = pass_hash(password, user.salt)
user.permissions.revoke_tokens_before = get_time()
db_commit()
set_user(user._get_current_object())
flash("Your account password has been updated!", category="SUCCESS")
return redirect("/edit-profile/", code=303)
def serve_login(form, use_username, reauth):
if use_username:
user = Users.query.filter_by(username = form.username.data).first()
else:
user = Users.query.filter_by(email = form.email.data).first()
if not reauth:
flash("Welcome back!", category = "SUCCESS")
set_user(user)
return redirect(get_next_page(), code = 303)
def oauth_create_account():
if user:
return redirect(get_next_page(), code=303)
try:
data = verify_jwt(request.args.get("token", ""))
except (InvalidJWT, ExpiredJWT):
return error_page(
code=400,
message="Invalid token in request. Please contact us.",
errorname="Bad Request")
form = OAuthCreateAccountForm()
if form.email.data is None and "email" in data:
form.email.data = data["email"]
if form.username.data is None and "username" in data:
form.username.data = data["username"]
if form.real_name.data is None and "real_name" in data:
form.real_name.data = data["real_name"]
if form.validate_on_submit():
new_user = create_blank_account(form.email.data, form.username.data,
form.real_name.data,
form.subscribed.data)
if data["provider"] == "Google":
GoogleLinks.add(uid=new_user.id, gid=data["pid"])
elif data["provider"] == "GitHub":
GithubLinks.add(uid=new_user.id, gid=data["pid"])
db_commit()
set_user(new_user)
flash("Welcome!", category="SUCCESS")
return redirect(get_next_page(), code=303)
flash_form_errors(form)
form.legal_agreement.checked = False
return render_template("account/oauth-create-account.html",
active="Sign Up",
form=form,
next_page=get_next_page(),
provider=data["provider"])
def direct_login():
if user:
return redirect(get_next_page(), code=303)
try:
data = verify_jwt(request.args.get("token", ""))
except ExpiredJWT:
flash("The password reset token has expired!", category="ERROR")
return redirect("/reset-password/", code=303)
except InvalidJWT:
flash("The token provided is invalid!", category="ERROR")
return redirect("/reset-password/", code=303)
set_user(Users.query.filter_by(email=data["email"]).first())
return redirect(get_next_page(), code=303)
def serve_create_account(form):
try:
email = get_email_from_token()
except RedirectError as e:
return e.response
username = form.username.data
real_name = form.real_name.data
password = form.password.data
subscribed = form.subscribed.data
user = create_account(email, username, real_name, password, subscribed)
flash("Your new account has been created. Welcome to CS Center!",
category="SUCCESS")
set_user(user)
return redirect(get_next_page(), code=303)
def logout():
set_user(None)
flash("You are now logged out. See you later!", category = "SUCCESS")
return redirect(get_next_page(), code = 303)
def authorize_google():
if user:
next_url = request.args.get("next")
if next_url is None:
try:
if 'state' in session:
state = session['state']
else:
state = request.args.get("state", "")
data = verify_jwt(state)
next_url = data.get("next", "/")
except (InvalidJWT, ExpiredJWT):
next_url = "/"
return redirect(next_url, code=303)
if 'state' not in session:
return error_page(
400,
message=
"No state was provided! Please return to /login to retrieve a valid state."
)
state = request.args.get('state', '')
sess_state = session.get('state')
del session['state']
if state != sess_state:
return error_page(
400,
message=
"The provided state is invalid! Please return to /login to retrieve a new state."
)
try:
next_url = verify_jwt(sess_state).get("next", "/")
except (InvalidJWT, ExpiredJWT):
return error_page(
400,
message=
"The provided state is invalid! Please return to /login to retrieve a new state."
)
code = request.args.get('code', '')
userinfo = google_oauth_client.get_userinfo(code)
gid = str(userinfo.id)
email = userinfo.raw["email"]
link = GoogleLinks.query.filter_by(gid=gid).first()
if link is None:
link_user = Users.query.filter_by(email=email).first()
if link_user is not None:
link_token = make_jwt({
"provider": "Google",
"pid": gid,
"email": email,
"uid": link_user.id
})
return render_template("account/link-accounts.html",
provider="Google",
matches=[(email, link_user, link_token)],
no_signup=True,
pid=gid)
else:
connect_token = make_jwt({
"provider": "Google",
"pid": gid,
"email": email,
"real_name": userinfo.raw["name"]
})
return redirect("/oauth-create-account/?next=%s&token=%s" %
(next_url, connect_token))
else:
set_user(Users.query.filter_by(id=link.uid).first_or_404())
flash("Welcome back!", category="SUCCESS")
return redirect(next_url, code=303)
