def handle_login_POST():
"""
Carries out an actual log in.
:return:
"""
# If this is a POST it is a login request.
#
username = request.values.get("username")
password = request.values.get("password")
guestlogin = request.values.get("guestlogin")
# If we have a guestlogin then it is a DEMO login request.
if guestlogin is not None:
username = "******"
password = "******"
# We may or may not have a 'next' field. If we do, we make sure that the URL is safe.
next = request.values.get("next")
next = safe_redirect(next)
try:
session_id = weblab_api.api.login(username, password)
except InvalidCredentialsError:
flash("Invalid username or password", category="error")
# _scheme is a workaround. See comment in other redirect.
return redirect(url_for(".index", _external=True, _scheme=request.scheme))
except:
traceback.print_exc()
flash("There was an unexpected error while logging in.", 500)
return make_response("There was an unexpected error while logging in.", 500)
else:
# TODO: Find proper way to do this.
# This currently redirects to HTTP even if being called from HTTPS. Tried _external as a workaround but didn't work.
# More info: https://github.com/mitsuhiko/flask/issues/773
# For now we force the scheme from the request.
response = make_response(redirect(next or url_for(".labs", _external=True, _scheme=request.scheme)))
""" @type: flask.Response """
session_id_cookie = "%s.%s" % (session_id.id, weblab_api.ctx.route)
# Inserts the weblabsessionid and loginsessionid cookies into the response.
# (What is the purpose of having both? Why the different expire dates?)
weblab_api.fill_session_cookie(response, session_id_cookie)
print "LOGGED IN WITH: (%s)" % (session_id_cookie)
return response
def federated():
redirecting = session.pop('federated_redirecting', None)
widget = request.args.get('widget')
reservation_id = request.args.get('reservation_id')
reservation_tokens = reservation_id.split(';')
back_url = request.args.get('back_url')
if len(reservation_tokens) == 1:
reservation_id = reservation_tokens[0]
else:
reservation_id = reservation_tokens[0]
reservation_id_plus_route = reservation_tokens[1]
# The second argument is the session identifier plus a route.
# Here we analyze whether this message was intended for this server or for any other with a different route.
# To do this, we check the route, and if it's different, we return a redirection to the same URL but setting a cookie with the required URL
# However, if we were already redirecting, then there is a problem (e.g., not using an existing route), and a message is displayed.
if '.' in reservation_id_plus_route:
route = reservation_id_plus_route.split('.', 1)[1]
if route != weblab_api.ctx.route:
if redirecting:
return render_template("webclient/error.html", error_message = gettext("Invalid federated URL: you're attempting to use a route not used in this WebLab-Deusto instance"), federated_mode = True, title = gettext("Error"), back_url = back_url)
session['federated_redirecting'] = "true"
response = redirect(request.url)
now = datetime.datetime.now()
response.set_cookie('weblabsessionid', reservation_id_plus_route, expires = now + datetime.timedelta(days = 100), path = weblab_api.ctx.location)
return response
weblab_api.ctx.reservation_id = reservation_id
try:
experiment = weblab_api.api.get_reservation_experiment_info()
except SessionNotFoundError:
return render_template("webclient/error.html", error_message = gettext("The provided reservation identifier is not valid or has expired."), federated_mode = True, back_url = back_url)
except:
traceback.print_exc()
return render_template("webclient/error.html", error_message = gettext("Unexpected error on the server side while trying to get the reservation information."), federated_mode = True, back_url = back_url)
session['reservation_id'] = reservation_id
session['back_url'] = request.args.get('back_url')
kwargs = {}
if request.args.get('locale'):
session['locale'] = request.args.get('locale')
kwargs = dict(locale=request.args.get('locale'))
response = redirect(url_for('.lab', experiment_name=experiment.name, category_name=experiment.category.name, **kwargs))
reservation_id_plus_route = '%s.%s' % (reservation_id, weblab_api.ctx.route)
weblab_api.fill_session_cookie(response, reservation_id_plus_route, reservation_id)
return response
def client():
"""
If there is a GET argument named %(reservation_id)s, it will take it and resend it as a
POST argument. If it was passed through the history, then it will be again sent as a
POST argument. Finally, if it is received as a POST argument, it will generate a redirect
to the client, using the proper current structure.
""" % { 'reservation_id' : RESERVATION_ID }
# If it is passed as a GET argument, send it as POST
reservation_id = request.args.get(RESERVATION_ID)
back_url = request.args.get(BACK_URL)
locale = request.args.get(LOCALE)
widget = request.args.get(WIDGET) or ''
if reservation_id is not None:
return render_template('core_web/client_redirect.html',
reason = 'GET performed',
reservation_id = urllib.unquote(reservation_id),
back_url = back_url, locale = locale, widget = widget)
# If it is passed as History (i.e. it was not passed by GET neither POST),
# pass it as a POST argument
reservation_id = request.form.get(RESERVATION_ID)
if reservation_id is None:
return render_template('core_web/client_label.html')
back_url = request.form.get(BACK_URL)
widget = request.form.get(WIDGET) or ''
locale = request.form.get(LOCALE) or ''
reservation_id = urllib.unquote(reservation_id)
route = weblab_api.ctx.route
if route is not None:
# If the request should not go to the current server
if reservation_id.find('.') >= 0 and not reservation_id.endswith(route):
if reservation_id.find(';') >= 0:
partial_reservation_id = reservation_id.split(';')[1]
else:
partial_reservation_id = reservation_id
response = make_response(render_template('core_web/client_redirect.html',
reason = 'reservation_id %s does not end in server_route %s' % (reservation_id, weblab_api.ctx.route),
reservation_id = reservation_id, back_url = back_url,
locale = locale, widget = widget,
))
weblab_api.fill_session_cookie(response, partial_reservation_id, partial_reservation_id)
return response
if reservation_id.find(';') >= 0:
partial_reservation_id = reservation_id.split(';')[1]
else:
partial_reservation_id = reservation_id
response = make_response()
weblab_api.fill_session_cookie(response, partial_reservation_id, partial_reservation_id)
# Finally, if it was passed as a POST argument, generate the proper client address
weblab_api.ctx.reservation_id = reservation_id.split(';')[0]
try:
experiment_id = weblab_api.api.get_reservation_info()
except SessionNotFoundError:
response.response = render_template('core_web/client_error.html', reservation_id = reservation_id)
return response
client_address = url_for('core_webclient.federated', locale=locale, reservation_id=reservation_id, back_url=back_url, widget=widget)
format_parameter = request.form.get(FORMAT_PARAMETER)
if format_parameter is not None and format_parameter == 'text':
response.response = client_address
return response
return redirect(client_address)
def client():
"""
If there is a GET argument named %(reservation_id)s, it will take it and resend it as a
POST argument. If it was passed through the history, then it will be again sent as a
POST argument. Finally, if it is received as a POST argument, it will generate a redirect
to the client, using the proper current structure.
""" % {
'reservation_id': RESERVATION_ID
}
# If it is passed as a GET argument, send it as POST
reservation_id = request.args.get(RESERVATION_ID)
back_url = request.args.get(BACK_URL)
locale = request.args.get(LOCALE)
widget = request.args.get(WIDGET) or ''
if reservation_id is not None:
return render_template('core_web/client_redirect.html',
reason='GET performed',
reservation_id=urllib.unquote(reservation_id),
back_url=back_url,
locale=locale,
widget=widget)
# If it is passed as History (i.e. it was not passed by GET neither POST),
# pass it as a POST argument
reservation_id = request.form.get(RESERVATION_ID)
if reservation_id is None:
return render_template('core_web/client_label.html')
back_url = request.form.get(BACK_URL)
widget = request.form.get(WIDGET) or ''
locale = request.form.get(LOCALE) or ''
reservation_id = urllib.unquote(reservation_id)
route = weblab_api.ctx.route
if route is not None:
# If the request should not go to the current server
if reservation_id.find('.') >= 0 and not reservation_id.endswith(
route):
if reservation_id.find(';') >= 0:
partial_reservation_id = reservation_id.split(';')[1]
else:
partial_reservation_id = reservation_id
response = make_response(
render_template(
'core_web/client_redirect.html',
reason='reservation_id %s does not end in server_route %s'
% (reservation_id, weblab_api.ctx.route),
reservation_id=reservation_id,
back_url=back_url,
locale=locale,
widget=widget,
))
weblab_api.fill_session_cookie(response, partial_reservation_id,
partial_reservation_id)
return response
if reservation_id.find(';') >= 0:
partial_reservation_id = reservation_id.split(';')[1]
else:
partial_reservation_id = reservation_id
response = make_response()
weblab_api.fill_session_cookie(response, partial_reservation_id,
partial_reservation_id)
# Finally, if it was passed as a POST argument, generate the proper client address
weblab_api.ctx.reservation_id = reservation_id.split(';')[0]
try:
experiment_id = weblab_api.api.get_reservation_info()
except SessionNotFoundError:
response.response = render_template('core_web/client_error.html',
reservation_id=reservation_id)
return response
client_address = url_for('core_webclient.federated',
locale=locale,
reservation_id=reservation_id,
back_url=back_url,
widget=widget)
format_parameter = request.form.get(FORMAT_PARAMETER)
if format_parameter is not None and format_parameter == 'text':
response.response = client_address
return response
return redirect(client_address)
