def log_in_success(self, form): request = self.request user = ( AuthUser.get_by_login(form['username']) or AuthUser.get_by_email(form['username']) ) headers = remember(request, user.auth_id) return HTTPSeeOther(headers=headers, location=get_came_from(request))
def search_user(username): user = None if '@' in username: user = AuthUser.get_by_email(username) if not user: user = AuthUser.get_by_username(username) if not user: user = AuthUser.get_by_login(username) return user
def register_validator(node, kw): """Validate a username and password.""" valid = False if "password" in kw: if kw["password"] != kw.get("password2", None): raise Invalid(node, "Passwords should match!") used = AuthUser.get_by_login(kw["username"]) used = used or AuthUser.get_by_email(kw["email"]) if used: raise Invalid(node, "That username or email is taken.")
def forgot_password(request): """ forgot_password(request): no return value, called with route_url('apex_forgot_password', request) """ title = _('Forgot my password') if asbool(apex_settings('use_recaptcha_on_forgot')): if apex_settings('recaptcha_public_key') and apex_settings( 'recaptcha_private_key'): ForgotForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ForgotForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): """ Special condition - if email imported from OpenID/Auth, we can direct the person to the appropriate login through a flash message. """ if form.data['email']: user = AuthUser.get_by_email(form.data['email']) if user.login: provider_name = auth_provider.get(user.login[1], 'Unknown') flash(_('You used %s as your login provider' % \ provider_name)) return HTTPFound(location=route_url('apex_login', \ request)) if form.data['username']: user = AuthUser.get_by_username(form.data['username']) if user: timestamp = time.time() + 3600 hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), timestamp), \ user.email).hexdigest()[0:10] time_key = base64.urlsafe_b64encode('%d' % timestamp) email_hash = '%s%s' % (hmac_key, time_key) apex_email_forgot(request, user.id, user.email, email_hash) flash(_('Password Reset email sent.')) return HTTPFound(location=route_url('apex_login', \ request)) flash(_('An error occurred, please contact the support team.')) return {'title': title, 'form': form, 'action': 'forgot'}
def forgot_password(request): """ forgot_password(request): no return value, called with route_url('apex_forgot_password', request) """ title = _('Forgot my password') if asbool(apex_settings('use_recaptcha_on_forgot')): if apex_settings('recaptcha_public_key') and \ apex_settings('recaptcha_private_key'): ForgotForm.captcha = RecaptchaField( public_key=apex_settings('recaptcha_public_key'), private_key=apex_settings('recaptcha_private_key'), ) form = ForgotForm(request.POST, \ captcha={'ip_address': request.environ['REMOTE_ADDR']}) if request.method == 'POST' and form.validate(): """ Special condition - if email imported from OpenID/Auth, we can direct the person to the appropriate login through a flash message. """ if form.data['email']: user = AuthUser.get_by_email(form.data['email']) if user.provider != 'local': provider_name = user.provider flash(_('You used %s as your login provider' % \ provider_name)) return HTTPFound(location=route_url('apex_login', \ request)) if form.data['login']: user = AuthUser.get_by_login(form.data['login']) if user: timestamp = time.time()+3600 hmac_key = hmac.new('%s:%s:%d' % (str(user.id), \ apex_settings('auth_secret'), timestamp), \ user.email).hexdigest()[0:10] time_key = base64.urlsafe_b64encode('%d' % timestamp) email_hash = '%s%s' % (hmac_key, time_key) apex_email_forgot(request, user.id, user.email, email_hash) flash(_('Password Reset email sent.')) return HTTPFound(location=route_url('apex_login', \ request)) flash(_('An error occurred, please contact the support team.')) return {'title': title, 'form': form, 'action': 'forgot'}
def login_validator(node, kw): """Validate a username and password.""" valid = False if 'username' in kw: kwargs = { 'login': kw['username'], 'password': kw['password'], } valid = AuthUser.check_password(**kwargs) # XXX: extend apex to get user by login or email if not valid: user = AuthUser.get_by_email(kw['username']) if user: del kwargs['login'] kwargs['id'] = user.id valid = AuthUser.check_password(**kwargs) if not valid: raise Invalid( node, "Your username or password is incorrect." )
def validate_email(form, field): if AuthUser.get_by_email(field.data) is None: raise validators.ValidationError(_('Sorry that email doesn\'t exist.'))
def apex_callback(request): """ apex_callback(request): no return value, called with route_url('apex_callback', request) This is the URL that Velruse returns an OpenID request to """ redir = request.GET.get('came_from', route_url(apex_settings('came_from_route'), request)) headers = [] login_failed = True reason = _('Login failed!') if 'token' in request.POST: token = request.POST['token'] auth = apexid_from_token(token) if auth: login_failed = False user, email = None, '' if 'emails' in auth['profile']: emails = auth['profile']['emails'] if isinstance(emails[0], dict): email = auth['profile']['emails'][0]['value'] else: email = auth['profile']['emails'][0] else: email = auth['profile'].get('verifiedEmail', '').strip() # first try by email if email: user = AuthUser.get_by_email(email) # then by id if user is None: user = search_user(auth['apexid']) if not user: user_infos = {'login': auth['apexid'], 'username': auth['name']} if email: user_infos['email'] = email user = create_user(**user_infos) if apex_settings('create_openid_after'): openid_after = get_module(apex_settings('create_openid_after')) request = openid_after().after_signup(request, user) if apex_settings('openid_required'): openid_required = False for required in apex_settings('openid_required').split(','): if not getattr(user, required): openid_required = True if openid_required: request.session['id'] = user.id return HTTPFound(location='%s?came_from=%s' % \ (route_url('apex_openid_required', request), \ request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)))) using_ldap = 'ldap' in [a.get('domain', '') for a in auth.get( "profile", {}).get("accounts", [])] external_user = True internal_user = using_ldap headers = apex_remember(request, user.id, internal_user=internal_user, external_user=external_user) redir = request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)) flash(_('Successfully Logged in, welcome!'), 'success') else: auth = get_velruse_token(token) reasont = '' if auth.get('code', None): reasont += 'Code %s : ' % auth['code'] if auth.get('description', ''): reasont += _(auth['description']) if reasont: reason = reasont login_failed = True if login_failed: flash(reason) return HTTPFound(location=redir, headers=headers)
def validate_email(form, field): if AuthUser.get_by_email(field.data) is None: raise validators.ValidationError( _('Sorry that email doesn\'t exist.'))
def register_validator(node, kw): used = AuthUser.get_by_login(kw['username']) used = used or AuthUser.get_by_email(kw['email']) if used: raise Invalid(node, "That username or email is taken.")
def log_in_success(self, form): request = self.request user = (AuthUser.get_by_login(form['username']) or AuthUser.get_by_email(form['username'])) headers = remember(request, user.auth_id) return HTTPSeeOther(headers=headers, location=get_came_from(request))
def apex_callback(request): """ apex_callback(request): no return value, called with route_url('apex_callback', request) This is the URL that Velruse returns an OpenID request to """ redir = request.GET.get( 'came_from', route_url(apex_settings('came_from_route'), request)) headers = [] login_failed = True reason = _('Login failed!') if 'token' in request.POST: token = request.POST['token'] auth = apexid_from_token(token) if auth: login_failed = False user, email = None, '' if 'emails' in auth['profile']: emails = auth['profile']['emails'] if isinstance(emails[0], dict): email = auth['profile']['emails'][0]['value'] else: email = auth['profile']['emails'][0] else: email = auth['profile'].get('verifiedEmail', '').strip() # first try by email if email: user = AuthUser.get_by_email(email) # then by id if user is None: user = search_user(auth['apexid']) if not user: user_infos = { 'login': auth['apexid'], 'username': auth['name'] } if email: user_infos['email'] = email user = create_user(**user_infos) if apex_settings('create_openid_after'): openid_after = get_module( apex_settings('create_openid_after')) request = openid_after().after_signup(request, user) if apex_settings('openid_required'): openid_required = False for required in apex_settings('openid_required').split(','): if not getattr(user, required): openid_required = True if openid_required: request.session['id'] = user.id return HTTPFound(location='%s?came_from=%s' % \ (route_url('apex_openid_required', request), \ request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)))) using_ldap = 'ldap' in [ a.get('domain', '') for a in auth.get("profile", {}).get("accounts", []) ] external_user = True internal_user = using_ldap headers = apex_remember(request, user.id, internal_user=internal_user, external_user=external_user) redir = request.GET.get('came_from', \ route_url(apex_settings('came_from_route'), request)) flash(_('Successfully Logged in, welcome!'), 'success') else: auth = get_velruse_token(token) reasont = '' if auth.get('code', None): reasont += 'Code %s : ' % auth['code'] if auth.get('description', ''): reasont += _(auth['description']) if reasont: reason = reasont login_failed = True if login_failed: flash(reason) return HTTPFound(location=redir, headers=headers)
def validate_email(form, field): if AuthUser.get_by_email(field.data) is not None: raise validators.ValidationError(_('Sorry that email already exists.'))