def authenticate():
"""Authenticate user with Persona."""
data = browserid.verify(request.form['assertion'],
settings.SITE_URL)
session['email'] = data['email']
response = jsonify({'message':'login successful'})
response.status_code = 200
return response
def get_user_from_persona_assertion(assertion,
audience=settings.SITE_URL.replace(
'http://', '').replace('https://',
'')):
data = browserid.verify(assertion, audience)
assert data['email']
user, created = User.objects.get_or_create(
email=data['email'].lower().strip())
return user
def form_valid(self, form):
assertion = form.cleaned_data['assertion']
data = verify(assertion, self.get_audience())
if data:
self.request.session['browserid'] = data['email']
print self.request.session['browserid']
return self.login_success()
return self.login_failure()
def login(self):
assertion = cherrypy.request.params['assertion']
# Verify the assertion using browserid.
validation = browserid.verify(assertion, self.audience)
# Check if the assertion was valid
if validation['status'] != 'okay':
raise cherrypy.HTTPError(400, "invalid")
# Log the user in by setting the username
self.username = validation['email']
return 'You are logged in'
def login(self, request):
data = verify(request.POST["assertion"], self.audience)
if data and "email" in data:
email = data["email"]
user, created = User.create_or_get(email=email)
response = ResponseRedirect(self.login_success_url)
encoded = jwt.encode({"email": user.email}, self.jwt_key, algorithm=self.jwt_algorithm)
response.set_cookie("jwt", encoded, secure=True)
return response
return ResponseRedirect(self.login_failure_url)
def authenticate():
"""Authenticate user with Persona."""
import sys
sys.stderr.write(settings.SITE_URL)
data = browserid.verify(request.form['assertion'], settings.SITE_URL)
# Check against allowed users list
if data['email'] in settings.ALLOWED_USERS:
session['email'] = data['email']
response = jsonify({'message': 'login successful'})
response.status_code = 200
return response
else:
abort(403)
def set_email():
"""Verify via Persona and upon success, set
the email for the user unless it already
exists and return the token.
"""
data = browserid.verify(request.form['assertion'],
settings.SITE_URL)
email = data['email']
# authentication verified, now get/create the
# lexicrypt email token
lex.get_or_create_email(email)
session['lex_token'] = lex.token
session['lex_email'] = email
return redirect(url_for('main'))
def authenticate():
"""Authenticate user with Persona."""
import sys
sys.stderr.write(settings.SITE_URL)
data = browserid.verify(request.form['assertion'],
settings.SITE_URL)
# Check against allowed users list
if data['email'] in settings.ALLOWED_USERS:
session['email'] = data['email']
response = jsonify({'message': 'login successful'})
response.status_code = 200
return response
else:
abort(403)
def process_authentication_request(self, request):
assertion = request.POST.get("assertion",None)
if assertion == None:
raise InvalidAuthentication(_("No assertion provided in Persona form post."))
else:
data = browserid.verify(assertion,django_settings.APP_URL)
if data["status"] == "okay":
request.session["browserid_email"] = data["email"]
uniq_id = "browserid://%s/%s" % (data["issuer"], data["email"])
return uniq_id
else:
raise InvalidAuthentication(_("Invalid authentication."))
def authenticate():
"""Authenticate user with Persona."""
app = current_app
db = get_session(app)
data = browserid.verify(request.form['assertion'],
app.config.get('SITE_URL'))
email = data['email']
session['email'] = email
# Create a user if one does not already exist for this email
# address.
user = db.query(User).filter_by(email=email).first()
if user:
session['user_id'] = user.id
return jsonify({'email': email})
def authenticate():
"""Authenticate user with Persona."""
app = current_app
db = get_session(app)
data = browserid.verify(request.form['assertion'],
app.config.get('SITE_URL'))
email = data['email']
session['email'] = email
# Create a user if one does not already exist for this email
# address.
user = db.query(User).filter_by(email=email).first()
if user:
session['user_id'] = user.id
return jsonify({'email': email})
def set_email():
"""Verify via Persona.
Upon success, create the user if it doesn't already exist and set the
email for the user's session.
"""
data = browserid.verify(request.form['assertion'], '%s://%s' % (
app.config['PREFERRED_URL_SCHEME'], app.config['SERVER_NAME']))
email = data['email']
# Create user record.
try:
user = User.query.filter(User.email==email).one()
except NoResultFound:
user = User(email=email)
db.session.add(user)
db.session.commit()
# Add self as contact.
user.contacts.append(user)
db.session.commit()
session['email'] = user.email
return jsonify({'message': 'okay'})
def login(self, **kwargs):
if cherrypy.request.method.upper() == 'POST':
cur = model.get_cursor()
returnTo = kwargs.get('returnTo', cherrypy.url('/'))
assertion = kwargs.pop('loginAssertion')
if assertion == '':
logged_out()
raise cherrypy.HTTPRedirect(returnTo)
try:
result = browserid.verify(assertion, cherrypy.request.base)
except browserid.ConnectionError:
raise cherrypy.HTTPError(503, "Login connection error")
except browserid.TrustError:
raise cherrypy.HTTPError(409, "Invalid login")
loginid = result['email']
cur.execute(
'''SELECT userid FROM users
WHERE userid = ?''', (loginid, ))
if cur.fetchone() is None:
cur.execute(
'''INSERT INTO users
(userid) VALUES (?)''', (loginid, ))
logged_in(loginid)
raise cherrypy.HTTPRedirect(cherrypy.url('/preferences'))
logged_in(loginid)
raise cherrypy.HTTPRedirect(returnTo)
if cherrypy.request.loginid is not None:
raise cherrypy.HTTPRedirect(cherrypy.url('/'))
return render('login.xhtml')
def authenticate():
"""Authenticate user with Persona."""
data = browserid.verify(request.form['assertion'],
settings.SITE_URL)
email = data['email']
session['email'] = email
user = User.query.filter(User.email == email).first()
# Create a user if one does not already exist for this email
# address.
user = User.query.filter_by(email=email).first()
if not user:
# TODO: We assume the user wants the first part of their email
# address to be their username. Good idea? Probably not.
username = email.split('@')[0]
user = User(username=username, name=username, email=email,
slug=slugify(username), github_handle=username)
db.session.add(user)
db.session.commit()
response = jsonify({'email': user.email})
response.status_code = 200
return response
def login(self, **kwargs):
if cherrypy.request.method.upper() == 'POST':
cur = model.get_cursor()
returnTo = kwargs.get('returnTo', cherrypy.url('/'))
assertion = kwargs.pop('loginAssertion')
if assertion == '':
logged_out()
raise cherrypy.HTTPRedirect(returnTo)
try:
result = browserid.verify(assertion, cherrypy.request.base)
except browserid.ConnectionError:
raise cherrypy.HTTPError(503, "Login connection error")
except browserid.TrustError:
raise cherrypy.HTTPError(409, "Invalid login")
loginid = result['email']
cur.execute('''SELECT userid FROM users
WHERE userid = ?''',
(loginid))
if cur.fetchone() is None:
cur.execute('''INSERT INTO users
(userid, email) VALUES (?, ?)''',
(loginid, loginid))
logged_in(loginid)
raise cherrypy.HTTPRedirect(cherrypy.url('/preferences'))
logged_in(loginid)
raise cherrypy.HTTPRedirect(returnTo)
if cherrypy.request.loginid is not None:
raise cherrypy.HTTPRedirect(cherrypy.url('/'))
return render('login.xhtml')
def get_user_from_persona_assertion(assertion, audience=settings.SITE_URL):
data = browserid.verify(assertion, audience)
assert data['email']
user, created = User.objects.get_or_create(email=data['email'].lower().strip())
return user
def verify(self):
data = {'status': 'error'}
if request.method == 'POST' and "assertion" in request.POST:
data = browserid.verify(request.POST["assertion"], request.host_url)
return json.dumps(data)
def login(request):
"""View to check the persona assertion and remember the user"""
_check_csrf_token(request)
data = browserid.verify(request.POST['assertion'], request.registry.settings['persona.audience'])
headers = remember(request, data['email'])
return Response(headers=headers)
def login():
origin = "%(PREFERRED_URL_SCHEME)s://%(SERVER_NAME)s" % (app.config)
app.logger.info('processing assertion with origin %s' % origin)
data = browserid.verify(request.form['assertion'], origin)
session['email'] = data['email']
return data['email']
def verify(self):
data = {"status": "error"}
if request.method == "POST" and "assertion" in request.POST:
data = browserid.verify(request.POST["assertion"], request.host_url)
return json.dumps(data)
