def do_login(): if request.method == 'GET': return render_template('login.html') if request.method == 'POST': user = fswww().login(g.form) if not user: flash('Invalid Login') return render_template('login.html') exp = int(time.time()) + 3600 ck = Auth().encrypt_auth_cookie(user, exp) response = make_response(redirect('/')) response.set_cookie(Auth().AUTH_COOKIE_NAME, ck, 3600, exp, '/', None) return response
def login_as_admin(): LOG.info("login_as_admin") response = Auth().login(APP_URL, ADMIN_USER, ADMIN_PASSWORD) assert response.ok access_token = response.json()["access_token"] yield access_token
def login(self, form): u, p = form.get('username'), form.get('password') user = Users().get_by_username(u) print repr(user) if not user or not Auth().authorize_user(user, p): return False return user
def check_authorization(): if request.path[0:7] == '/static': return # FIXME -- api basic auth? if request.endpoint == 'do_login': return ck = request.cookies.get(Auth().AUTH_COOKIE_NAME) if ck is None: return redirect('/login') g.current_user = Auth().decrypt_auth_cookie(ck) if not g.current_user: return redirect('/login')
def edit_user(id): data = data_defaults['user']['edit'] data['action']['url'] = data['action']['url'] % id if request.method == 'GET': data['user'] = Users().get_user(id) return render_template('user_form.html', data=data) if request.method == 'POST': _input = g.form.copy() _input['id'] = id _input['modified_by'] = g.current_user['id'] u = Users().get_user(id) if 'password' in _input and _input['password']: _input['password'] = Auth().password_hash( _input['confirm_password']) else: _input['password'] = u['password'] ok, messages = fswww().validate_user_properties(_input) if not ok: for m in messages: flash(m) return render_template('user_form.html', data={'user': _input}) id = Users().update_user(_input) if id is not False: url = '/users/edit/%d' % id flash('user updated') return redirect(url) flash('unable to update user') return render_template('user_form.html', data={'role': _input})
def verify(): email = request.args.get('email') verification_token = request.args.get('token') if not email or not verification_token: return 'No email or token' auth = Auth() response = auth.verify(email=email, verification_token=verification_token) return response['response_text']
def aquireAuthToken(authObj, http): token = "" try: token = authObj.readResponse(authObj.authorizationRequest(http)) except AuthException as e: print("Login mit Zugang {} nicht möglich.".format(e.login)) print("Zugangsdaten erneut eingeben: ") login = input("Login: "******"Passwort: ") aquireAuthToken(Auth(login, password), http) else: http.setToken(token)
def test_user_permissions(login_as_admin): LOG.info("test_user_permissions") # Create new user and assign "user" role new_username = "******" new_password = "******" new_user_roles = "user" response = Users().create_user(APP_URL, login_as_admin, new_username, new_password) assert response.ok response_data = response.json() new_user_id = response_data["id"] assert response_data["username"] == new_username assert response_data["roles"] == "user" # Login as the newly created user response = Auth().login(APP_URL, new_username, new_password) assert response.ok response_data = response.json() access_token = response_data["access_token"] # Check the new user can get his own info response = Users().get_current_user(APP_URL, access_token) assert response.ok assert response.json()["username"] == new_username assert response.json()["roles"] == new_user_roles # Check that the newly created user CAN NOT create other users because # it doesn't have admin privileges response = Users().create_user(APP_URL, access_token, "tony", "montana") assert not response.ok # Check that the newly created user CAN NOT delete other users because # it doesn't have admin privileges response = Users().delete_user(APP_URL, access_token, new_user_id) assert not response.ok # Finally, delete the newly created user but this time use the admin account response = Users().delete_user(APP_URL, login_as_admin, new_user_id) assert response.ok
#!/env/bin/python from flask import Flask, session, escape, render_template, request, url_for, redirect from lib.auth import Auth auth = Auth() app = application = Flask(__name__) #add the secret key from the config #to allow Flask sessions to work app.secret_key = auth.config['app']['secret_key'] @app.route('/') def index(): logged_in = session.get('logged_in') if logged_in: return 'logged in!' else: return '''not logged in. <p><a href="/login">Click here</a> to login.</p> <p><a href="/createaccount">Click here</a> to sign up.</p>''' @app.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'GET': return render_template('login.html') if request.method == 'POST': password = request.form.get('password') email = request.form.get('email') response = auth.login(email, password)
def __init__(self, access_key=None, secret_key=None): if access_key and secret_key: self.auth = Auth(access_key, secret_key) else: from conf import ACCESS_KEY, SECRET_KEY self.auth = Auth(ACCESS_KEY, SECRET_KEY)
from json import dumps from lib.config import Config from lib.auth import Auth from lib.model.room import Room from lib.model.message import Message app = Flask(__name__) cfg = Config('config.db') app.debug = (__name__ == '__main__') app.config['SECRET'] = cfg.get('socket-key') socketio = SocketIO(app) config = Config('config.db') auth = Auth(config) @app.before_request def log_request(): current_app.logger.debug(request.url) @app.route('/', methods=['GET']) def route_index(): return render_template('index.html') @app.route('/app', methods=['GET']) def route_chat(): return render_template('app.html')
response_placement = http.getRequest('placement', params).json()['response'] if 'placement' in response_placement: return response_placement['placement'] else: return None proxies = { "http": "http://proxy.t-online.net:3128", "https": "http://proxy.t-online.net:3128", } http = HttpHandler("http://api.appnexus.com") a = Auth() aquireAuthToken(a, http) filename = "all_site_ALL_categories.csv" worker = AbstractGenericWorker(http) #sites = worker.getAllEntitiesByType('site') sites = worker.getAllEntitiesByRange('site', 300, 400) writer_content = list() count = len(sites) i = 1 all_categories = set()
def do_logout(): response = make_response(redirect('/')) response.set_cookie(Auth().AUTH_COOKIE_NAME, '', -1, -1, '/', None) return response
def test_login(): LOG.info("test_login") response = Auth().login(APP_URL, ADMIN_USER, ADMIN_PASSWORD) LOG.debug(response.json()) assert response.ok