def POST(self):
form = web.input(credentials='', username='', password='', remember_me='', mobile='', not_me='')
try:
credentials = json.loads(form.credentials)
except ValueError:
raise web.badrequest()
scopes = credentials.pop('scopes')
error = None
if form.not_me and form.username:
userid, error = login.authenticate_bcrypt(form.username, form.password, bool(form.remember_me))
if error:
error = errorcode.login_errors.get(error, 'Unknown error.')
elif not self.user_id:
error = "You must specify a username and password."
else:
userid = self.user_id
if error:
return self.render_form(scopes, credentials, bool(form.mobile), error,
form.username, form.password, bool(form.remember_me), bool(form.not_me))
credentials['userid'] = userid
headers, body, status = server.create_authorization_response(
*(extract_params() + (scopes, credentials)))
for k, v in headers.iteritems():
web.header(k, v)
web.ctx.status = '%s Status' % (status,)
return body
def authorize_post_(request):
form = request.web_input(credentials='',
username='',
password='',
remember_me='',
mobile='',
not_me='')
try:
credentials = json.loads(form.credentials)
except ValueError:
raise HTTPBadRequest()
scopes = credentials.pop('scopes')
error = None
if form.not_me and form.username:
userid, error = login.authenticate_bcrypt(
form.username,
form.password,
request=request if form.remember_me else None)
if error:
error = errorcode.login_errors.get(error, 'Unknown error.')
elif not request.userid:
error = "You must specify a username and password."
else:
userid = request.userid
if error:
return Response(
render_form(request, scopes, credentials, bool(form.mobile), error,
form.username, form.password, bool(form.remember_me),
bool(form.not_me)))
credentials['userid'] = userid
response_attrs = server.create_authorization_response(
*(extract_params(request) + (scopes, credentials)))
return OAuthResponse(*response_attrs)
def authorize_success(context, request, values):
credentials = values['credentials']
scopes = credentials.pop('scopes')
credentials['userid'] = (values['user'] or request.current_user).userid
headers, body, status = server.create_authorization_response(
request.path, request.method, request.GET, request.headers, scopes, credentials)
if status // 100 not in {4, 5} and not request.current_user and values['remember_me']:
headers.update(remember(request, values['user'].userid))
log.debug('authorization success %r %r %r', headers, body, status)
return httpexceptions.status_map[status](
headers=headers, body=body, location=headers.pop('Location', None))
def authorize_success(context, request, values):
credentials = values['credentials']
scopes = credentials.pop('scopes')
credentials['userid'] = (values['user'] or request.current_user).userid
headers, body, status = server.create_authorization_response(
request.path, request.method, request.GET, request.headers, scopes,
credentials)
if status // 100 not in {
4, 5
} and not request.current_user and values['remember_me']:
headers.update(remember(request, values['user'].userid))
log.debug('authorization success %r %r %r', headers, body, status)
return httpexceptions.status_map[status](headers=headers,
body=body,
location=headers.pop(
'Location', None))
def authorize_post_(request):
form = request.web_input(credentials='', username='', password='', remember_me='', mobile='', not_me='')
try:
credentials = json.loads(form.credentials)
except ValueError:
raise HTTPBadRequest()
scopes = credentials.pop('scopes')
error = None
if form.not_me and form.username:
userid, error = login.authenticate_bcrypt(form.username, form.password, bool(form.remember_me))
if error:
error = errorcode.login_errors.get(error, 'Unknown error.')
elif not request.userid:
error = "You must specify a username and password."
else:
userid = request.userid
if error:
return Response(render_form(request, scopes, credentials, bool(form.mobile), error,
form.username, form.password, bool(form.remember_me),
bool(form.not_me)))
credentials['userid'] = userid
response_attrs = server.create_authorization_response(
*(extract_params(request) + (scopes, credentials)))
return OAuthResponse(*response_attrs)