def login():
"""
Log in the user to the system using Google oauth login.
Note: What gets done here depends on what phase of the login process we are in.
If this is the INITIAL PHASE, then send the user to the Google login.
If we are COMING BACK from a Google login, use the code to get the email and display name set up for the user.
:return: An appropriate redirect (depending on what step of the login process this is.
"""
domain = parser["learningmachine"]["domain"]
secrets_file = "{}/{}".format(dir_path, "client_secret.json")
scope = "https://www.googleapis.com/auth/userinfo.email"
redirect_uri = "http://{}/login".format(domain)
login_handler = LoginHandler(secrets_file, scope, redirect_uri)
if "code" in request.args:
login_handler.setup_user_info(request.args["code"])
session["email"] = login_handler.email
session["display_name"] = login_handler.display_name
if not fm.user_exists(login_handler.email):
msg = "Adding user: {} with ID of {} to the database."\
.format(login_handler.email, login_handler.display_name)
fm.add_user(login_handler.email, login_handler.display_name)
msg = "Sending user: {} to main page".format(login_handler.email)
app.logger.info(msg)
return redirect("/static/main.html")
else:
msg = "No login code yet. Letting Google handle the login process at: {}"\
.format(login_handler.auth_url)
app.logger.info(msg)
return redirect(login_handler.auth_url)
def login():
"""
Log in the user to the system using Google oauth login.
Note: What gets done here depends on what phase of the login process we are in.
If this is the INITIAL PHASE, then send the user to the Google login.
If we are COMING BACK from a Google login, use the code to get the email and display name set up for the user.
:return: An appropriate redirect (depending on what step of the login process this is.
"""
domain = parser["learningmachine"]["domain"]
secrets_file = "{}/{}".format(dir_path, "client_secret.json")
scope = "https://www.googleapis.com/auth/userinfo.email"
redirect_uri = "http://{}/login".format(domain)
login_handler = LoginHandler(secrets_file, scope, redirect_uri)
if "code" in request.args:
login_handler.setup_user_info(request.args["code"])
session["email"] = login_handler.email
session["display_name"] = login_handler.display_name
if not model.user_exists(login_handler.email):
msg = "Adding user: {} with ID of {} to the database."\
.format(login_handler.email, login_handler.display_name)
model.add_user(login_handler.email, login_handler.display_name)
msg = "Sending user: {} to main page".format(login_handler.email)
app.logger.info(msg)
return redirect("/static/main.html")
else:
msg = "No login code yet. Letting Google handle the login process at: {}"\
.format(login_handler.auth_url)
app.logger.info(msg)
return redirect(login_handler.auth_url)
def get(self):
login = LoginHandler()
if login.checkReg() == False:
self.redirect("new.html")
return
elif not login.checkLogin():
self.redirect("login.html")
return
self.redirect("setting")
def login():
"""
Log in the user to the system using Google oauth login.
Note: What gets done here depends on what phase of the login process we are in.
If this is the INITIAL PHASE, then send the user to the Google login.
If we are COMING BACK from a Google login, use the code to get the email and display name set up for the user.
:return: An appropriate redirect (depending on what step of the login process this is.
"""
domain = parser["todolist"]["domain"]
secrets_file = "client_secret.json"
scope = "https://www.googleapis.com/auth/userinfo.email"
redirect_uri = "http://{}/login".format(domain)
login_handler = LoginHandler(secrets_file, scope, redirect_uri)
if "code" in request.args:
login_handler.setup_user_info(request.args["code"])
session["email"] = login_handler.email
session["display_name"] = login_handler.display_name
return redirect("/static/main.html")
else:
return redirect(login_handler.auth_url)
def process(self, fullpath):
if self.is_login(fullpath):
return LoginHandler(self.request, self.response, fullpath).process()
if self.is_logout(fullpath):
return LogoutHandler(self.response).logout()
elif self.is_endpoint(fullpath):
return EndpointHandler(self.request, fullpath).process()
elif self.is_action(fullpath):
return self.__handle_action(fullpath)
else:
self.response.status = 404
class UsersServicer(users_pb2_grpc.UsersServicer):
def __init__(self, logger, db_stub):
self._login = LoginHandler(logger, db_stub)
self._create = CreateHandler(logger, db_stub)
self._update = UpdateHandler(logger, db_stub)
self._get_css = GetCssHandler(logger, db_stub)
def Login(self, request, context):
return self._login.Login(request, context)
def Create(self, request, context):
return self._create.Create(request, context)
def Update(self, request, context):
return self._update.Update(request, context)
def GetCss(self, request, context):
return self._get_css.GetCss(request, context)
from flask_mongoengine import MongoEngine
from app.whopenid import OpenId
from flask_openid import OpenID
from openid.extensions import pape
from app.blueprints import register_main_bp, register_open_id_bp
from app.models import Users
from mongoengine import connection
from flask_socketio import SocketIO, emit
from gevent import monkey
import os
import sys
import pymongo.errors
app = Flask(__name__)
oid = OpenID(app, safe_roots=[], extension_responses=[pape.Response])
login_manager = LoginHandler()
socket_io = SocketIO(app, async_mode='threading')
monkey.patch_all()
def create_app():
register_main_bp(app)
app.config.from_object(config.DevelopmentConfig)
app.before_request(register_db())
login_manager.init(app)
app.teardown_request(close_database)
return app
def register_db():
def load():
def __init__(self, logger, db_stub):
self._login = LoginHandler(logger, db_stub)
self._create = CreateHandler(logger, db_stub)
self._update = UpdateHandler(logger, db_stub)
self._get_css = GetCssHandler(logger, db_stub)
def setUp(self):
self.db_stub = MockDBStub()
self.login_handler = LoginHandler(Mock(), self.db_stub)
self._pw = "hunter2"
self._pw_hash = bcrypt.hashpw(self._pw.encode('utf-8'),
bcrypt.gensalt())
class LoginHandlerTest(unittest.TestCase):
def setUp(self):
self.db_stub = MockDBStub()
self.login_handler = LoginHandler(Mock(), self.db_stub)
self._pw = "hunter2"
self._pw_hash = bcrypt.hashpw(self._pw.encode('utf-8'),
bcrypt.gensalt())
def _make_request(self):
return users_pb2.LoginRequest(
handle="CianLR",
password=self._pw,
)
def _make_user(self, pw=None):
pw = self._pw_hash if pw is None else pw
return database_pb2.UsersEntry(
handle="CianLR",
global_id=1,
display_name="Cian Ruane",
password=pw,
bio="A sound lad",
)
def test_handle_db_error(self):
req = self._make_request()
err = "MockError"
self.db_stub.Users.return_value = database_pb2.UsersResponse(
result_type=database_pb2.UsersResponse.ERROR,
error=err,
)
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.ERROR)
self.assertEqual(resp.error, err)
def test_handle_no_user(self):
req = self._make_request()
self.db_stub.Users.return_value = database_pb2.UsersResponse(
result_type=database_pb2.UsersResponse.OK,
results=[],
)
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.ERROR)
def test_handle_many_users(self):
req = self._make_request()
self.db_stub.Users.return_value = database_pb2.UsersResponse(
result_type=database_pb2.UsersResponse.OK,
results=[self._make_user(), self._make_user()],
)
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.ERROR)
def test_correct_password(self):
req = self._make_request()
user = self._make_user()
self.db_stub.Users.return_value = database_pb2.UsersResponse(
result_type=database_pb2.UsersResponse.OK,
results=[user],
)
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.ACCEPTED)
self.assertEqual(resp.display_name, user.display_name)
self.assertEqual(resp.global_id, user.global_id)
def test_incorrect_password(self):
req = self._make_request()
self.db_stub.Users.return_value = database_pb2.UsersResponse(
result_type=database_pb2.UsersResponse.OK,
results=[self._make_user(b"password123")],
)
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.DENIED)
def test_blank_password(self):
req = self._make_request()
req.password = ""
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.ERROR)
def test_blank_username(self):
req = self._make_request()
req.handle = ""
resp = self.login_handler.Login(req, None)
self.assertEqual(resp.result, users_pb2.LoginResponse.ERROR)
