def create_or_login(resp): """This is called when login with OpenID succeeded and it's not necessary to figure out if this is the users's first login or not. This function has to redirect otherwise the user will be presented with a terrible URL which we certainly don't want. """ session["openid"] = resp.identity_url user = User.get_with_first("openid", resp.identity_url) # not a new user if user is not None: flash("Logged in successfully.", "success") login_user(user) else: # Create new user user = User( openid=resp.identity_url, datasets=[], is_active=True, is_authenticated=True, is_anonymous=False, confirmed_on=datetime.datetime.now(), ) user.save() login_user(user) flash( "Success!, Since this is your first login, a local profile was " "created for you which is now you active user" "for you", "success", ) return redirect(oid.get_next_url())
def login(): """Does the login via OpenID. Has to call into `oid.try_login` to start the OpenID machinery. """ if current_user.is_authenticated: flash("Your already logged in", "success") return redirect(oid.get_next_url()) form = LoginForm(request.form) if form.validate_on_submit(): # Debug mode, allow dummy auth if app.debug and form.auth_provider.data == "https://openid.ku.dk": user = User.get_with_first("openid", app.config["DEBUG_USER"]) if user: login_user(user) flash("Logged in as the debug user", "success") return redirect(url_for("projects.projects")) else: flash("No such user could be found", "warning") return redirect(url_for("projects.projects")) logged_in = None try: logged_in = oid.try_login(form.auth_provider.data) except Exception as err: app.logger.debug("Failed to login {}".format(err)) return redirect(url_for("login")) return logged_in return render_template("fair/login.html", form=form, next=oid.get_next_url())
def request_auth(): form = AuthRequestForm(request.form) if form.validate_on_submit(): # Send confirmation token user = User.get_with_first("email", form.email.data) if user is None: data = form.data # Remove csrf_token del data["csrf_token"] subject = "{} requests {} access".format( form.email.data, config.get("PROJECTS", "title")) token = generate_confirmation_token(data=form.data) confirm_url = url_for("projects.approve_auth", token=token, _external=True) html = render_template( "projects/email/activate_user.html", email=form.data, confirm_url=confirm_url, ) msg = Message( subject=subject, html=html, recipients=[app.config["ADMINS_EMAIL"]], sender=app.config["MAIL_USERNAME"], ) try: mail.send(msg) except TimeoutError: return jsonify( data={ "danger": "Timed out before request could be sent" " to an admin for approval" }) return jsonify( data={ "success": "Request successfully submitted" ", awaiting admin approval" }) else: response = jsonify( data={"danger": "That email has already been granted access"}) response.status_code = 400 return response response = jsonify( data={ "danger": ", ".join([ "{} - {}".format(attr, r_msg) for attr, errors in form.errors.items() for r_msg in errors ]) }) response.status_code = 400 return response
def approve_auth(token): data = confirm_token(token) if data is False: flash("Confirmation failed, either it is invalid or expired.", "danger") return redirect(url_for("projects.projects")) if "email" not in data: flash("Confirmation failed, required email is not present", "danger") return redirect(url_for("projects.projects")) user = User.get_with_first("email", data["email"]) if user is not None: flash("That email has already been registered") return redirect(url_for("projects.projects")) else: # Setup user = User( email=data["email"], password=hashpw(os.urandom(24), gensalt()), projects=[], is_active=False, is_authenticated=False, is_anonymous=False, confirmed_on=datetime.datetime.now(), ) user.save() token = generate_confirmation_token(data=data["email"]) reset_url = url_for("projects.reset_password", token=token, _external=True) html = render_template( "projects/email/reset_password.html", email=data["email"], reset_password_url=reset_url, ) msg = Message( subject="{} Projects Account approval".format( config.get("PROJECTS", "title")), html=html, recipients=[data["email"]], sender=app.config["MAIL_USERNAME"], ) mail.send(msg) flash( "The account {} has been approved and created".format( data["email"]), "success", ) return redirect(url_for("projects.projects"))
def setUp(self): app.config["TESTING"] = True app.config["DEBUG"] = True folders = {} folders["DATA_FOLDER"] = app.config["DATA_FOLDER"] = os.path.join( os.getcwd(), "tests/data" ) folders["UPLOAD_FOLDER"] = app.config["UPLOAD_FOLDER"] = os.path.join( os.getcwd(), "tests/images" ) app.config["WTF_CSRF_ENABLED"] = True # Create required folders for the application if they don't exist for _, folder in folders.items(): try: os.makedirs(folder) print("Created: " + folder) except FileExistsError: pass # Override default DB setting ->use a testing db instead of the default app.config["DB"] = os.path.join(app.config["DATA_FOLDER"], "fair_test") self.username = "******" self.password = "******" user = User.get_with_first("email", self.username) hashed_pw = hashpw(bytes(self.password, "utf-8"), gensalt()) if user is None: user = User( email=self.username, password=hashed_pw, projects=[], is_active=True, is_authenticated=True, is_anonymous=False, confirmed_on=datetime.datetime.now(), ) user.save() self.user = user self.client = app.test_client() # Setup valid token self.csrf_token = None with self.client as client: resp = client.get("/index") assert resp.status_code == 200 self.csrf_token = g.csrf_token
def request_password_reset(): form = PasswordResetRequestForm(request.form) if form.validate_on_submit(): user = User.get_with_first("email", form.email.data) if user is None: response = jsonify(data={"danger": "That user does not exist"}) response.status_code = 400 return response else: email = user.email token = generate_confirmation_token(data=email) reset_url = url_for("projects.reset_password", token=token, _external=True) html = render_template( "projects/email/reset_password.html", email=email, reset_password_url=reset_url, ) msg = Message( subject="{} Reset Password".format( config.get("PROJECTS", "title")), html=html, recipients=[email], sender=app.config["MAIL_USERNAME"], ) mail.send(msg) return jsonify( data={ "success": "A password reset link has been sent to {}".format(email) }) response = jsonify( data={ "danger": ", ".join([ "{} - {}".format(attr, r_msg) for attr, errors in form.errors.items() for r_msg in errors ]) }) response.status_code = 400 return response
def reset_password(token): email = confirm_token(token) if email is False: flash( "Attempted password reset failed," " the request is either invalid or expired", "danger", ) return redirect(url_for("projects.login")) form = PasswordResetForm(request.form) if form.validate_on_submit(): user = User.get_with_first("email", email) user.is_active = True user.is_authenticated = True user.is_anonymous = False user.email = email user.password = hashpw(bytes(form.password.data, "utf-8"), gensalt()) user.save() flash("Your password has now been updated", "success") return redirect(url_for("projects.projects")) return render_template("projects/reset_password_form.html", form=form, email=email)
dest="ip", type=str, default="127.0.0.1", help="The interface the webserver should listen on", ) parser.add_argument( "--port", dest="port", type=int, default=8080, help="The port the webserver should listen on", ) args = parser.parse_args() if __name__ == "__main__": # Implement test user if args.debug: user = User.get_with_first("email", "*****@*****.**") if user is None: user = User( email="*****@*****.**", password=hashpw(bytes("test", "utf-8"), gensalt()), projects=[], is_active=True, is_authenticated=True, is_anonymous=False, confirmed_on=datetime.datetime.now(), ) user.save() app.run(host=args.ip, port=args.port, debug=args.debug)
type=str, default="127.0.0.1", help="The interface the webserver should listen on", ) parser.add_argument( "--port", dest="port", type=int, default=8080, help="The port the webserver should listen on", ) args = parser.parse_args() if __name__ == "__main__": # Implement test user if args.debug: app.config["DEBUG_USER"] = "******" user = User.get_with_first("openid", app.config["DEBUG_USER"]) if user is None: user = User( openid="*****@*****.**", password=hashpw(bytes("test", "utf-8"), gensalt()), projects=[], is_active=True, is_authenticated=True, is_anonymous=False, confirmed_on=datetime.datetime.now(), ) user.save() app.run(host=args.ip, port=args.port, debug=args.debug)