def test_httpredirect(self):
location = 'https://pythonhosted.org/pulsar'
r = HttpRedirect(location)
self.assertEqual(r.location, location)
r = HttpRedirect(location, headers=[('Content-Type', 'text/html')])
self.assertEqual(len(r.headers), 2)
self.assertEqual(r.location, location)
def oauth_redirect(self, request):
"""View to handle the redirect from a OAuth provider
:param request: WSGI request with url parameters to decode
:return: response
"""
user = request.cache.user
name = request.urlargs['name']
oauth = self._oauth(request).get(name)
try:
oauth.check_redirect_data(request)
token = oauth.access_token(request, redirect_uri=request.uri)
token = dict(token)
except Exception as exc:
request.logger.exception('Could not obtain access_token')
url = request.config.get('LOGIN_URL', '/')
raise HttpRedirect(url) from exc
access_token = oauth.save_token(request, token)
api = oauth.api(http=request.http, **token)
user_data = api.user()
# User not authenticated
if not user.is_authenticated():
oauth.create_or_login_user(request, user_data, access_token)
else:
oauth.associate_token(request, user_data, user, access_token)
raise HttpRedirect('/')
def request(self, request):
path = request.path[1:]
for url in exclude_urls(request.app):
if url.match(path):
request.cache.skip_session_backend = True
return
key = request.config['SESSION_COOKIE_NAME']
session_key = request.cookies.get(key)
store = session_store(request)
session = None
if session_key:
session = store.get(session_key.value)
if (session
and (session.expiry is None or session.expiry < time.time())):
store.delete(session.id)
session = None
if not session:
session = self._create_session(request)
request.cache.session = session
token = session.token
if token:
try:
user = request.api.user.get(token=session.token).json()
except NotAuthorised:
request.cache.auth_backend.logout(request)
raise HttpRedirect(request.config['LOGIN_URL']) from None
except Exception:
request.cache.auth_backend.logout(request)
raise
request.cache.user = User(user)
def smart_redirect(request, url=None, status=None):
# Ajax request, treat it differently
url = url or request.full_path()
if request.is_xhr:
response = request.response
response.content = json.dumps({'redirect': url})
return response
else:
raise HttpRedirect(url, status=status)
def handle_401(request, user=None):
"""When the API respond with a 401 logout and redirect to login
"""
user = user or request.session.user
if user.is_authenticated():
request.cache.auth_backend.logout(request)
raise HttpRedirect(request.config['LOGIN_URL'])
else:
raise Http404
def get(self, request):
action = request.urlargs.get('action')
if not action:
if self.default_action:
loc = '%s/%s' % (request.absolute_uri(), self.default_action)
raise HttpRedirect(loc)
else:
raise Http404
else:
return super().get(request)
def smart_redirect(request, url=None, status=None):
# Ajax request, treat it differently
url = url or request.full_path()
if request.is_xhr:
response = request.response
ct = request.content_types.best_match(JSON_CONTENT_TYPES)
if ct in JSON_CONTENT_TYPES:
response.content_type = ct
response.content = json.dumps({'redirect': url})
return response
else:
raise HttpRedirect(url, status=status)
def create_or_login_user(self, request, user_data, access_token):
"""Create a new user or update the token if user already exists
:param request: WSGI request
:param user_data: dictionary of user data from this OAuth provider
:param access_token: access token model instance
:return:
"""
username = self.username(user_data)
email = self.email(user_data)
if not username and not email:
raise ValueError('No username or email')
# Check if user exist
backend = request.cache.auth_backend
user = backend.get_user(request, username=username, email=email)
if not user:
# The user is not available, if username or email are not available
# redirect to a form to add them
if username or email:
# Create the user
user = backend.create_user(
request,
username=username,
email=email,
first_name=self.firstname(user_data),
last_name=self.lastname(user_data),
active=True)
else:
register = request.config.get('REGISTER_URL')
if register:
raise HttpRedirect(register)
else:
request.logger.error(
'No registration url, cannot create '
'user from %s OAuth', self.name)
raise Http404
self.associate_token(request, user_data, user, access_token)
backend.login(request, user)
def read_update(self, request):
path = request.urlargs['path']
model = self.model(request.app)
backend = request.cache.auth_backend
if request.method == 'GET':
try:
return self.render_file(request, path, True)
except Http404:
if not path.endswith('/'):
if model.exist(request, '%s/index' % path):
raise HttpRedirect('%s/' % path)
raise
content = self.get_content(request, path)
if request.method == 'HEAD':
if backend.has_permission(request, model.name, rest.READ):
return request.response
if request.method == 'POST':
content.bla = None
raise PermissionDenied
def redirect(self, request):
num = request.urlargs['times'] - 1
if num:
raise HttpRedirect('/redirect/%s' % num)
else:
raise HttpRedirect('/get')
def exit(self, request):
page = yield self.get_page(request, **request.urlargs)
if not page:
raise Http404
raise HttpRedirect(page.path(**request.url_data))
def redirect(self, environ, path):
request = wsgi_request(environ, self)
environ['pulsar.cache'] = yield multi_async(request.cache)
raise HttpRedirect(path)
def confirmation(self, request):
key = request.urlargs['key']
backend = request.cache.auth_backend
user = backend.confirm_registration(request, key)
raise HttpRedirect(self.redirect_url(request))
def new_confirmation(self, request):
username = request.urlargs['username']
backend = request.cache.auth_backend
user = backend.confirm_registration(request, username=username)
raise HttpRedirect(self.redirect_url(request))
def get(self, request):
if request.cache.user.is_authenticated():
raise HttpRedirect(self.redirect_to)
return super().get(request)
def oauth(self, request):
name = request.urlargs['name']
redirect_uri = request.absolute_uri('redirect')
p = self._oauth(request).get(name)
authorization_url = p.authorization_url(request, redirect_uri)
raise HttpRedirect(authorization_url)
def get(self, request):
if not request.cache.user.is_authenticated():
raise HttpRedirect(request.config['LOGIN_URL'])
return super().get(request)
