def first_login(): if g.user is not None or 'user' not in session: flash(u'Something weird happened.') return redirect(url_for('.login')) if request.method == 'POST': if 'cancel' in request.form: del session['openid'] flash(u'Login was aborted') return redirect(url_for('authentication.login')) user = User(session['openid'], request.form['name'], session['user']['email']) user.generate_verification_token() db_session.add(user) db_session.commit() mailer.send(UserVerificationMessage, to=user.email, user_id=user.id, verification_token=user.verification_token) flash(u'Successfully created profile and logged in') return redirect(oid.get_next_url()) return render_template('authentication/first_login.html', next=oid.get_next_url(), openid=session['openid'])
def create_or_login(response): ''' This is the hook for OpenID.try_login and is being called after a response has been received. ''' session['user'] = {} session['openid'] = response.identity_url user = g.user or User.query.filter_by(openid=response.identity_url).first() if user is None: name = response.fullname or response.nickname session['user']['email'] = response.email params = dict(next=oid.get_next_url(), name=name) return redirect(url_for('.first_login', **params)) g.user = user identity = Identity(user.id) # Notify Principal of the identity change identity_changed.send(current_app._get_current_object(), identity=identity) if user.openid != response.identity_url: user.openid = response.identity_url db_session.commit() flash(u'OpenID identity changed') else: flash(u'Successfully signed in', 'hurray') return redirect(oid.get_next_url())
def first_login(): if g.user is not None or 'user' not in session: flash(u'Something weird happened.') return redirect(url_for('.login')) if request.method == 'POST': if 'cancel' in request.form: del session['openid'] flash(u'Login was aborted') return redirect(url_for('authentication.login')) user = User(session['openid'], request.form['name'], session['user']['email']) user.generate_verification_token() db_session.add(user) db_session.commit() mailer.send( UserVerificationMessage, to=user.email, user_id=user.id, verification_token=user.verification_token ) flash(u'Successfully created profile and logged in') return redirect(oid.get_next_url()) return render_template( 'authentication/first_login.html', next=oid.get_next_url(), openid=session['openid'] )
def create_or_login(response): ''' This is the hook for OpenID.try_login and is being called after a response has been received. ''' session['user'] = {} session['openid'] = response.identity_url user = g.user or User.query.filter_by(openid=response.identity_url).first() if user is None: name = response.fullname or response.nickname session['user']['email'] = response.email params = dict(next=oid.get_next_url(), name = name) return redirect(url_for('.first_login', **params)) g.user = user identity = Identity(user.id) # Notify Principal of the identity change identity_changed.send( current_app._get_current_object(), identity = identity ) if user.openid != response.identity_url: user.openid = response.identity_url db_session.commit() flash(u'OpenID identity changed') else: flash(u'Successfully signed in', 'hurray') return redirect(oid.get_next_url())
def cleanupAssociations(self): try: return OpenIDAssociation.query.filter( OpenIDAssociation.lifetime < int(time()) ).delete() finally: db_session.commit()
def cleanupNonces(self): try: return OpenIDUserNonce.query.filter( OpenIDUserNonce.timestamp <= int(time() - nonce.SKEW) ).delete() finally: db_session.commit()
def removeAssociation(self, server_url, handle): try: return OpenIDAssociation.query.filter( (OpenIDAssociation.server_url == server_url) & (OpenIDAssociation.handle == handle) ).delete() finally: db_session.commit()
def users_send_verification(user_id): user = User.query.filter_by(id=user_id).first() user.verified = False user.generate_verification_token() db_session.commit() mailer.send(UserVerificationMessage, to=user.email, user_id=user.id, verification_token=user.verification_token) flash('Email verification sent to %s' % user.email, 'success') return redirect(url_for('.users_index'))
def verify_address(user_id, token): user = User.query.filter_by(id=user_id, verification_token=token).first() if not user: abort(401) user.verification_token = None user.verified = True db_session.commit() return redirect(url_for('.verified'))
def users_delete(): form = UserDeleteForm() user = User.query.filter_by(id=form.user_id.data).first() if not user: flash('The user does not exists.') else: if form.validate_on_submit: db_session.delete(user) db_session.commit() flash('The user has been deleted') return redirect(url_for('.users_index'))
def hotels_add(): form = HotelForm() if form.validate_on_submit(): hotel = Hotel() form.populate_obj(hotel) db_session.add(hotel) db_session.commit() flash('Hotel added.', 'success') return redirect(url_for('.hotels_index')) return render_template('admin/hotels/add.html', form=form)
def storeAssociation(self, server_url, association): assoc = OpenIDAssociation( server_url=server_url, handle=association.handle, secret=association.secret.encode('base64'), issued=association.issued, lifetime=association.lifetime, assoc_type=association.assoc_type ) db_session.add(assoc) db_session.commit()
def hotels_edit(hotel_id): hotel = Hotel.query.filter_by(id=hotel_id).first() if not hotel: abort(404) form = HotelForm(obj=hotel) if form.validate_on_submit(): form.populate_obj(hotel) db_session.commit() flash('Hotel information updated.', 'success') return redirect(url_for('.hotels_view', hotel_id=hotel.id)) return render_template('admin/hotels/edit.html', form=form,hotel=hotel)
def hotels_edit(hotel_id): hotel = Hotel.query.filter_by(id=hotel_id).first() if not hotel: abort(404) form = HotelForm(obj=hotel) if form.validate_on_submit(): form.populate_obj(hotel) db_session.commit() flash('Hotel information updated.', 'success') return redirect(url_for('.hotels_view', hotel_id=hotel.id)) return render_template('admin/hotels/edit.html', form=form, hotel=hotel)
def hotels_delete(hotel_id): hotel = Hotel.query.filter_by(id=hotel_id).first() if not hotel: abort(404) form = HotelDeleteForm() if not form.validate_on_submit(): abort(400) db_session.delete(hotel) db_session.commit() flash('Hotel deleted.', 'success') return redirect(url_for('.hotels_index'))
def users_edit(user_id): user = User.query.filter_by(id=user_id).first() if not user: abort(404) user_form = UserForm(obj=user) verification_form = UserSendVerificationForm(obj=user) if user_form.validate_on_submit(): user_form.populate_obj(user) db_session.commit() return redirect(url_for('.users_index')) return render_template('admin/users/edit.html', user=user, user_form=user_form, verification_form=verification_form)
def useNonce(self, server_url, timestamp, salt): if abs(timestamp - time()) > nonce.SKEW: return False rv = OpenIDUserNonce.query.filter( (OpenIDUserNonce.server_url == server_url) & (OpenIDUserNonce.timestamp == timestamp) & (OpenIDUserNonce.salt == salt) ).first() if rv is not None: return False rv = OpenIDUserNonce(server_url=server_url, timestamp=timestamp, salt=salt) db_session.add(rv) db_session.commit() return True